mirror of https://github.com/itflow-org/itflow
Merge branch '0.1.7' into scheduled-tickets
This commit is contained in:
Andrew Malsbury
GitHub
commit
6c247e0f58
|
|
@ -136,8 +136,7 @@ For help using ITFlow, feature requests, and general ideas / discussions please
|
|||
For bugs, please raise an [issue](https://github.com/itflow-org/itflow/issues).
|
||||
|
||||
### Contributing
|
||||
If you are able to make a contribution that would make ITFlow better, please fork the repo and create a pull request. Please make sure you're following our [code standards](https://docs.itflow.org/code_standards).
|
||||
For large changes / new features, please discuss the issue with other contributors first.
|
||||
If you want to improve ITFlow, feel free to fork the repo and create a pull request, but make sure to discuss significant changes or new features with fellow contributors on the forum first. This helps ensure that your contributions are aligned with project goals, and saves time for everyone. All contributions should follow our [code standards](https://docs.itflow.org/code_standards).
|
||||
|
||||
#### Contributors
|
||||
<a href="https://github.com/itflow-org/itflow/graphs/contributors">
|
||||
|
|
|
|||
22
ajax.php
22
ajax.php
|
|
@ -303,14 +303,25 @@ if (isset($_GET['share_generate_link'])) {
|
|||
$url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
|
||||
}
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
|
||||
// Send user e-mail, if specified
|
||||
if(!empty($config_smtp_host) && filter_var($item_email, FILTER_VALIDATE_EMAIL)){
|
||||
|
||||
$subject = "Time sensitive - $session_company_name secure link enclosed";
|
||||
$subject = "Time sensitive - $company_name secure link enclosed";
|
||||
if ($item_expires_friendly == "never") {
|
||||
$subject = "$session_company_name secure link enclosed";
|
||||
$subject = "$company_name secure link enclosed";
|
||||
}
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello,<br><br>$session_name from $session_company_name sent you a time sensitive secure link regarding '$item_name'.<br><br>The link will expire in <strong>$item_expires_friendly</strong> and may only be viewed <strong>$item_view_limit</strong> times, before the link is destroyed. <br><br><strong><a href='$url'>Click here to access your secure content</a></strong><br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email");
|
||||
$body = "Hello,<br><br>$session_name from $company_name sent you a time sensitive secure link regarding \"$item_name\".<br><br>The link will expire in <strong>$item_expires_friendly</strong> and may only be viewed <strong>$item_view_limit</strong> times, before the link is destroyed. <br><br><strong><a href=\'$url\'>Click here to access your secure content</a></strong><br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -322,7 +333,7 @@ if (isset($_GET['share_generate_link'])) {
|
|||
'body' => $body
|
||||
]
|
||||
];
|
||||
|
||||
|
||||
$mail = addToMailQueue($mysqli, $data);
|
||||
|
||||
if ($mail !== true) {
|
||||
|
|
@ -334,7 +345,6 @@ if (isset($_GET['share_generate_link'])) {
|
|||
|
||||
echo json_encode($url);
|
||||
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'Create', log_description = '$session_name created shared link for $item_type - $item_name', log_client_id = $client_id, log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
||||
|
|
@ -489,5 +499,5 @@ if (isset($_GET['get_totp_token_via_id'])) {
|
|||
}
|
||||
|
||||
if (isset($_GET['get_readable_pass'])) {
|
||||
echo GenerateReadablePassword(4);
|
||||
echo json_encode(GenerateReadablePassword(4));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,9 +14,6 @@
|
|||
<li class="nav-item">
|
||||
<a class="nav-link active" data-toggle="pill" href="#pills-event"><i class="fa fa-fw fa-calendar mr-2"></i>Event</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-more"><i class="fa fa-fw fa-info-circle mr-2"></i>More</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-attendees"><i class="fa fa-fw fa-users mr-2"></i>Attendees</a>
|
||||
</li>
|
||||
|
|
@ -61,24 +58,24 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<label>Start / End <strong class="text-danger">*</strong></label>
|
||||
<div class="form-row">
|
||||
<div class="col-md-6 mb-3">
|
||||
<input type="datetime-local" class="form-control form-control-sm" id="event_add_start" name="start" required onblur="updateIncrementEndTime()">
|
||||
</div>
|
||||
<div class="col-md-6 mb-3">
|
||||
<input type="datetime-local" class="form-control form-control-sm" id="event_add_end" name="end" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Description</label>
|
||||
<textarea class="form-control" rows="4" name="description" placeholder="Enter a description"></textarea>
|
||||
<label>Start / End <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-calendar-check"></i></span>
|
||||
</div>
|
||||
<input type="datetime-local" class="form-control" id="event_add_start" name="start" required onblur="updateIncrementEndTime()">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
|
||||
</div>
|
||||
<input type="datetime-local" class="form-control" id="event_add_end" name="end" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-more">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Repeat</label>
|
||||
|
|
@ -96,6 +93,10 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<textarea class="form-control" rows="5" name="description" placeholder="Enter a description"></textarea>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-attendees">
|
||||
|
|
|
|||
|
|
@ -17,9 +17,6 @@
|
|||
<li class="nav-item">
|
||||
<a class="nav-link active" data-toggle="pill" href="#pills-event<?php echo $event_id; ?>"><i class="fa fa-fw fa-calendar mr-2"></i>Event</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-more<?php echo $event_id; ?>"><i class="fa fa-fw fa-info-circle mr-2"></i>More</a>
|
||||
</li>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" data-toggle="pill" href="#pills-attendees<?php echo $event_id; ?>"><i class="fa fa-fw fa-users mr-2"></i>Attendees</a>
|
||||
</li>
|
||||
|
|
@ -63,24 +60,25 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<label>Start / End <strong class="text-danger">*</strong></label>
|
||||
<div class="form-row">
|
||||
<div class="col-md-6 mb-3">
|
||||
<input type="datetime-local" class="form-control form-control-sm" name="start" value="<?php echo date('Y-m-d\TH:i:s', strtotime($event_start)); ?>" required>
|
||||
</div>
|
||||
<div class="col-md-6 mb-3">
|
||||
<input type="datetime-local" class="form-control form-control-sm" name="end" value="<?php echo date('Y-m-d\TH:i:s', strtotime($event_end)); ?>"required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<div class="form-group">
|
||||
<label>Description</label>
|
||||
<textarea class="form-control" rows="4" name="description" placeholder="Enter a description"><?php echo $event_description; ?></textarea>
|
||||
<label>Start / End <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-calendar-check"></i></span>
|
||||
</div>
|
||||
<input type="datetime-local" class="form-control" name="start" value="<?php echo date('Y-m-d\TH:i:s', strtotime($event_start)); ?>" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-calendar-day"></i></span>
|
||||
</div>
|
||||
<input type="datetime-local" class="form-control" name="end" value="<?php echo date('Y-m-d\TH:i:s', strtotime($event_end)); ?>"required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-more<?php echo $event_id; ?>">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Repeat</label>
|
||||
|
|
@ -98,6 +96,17 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Description</label>
|
||||
<textarea class="form-control" rows="5" name="description" placeholder="Enter a description"><?php echo $event_description; ?></textarea>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-more<?php echo $event_id; ?>">
|
||||
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane fade" id="pills-attendees<?php echo $event_id; ?>">
|
||||
|
|
|
|||
|
|
@ -345,7 +345,7 @@
|
|||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" autocomplete="new-password">
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" autocomplete="off">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,44 @@
|
|||
<div class="modal" id="bulkAssignContactModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-user-check mr-2"></i>Bulk Assign Contact</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Assign To</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_contact_id">
|
||||
<option value="">- Contact -</option>
|
||||
<?php
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$contact_id = intval($row['contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
?>
|
||||
<option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
|
||||
|
||||
<?php } ?>
|
||||
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_assign_asset_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Assign</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
<div class="modal" id="bulkAssignLocationModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt mr-2"></i>Bulk Assign Location</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Location</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-map-marker-alt"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_location_id">
|
||||
<option value="">- Location -</option>
|
||||
<?php
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$location_id = intval($row['location_id']);
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
?>
|
||||
<option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
|
||||
<?php } ?>
|
||||
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_assign_asset_location" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Assign</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
<div class="modal" id="bulkEditStatusModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa- mr-2"></i>Bulk Edit Status</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Status</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-info"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_status">
|
||||
<option value="">- Status -</option>
|
||||
<?php foreach($asset_status_array as $asset_status) { ?>
|
||||
<option><?php echo $asset_status; ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_asset_status" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -132,7 +132,7 @@
|
|||
<option value="">- Network -</option>
|
||||
<?php
|
||||
|
||||
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
|
||||
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_networks)) {
|
||||
$network_id_select = intval($row['network_id']);
|
||||
$network_name_select = nullable_htmlentities($row['network_name']);
|
||||
|
|
@ -215,7 +215,7 @@
|
|||
<option value="">- Location -</option>
|
||||
<?php
|
||||
|
||||
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
|
||||
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_locations)) {
|
||||
$location_id_select = intval($row['location_id']);
|
||||
$location_name_select = nullable_htmlentities($row['location_name']);
|
||||
|
|
@ -277,7 +277,7 @@
|
|||
<option value="">- Vendor -</option>
|
||||
<?php
|
||||
|
||||
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
|
||||
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_vendors)) {
|
||||
$vendor_id_select = intval($row['vendor_id']);
|
||||
$vendor_name_select = nullable_htmlentities($row['vendor_name']);
|
||||
|
|
@ -341,7 +341,7 @@
|
|||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" autocomplete="new-password">
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" autocomplete="off">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -46,17 +46,20 @@ if (isset($_GET['asset_id'])) {
|
|||
$contact_phone = nullable_htmlentities($row['contact_phone']);
|
||||
$contact_mobile = nullable_htmlentities($row['contact_mobile']);
|
||||
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
|
||||
if (empty($contact_archived_at)) {
|
||||
$contact_archived_display = "";
|
||||
if ($contact_archived_at) {
|
||||
$contact_name_display = "<span class='text-danger' title='Archived'><s>$contact_name</s></span>";
|
||||
} else {
|
||||
$contact_archived_display = "Archived - ";
|
||||
$contact_name_display = $contact_name;
|
||||
}
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
if (empty($location_name)) {
|
||||
$location_name = "-";
|
||||
}
|
||||
$location_archived_at = nullable_htmlentities($row['location_archived_at']);
|
||||
if (empty($location_archived_at)) {
|
||||
$location_archived_display = "";
|
||||
if ($location_archived_at) {
|
||||
$location_name_display = "<span class='text-danger' title='Archived'><s>$location_name</s></span>";
|
||||
} else {
|
||||
$location_archived_display = "Archived - ";
|
||||
$location_name_display = $location_name;
|
||||
}
|
||||
|
||||
$login_id = intval($row['login_id']);
|
||||
|
|
@ -181,10 +184,10 @@ if (isset($_GET['asset_id'])) {
|
|||
</div>
|
||||
<div class="card-body">
|
||||
<?php if ($location_name) { ?>
|
||||
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name; ?></div>
|
||||
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name_display; ?></div>
|
||||
<?php }
|
||||
if ($contact_name) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-3"></i><?php echo $contact_name; ?></div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-3"></i><?php echo $contact_name_display; ?></div>
|
||||
<?php }
|
||||
if ($contact_email) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
|
||||
|
|
|
|||
|
|
@ -134,20 +134,20 @@
|
|||
<option value="">- Network -</option>
|
||||
<?php
|
||||
|
||||
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_archived_at ASC, network_name ASC");
|
||||
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_id = $asset_network_id OR network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_networks)) {
|
||||
$network_id_select = intval($row['network_id']);
|
||||
$network_name_select = nullable_htmlentities($row['network_name']);
|
||||
$network_select = nullable_htmlentities($row['network']);
|
||||
$network_archived_at = nullable_htmlentities($row['network_archived_at']);
|
||||
if (empty($network_archived_at)) {
|
||||
$network_archived_display = "";
|
||||
if ($network_archived_at) {
|
||||
$network_name_select_display = "($network_name_select - $network_select) - ARCHIVED";
|
||||
} else {
|
||||
$network_archived_display = "Archived - ";
|
||||
$network_name_select_display = "$network_name_select - $network_select";
|
||||
}
|
||||
|
||||
?>
|
||||
<option <?php if ($asset_network_id == $network_id_select) { echo "selected"; } ?> value="<?php echo $network_id_select; ?>"><?php echo "$network_archived_display$network_name_select"; ?> - <?php echo $network_select; ?></option>
|
||||
<option <?php if ($asset_network_id == $network_id_select) { echo "selected"; } ?> value="<?php echo $network_id_select; ?>"><?php echo $network_name_select_display; ?></option>
|
||||
|
||||
<?php } ?>
|
||||
</select>
|
||||
|
|
@ -223,18 +223,18 @@
|
|||
<option value="">- Location -</option>
|
||||
<?php
|
||||
|
||||
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$asset_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_archived_at ASC, location_name ASC");
|
||||
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_id = $asset_location_id OR location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_locations)) {
|
||||
$location_id_select = intval($row['location_id']);
|
||||
$location_name_select = nullable_htmlentities($row['location_name']);
|
||||
$location_archived_at = nullable_htmlentities($row['location_archived_at']);
|
||||
if (empty($location_archived_at)) {
|
||||
$location_archived_display = "";
|
||||
if ($location_archived_at) {
|
||||
$location_name_select_display = "($location_name_select) - ARCHIVED";
|
||||
} else {
|
||||
$location_archived_display = "Archived - ";
|
||||
$location_name_select_display = $location_name_select;
|
||||
}
|
||||
?>
|
||||
<option <?php if ($asset_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo "$location_archived_display$location_name_select"; ?></option>
|
||||
<option <?php if ($asset_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select_display; ?></option>
|
||||
|
||||
<?php } ?>
|
||||
</select>
|
||||
|
|
@ -251,19 +251,19 @@
|
|||
<option value="">- Contact -</option>
|
||||
<?php
|
||||
|
||||
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_archived_at ASC, contact_name ASC");
|
||||
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $asset_contact_id OR contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_contacts)) {
|
||||
$contact_id_select = intval($row['contact_id']);
|
||||
$contact_name_select = nullable_htmlentities($row['contact_name']);
|
||||
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
|
||||
if (empty($contact_archived_at)) {
|
||||
$contact_archived_display = "";
|
||||
if ($contact_archived_at) {
|
||||
$contact_name_select_display = "($contact_name_select) - ARCHIVED";
|
||||
} else {
|
||||
$contact_archived_display = "Archived - ";
|
||||
$contact_name_select_display = $contact_name_select;
|
||||
}
|
||||
?>
|
||||
<option <?php if ($asset_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>">
|
||||
<?php echo "$contact_archived_display$contact_name_select"; ?>
|
||||
<?php echo $contact_name_select_display; ?>
|
||||
</option>
|
||||
|
||||
<?php } ?>
|
||||
|
|
@ -299,18 +299,18 @@
|
|||
<option value="">- Vendor -</option>
|
||||
<?php
|
||||
|
||||
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_archived_at ASC, vendor_name ASC");
|
||||
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_id = $asset_vendor_id OR vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_vendors)) {
|
||||
$vendor_id_select = intval($row['vendor_id']);
|
||||
$vendor_name_select = nullable_htmlentities($row['vendor_name']);
|
||||
$vendor_archived_at = nullable_htmlentities($row['vendor_archived_at']);
|
||||
if (empty($vendor_archived_at)) {
|
||||
$vendor_archived_display = "";
|
||||
if ($vendor_archived_at) {
|
||||
$vendor_name_select_display = "($vendor_name_select) - ARCHIVED";
|
||||
} else {
|
||||
$vendor_archived_display = "Archived - ";
|
||||
$vendor_name_select_display = $vendor_name_select;
|
||||
}
|
||||
?>
|
||||
<option <?php if ($asset_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo "$vendor_archived_display$vendor_name_select"; ?></option>
|
||||
<option <?php if ($asset_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select_display; ?></option>
|
||||
|
||||
<?php } ?>
|
||||
</select>
|
||||
|
|
@ -369,7 +369,7 @@
|
|||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" value="<?php echo $login_password; ?>" autocomplete="new-password">
|
||||
<input type="text" class="form-control" name="password" placeholder="Password" value="<?php echo $login_password; ?>" autocomplete="off">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -139,246 +139,287 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
<?php } else { ?>
|
||||
<a href="?client_id=<?php echo $client_id; ?>&archived=1" class="btn btn-default"><i class="fa fa-fw fa-archive mr-2"></i>Archived</a>
|
||||
<?php } ?>
|
||||
<div class="dropdown ml-2" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkAssignContactModal">
|
||||
<i class="fas fa-fw fa-user mr-2"></i>Assign Contact
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkAssignLocationModal">
|
||||
<i class="fas fa-fw fa-map-marker-alt mr-2"></i>Assign Location
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditStatusModal">
|
||||
<i class="fas fa-fw fa-info mr-2"></i>Set Status
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<hr>
|
||||
<div class="table-responsive">
|
||||
<table class="table border table-hover">
|
||||
<thead class="thead-light <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_name&order=<?php echo $disp; ?>">Name</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_description&order=<?php echo $disp; ?>">Description</a></th>
|
||||
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_type&order=<?php echo $disp; ?>">Type</a></th>
|
||||
<?php }
|
||||
if ($_GET['type'] !== 'virtual') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_make&order=<?php echo $disp; ?>">Make/Model</a></th>
|
||||
<?php }
|
||||
if ($_GET['type'] !== 'virtual') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_serial&order=<?php echo $disp; ?>">Serial Number</a></th>
|
||||
<?php }
|
||||
if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_os&order=<?php echo $disp; ?>">Operating System</a></th>
|
||||
<?php } ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_ip&order=<?php echo $disp; ?>">IP</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_install_date&order=<?php echo $disp; ?>">Install Date</a></th>
|
||||
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'servers' && $_GET['type'] !== 'other') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=contact_name&order=<?php echo $disp; ?>">Assigned To</a></th>
|
||||
<?php } ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=location_name&order=<?php echo $disp; ?>">Location</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_status&order=<?php echo $disp; ?>">Status</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$asset_id = intval($row['asset_id']);
|
||||
$asset_type = nullable_htmlentities($row['asset_type']);
|
||||
$asset_name = nullable_htmlentities($row['asset_name']);
|
||||
$asset_description = nullable_htmlentities($row['asset_description']);
|
||||
if (empty($asset_description)) {
|
||||
$asset_description_display = "-";
|
||||
} else {
|
||||
$asset_description_display = $asset_description;
|
||||
}
|
||||
$asset_make = nullable_htmlentities($row['asset_make']);
|
||||
$asset_model = nullable_htmlentities($row['asset_model']);
|
||||
$asset_serial = nullable_htmlentities($row['asset_serial']);
|
||||
if (empty($asset_serial)) {
|
||||
$asset_serial_display = "-";
|
||||
} else {
|
||||
$asset_serial_display = $asset_serial;
|
||||
}
|
||||
$asset_os = nullable_htmlentities($row['asset_os']);
|
||||
if (empty($asset_os)) {
|
||||
$asset_os_display = "-";
|
||||
} else {
|
||||
$asset_os_display = $asset_os;
|
||||
}
|
||||
$asset_ip = nullable_htmlentities($row['asset_ip']);
|
||||
if (empty($asset_ip)) {
|
||||
$asset_ip_display = "-";
|
||||
} else {
|
||||
$asset_ip_display = "$asset_ip<button class='btn btn-sm' data-clipboard-text=" . $asset_ip . "><i class='far fa-copy text-secondary'></i></button>";
|
||||
}
|
||||
$asset_nat_ip = nullable_htmlentities($row['asset_nat_ip']);
|
||||
$asset_mac = nullable_htmlentities($row['asset_mac']);
|
||||
$asset_uri = nullable_htmlentities($row['asset_uri']);
|
||||
$asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
|
||||
$asset_status = nullable_htmlentities($row['asset_status']);
|
||||
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
|
||||
$asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']);
|
||||
$asset_install_date = nullable_htmlentities($row['asset_install_date']);
|
||||
if (empty($asset_install_date)) {
|
||||
$asset_install_date_display = "-";
|
||||
} else {
|
||||
$asset_install_date_display = $asset_install_date;
|
||||
}
|
||||
$asset_notes = nullable_htmlentities($row['asset_notes']);
|
||||
$asset_created_at = nullable_htmlentities($row['asset_created_at']);
|
||||
$asset_vendor_id = intval($row['asset_vendor_id']);
|
||||
$asset_location_id = intval($row['asset_location_id']);
|
||||
$asset_contact_id = intval($row['asset_contact_id']);
|
||||
$asset_network_id = intval($row['asset_network_id']);
|
||||
|
||||
$device_icon = getAssetIcon($asset_type);
|
||||
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
if (empty($contact_name)) {
|
||||
$contact_name = "-";
|
||||
}
|
||||
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
|
||||
if (empty($contact_archived_at)) {
|
||||
$contact_archived_display = "";
|
||||
} else {
|
||||
$contact_archived_display = "Archived - ";
|
||||
}
|
||||
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
if (empty($location_name)) {
|
||||
$location_name = "-";
|
||||
}
|
||||
$location_archived_at = nullable_htmlentities($row['location_archived_at']);
|
||||
if (empty($location_archived_at)) {
|
||||
$location_archived_display = "";
|
||||
} else {
|
||||
$location_archived_display = "Archived - ";
|
||||
}
|
||||
|
||||
$login_id = intval($row['login_id']);
|
||||
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
|
||||
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
|
||||
|
||||
?>
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
<div class="table-responsive">
|
||||
<table class="table border table-hover">
|
||||
<thead class="thead-light <?php if (!$num_rows[0]) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<th>
|
||||
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i>
|
||||
<a class="text-secondary" href="client_asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
|
||||
<?php if(!empty($asset_uri)){ ?>
|
||||
<a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
|
||||
<?php } ?>
|
||||
<?php
|
||||
if ($login_id > 0) {
|
||||
?>
|
||||
<button type="button" class="btn btn-link btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key text-dark"></i></button>
|
||||
<td class="bg-light pr-0">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" id="selectAllCheckbox" type="checkbox" onclick="checkAll(this)">
|
||||
</div>
|
||||
</td>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_name&order=<?php echo $disp; ?>">Name / Description</a></th>
|
||||
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_type&order=<?php echo $disp; ?>">Type</a></th>
|
||||
<?php }
|
||||
if ($_GET['type'] !== 'virtual') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_make&order=<?php echo $disp; ?>">Make / Model</a></th>
|
||||
<?php }
|
||||
if ($_GET['type'] !== 'virtual') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_serial&order=<?php echo $disp; ?>">Serial Number</a></th>
|
||||
<?php }
|
||||
if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_os&order=<?php echo $disp; ?>">Operating System</a></th>
|
||||
<?php } ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_ip&order=<?php echo $disp; ?>">IP</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_install_date&order=<?php echo $disp; ?>">Install Date</a></th>
|
||||
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'servers' && $_GET['type'] !== 'other') { ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=contact_name&order=<?php echo $disp; ?>">Assigned To</a></th>
|
||||
<?php } ?>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=location_name&order=<?php echo $disp; ?>">Location</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=asset_status&order=<?php echo $disp; ?>">Status</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
|
||||
<div class="modal-dialog modal-sm">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i><?php echo $asset_name; ?></h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-user"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
|
||||
</div>
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$asset_id = intval($row['asset_id']);
|
||||
$asset_type = nullable_htmlentities($row['asset_type']);
|
||||
$asset_name = nullable_htmlentities($row['asset_name']);
|
||||
$asset_description = nullable_htmlentities($row['asset_description']);
|
||||
if (empty($asset_description)) {
|
||||
$asset_description_display = "-";
|
||||
} else {
|
||||
$asset_description_display = $asset_description;
|
||||
}
|
||||
$asset_make = nullable_htmlentities($row['asset_make']);
|
||||
$asset_model = nullable_htmlentities($row['asset_model']);
|
||||
$asset_serial = nullable_htmlentities($row['asset_serial']);
|
||||
if (empty($asset_serial)) {
|
||||
$asset_serial_display = "-";
|
||||
} else {
|
||||
$asset_serial_display = $asset_serial;
|
||||
}
|
||||
$asset_os = nullable_htmlentities($row['asset_os']);
|
||||
if (empty($asset_os)) {
|
||||
$asset_os_display = "-";
|
||||
} else {
|
||||
$asset_os_display = $asset_os;
|
||||
}
|
||||
$asset_ip = nullable_htmlentities($row['asset_ip']);
|
||||
if (empty($asset_ip)) {
|
||||
$asset_ip_display = "-";
|
||||
} else {
|
||||
$asset_ip_display = "$asset_ip<button class='btn btn-sm clipboardjs' type='button' data-clipboard-text=" . $asset_ip . "><i class='far fa-copy text-secondary'></i></button>";
|
||||
}
|
||||
$asset_nat_ip = nullable_htmlentities($row['asset_nat_ip']);
|
||||
$asset_mac = nullable_htmlentities($row['asset_mac']);
|
||||
$asset_uri = nullable_htmlentities($row['asset_uri']);
|
||||
$asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
|
||||
$asset_status = nullable_htmlentities($row['asset_status']);
|
||||
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
|
||||
$asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']);
|
||||
$asset_install_date = nullable_htmlentities($row['asset_install_date']);
|
||||
if (empty($asset_install_date)) {
|
||||
$asset_install_date_display = "-";
|
||||
} else {
|
||||
$asset_install_date_display = $asset_install_date;
|
||||
}
|
||||
$asset_notes = nullable_htmlentities($row['asset_notes']);
|
||||
$asset_created_at = nullable_htmlentities($row['asset_created_at']);
|
||||
$asset_vendor_id = intval($row['asset_vendor_id']);
|
||||
$asset_location_id = intval($row['asset_location_id']);
|
||||
$asset_contact_id = intval($row['asset_contact_id']);
|
||||
$asset_network_id = intval($row['asset_network_id']);
|
||||
|
||||
$device_icon = getAssetIcon($asset_type);
|
||||
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
if (empty($contact_name)) {
|
||||
$contact_name = "-";
|
||||
}
|
||||
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
|
||||
if ($contact_archived_at) {
|
||||
$contact_name_display = "<div class='text-danger' title='Archived'><s>$contact_name</s></div>";
|
||||
} else {
|
||||
$contact_name_display = $contact_name;
|
||||
}
|
||||
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
if (empty($location_name)) {
|
||||
$location_name = "-";
|
||||
}
|
||||
$location_archived_at = nullable_htmlentities($row['location_archived_at']);
|
||||
if ($location_archived_at) {
|
||||
$location_name_display = "<div class='text-danger' title='Archived'><s>$location_name</s></div>";
|
||||
} else {
|
||||
$location_name_display = $location_name;
|
||||
}
|
||||
|
||||
$login_id = intval($row['login_id']);
|
||||
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
|
||||
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
|
||||
|
||||
?>
|
||||
<tr>
|
||||
<td class="pr-0 bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="asset_ids[]" value="<?php echo $asset_id ?>">
|
||||
</div>
|
||||
</td>
|
||||
<th>
|
||||
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i>
|
||||
<a class="text-secondary" href="client_asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
|
||||
<?php if(!empty($asset_uri)){ ?>
|
||||
<a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
|
||||
<?php } ?>
|
||||
<?php
|
||||
if ($login_id > 0) {
|
||||
?>
|
||||
<button type="button" class="btn btn-link btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key text-dark"></i></button>
|
||||
|
||||
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
|
||||
<div class="modal-dialog modal-sm">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i><?php echo $asset_name; ?></h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-lock"></i></span>
|
||||
<div class="modal-body bg-white">
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-user"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
|
||||
</div>
|
||||
<input type="password" class="form-control" data-toggle="password" value="<?php echo $login_password; ?>" readonly autocomplete="off">
|
||||
<div class="input-group-append">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
|
||||
</div>
|
||||
<div class="input-group-append">
|
||||
<button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $login_password; ?>"><i class="fa fa-fw fa-copy"></i></button>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-lock"></i></span>
|
||||
</div>
|
||||
<input type="password" name="fakePassword" style="display:none"> <!-- Prevents Password Managers from asking -->
|
||||
<input type="password" class="form-control" data-toggle="password" value="<?php echo $login_password; ?>" readonly autocomplete="off">
|
||||
<div class="input-group-append">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
|
||||
</div>
|
||||
<div class="input-group-append">
|
||||
<button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $login_password; ?>"><i class="fa fa-fw fa-copy"></i></button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php } ?>
|
||||
<div class="mt-0">
|
||||
<small class="text-muted"><?php echo $asset_description; ?></small>
|
||||
</div>
|
||||
|
||||
</th>
|
||||
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
|
||||
<td><?php echo $asset_type; ?></td>
|
||||
<?php } ?>
|
||||
<?php if ($_GET['type'] !== 'virtual') { ?>
|
||||
<td>
|
||||
<?php echo $asset_make; ?>
|
||||
<div class="mt-0">
|
||||
<small class="text-muted"><?php echo $asset_model; ?></small>
|
||||
</div>
|
||||
</td>
|
||||
<?php } ?>
|
||||
<?php if ($_GET['type'] !== 'virtual') { ?>
|
||||
<td><?php echo $asset_serial_display; ?></td>
|
||||
<?php } ?>
|
||||
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
|
||||
<td><?php echo $asset_os_display; ?></td>
|
||||
<?php } ?>
|
||||
<td class="text-nowrap"><?php echo $asset_ip_display; ?></td>
|
||||
<td><?php echo $asset_install_date_display; ?></td>
|
||||
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other' && $_GET['type'] !== 'servers') { ?>
|
||||
<td><?php echo $contact_name_display; ?></td>
|
||||
<?php } ?>
|
||||
<td><?php echo $location_name_display; ?></td>
|
||||
<td><?php echo $asset_status; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
|
||||
<div class="dropdown-menu">
|
||||
<!-- Interfaces is still in Development also we may not complete this and may recommend to document in notes or seperate document linking to the asset
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addAssetInterfaceModal<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-ethernet mr-2"></i>Interfaces
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
-->
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Edit
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-copy mr-2"></i>Copy
|
||||
</a>
|
||||
<?php if ($session_user_role > 2) { ?>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_asset=<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<?php if ($config_destructive_deletes_enable) { ?>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_asset=<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Delete
|
||||
</a>
|
||||
<?php } ?>
|
||||
|
||||
</th>
|
||||
<td><?php echo $asset_description_display; ?></td>
|
||||
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
|
||||
<td><?php echo $asset_type; ?></td>
|
||||
<?php } ?>
|
||||
<?php if ($_GET['type'] !== 'virtual') { ?>
|
||||
<td><?php echo "$asset_make $asset_model"; ?></td>
|
||||
<?php } ?>
|
||||
<?php if ($_GET['type'] !== 'virtual') { ?>
|
||||
<td><?php echo $asset_serial_display; ?></td>
|
||||
<?php } ?>
|
||||
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
|
||||
<td><?php echo $asset_os_display; ?></td>
|
||||
<?php } ?>
|
||||
<td><?php echo $asset_ip_display; ?></td>
|
||||
<td><?php echo $asset_install_date_display; ?></td>
|
||||
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other' && $_GET['type'] !== 'servers') { ?>
|
||||
<td><?php echo "$contact_archived_display$contact_name"; ?></td>
|
||||
<?php } ?>
|
||||
<td><?php echo "$location_archived_display$location_name"; ?></td>
|
||||
<td><?php echo $asset_status; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
|
||||
<div class="dropdown-menu">
|
||||
<!-- Interfaces is still in Development also we may not complete this and may recommend to document in notes or seperate document linking to the asset
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addAssetInterfaceModal<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-ethernet mr-2"></i>Interfaces
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
-->
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Edit
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-copy mr-2"></i>Copy
|
||||
</a>
|
||||
<?php if ($session_user_role > 2) { ?>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_asset=<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<?php if ($config_destructive_deletes_enable) { ?>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_asset=<?php echo $asset_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Delete
|
||||
</a>
|
||||
<?php } ?>
|
||||
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
<?php
|
||||
|
||||
require "client_asset_edit_modal.php";
|
||||
require "client_asset_edit_modal.php";
|
||||
|
||||
require "client_asset_copy_modal.php";
|
||||
require "client_asset_copy_modal.php";
|
||||
|
||||
//require "client_asset_interface_add_modal.php";
|
||||
//require "client_asset_interface_add_modal.php";
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php require_once "pagination.php";
|
||||
?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php require_once "client_asset_bulk_assign_location_modal.php"; ?>
|
||||
<?php require_once "client_asset_bulk_assign_contact_modal.php"; ?>
|
||||
<?php require_once "client_asset_bulk_edit_status_modal.php"; ?>
|
||||
</form>
|
||||
<?php require_once "pagination.php"; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
require_once "client_asset_add_modal.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,143 @@
|
|||
<?php
|
||||
require_once "inc_all_client.php";
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
|
||||
WHERE contact_client_id = $client_id
|
||||
AND contact_archived_at IS NULL
|
||||
AND contact_email != ''
|
||||
ORDER BY contact_primary DESC,
|
||||
contact_important DESC"
|
||||
);
|
||||
|
||||
?>
|
||||
|
||||
<form action="post.php" method="post">
|
||||
|
||||
<div class="card">
|
||||
<div class="card-header">
|
||||
<h3 class="card-title mt-2"><i class="fa fa-fw fa-envelope-open mr-2"></i>Bulk Mail</h3>
|
||||
<div class="card-tools">
|
||||
<button type="submit" class="btn btn-primary" name="send_bulk_mail_now">
|
||||
<i class="fas fa-paper-plane mr-2"></i>Send Now
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
|
||||
<div class="row">
|
||||
|
||||
<div class="col">
|
||||
|
||||
<h5>Email Message</h5>
|
||||
|
||||
<hr>
|
||||
|
||||
<div class="form-group">
|
||||
<input type="text" class="form-control" name="mail_from" placeholder="Email From" value="<?php echo nullable_htmlentities($config_mail_from_email); ?>" required>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<input type="text" class="form-control" name="mail_from_name" placeholder="From Name" value="<?php echo nullable_htmlentities($config_mail_from_name); ?>" required>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<input type="text" class="form-control" name="subject" placeholder="Subject" required>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<textarea class="form-control tinymce" name="body" placeholder="Type an email in here"></textarea>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
|
||||
</div>
|
||||
<input type="datetime-local" class="form-control" name="queued_at">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="col">
|
||||
|
||||
<h5>Select Contacts</h5>
|
||||
<hr>
|
||||
<div class="card">
|
||||
<div class="table-responsive">
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="form-check">
|
||||
<input type="checkbox" class="form-check-input" id="selectAllCheckbox" onchange="toggleCheckboxes()">
|
||||
</div>
|
||||
</td>
|
||||
<th>Name</th>
|
||||
<th>Title</th>
|
||||
<th>Email</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$contact_id = intval($row['contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
$contact_title = nullable_htmlentities($row['contact_title']);
|
||||
if (empty($contact_title)) {
|
||||
$contact_title_display = "-";
|
||||
} else {
|
||||
$contact_title_display = "$contact_title";
|
||||
}
|
||||
$contact_email = nullable_htmlentities($row['contact_email']);
|
||||
$contact_primary = intval($row['contact_primary']);
|
||||
$contact_important = intval($row['contact_important']);
|
||||
$contact_billing = intval($row['contact_billing']);
|
||||
$contact_technical = intval($row['contact_technical']);
|
||||
?>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="form-check">
|
||||
<input type="checkbox" class="form-check-input" name="contact[]" value="<?php echo $contact_id; ?>">
|
||||
</div>
|
||||
</td>
|
||||
<td>
|
||||
<a href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>" target="_blank">
|
||||
<?php echo $contact_name; ?>
|
||||
</a>
|
||||
</td>
|
||||
<td><?php echo $contact_title_display; ?></td>
|
||||
<td><?php echo $contact_email; ?></td>
|
||||
</tr>
|
||||
<?php } ?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
|
||||
<script>
|
||||
function toggleCheckboxes() {
|
||||
// Get the state of the 'selectAllCheckbox'
|
||||
var selectAllChecked = document.getElementById('selectAllCheckbox').checked;
|
||||
|
||||
// Find all checkboxes with the name 'contact[]' and set their state
|
||||
var checkboxes = document.querySelectorAll('input[type="checkbox"][name="contact[]"]');
|
||||
checkboxes.forEach(function(checkbox) {
|
||||
checkbox.checked = selectAllChecked;
|
||||
});
|
||||
}
|
||||
</script>
|
||||
|
||||
<?php
|
||||
|
||||
require_once "footer.php";
|
||||
|
|
@ -64,12 +64,12 @@
|
|||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Department</label>
|
||||
<label>Department / Group</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="department" placeholder="Department">
|
||||
<input type="text" class="form-control" name="department" placeholder="Department or group">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,43 @@
|
|||
<div class="modal" id="bulkAssignLocationModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt mr-2"></i>Bulk Assign Location</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Location</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-map-marker-alt"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_location_id">
|
||||
<option value="">- Location -</option>
|
||||
<?php
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$location_id = intval($row['location_id']);
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
?>
|
||||
<option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
|
||||
<?php } ?>
|
||||
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_assign_contact_location" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Assign</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
<div class="modal" id="bulkEditDepartmentModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-users mr-2"></i>Bulk Set Department / Group</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<label>Department / Group</label>
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="bulk_department" placeholder="Department or group">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_contact_department" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
<div class="modal" id="bulkEditPhoneModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-phone-alt mr-2"></i>Bulk Set Phone Number</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<label>Phone</label>
|
||||
<div class="form-group">
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="bulk_phone" placeholder="Phone Number">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_contact_phone" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,49 @@
|
|||
<div class="modal" id="bulkEditRoleModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-user-shield mr-2"></i>Bulk Set Roles</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<input type="hidden" name="bulk_contact_important" value="0">
|
||||
<input type="hidden" name="bulk_contact_billing" value="0">
|
||||
<input type="hidden" name="bulk_contact_technical" value="0">
|
||||
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="bulkContactImportantCheckbox" name="bulk_contact_important" value="1">
|
||||
<label class="custom-control-label" for="bulkContactImportantCheckbox">Important</label>
|
||||
<small class="form-text text-muted">Important Person and pins them to the top of the contact list</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="bulkContactBillingCheckbox" name="bulk_contact_billing" value="1">
|
||||
<label class="custom-control-label" for="bulkContactBillingCheckbox">Billing</label>
|
||||
<small class="form-text text-muted">Receives Invoices and Receipts and has access to billing via the portal</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="bulkContactTechnicalCheckbox" name="bulk_contact_technical" value="1">
|
||||
<label class="custom-control-label" for="bulkContactTechnicalCheckbox">Technical</label>
|
||||
<small class="form-text text-muted">Person to contact for technical related things and has access to all tickets and documents via the portal</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_contact_role" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -84,33 +84,33 @@ if (isset($_GET['contact_id'])) {
|
|||
</div>
|
||||
<hr>
|
||||
<?php if ($location_name) { ?>
|
||||
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name; ?></div>
|
||||
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name; ?></div>
|
||||
<?php }
|
||||
if ($contact_email) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
|
||||
<?php }
|
||||
if ($contact_phone) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><a href="tel:<?php echo "$contact_phone"?>"><?php echo "$contact_phone $contact_extension"; ?></a></div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><a href="tel:<?php echo "$contact_phone"?>"><?php echo "$contact_phone $contact_extension"; ?></a></div>
|
||||
<?php }
|
||||
if ($contact_mobile) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><a href="tel:<?php echo $contact_mobile; ?>"><?php echo $contact_mobile; ?></a></div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><a href="tel:<?php echo $contact_mobile; ?>"><?php echo $contact_mobile; ?></a></div>
|
||||
<?php }
|
||||
if ($contact_pin) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-key text-secondary mr-3"></i><?php echo $contact_pin; ?></div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-key text-secondary mr-2"></i><?php echo $contact_pin; ?></div>
|
||||
<?php }
|
||||
if ($contact_primary) { ?>
|
||||
<div class="mt-2 text-success"><i class="fa fa-fw fa-check mr-3"></i>Primary Contact</div>
|
||||
<div class="mt-2 text-success"><i class="fa fa-fw fa-check mr-2"></i>Primary Contact</div>
|
||||
<?php }
|
||||
if ($contact_important) { ?>
|
||||
<div class="mt-2 text-dark text-bold"><i class="fa fa-fw fa-check mr-3"></i>Important</div>
|
||||
<div class="mt-2 text-dark text-bold"><i class="fa fa-fw fa-check mr-2"></i>Important</div>
|
||||
<?php }
|
||||
if ($contact_technical) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-check text-secondary mr-3"></i>Technical</div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-check text-secondary mr-2"></i>Technical</div>
|
||||
<?php }
|
||||
if ($contact_billing) { ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-check text-secondary mr-3"></i>Billing</div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-check text-secondary mr-2"></i>Billing</div>
|
||||
<?php } ?>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
|
||||
<div class="mt-2"><i class="fa fa-fw fa-clock text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
|
||||
|
||||
<?php require_once "client_contact_edit_modal.php";
|
||||
?>
|
||||
|
|
@ -149,12 +149,10 @@ if (isset($_GET['contact_id'])) {
|
|||
<table class="table table-striped table-borderless table-hover">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>Description</th>
|
||||
<th>Name/Description</th>
|
||||
<th>Type</th>
|
||||
<th>Make/Model</th>
|
||||
<th>Serial Number</th>
|
||||
<th>Operating System</th>
|
||||
<th>Install Date</th>
|
||||
<th>Status</th>
|
||||
<th class="text-center">Action</th>
|
||||
|
|
@ -216,12 +214,19 @@ if (isset($_GET['contact_id'])) {
|
|||
<th>
|
||||
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i>
|
||||
<a class="text-secondary" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
|
||||
<div class="mt-0">
|
||||
<small class="text-muted"><?php echo $asset_description; ?></small>
|
||||
</div>
|
||||
</th>
|
||||
<td><?php echo $asset_description; ?></td>
|
||||
<td><?php echo $asset_type; ?></td>
|
||||
<td><?php echo "$asset_make $asset_model"; ?></td>
|
||||
<td>
|
||||
<?php echo $asset_make; ?>
|
||||
<div class="mt-0">
|
||||
<small class="text-muted"><?php echo $asset_model; ?></small>
|
||||
</div>
|
||||
</td>
|
||||
<td><?php echo $asset_serial_display; ?></td>
|
||||
<td><?php echo $asset_os_display; ?></td>
|
||||
|
||||
<td><?php echo $asset_install_date_display; ?></td>
|
||||
<td><?php echo $asset_status; ?></td>
|
||||
<td>
|
||||
|
|
|
|||
|
|
@ -66,12 +66,12 @@
|
|||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Department</label>
|
||||
<label>Department / Group</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="department" placeholder="Department" value="<?php echo $contact_department; ?>">
|
||||
<input type="text" class="form-control" name="department" placeholder="Department or group" value="<?php echo $contact_department; ?>">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -122,14 +122,20 @@
|
|||
<option value="">- Location -</option>
|
||||
<?php
|
||||
|
||||
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC");
|
||||
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_id = $contact_location_id OR location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_locations)) {
|
||||
$location_id_select = intval($row['location_id']);
|
||||
$location_name_select = nullable_htmlentities($row['location_name']);
|
||||
$location_archived_at = nullable_htmlentities($row['location_archived_at']);
|
||||
if ($location_archived_at) {
|
||||
$location_name_select_display = "($location_name_select) - ARCHIVED";
|
||||
} else {
|
||||
$location_name_select_display = $location_name_select;
|
||||
}
|
||||
?>
|
||||
<option <?php if ($contact_location_id == $location_id_select) {
|
||||
echo "selected";
|
||||
} ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
|
||||
} ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select_display; ?></option>
|
||||
<?php } ?>
|
||||
|
||||
</select>
|
||||
|
|
|
|||
|
|
@ -61,187 +61,229 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
|
||||
<div class="col-md-8">
|
||||
<div class="float-right">
|
||||
<div class="btn-group float-right">
|
||||
<?php if($archived == 1){ ?>
|
||||
<a href="?client_id=<?php echo $client_id; ?>&archived=0" class="btn btn-primary"><i class="fa fa-fw fa-archive mr-2"></i>Archived</a>
|
||||
<?php } else { ?>
|
||||
<a href="?client_id=<?php echo $client_id; ?>&archived=1" class="btn btn-default"><i class="fa fa-fw fa-archive mr-2"></i>Archived</a>
|
||||
<?php } ?>
|
||||
<div class="dropdown ml-2" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkAssignLocationModal">
|
||||
<i class="fas fa-fw fa-map-marker-alt mr-2"></i>Assign Location
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditPhoneModal">
|
||||
<i class="fas fa-fw fa-phone-alt mr-2"></i>Set Phone Number
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditDepartmentModal">
|
||||
<i class="fas fa-fw fa-users mr-2"></i>Set Department
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditRoleModal">
|
||||
<i class="fas fa-fw fa-user-shield mr-2"></i>Set Roles
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</form>
|
||||
<hr>
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table border">
|
||||
<thead class="thead-light <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<th class="text-center"><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=contact_name&order=<?php echo $disp; ?>">Name</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=contact_department&order=<?php echo $disp; ?>">Department</a></th>
|
||||
<th>Contact</th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=location_name&order=<?php echo $disp; ?>">Location</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$contact_id = intval($row['contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
$contact_title = nullable_htmlentities($row['contact_title']);
|
||||
if (empty($contact_title)) {
|
||||
$contact_title_display = "-";
|
||||
} else {
|
||||
$contact_title_display = "<small class='text-secondary'>$contact_title</small>";
|
||||
}
|
||||
$contact_department = nullable_htmlentities($row['contact_department']);
|
||||
if (empty($contact_department)) {
|
||||
$contact_department_display = "";
|
||||
} else {
|
||||
$contact_department_display = $contact_department;
|
||||
}
|
||||
$contact_extension = nullable_htmlentities($row['contact_extension']);
|
||||
if (empty($contact_extension)) {
|
||||
$contact_extension_display = "";
|
||||
} else {
|
||||
$contact_extension_display = "<small class='text-secondary ml-1'>x$contact_extension</small>";
|
||||
}
|
||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
||||
if (empty($contact_phone)) {
|
||||
$contact_phone_display = "";
|
||||
} else {
|
||||
$contact_phone_display = "<div><i class='fas fa-fw fa-phone mr-2'></i><a href='tel:$contact_phone'>$contact_phone$contact_extension_display</a></div>";
|
||||
}
|
||||
|
||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
||||
if (empty($contact_mobile)) {
|
||||
$contact_mobile_display = "";
|
||||
} else {
|
||||
$contact_mobile_display = "<div class='mt-2'><i class='fas fa-fw fa-mobile-alt mr-2'></i><a href='tel:$contact_mobile'>$contact_mobile</a></div>";
|
||||
}
|
||||
$contact_email = nullable_htmlentities($row['contact_email']);
|
||||
if (empty($contact_email)) {
|
||||
$contact_email_display = "";
|
||||
} else {
|
||||
$contact_email_display = "<div class='mt-1'><i class='fas fa-fw fa-envelope mr-2'></i><a href='mailto:$contact_email'>$contact_email</a><button class='btn btn-sm clipboardjs' data-clipboard-text='$contact_email'><i class='far fa-copy text-secondary'></i></button></div>";
|
||||
}
|
||||
$contact_info_display = "$contact_phone_display $contact_mobile_display $contact_email_display";
|
||||
if (empty($contact_info_display)) {
|
||||
$contact_info_display = "-";
|
||||
}
|
||||
$contact_pin = nullable_htmlentities($row['contact_pin']);
|
||||
$contact_photo = nullable_htmlentities($row['contact_photo']);
|
||||
$contact_initials = initials($contact_name);
|
||||
$contact_notes = nullable_htmlentities($row['contact_notes']);
|
||||
$contact_primary = intval($row['contact_primary']);
|
||||
$contact_important = intval($row['contact_important']);
|
||||
$contact_billing = intval($row['contact_billing']);
|
||||
$contact_technical = intval($row['contact_technical']);
|
||||
$contact_created_at = nullable_htmlentities($row['contact_created_at']);
|
||||
if ($contact_primary == 1) {
|
||||
$contact_primary_display = "<small class='text-success'>Primary Contact</small>";
|
||||
} else {
|
||||
$contact_primary_display = false;
|
||||
}
|
||||
$contact_location_id = intval($row['contact_location_id']);
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
if (empty($location_name)) {
|
||||
$location_name_display = "-";
|
||||
} else {
|
||||
$location_name_display = $location_name;
|
||||
}
|
||||
$auth_method = nullable_htmlentities($row['contact_auth_method']);
|
||||
|
||||
// Related Assets Query
|
||||
$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_contact_id = $contact_id ORDER BY asset_id DESC");
|
||||
$asset_count = mysqli_num_rows($sql_related_assets);
|
||||
|
||||
// Related Logins Query
|
||||
$sql_related_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_contact_id = $contact_id ORDER BY login_id DESC");
|
||||
$login_count = mysqli_num_rows($sql_related_logins);
|
||||
|
||||
// Related Software Query
|
||||
$sql_related_software = mysqli_query($mysqli, "SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id ORDER BY software.software_id DESC");
|
||||
$software_count = mysqli_num_rows($sql_related_software);
|
||||
|
||||
// Related Tickets Query
|
||||
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_contact_id = $contact_id ORDER BY ticket_id DESC");
|
||||
$ticket_count = mysqli_num_rows($sql_related_tickets);
|
||||
|
||||
?>
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table border">
|
||||
<thead class="thead-light <?php if (!$num_rows[0]) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<td class="text-center <?php if(!empty($contact_important)) { echo "text-bold"; }?>">
|
||||
<a class="text-dark" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
|
||||
<?php if (!empty($contact_photo)) { ?>
|
||||
|
||||
<img class="img-size-50 img-circle" src="<?php echo "uploads/clients/$client_id/$contact_photo"; ?>">
|
||||
|
||||
<?php } else { ?>
|
||||
|
||||
<span class="fa-stack fa-2x">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
|
||||
</span>
|
||||
|
||||
<br>
|
||||
|
||||
<?php } ?>
|
||||
<div class="text-dark"><?php echo $contact_name; ?></div>
|
||||
<div><?php echo $contact_title_display; ?></div>
|
||||
<div><?php echo $contact_primary_display; ?></div>
|
||||
</a>
|
||||
</td>
|
||||
|
||||
<td><?php echo $contact_department_display; ?></td>
|
||||
<td><?php echo $contact_info_display; ?></td>
|
||||
<td><?php echo $location_name_display; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-eye mr-2"></i>Details
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Edit
|
||||
</a>
|
||||
<?php if ($session_user_role == 3 && $contact_primary == 0) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?anonymize_contact=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-user-secret mr-2"></i>Anonymize & Archive
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_contact=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<?php if ($config_destructive_deletes_enable) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_contact=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
<?php } ?>
|
||||
<?php } ?>
|
||||
</div>
|
||||
<td class="bg-light pr-0">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" id="selectAllCheckbox" type="checkbox" onclick="checkAll(this)">
|
||||
</div>
|
||||
</td>
|
||||
<th class="text-center px-0"><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=contact_name&order=<?php echo $disp; ?>">Name</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=contact_department&order=<?php echo $disp; ?>">Department</a></th>
|
||||
<th>Contact</th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=location_name&order=<?php echo $disp; ?>">Location</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
require "client_contact_edit_modal.php";
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$contact_id = intval($row['contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
$contact_title = nullable_htmlentities($row['contact_title']);
|
||||
if (empty($contact_title)) {
|
||||
$contact_title_display = "-";
|
||||
} else {
|
||||
$contact_title_display = "<small class='text-secondary'>$contact_title</small>";
|
||||
}
|
||||
$contact_department = nullable_htmlentities($row['contact_department']);
|
||||
if (empty($contact_department)) {
|
||||
$contact_department_display = "";
|
||||
} else {
|
||||
$contact_department_display = $contact_department;
|
||||
}
|
||||
$contact_extension = nullable_htmlentities($row['contact_extension']);
|
||||
if (empty($contact_extension)) {
|
||||
$contact_extension_display = "";
|
||||
} else {
|
||||
$contact_extension_display = "<small class='text-secondary ml-1'>x$contact_extension</small>";
|
||||
}
|
||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
||||
if (empty($contact_phone)) {
|
||||
$contact_phone_display = "";
|
||||
} else {
|
||||
$contact_phone_display = "<div><i class='fas fa-fw fa-phone mr-2'></i><a href='tel:$contact_phone'>$contact_phone$contact_extension_display</a></div>";
|
||||
}
|
||||
|
||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
||||
if (empty($contact_mobile)) {
|
||||
$contact_mobile_display = "";
|
||||
} else {
|
||||
$contact_mobile_display = "<div class='mt-2'><i class='fas fa-fw fa-mobile-alt mr-2'></i><a href='tel:$contact_mobile'>$contact_mobile</a></div>";
|
||||
}
|
||||
$contact_email = nullable_htmlentities($row['contact_email']);
|
||||
if (empty($contact_email)) {
|
||||
$contact_email_display = "";
|
||||
} else {
|
||||
$contact_email_display = "<div class='mt-1'><i class='fas fa-fw fa-envelope mr-2'></i><a href='mailto:$contact_email'>$contact_email</a><button class='btn btn-sm clipboardjs' data-clipboard-text='$contact_email'><i class='far fa-copy text-secondary'></i></button></div>";
|
||||
}
|
||||
$contact_info_display = "$contact_phone_display $contact_mobile_display $contact_email_display";
|
||||
if (empty($contact_info_display)) {
|
||||
$contact_info_display = "-";
|
||||
}
|
||||
$contact_pin = nullable_htmlentities($row['contact_pin']);
|
||||
$contact_photo = nullable_htmlentities($row['contact_photo']);
|
||||
$contact_initials = initials($contact_name);
|
||||
$contact_notes = nullable_htmlentities($row['contact_notes']);
|
||||
$contact_primary = intval($row['contact_primary']);
|
||||
$contact_important = intval($row['contact_important']);
|
||||
$contact_billing = intval($row['contact_billing']);
|
||||
$contact_technical = intval($row['contact_technical']);
|
||||
$contact_created_at = nullable_htmlentities($row['contact_created_at']);
|
||||
if ($contact_primary == 1) {
|
||||
$contact_primary_display = "<small class='text-success'>Primary Contact</small>";
|
||||
} else {
|
||||
$contact_primary_display = false;
|
||||
}
|
||||
$contact_location_id = intval($row['contact_location_id']);
|
||||
$location_name = nullable_htmlentities($row['location_name']);
|
||||
if (empty($location_name)) {
|
||||
$location_name = "-";
|
||||
}
|
||||
$location_archived_at = nullable_htmlentities($row['location_archived_at']);
|
||||
if ($location_archived_at) {
|
||||
$location_name_display = "<div class='text-danger' title='Archived'><s>$location_name</s></div>";
|
||||
} else {
|
||||
$location_name_display = $location_name;
|
||||
}
|
||||
$auth_method = nullable_htmlentities($row['contact_auth_method']);
|
||||
|
||||
}
|
||||
// Related Assets Query
|
||||
$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_contact_id = $contact_id ORDER BY asset_id DESC");
|
||||
$asset_count = mysqli_num_rows($sql_related_assets);
|
||||
|
||||
?>
|
||||
// Related Logins Query
|
||||
$sql_related_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_contact_id = $contact_id ORDER BY login_id DESC");
|
||||
$login_count = mysqli_num_rows($sql_related_logins);
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
// Related Software Query
|
||||
$sql_related_software = mysqli_query($mysqli, "SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id ORDER BY software.software_id DESC");
|
||||
$software_count = mysqli_num_rows($sql_related_software);
|
||||
|
||||
// Related Tickets Query
|
||||
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_contact_id = $contact_id ORDER BY ticket_id DESC");
|
||||
$ticket_count = mysqli_num_rows($sql_related_tickets);
|
||||
|
||||
?>
|
||||
<tr>
|
||||
<td class="pr-0 bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="contact_ids[]" value="<?php echo $contact_id ?>">
|
||||
</div>
|
||||
</td>
|
||||
<td class="px-0 text-center <?php if(!empty($contact_important)) { echo "text-bold"; }?>">
|
||||
<a class="text-dark" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
|
||||
<?php if (!empty($contact_photo)) { ?>
|
||||
|
||||
<img class="img-size-50 img-circle" src="<?php echo "uploads/clients/$client_id/$contact_photo"; ?>">
|
||||
|
||||
<?php } else { ?>
|
||||
|
||||
<span class="fa-stack fa-2x">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
|
||||
</span>
|
||||
|
||||
<br>
|
||||
|
||||
<?php } ?>
|
||||
<div class="text-dark"><?php echo $contact_name; ?></div>
|
||||
<div><?php echo $contact_title_display; ?></div>
|
||||
<div><?php echo $contact_primary_display; ?></div>
|
||||
</a>
|
||||
</td>
|
||||
|
||||
<td><?php echo $contact_department_display; ?></td>
|
||||
<td><?php echo $contact_info_display; ?></td>
|
||||
<td><?php echo $location_name_display; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-eye mr-2"></i>Details
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Edit
|
||||
</a>
|
||||
<?php if ($session_user_role == 3 && $contact_primary == 0) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?anonymize_contact=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-user-secret mr-2"></i>Anonymize & Archive
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_contact=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<?php if ($config_destructive_deletes_enable) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_contact=<?php echo $contact_id; ?>">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
<?php } ?>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
|
||||
require "client_contact_edit_modal.php";
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php require_once "client_contact_bulk_assign_location_modal.php"; ?>
|
||||
<?php require_once "client_contact_bulk_edit_phone_modal.php"; ?>
|
||||
<?php require_once "client_contact_bulk_edit_department_modal.php"; ?>
|
||||
<?php require_once "client_contact_bulk_edit_role_modal.php"; ?>
|
||||
</form>
|
||||
<?php require_once "pagination.php";
|
||||
?>
|
||||
</div>
|
||||
|
|
@ -287,6 +329,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
});
|
||||
</script>
|
||||
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
|
||||
require_once "client_contact_add_modal.php";
|
||||
|
|
@ -298,4 +342,3 @@ require_once "client_contact_import_modal.php";
|
|||
require_once "client_contact_export_modal.php";
|
||||
|
||||
require_once "footer.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,41 @@
|
|||
<div class="modal" id="bulkMoveDocumentModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Moving documents</strong></h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Move Document to</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-folder"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_folder_id">
|
||||
<option value="0">/</option>
|
||||
<?php
|
||||
$sql_folders_select = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_location = $folder_location AND folder_client_id = $client_id ORDER BY folder_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_folders_select)) {
|
||||
$folder_id_select = intval($row['folder_id']);
|
||||
$folder_name_select = nullable_htmlentities($row['folder_name']);
|
||||
?>
|
||||
<option value="<?php echo $folder_id_select ?>"><?php echo $folder_name_select; ?></option>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_move_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Move</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -165,104 +165,128 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
</div>
|
||||
<div class="col-md-8">
|
||||
<div class="float-right">
|
||||
|
||||
<div class="btn-group float-right">
|
||||
<div class="dropdown ml-2" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkMoveDocumentModal">
|
||||
<i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
<hr>
|
||||
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table table-striped table-sm table-borderless table-hover">
|
||||
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<th>
|
||||
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">Name</a>
|
||||
</th>
|
||||
<th>
|
||||
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">Created</a>
|
||||
</th>
|
||||
<th>
|
||||
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">Last Update</a>
|
||||
</th>
|
||||
<th class="text-center">
|
||||
Action
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table table-striped table-sm table-borderless table-hover">
|
||||
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<td class="bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" id="selectAllCheckbox" type="checkbox" onclick="checkAll(this)">
|
||||
</div>
|
||||
</td>
|
||||
<th>
|
||||
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">Name</a>
|
||||
</th>
|
||||
<th>
|
||||
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">Created</a>
|
||||
</th>
|
||||
<th>
|
||||
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">Last Update</a>
|
||||
</th>
|
||||
<th class="text-center">
|
||||
Action
|
||||
</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$document_id = intval($row['document_id']);
|
||||
$document_name = nullable_htmlentities($row['document_name']);
|
||||
$document_description = nullable_htmlentities($row['document_description']);
|
||||
$document_content = nullable_htmlentities($row['document_content']);
|
||||
$document_created_by_name = nullable_htmlentities($row['user_name']);
|
||||
$document_created_at = date("m/d/Y",strtotime($row['document_created_at']));
|
||||
$document_updated_at = date("m/d/Y",strtotime($row['document_updated_at']));
|
||||
$document_folder_id = intval($row['document_folder_id']);
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$document_id = intval($row['document_id']);
|
||||
$document_name = nullable_htmlentities($row['document_name']);
|
||||
$document_description = nullable_htmlentities($row['document_description']);
|
||||
$document_content = nullable_htmlentities($row['document_content']);
|
||||
$document_created_by_name = nullable_htmlentities($row['user_name']);
|
||||
$document_created_at = date("m/d/Y",strtotime($row['document_created_at']));
|
||||
$document_updated_at = date("m/d/Y",strtotime($row['document_updated_at']));
|
||||
$document_folder_id = intval($row['document_folder_id']);
|
||||
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td class="bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="document_ids[]" value="<?php echo $document_id ?>">
|
||||
</div>
|
||||
</td>
|
||||
<td>
|
||||
<a href="client_document_details.php?client_id=<?php echo $client_id; ?>&document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt"></i> <?php echo $document_name; ?></a>
|
||||
<div class="text-secondary mt-1"><?php echo $document_description; ?>
|
||||
</td>
|
||||
<td>
|
||||
<?php echo $document_created_at; ?>
|
||||
<div class="text-secondary mt-1"><?php echo $document_created_by_name; ?>
|
||||
</td>
|
||||
<td><?php echo $document_updated_at; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Document', $document_id"; ?>)">
|
||||
<i class="fas fa-fw fa-share mr-2"></i>Share
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#renameDocumentModal<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-pencil-alt mr-2"></i>Rename
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#moveDocumentModal<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
|
||||
</a>
|
||||
<?php if ($session_user_role == 3) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_document=<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_document=<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
|
||||
require "client_document_move_modal.php";
|
||||
|
||||
require "client_document_rename_modal.php";
|
||||
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td>
|
||||
<a href="client_document_details.php?client_id=<?php echo $client_id; ?>&document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt"></i> <?php echo $document_name; ?></a>
|
||||
<div class="text-secondary mt-1"><?php echo $document_description; ?>
|
||||
</td>
|
||||
<td>
|
||||
<?php echo $document_created_at; ?>
|
||||
<div class="text-secondary mt-1"><?php echo $document_created_by_name; ?>
|
||||
</td>
|
||||
<td><?php echo $document_updated_at; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Document', $document_id"; ?>)">
|
||||
<i class="fas fa-fw fa-share mr-2"></i>Share
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#renameDocumentModal<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-pencil-alt mr-2"></i>Rename
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#moveDocumentModal<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
|
||||
</a>
|
||||
<?php if ($session_user_role == 3) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_document=<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_document=<?php echo $document_id; ?>">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
|
||||
require "client_document_move_modal.php";
|
||||
|
||||
require "client_document_rename_modal.php";
|
||||
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
<br>
|
||||
</div>
|
||||
</tbody>
|
||||
</table>
|
||||
<br>
|
||||
</div>
|
||||
<?php require_once "client_document_bulk_move_modal.php"; ?>
|
||||
</form>
|
||||
<?php require_once "pagination.php";
|
||||
?>
|
||||
</div>
|
||||
|
|
@ -270,6 +294,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
require_once "share_modal.php";
|
||||
|
|
@ -279,4 +304,3 @@ require_once "client_document_add_modal.php";
|
|||
require_once "client_document_add_from_template_modal.php";
|
||||
|
||||
require_once "footer.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,41 @@
|
|||
<div class="modal" id="bulkMoveFilesModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-exchange-alt mr-2"></i>Bulk Moving Files</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Folder</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-folder"></i></span>
|
||||
</div>
|
||||
<select class="form-control" name="bulk_folder_id">
|
||||
<option value="0">/</option>
|
||||
<?php
|
||||
$sql_folders_select = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_location = $folder_location AND folder_client_id = $client_id ORDER BY folder_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_folders_select)) {
|
||||
$folder_id_select = intval($row['folder_id']);
|
||||
$folder_name_select = nullable_htmlentities($row['folder_name']);
|
||||
?>
|
||||
<option value="<?php echo $folder_id_select ?>"><?php echo $folder_name_select; ?></option>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_move_files" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Move</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -35,7 +35,7 @@
|
|||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<input type="file" class="form-control-file" name="file[]" multiple id="fileInput" accept=".jpg, .jpeg, .gif, .png, .webp, .pdf, .txt, .md, .doc, .docx, .odt, .csv, .xls, .xlsx, .ods, .pptx, .odp, .zip, .tar, .gz, .xml, .msg, .json, .wav, .mp3, .ogg, .mov, .mp4, .av1, .ovpn, .cfg, .ps1">
|
||||
<input type="file" class="form-control-file" name="file[]" multiple id="fileInput" accept=".jpg, .jpeg, .gif, .png, .webp, .pdf, .txt, .md, .doc, .docx, .odt, .csv, .xls, .xlsx, .ods, .pptx, .odp, .zip, .tar, .gz, .xml, .msg, .json, .wav, .mp3, .ogg, .mov, .mp4, .av1, .ovpn, .cfg, .ps1, .vsdx, .drawio">
|
||||
</div>
|
||||
<small class="text-secondary">Up to 20 files can be uploaded at once by holding down CTRL and selecting files</small>
|
||||
|
||||
|
|
|
|||
193
client_files.php
193
client_files.php
|
|
@ -157,9 +157,21 @@ $num_of_files = mysqli_num_rows($sql);
|
|||
</div>
|
||||
</div>
|
||||
<div class="col-md-8">
|
||||
<div class="float-right">
|
||||
<div class="btn-group float-right">
|
||||
<a href="?<?php echo $url_query_strings_sort; ?>&view=0" class="btn <?php if($view == 0){ echo "btn-primary"; } else { echo "btn-outline-secondary"; } ?>"><i class="fas fa-list-ul"></i></a>
|
||||
<a href="?<?php echo $url_query_strings_sort; ?>&view=1" class="btn <?php if($view == 1){ echo "btn-primary"; } else { echo "btn-outline-secondary"; } ?>"><i class="fas fa-th-large"></i></a>
|
||||
|
||||
<div class="dropdown ml-2" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkMoveFilesModal">
|
||||
<i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -213,96 +225,109 @@ $num_of_files = mysqli_num_rows($sql);
|
|||
|
||||
<?php } else { ?>
|
||||
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table border">
|
||||
|
||||
<thead class="thead-light <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=file_name&order=<?php echo $disp; ?>">Name</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=file_created_at&order=<?php echo $disp; ?>">Uploaded</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$file_id = intval($row['file_id']);
|
||||
$file_name = nullable_htmlentities($row['file_name']);
|
||||
$file_reference_name = nullable_htmlentities($row['file_reference_name']);
|
||||
$file_ext = nullable_htmlentities($row['file_ext']);
|
||||
if ($file_ext == 'pdf') {
|
||||
$file_icon = "file-pdf";
|
||||
} elseif ($file_ext == 'gz' || $file_ext == 'tar' || $file_ext == 'zip' || $file_ext == '7z' || $file_ext == 'rar') {
|
||||
$file_icon = "file-archive";
|
||||
} elseif ($file_ext == 'txt' || $file_ext == 'md') {
|
||||
$file_icon = "file-alt";
|
||||
} elseif ($file_ext == 'msg') {
|
||||
$file_icon = "envelope";
|
||||
} elseif ($file_ext == 'doc' || $file_ext == 'docx' || $file_ext == 'odt') {
|
||||
$file_icon = "file-word";
|
||||
} elseif ($file_ext == 'xls' || $file_ext == 'xlsx' || $file_ext == 'ods') {
|
||||
$file_icon = "file-excel";
|
||||
} elseif ($file_ext == 'pptx' || $file_ext == 'odp') {
|
||||
$file_icon = "file-powerpoint";
|
||||
} elseif ($file_ext == 'mp3' || $file_ext == 'wav' || $file_ext == 'ogg') {
|
||||
$file_icon = "file-audio";
|
||||
} elseif ($file_ext == 'mov' || $file_ext == 'mp4' || $file_ext == 'av1') {
|
||||
$file_icon = "file-video";
|
||||
} elseif ($file_ext == 'jpg' || $file_ext == 'jpeg' || $file_ext == 'png' || $file_ext == 'gif' || $file_ext == 'webp' || $file_ext == 'bmp' || $file_ext == 'tif') {
|
||||
$file_icon = "file-image";
|
||||
} else {
|
||||
$file_icon = "file";
|
||||
}
|
||||
$file_created_at = nullable_htmlentities($row['file_created_at']);
|
||||
?>
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table border">
|
||||
|
||||
<thead class="thead-light <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<td><a href="<?php echo "uploads/clients/$client_id/$file_reference_name"; ?>" target="_blank" class="text-secondary"><i class="fa fa-fw fa-2x fa-<?php echo $file_icon; ?> mr-3"></i> <?php echo basename($file_name); ?></a></td>
|
||||
<td><?php echo $file_created_at; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="<?php echo "uploads/clients/$client_id/$file_reference_name"; ?>" download="<?php echo $file_name; ?>">
|
||||
<i class="fas fa-fw fa-cloud-download-alt mr-2"></i>Download
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'File', $file_id"; ?>)">
|
||||
<i class="fas fa-fw fa-share mr-2"></i>Share
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#renameFileModal<?php echo $file_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Rename
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#moveFileModal<?php echo $file_id; ?>">
|
||||
<i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_file=<?php echo $file_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold" href="#" data-toggle="modal" data-target="#deleteFileModal" onclick="populateFileDeleteModal(<?php echo "$file_id , '$file_name'" ?>)">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
</div>
|
||||
<td class="bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" id="selectAllCheckbox" type="checkbox" onclick="checkAll(this)">
|
||||
</div>
|
||||
</td>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=file_name&order=<?php echo $disp; ?>">Name</a></th>
|
||||
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=file_created_at&order=<?php echo $disp; ?>">Uploaded</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
|
||||
<?php
|
||||
require "client_file_rename_modal.php";
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$file_id = intval($row['file_id']);
|
||||
$file_name = nullable_htmlentities($row['file_name']);
|
||||
$file_reference_name = nullable_htmlentities($row['file_reference_name']);
|
||||
$file_ext = nullable_htmlentities($row['file_ext']);
|
||||
if ($file_ext == 'pdf') {
|
||||
$file_icon = "file-pdf";
|
||||
} elseif ($file_ext == 'gz' || $file_ext == 'tar' || $file_ext == 'zip' || $file_ext == '7z' || $file_ext == 'rar') {
|
||||
$file_icon = "file-archive";
|
||||
} elseif ($file_ext == 'txt' || $file_ext == 'md') {
|
||||
$file_icon = "file-alt";
|
||||
} elseif ($file_ext == 'msg') {
|
||||
$file_icon = "envelope";
|
||||
} elseif ($file_ext == 'doc' || $file_ext == 'docx' || $file_ext == 'odt') {
|
||||
$file_icon = "file-word";
|
||||
} elseif ($file_ext == 'xls' || $file_ext == 'xlsx' || $file_ext == 'ods') {
|
||||
$file_icon = "file-excel";
|
||||
} elseif ($file_ext == 'pptx' || $file_ext == 'odp') {
|
||||
$file_icon = "file-powerpoint";
|
||||
} elseif ($file_ext == 'mp3' || $file_ext == 'wav' || $file_ext == 'ogg') {
|
||||
$file_icon = "file-audio";
|
||||
} elseif ($file_ext == 'mov' || $file_ext == 'mp4' || $file_ext == 'av1') {
|
||||
$file_icon = "file-video";
|
||||
} elseif ($file_ext == 'jpg' || $file_ext == 'jpeg' || $file_ext == 'png' || $file_ext == 'gif' || $file_ext == 'webp' || $file_ext == 'bmp' || $file_ext == 'tif') {
|
||||
$file_icon = "file-image";
|
||||
} else {
|
||||
$file_icon = "file";
|
||||
}
|
||||
$file_created_at = nullable_htmlentities($row['file_created_at']);
|
||||
?>
|
||||
|
||||
require "client_file_move_modal.php";
|
||||
<tr>
|
||||
<td class="bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="file_ids[]" value="<?php echo $file_id ?>">
|
||||
</div>
|
||||
</td>
|
||||
<td><a href="<?php echo "uploads/clients/$client_id/$file_reference_name"; ?>" target="_blank" class="text-secondary"><i class="fa fa-fw fa-2x fa-<?php echo $file_icon; ?> mr-3"></i> <?php echo basename($file_name); ?></a></td>
|
||||
<td><?php echo $file_created_at; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="<?php echo "uploads/clients/$client_id/$file_reference_name"; ?>" download="<?php echo $file_name; ?>">
|
||||
<i class="fas fa-fw fa-cloud-download-alt mr-2"></i>Download
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'File', $file_id"; ?>)">
|
||||
<i class="fas fa-fw fa-share mr-2"></i>Share
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#renameFileModal<?php echo $file_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Rename
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#moveFileModal<?php echo $file_id; ?>">
|
||||
<i class="fas fa-fw fa-exchange-alt mr-2"></i>Move
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_file=<?php echo $file_id; ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold" href="#" data-toggle="modal" data-target="#deleteFileModal" onclick="populateFileDeleteModal(<?php echo "$file_id , '$file_name'" ?>)">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<?php
|
||||
require "client_file_rename_modal.php";
|
||||
|
||||
}
|
||||
?>
|
||||
</tbody>
|
||||
require "client_file_move_modal.php";
|
||||
|
||||
</table>
|
||||
</div>
|
||||
|
||||
}
|
||||
?>
|
||||
</tbody>
|
||||
|
||||
</table>
|
||||
</div>
|
||||
<?php require_once "client_file_bulk_move_modal.php"; ?>
|
||||
</form>
|
||||
|
||||
<?php } ?>
|
||||
|
||||
|
|
@ -314,6 +339,8 @@ $num_of_files = mysqli_num_rows($sql);
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
require_once "client_file_upload_modal.php";
|
||||
|
||||
|
|
@ -322,5 +349,3 @@ require_once "share_modal.php";
|
|||
require_once "client_file_delete_modal.php";
|
||||
|
||||
require_once "footer.php";
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -177,63 +177,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
// TODO: Remove this
|
||||
function showOTP(id, secret) {
|
||||
//Send a GET request to ajax.php as ajax.php?get_totp_token=true&totp_secret=SECRET
|
||||
jQuery.get(
|
||||
"ajax.php", {
|
||||
get_totp_token: 'true',
|
||||
totp_secret: secret
|
||||
},
|
||||
function(data) {
|
||||
//If we get a response from post.php, parse it as JSON
|
||||
const token = JSON.parse(data);
|
||||
<!-- Include script to get TOTP code via the login ID -->
|
||||
<script src="js/logins_show_otp_via_id.js"></script>
|
||||
|
||||
document.getElementById("otp_" + id).innerText = token
|
||||
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
function showOTPViaLoginID(login_id) {
|
||||
// Send a GET request to ajax.php as ajax.php?get_totp_token_via_id=true&login_id=ID
|
||||
jQuery.get(
|
||||
"ajax.php", {
|
||||
get_totp_token_via_id: 'true',
|
||||
login_id: login_id
|
||||
},
|
||||
function(data) {
|
||||
//If we get a response from post.php, parse it as JSON
|
||||
const token = JSON.parse(data);
|
||||
|
||||
document.getElementById("otp_" + login_id).innerText = token
|
||||
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
function generatePassword() {
|
||||
document.getElementById("password").value = "<?php echo generateReadablePassword(3); ?>"
|
||||
}
|
||||
|
||||
function generatePassword() {
|
||||
var url = '/ajax.php?get_readable_pass=true';
|
||||
|
||||
// Make an AJAX request to the server
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', url, true);
|
||||
|
||||
xhr.onreadystatechange = function() {
|
||||
if (xhr.readyState == 4 && xhr.status == 200) {
|
||||
var password = xhr.responseText;
|
||||
|
||||
document.getElementById("password").value = password;
|
||||
}
|
||||
};
|
||||
xhr.send();
|
||||
}
|
||||
</script>
|
||||
<!-- Include script to generate readable passwords for login entries -->
|
||||
<script src="js/logins_generate_password.js"></script>
|
||||
|
||||
<?php
|
||||
|
||||
|
|
|
|||
|
|
@ -314,6 +314,13 @@
|
|||
|
||||
<li class="nav-header mt-3">MORE</li>
|
||||
|
||||
<li class="nav-item">
|
||||
<a href="client_bulk_mail.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_bulk_mail.php") { echo "active"; } ?>">
|
||||
<i class="nav-icon fas fa-envelope-open"></i>
|
||||
<p>Bulk Mail</p>
|
||||
</a>
|
||||
</li>
|
||||
|
||||
<li class="nav-item">
|
||||
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>">
|
||||
<i class="nav-icon fas fa-share"></i>
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@ $total_tickets_closed = intval($row['total_tickets_closed']);
|
|||
|
||||
<div class="card card-dark">
|
||||
<div class="card-header py-2">
|
||||
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring mr-2"></i>Tickets
|
||||
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring mr-2"></i><?php if (isset($_GET['unbilled'])) { echo "Unbilled "; } ?> Tickets
|
||||
<small class="ml-3">
|
||||
<a href="?client_id=<?php echo $client_id?>&status=Open" class="text-white"><strong><?php echo $total_tickets_open; ?></strong> Open</a> |
|
||||
<a href="?client_id=<?php echo $client_id?>&status=Closed" class="text-white"><strong><?php echo $total_tickets_closed; ?></strong> Closed</a>
|
||||
|
|
|
|||
42
cron.php
42
cron.php
|
|
@ -14,7 +14,7 @@ $row = mysqli_fetch_array($sql_companies);
|
|||
|
||||
// Company Details
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
$company_city = sanitizeInput($row['company_city']);
|
||||
|
|
@ -39,8 +39,8 @@ $config_smtp_username = $row['config_smtp_username'];
|
|||
$config_smtp_password = $row['config_smtp_password'];
|
||||
$config_smtp_port = intval($row['config_smtp_port']);
|
||||
$config_smtp_encryption = $row['config_smtp_encryption'];
|
||||
$config_mail_from_email = $row['config_mail_from_email'];
|
||||
$config_mail_from_name = $row['config_mail_from_name'];
|
||||
$config_mail_from_email = sanitizeInput($row['config_mail_from_email']);
|
||||
$config_mail_from_name = sanitizeInput($row['config_mail_from_name']);
|
||||
$config_recurring_auto_send_invoice = intval($row['config_recurring_auto_send_invoice']);
|
||||
|
||||
// Tickets
|
||||
|
|
@ -280,25 +280,22 @@ if (mysqli_num_rows($sql_scheduled_tickets) > 0) {
|
|||
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_priority = sanitizeInput($row['ticket_priority']);
|
||||
|
||||
// Not Sanitized Vars because they are already sanitized in subject and body wrapper
|
||||
$ticket_subject = $row['ticket_subject'];
|
||||
$ticket_details = $row['ticket_details']; // Output on settings_mail_queue.php is sanitized through HTML Purifier
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$ticket_details = mysqli_real_escape_string($mysqli, $row['ticket_details']);
|
||||
|
||||
$data = [];
|
||||
|
||||
// Notify client by email their ticket has been raised, if general notifications are turned on & there is a valid contact email
|
||||
if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1 && filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$email_subject = mysqli_real_escape_string($mysqli, "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)");
|
||||
$email_body = mysqli_real_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>A ticket regarding \"$ticket_subject\" has been automatically created for you.<br><br>--------------------------------<br>$ticket_details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$email_subject = "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)";
|
||||
$email_body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>A ticket regarding \"$ticket_subject\" has been automatically created for you.<br><br>--------------------------------<br>$ticket_details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$email = [
|
||||
'from' => $config_ticket_from_email,
|
||||
|
|
@ -316,8 +313,8 @@ if (mysqli_num_rows($sql_scheduled_tickets) > 0) {
|
|||
// Notify agent's via the DL address of the new ticket, if it's populated with a valid email
|
||||
if (filter_var($config_ticket_new_ticket_notification_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$email_subject = mysqli_real_escape_string($mysqli, "ITFlow - New Scheduled Ticket - $client_name: $ticket_subject");
|
||||
$email_body = mysqli_real_escape_string($mysqli, "Hello, <br><br>This is a notification that a new scheduled ticket has been raised in ITFlow. <br>Ticket: $ticket_prefix$ticket_number<br>Client: $client_name<br>Priority: $priority<br>Link: https://$config_base_url/ticket.php?ticket_id=$id <br><br>--------------------------------<br><br><b>$ticket_subject</b><br>$ticket_details");
|
||||
$email_subject = "ITFlow - New Scheduled Ticket - $client_name: $ticket_subject";
|
||||
$email_body = "Hello, <br><br>This is a notification that a new scheduled ticket has been raised in ITFlow. <br>Ticket: $ticket_prefix$ticket_number<br>Client: $client_name<br>Priority: $priority<br>Link: https://$config_base_url/ticket.php?ticket_id=$id <br><br>--------------------------------<br><br><b>$ticket_subject</b><br>$ticket_details";
|
||||
|
||||
$email = [
|
||||
'from' => $config_ticket_from_email,
|
||||
|
|
@ -420,8 +417,8 @@ if ($config_ticket_autoclose == 1) {
|
|||
$ticket_reply_row = mysqli_fetch_array($sql_ticket_reply);
|
||||
$ticket_reply = $ticket_reply_row['ticket_reply'];
|
||||
|
||||
$subject = mysqli_real_escape_string($mysqli, "Ticket pending closure - [$ticket_prefix$ticket_number] - $ticket_subject");
|
||||
$body = mysqli_real_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>This is an automatic friendly reminder that your ticket regarding $ticket_subject will be closed, unless you respond.<br><br>--------------------------------<br>$ticket_reply--------------------------------<br><br>If your issue is resolved, you can ignore this email - the ticket will automatically close. If you need further assistance, please respond to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject = "Ticket pending closure - [$ticket_prefix$ticket_number] - $ticket_subject";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>This is an automatic friendly reminder that your ticket regarding $ticket_subject will be closed, unless you respond.<br><br>--------------------------------<br>$ticket_reply--------------------------------<br><br>If your issue is resolved, you can ignore this email - the ticket will automatically close. If you need further assistance, please respond to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -501,10 +498,10 @@ if ($config_send_invoice_reminders == 1) {
|
|||
|
||||
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Invoice Overdue', notification = 'Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount is overdue by $day days', notification_action = 'invoice.php?invoice_id=$invoice_id', notification_client_id = $client_id, notification_entity_id = $invoice_id");
|
||||
|
||||
$subject = mysqli_real_escape_string($mysqli, "Overdue Invoice $invoice_prefix$invoice_number");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>Our records indicate that we have not yet received payment for the invoice $invoice_prefix$invoice_number. We kindly request that you submit your payment as soon as possible. If you have any questions or concerns, please do not hesitate to contact us at $company_phone.
|
||||
$subject = "Overdue Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>Our records indicate that we have not yet received payment for the invoice $invoice_prefix$invoice_number. We kindly request that you submit your payment as soon as possible. If you have any questions or concerns, please do not hesitate to contact us at $company_phone.
|
||||
<br><br>
|
||||
Kindly review the invoice details mentioned below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
Kindly review the invoice details mentioned below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Due Date: $invoice_due<br>Over Due By: $day Days<br><br><br>To view your invoice click <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>here</a><br><br><br>--<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
|
||||
$mail = addToMailQueue($mysqli, [
|
||||
[
|
||||
|
|
@ -619,8 +616,8 @@ while ($row = mysqli_fetch_array($sql_recurring)) {
|
|||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$subject = mysqli_real_escape_string($mysqli, "Invoice $invoice_prefix$invoice_number");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>Kindly review the invoice details mentioned below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
$subject = "Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>Kindly review the invoice details mentioned below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key\'>here</a><br><br><br>--<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
|
||||
$mail = addToMailQueue($mysqli, [
|
||||
[
|
||||
|
|
@ -732,6 +729,10 @@ if ($config_telemetry > 0 OR $config_telemetry = 2) {
|
|||
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM tickets"));
|
||||
$ticket_count = $row['num'];
|
||||
|
||||
// Scheduled Ticket Count
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('scheduled_ticket_id') AS num FROM scheduled_tickets"));
|
||||
$scheduled_ticket_count = $row['num'];
|
||||
|
||||
// Calendar Event Count
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('event_id') AS num FROM events"));
|
||||
$calendar_event_count = $row['num'];
|
||||
|
|
@ -896,6 +897,7 @@ if ($config_telemetry > 0 OR $config_telemetry = 2) {
|
|||
'currency' => "$company_currency",
|
||||
'client_count' => $client_count,
|
||||
'ticket_count' => $ticket_count,
|
||||
'scheduled_ticket_count' => $scheduled_ticket_count,
|
||||
'calendar_event_count' => $calendar_event_count,
|
||||
'quote_count' => $quote_count,
|
||||
'invoice_count' => $invoice_count,
|
||||
|
|
@ -961,8 +963,6 @@ if ($config_telemetry > 0 OR $config_telemetry = 2) {
|
|||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Telemetry', log_description = 'Cron sent telemetry results to ITFlow Developers'");
|
||||
}
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* ###############################################################################################################
|
||||
* FINISH UP
|
||||
|
|
|
|||
|
|
@ -1,16 +1,8 @@
|
|||
<?php
|
||||
|
||||
require_once "config.php";
|
||||
|
||||
require_once "functions.php";
|
||||
|
||||
//Initialize the HTML Purifier to prevent XSS
|
||||
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
|
||||
|
||||
$purifier_config = HTMLPurifier_Config::createDefault();
|
||||
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
|
||||
$purifier = new HTMLPurifier($purifier_config);
|
||||
|
||||
$sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
|
||||
|
||||
$row = mysqli_fetch_array($sql_settings);
|
||||
|
|
@ -61,21 +53,27 @@ file_put_contents($lock_file_path, "Locked");
|
|||
|
||||
// Process Mail Queue
|
||||
|
||||
// Get Mail Queue that hasnt been sent yet
|
||||
// Email Status: 0 Queued, 1 Sending, 2 Failed, 3 Sent
|
||||
$sql_queue = mysqli_query($mysqli, "SELECT * FROM email_queue WHERE email_status = 0");
|
||||
// Email Status:
|
||||
// 0 Queued
|
||||
// 1 Sending
|
||||
// 2 Failed
|
||||
// 3 Sent
|
||||
|
||||
// Get Mail Queue that has status of Queued and send it to the function sendSingleEmail() located in functions.php
|
||||
|
||||
$sql_queue = mysqli_query($mysqli, "SELECT * FROM email_queue WHERE email_status = 0 AND email_queued_at <= NOW()");
|
||||
|
||||
if (mysqli_num_rows($sql_queue) > 0) {
|
||||
while ($row = mysqli_fetch_array($sql_queue)) {
|
||||
$email_id = intval($row['email_id']);
|
||||
$email_from = nullable_htmlentities($row['email_from']);
|
||||
$email_from_name = nullable_htmlentities($row['email_from_name']);
|
||||
$email_recipient = nullable_htmlentities($row['email_recipient']);
|
||||
$email_recipient_name = nullable_htmlentities($row['email_recipient_name']);
|
||||
$email_subject = $purifier->purify($row['email_subject']);
|
||||
$email_content = $purifier->purify($row['email_content']);
|
||||
$email_queued_at = nullable_htmlentities($row['email_queued_at']);
|
||||
$email_sent_at = nullable_htmlentities($row['email_sent_at']);
|
||||
$email_from = $row['email_from'];
|
||||
$email_from_name = $row['email_from_name'];
|
||||
$email_recipient = $row['email_recipient'];
|
||||
$email_recipient_name = $row['email_recipient_name'];
|
||||
$email_subject = $row['email_subject'];
|
||||
$email_content = $row['email_content'];
|
||||
$email_queued_at = $row['email_queued_at'];
|
||||
$email_sent_at = $row['email_sent_at'];
|
||||
|
||||
// Sanitized Input
|
||||
$email_recipient_logging = sanitizeInput($row['email_recipient']);
|
||||
|
|
@ -115,23 +113,22 @@ if (mysqli_num_rows($sql_queue) > 0) {
|
|||
}
|
||||
}
|
||||
|
||||
// Process Failed Mail up to 4 times every 30 mins
|
||||
//
|
||||
|
||||
// Get Mail Queue that hasnt been sent yet
|
||||
// Email Status: 0 Queued, 1 Sending, 2 Failed, 3 Sent
|
||||
// Get Mail that failed to send and attempt to send Failed Mail up to 4 times every 30 mins
|
||||
$sql_failed_queue = mysqli_query($mysqli, "SELECT * FROM email_queue WHERE email_status = 2 AND email_attempts < 4 AND email_failed_at < NOW() + INTERVAL 30 MINUTE");
|
||||
|
||||
if (mysqli_num_rows($sql_failed_queue) > 0) {
|
||||
while ($row = mysqli_fetch_array($sql_failed_queue)) {
|
||||
$email_id = intval($row['email_id']);
|
||||
$email_from = nullable_htmlentities($row['email_from']);
|
||||
$email_from_name = nullable_htmlentities($row['email_from_name']);
|
||||
$email_recipient = nullable_htmlentities($row['email_recipient']);
|
||||
$email_recipient_name = nullable_htmlentities($row['email_recipient_name']);
|
||||
$email_subject = $purifier->purify($row['email_subject']);
|
||||
$email_content = $purifier->purify($row['email_content']);
|
||||
$email_queued_at = nullable_htmlentities($row['email_queued_at']);
|
||||
$email_sent_at = nullable_htmlentities($row['email_sent_at']);
|
||||
$email_from = $row['email_from'];
|
||||
$email_from_name = $row['email_from_name'];
|
||||
$email_recipient = $row['email_recipient'];
|
||||
$email_recipient_name = $row['email_recipient_name'];
|
||||
$email_subject = $row['email_subject'];
|
||||
$email_content = $row['email_content'];
|
||||
$email_queued_at = $row['email_queued_at'];
|
||||
$email_sent_at = $row['email_sent_at'];
|
||||
// Increment the attempts
|
||||
$email_attempts = intval($row['email_attempts']) + 1;
|
||||
|
||||
|
|
@ -173,5 +170,5 @@ if (mysqli_num_rows($sql_failed_queue) > 0) {
|
|||
}
|
||||
}
|
||||
|
||||
// Remove the lock file
|
||||
// Remove the lock file once mail has finished processing so it doesnt get overun causing possible duplicates
|
||||
unlink($lock_file_path);
|
||||
|
|
|
|||
|
|
@ -23,12 +23,14 @@ require_once "functions.php";
|
|||
// Get settings for the "default" company
|
||||
require_once "get_settings.php";
|
||||
|
||||
$config_ticket_prefix = sanitizeInput($config_ticket_prefix);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
|
||||
// Get company name & phone
|
||||
$sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Check setting enabled
|
||||
if ($config_ticket_email_parse == 0) {
|
||||
|
|
@ -161,8 +163,8 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date
|
|||
// E-mail client notification that ticket has been created
|
||||
if ($config_ticket_client_general_notifications == 1) {
|
||||
|
||||
$subject_email = mysqli_escape_string($mysqli, "Ticket created - [$config_ticket_prefix$ticket_number] - $subject");
|
||||
$body = mysqli_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject_email = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
|
|
@ -182,7 +184,7 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date
|
|||
$client_row = mysqli_fetch_array($client_sql);
|
||||
$client_name = sanitizeInput($client_row['client_name']);
|
||||
|
||||
$email_subject = mysqli_escape_string($mysqli, "ITFlow - New Ticket - $client_name: $subject");
|
||||
$email_subject = "ITFlow - New Ticket - $client_name: $subject";
|
||||
$email_body = "Hello, <br><br>This is a notification that a new ticket has been raised in ITFlow. <br>Client: $client_name<br>Priority: Low (email parsed)<br>Link: https://$config_base_url/ticket.php?ticket_id=$id <br><br>--------------------------------<br><br><b>$subject</b><br>$details";
|
||||
|
||||
$data[] = [
|
||||
|
|
@ -238,7 +240,7 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac
|
|||
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Ticket', notification = 'Email parser: $from_email attempted to re-open ticket $config_ticket_prefix$ticket_number (ID $ticket_id) - check inbox manually to see email', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id");
|
||||
|
||||
$email_subject = "Action required: This ticket is already closed";
|
||||
$email_body = "Hi there, <br><br>You've tried to reply to a ticket that is closed - we won't see your response. <br><br>Please raise a new ticket by sending a fresh e-mail to our support address. <br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone";
|
||||
$email_body = "Hi there, <br><br>You\'ve tried to reply to a ticket that is closed - we won\'t see your response. <br><br>Please raise a new ticket by sending a fresh e-mail to our support address below. <br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -253,7 +255,7 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac
|
|||
|
||||
addToMailQueue($mysqli, $data);
|
||||
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
// Check WHO replied (was it the owner of the ticket or someone else on CC?)
|
||||
|
|
@ -327,11 +329,11 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac
|
|||
// Get tech details
|
||||
$tech_sql = mysqli_query($mysqli, "SELECT user_email, user_name FROM users WHERE user_id = $ticket_assigned_to LIMIT 1");
|
||||
$tech_row = mysqli_fetch_array($tech_sql);
|
||||
$tech_email = santizeInput($tech_row['user_email']);
|
||||
$tech_email = sanitizeInput($tech_row['user_email']);
|
||||
$tech_name = sanitizeInput($tech_row['user_name']);
|
||||
|
||||
$subject = mysqli_escape_string($mysqli, "Ticket updated - [$config_ticket_prefix$ticket_number] - $subject");
|
||||
$body = mysqli_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $tech_name<br><br>A new reply has been added to the ticket \"$subject\".<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject = "Ticket updated - [$config_ticket_prefix$ticket_number] - $subject";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $tech_name,<br><br>A new reply has been added to the ticket \"$subject\".<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -363,7 +365,7 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac
|
|||
return false;
|
||||
}
|
||||
}
|
||||
// End Add Reply Function
|
||||
// END ADD REPLY FUNCTION -------------------------------------------------
|
||||
|
||||
// Prepare connection string with encryption (TLS/SSL/<blank>)
|
||||
$imap_mailbox = "$config_imap_host:$config_imap_port/imap/$config_imap_encryption";
|
||||
|
|
@ -515,6 +517,7 @@ if ($emails) {
|
|||
imap_setflag_full($imap, $email, "\\Seen");
|
||||
imap_mail_move($imap, $email, $imap_folder);
|
||||
} else {
|
||||
// Basically just flags all emails keep them unread and it doesnt move closed tickets
|
||||
echo "Failed to process email - flagging for manual review.";
|
||||
imap_setflag_full($imap, $email, "\\Flagged");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1560,10 +1560,15 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
|
|||
}
|
||||
|
||||
|
||||
|
||||
if (CURRENT_DATABASE_VERSION == '1.0.2') {
|
||||
//Insert queries here required to update to DB version 1.0.3
|
||||
mysqli_query($mysqli, "ALTER TABLE `tickets` ADD `ticket_schedule` DATETIME DEFAULT NULL AFTER `ticket_billable`");
|
||||
|
||||
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_stripe_expense_vendor` INT(11) NOT NULL DEFAULT 0 AFTER `config_stripe_account`");
|
||||
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_stripe_expense_category` INT(11) NOT NULL DEFAULT 0 AFTER `config_stripe_expense_vendor`");
|
||||
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_stripe_percentage_fee` DECIMAL(4,4) NOT NULL DEFAULT 0.029 AFTER `config_stripe_expense_category`");
|
||||
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_stripe_flat_fee` DECIMAL(15,2) NOT NULL DEFAULT 0.30 AFTER `config_stripe_percentage_fee`");
|
||||
mysqli_query($mysqli, "ALTER TABLE `settings` CHANGE `config_stripe_account` `config_stripe_account` INT(11) NOT NULL DEFAULT 0");
|
||||
|
||||
//Then, update the database to the next sequential version
|
||||
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.0.3'");
|
||||
}
|
||||
|
|
@ -1572,10 +1577,12 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
|
|||
// Please add this same comment block to the bottom of this file, and update the version number.
|
||||
// Uncomment Below Lines, to add additional database updates
|
||||
//
|
||||
// if (CURRENT_DATABASE_VERSION == '1.0.3') {
|
||||
// // Insert queries here required to update to DB version 1.0.4
|
||||
|
||||
if (CURRENT_DATABASE_VERSION == '1.0.3') {
|
||||
//Insert queries here required to update to DB version 1.0.4
|
||||
mysqli_query($mysqli, "ALTER TABLE `tickets` ADD `ticket_schedule` DATETIME DEFAULT NULL AFTER `ticket_billable`");
|
||||
// // Then, update the database to the next sequential version
|
||||
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.0.4'");
|
||||
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.0.4'");
|
||||
// }
|
||||
|
||||
} else {
|
||||
|
|
|
|||
8
db.sql
8
db.sql
|
|
@ -1270,7 +1270,11 @@ CREATE TABLE `settings` (
|
|||
`config_stripe_enable` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`config_stripe_publishable` varchar(255) DEFAULT NULL,
|
||||
`config_stripe_secret` varchar(255) DEFAULT NULL,
|
||||
`config_stripe_account` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`config_stripe_account` int(11) NOT NULL DEFAULT 0,
|
||||
`config_stripe_expense_vendor` int(11) NOT NULL DEFAULT 0,
|
||||
`config_stripe_expense_category` int(11) NOT NULL DEFAULT 0,
|
||||
`config_stripe_percentage_fee` decimal(4,4) NOT NULL DEFAULT 0.0290,
|
||||
`config_stripe_flat_fee` decimal(15,2) NOT NULL DEFAULT 0.30,
|
||||
`config_stripe_client_pays_fees` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`config_azure_client_id` varchar(200) DEFAULT NULL,
|
||||
`config_azure_client_secret` varchar(200) DEFAULT NULL,
|
||||
|
|
@ -1757,4 +1761,4 @@ CREATE TABLE `vendors` (
|
|||
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
|
||||
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
|
||||
|
||||
-- Dump completed on 2024-01-15 13:07:46
|
||||
-- Dump completed on 2024-01-27 23:58:10
|
||||
|
|
|
|||
|
|
@ -0,0 +1,58 @@
|
|||
<div class="modal" id="bulkEditAccountModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Bulk Set Account</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Account <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_account_id">
|
||||
<?php
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT account_id, account_name, opening_balance FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$account_id = intval($row['account_id']);
|
||||
$account_name = nullable_htmlentities($row['account_name']);
|
||||
$opening_balance = floatval($row['opening_balance']);
|
||||
|
||||
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
|
||||
$row = mysqli_fetch_array($sql_payments);
|
||||
$total_payments = floatval($row['total_payments']);
|
||||
|
||||
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
|
||||
$row = mysqli_fetch_array($sql_revenues);
|
||||
$total_revenues = floatval($row['total_revenues']);
|
||||
|
||||
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
|
||||
$row = mysqli_fetch_array($sql_expenses);
|
||||
$total_expenses = floatval($row['total_expenses']);
|
||||
|
||||
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
|
||||
|
||||
?>
|
||||
<option <?php if ($config_default_expense_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><div class="float-left"><?php echo $account_name; ?></div><div class="float-right"> [$<?php echo number_format($balance, 2); ?>]</div></option>
|
||||
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_expense_account" class="btn btn-primary text-bold"><i class="fa fa-fw fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
<div class="modal" id="bulkEditCategoryModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-list mr-2"></i>Bulk Set Category</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Category <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_category_id">
|
||||
<?php
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL ORDER BY category_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$category_id = intval($row['category_id']);
|
||||
$category_name = nullable_htmlentities($row['category_name']);
|
||||
?>
|
||||
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
|
||||
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_expense_category" class="btn btn-primary text-bold"><i class="fa fa-fw fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
<div class="modal" id="bulkEditClientModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-user mr-2"></i>Bulk Set Client</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Client</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_client_id">
|
||||
<option value="0">- No Client -</option>
|
||||
<?php
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT client_id, client_name FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$client_id = intval($row['client_id']);
|
||||
$client_name = nullable_htmlentities($row['client_name']);
|
||||
?>
|
||||
<option value="<?php echo $client_id; ?>"><?php echo $client_name; ?></option>
|
||||
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_expense_client" class="btn btn-primary text-bold"><i class="fa fa-fw fa-check mr-2"></i>Set</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
237
expenses.php
237
expenses.php
|
|
@ -48,7 +48,25 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
</div>
|
||||
<div class="col-sm-8">
|
||||
<div class="float-right">
|
||||
<div class="btn-group float-right">
|
||||
<div class="dropdown ml-2" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditCategoryModal">
|
||||
<i class="fas fa-fw fa-list mr-2"></i>Set Category
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditAccountModal">
|
||||
<i class="fas fa-fw fa-piggy-bank mr-2"></i>Set Account
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditClientModal">
|
||||
<i class="fas fa-fw fa-user mr-2"></i>Set Client
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -91,117 +109,134 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
</form>
|
||||
<hr>
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table table-striped table-borderless table-hover">
|
||||
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=expense_date&order=<?php echo $disp; ?>">Date</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">Vendor</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=category_name&order=<?php echo $disp; ?>">Category</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=expense_description&order=<?php echo $disp; ?>">Description</a></th>
|
||||
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=expense_amount&order=<?php echo $disp; ?>">Amount</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=account_name&order=<?php echo $disp; ?>">Account</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=client_name&order=<?php echo $disp; ?>">Client</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table table-striped table-borderless table-hover">
|
||||
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<td class="bg-light pr-0">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" id="selectAllCheckbox" type="checkbox" onclick="checkAll(this)">
|
||||
</div>
|
||||
</td>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=expense_date&order=<?php echo $disp; ?>">Date</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">Vendor</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=category_name&order=<?php echo $disp; ?>">Category</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=expense_description&order=<?php echo $disp; ?>">Description</a></th>
|
||||
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=expense_amount&order=<?php echo $disp; ?>">Amount</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=account_name&order=<?php echo $disp; ?>">Account</a></th>
|
||||
<th><a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=client_name&order=<?php echo $disp; ?>">Client</a></th>
|
||||
<th class="text-center">Action</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$expense_id = intval($row['expense_id']);
|
||||
$expense_date = nullable_htmlentities($row['expense_date']);
|
||||
$expense_amount = floatval($row['expense_amount']);
|
||||
$expense_currency_code = nullable_htmlentities($row['expense_currency_code']);
|
||||
$expense_description = nullable_htmlentities($row['expense_description']);
|
||||
$expense_receipt = nullable_htmlentities($row['expense_receipt']);
|
||||
$expense_reference = nullable_htmlentities($row['expense_reference']);
|
||||
$expense_created_at = nullable_htmlentities($row['expense_created_at']);
|
||||
$expense_vendor_id = intval($row['expense_vendor_id']);
|
||||
$vendor_name = nullable_htmlentities($row['vendor_name']);
|
||||
$expense_category_id = intval($row['expense_category_id']);
|
||||
$category_name = nullable_htmlentities($row['category_name']);
|
||||
$account_name = nullable_htmlentities($row['account_name']);
|
||||
$expense_account_id = intval($row['expense_account_id']);
|
||||
$client_name = nullable_htmlentities($row['client_name']);
|
||||
if(empty($client_name)) {
|
||||
$client_name_display = "-";
|
||||
} else {
|
||||
$client_name_display = $client_name;
|
||||
}
|
||||
$expense_client_id = intval($row['expense_client_id']);
|
||||
|
||||
if (empty($expense_receipt)) {
|
||||
$receipt_attached = "";
|
||||
} else {
|
||||
$receipt_attached = "<a class='text-secondary mr-2' target='_blank' href='uploads/expenses/$expense_receipt' download='$expense_date-$vendor_name-$category_name-$expense_id.pdf'><i class='fa fa-file-pdf'></i></a>";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td class="pr-0 bg-light">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="expense_ids[]" value="<?php echo $expense_id ?>">
|
||||
</div>
|
||||
</td>
|
||||
<td><?php echo $receipt_attached; ?> <a class="text-dark" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>"><?php echo $expense_date; ?></a></td>
|
||||
<td><?php echo $vendor_name; ?></td>
|
||||
<td><?php echo $category_name; ?></td>
|
||||
<td><?php echo truncate($expense_description, 50); ?></td>
|
||||
<td class="text-bold text-right"><?php echo numfmt_format_currency($currency_format, $expense_amount, $expense_currency_code); ?></td>
|
||||
<td><?php echo $account_name; ?></td>
|
||||
<td><?php echo $client_name_display; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<?php
|
||||
if (!empty($expense_receipt)) { ?>
|
||||
<a class="dropdown-item" href="<?php echo "uploads/expenses/$expense_receipt"; ?>" download="<?php echo "$expense_date-$vendor_name-$category_name-$expense_id.pdf"; ?>">
|
||||
<i class="fas fa-fw fa-download mr-2"></i>Download
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<?php } ?>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Edit
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addExpenseCopyModal<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-copy mr-2"></i>Copy
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addExpenseRefundModal<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-undo-alt mr-2"></i>Refund
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_expense=<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
|
||||
require "expense_edit_modal.php";
|
||||
|
||||
require "expense_copy_modal.php";
|
||||
|
||||
require "expense_refund_modal.php";
|
||||
|
||||
require "expense_export_modal.php";
|
||||
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$expense_id = intval($row['expense_id']);
|
||||
$expense_date = nullable_htmlentities($row['expense_date']);
|
||||
$expense_amount = floatval($row['expense_amount']);
|
||||
$expense_currency_code = nullable_htmlentities($row['expense_currency_code']);
|
||||
$expense_description = nullable_htmlentities($row['expense_description']);
|
||||
$expense_receipt = nullable_htmlentities($row['expense_receipt']);
|
||||
$expense_reference = nullable_htmlentities($row['expense_reference']);
|
||||
$expense_created_at = nullable_htmlentities($row['expense_created_at']);
|
||||
$expense_vendor_id = intval($row['expense_vendor_id']);
|
||||
$vendor_name = nullable_htmlentities($row['vendor_name']);
|
||||
$expense_category_id = intval($row['expense_category_id']);
|
||||
$category_name = nullable_htmlentities($row['category_name']);
|
||||
$account_name = nullable_htmlentities($row['account_name']);
|
||||
$expense_account_id = intval($row['expense_account_id']);
|
||||
$client_name = nullable_htmlentities($row['client_name']);
|
||||
if(empty($client_name)) {
|
||||
$client_name_display = "-";
|
||||
} else {
|
||||
$client_name_display = $client_name;
|
||||
}
|
||||
$expense_client_id = intval($row['expense_client_id']);
|
||||
|
||||
if (empty($expense_receipt)) {
|
||||
$receipt_attached = "";
|
||||
} else {
|
||||
$receipt_attached = "<a class='text-secondary mr-2' target='_blank' href='uploads/expenses/$expense_receipt' download='$expense_date-$vendor_name-$category_name-$expense_id.pdf'><i class='fa fa-file-pdf'></i></a>";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td><?php echo $receipt_attached; ?> <a class="text-dark" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>"><?php echo $expense_date; ?></a></td>
|
||||
<td><?php echo $vendor_name; ?></td>
|
||||
<td><?php echo $category_name; ?></td>
|
||||
<td><?php echo truncate($expense_description, 50); ?></td>
|
||||
<td class="text-bold text-right"><?php echo numfmt_format_currency($currency_format, $expense_amount, $expense_currency_code); ?></td>
|
||||
<td><?php echo $account_name; ?></td>
|
||||
<td><?php echo $client_name_display; ?></td>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-ellipsis-h"></i>
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<?php
|
||||
if (!empty($expense_receipt)) { ?>
|
||||
<a class="dropdown-item" href="<?php echo "uploads/expenses/$expense_receipt"; ?>" download="<?php echo "$expense_date-$vendor_name-$category_name-$expense_id.pdf"; ?>">
|
||||
<i class="fas fa-fw fa-download mr-2"></i>Download
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<?php } ?>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-edit mr-2"></i>Edit
|
||||
</a>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addExpenseCopyModal<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-copy mr-2"></i>Copy
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addExpenseRefundModal<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-undo-alt mr-2"></i>Refund
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_expense=<?php echo $expense_id; ?>">
|
||||
<i class="fas fa-fw fa-trash mr-2"></i>Delete
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
|
||||
require "expense_edit_modal.php";
|
||||
|
||||
require "expense_copy_modal.php";
|
||||
|
||||
require "expense_refund_modal.php";
|
||||
|
||||
require "expense_export_modal.php";
|
||||
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php require_once "expense_bulk_edit_category_modal.php"; ?>
|
||||
<?php require_once "expense_bulk_edit_account_modal.php"; ?>
|
||||
<?php require_once "expense_bulk_edit_client_modal.php"; ?>
|
||||
</form>
|
||||
<?php require_once "pagination.php";
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
require_once "expense_add_modal.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -937,7 +937,15 @@ function addToMailQueue($mysqli, $data) {
|
|||
$subject = strval($email['subject']);
|
||||
$body = strval($email['body']);
|
||||
|
||||
mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$recipient', email_recipient_name = '$recipient_name', email_from = '$from', email_from_name = '$from_name', email_subject = '$subject', email_content = '$body'");
|
||||
// Check if 'email_queued_at' is set and not empty
|
||||
if (isset($email['queued_at']) && !empty($email['queued_at'])) {
|
||||
$queued_at = $email['queued_at'];
|
||||
} else {
|
||||
// Use the current date and time if 'email_queued_at' is not set or empty
|
||||
$queued_at = date('Y-m-d H:i:s');
|
||||
}
|
||||
|
||||
mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$recipient', email_recipient_name = '$recipient_name', email_from = '$from', email_from_name = '$from_name', email_subject = '$subject', email_content = '$body', email_queued_at = '$queued_at'");
|
||||
}
|
||||
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -79,11 +79,15 @@ $config_enable_alert_domain_expire = intval($row['config_enable_alert_domain_exp
|
|||
$config_send_invoice_reminders = intval($row['config_send_invoice_reminders']);
|
||||
$config_invoice_overdue_reminders = intval($row['config_invoice_overdue_reminders']);
|
||||
|
||||
// Online Payment
|
||||
// Online Stripe Payment
|
||||
$config_stripe_enable = intval($row['config_stripe_enable']);
|
||||
$config_stripe_publishable = $row['config_stripe_publishable'];
|
||||
$config_stripe_secret = $row['config_stripe_secret'];
|
||||
$config_stripe_account = $row['config_stripe_account'];
|
||||
$config_stripe_account = intval($row['config_stripe_account']);
|
||||
$config_stripe_expense_vendor = intval($row['config_stripe_expense_vendor']);
|
||||
$config_stripe_expense_category = intval($row['config_stripe_expense_category']);
|
||||
$config_stripe_percentage_fee = floatval($row['config_stripe_percentage_fee']);
|
||||
$config_stripe_flat_fee = floatval($row['config_stripe_flat_fee']);
|
||||
$config_stripe_client_pays_fees = intval($row['config_stripe_client_pays_fees']);
|
||||
|
||||
// Modules
|
||||
|
|
|
|||
|
|
@ -54,6 +54,8 @@ if (isset($_GET['stripe_create_pi'])) {
|
|||
$config_sql = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
|
||||
$config_row = mysqli_fetch_array($config_sql);
|
||||
$config_stripe_client_pays_fees = intval($config_row['config_stripe_client_pays_fees']);
|
||||
$config_stripe_percentage_fee = floatval($config_row['config_stripe_percentage_fee']);
|
||||
$config_stripe_flat_fee = floatval($config_row['config_stripe_flat_fee']);
|
||||
|
||||
// Add up all the payments for the invoice and get the total amount paid to the invoice
|
||||
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
|
||||
|
|
@ -63,11 +65,8 @@ if (isset($_GET['stripe_create_pi'])) {
|
|||
|
||||
// Check config to see if client pays fees is enabled
|
||||
if ($config_stripe_client_pays_fees == 1) {
|
||||
// Get fees from config
|
||||
$percentage_fee = 0.029; // Default Stripe fee
|
||||
$flat_fee = 0.30; // Default Stripe fee
|
||||
// Calculate the amount to charge the client
|
||||
$balance_to_pay = ($balance_to_pay + $flat_fee) / (1 - $percentage_fee);
|
||||
$balance_to_pay = ($balance_to_pay + $config_stripe_flat_fee) / (1 - $config_stripe_percentage_fee);
|
||||
}
|
||||
|
||||
$balance_to_pay = round($balance_to_pay, 2);
|
||||
|
|
|
|||
|
|
@ -2,24 +2,27 @@
|
|||
|
||||
require_once 'guest_header.php';
|
||||
|
||||
function log_to_console($message)
|
||||
{
|
||||
function log_to_console($message) {
|
||||
$message = date("H:i:s") . " - $message - ".PHP_EOL;
|
||||
print($message);
|
||||
flush();
|
||||
ob_flush();
|
||||
}
|
||||
|
||||
|
||||
// Define wording
|
||||
DEFINE("WORDING_PAYMENT_FAILED", "<br><h2>There was an error verifying your payment. Please contact us for more information.</h2>");
|
||||
|
||||
// Setup Stripe
|
||||
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret, config_stripe_account FROM settings WHERE company_id = 1"));
|
||||
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret, config_stripe_account, config_stripe_expense_vendor, config_stripe_expense_category, config_stripe_percentage_fee, config_stripe_flat_fee, config_stripe_client_pays_fees FROM settings WHERE company_id = 1"));
|
||||
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
||||
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
|
||||
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
||||
$config_stripe_account = intval($stripe_vars['config_stripe_account']);
|
||||
$config_stripe_expense_vendor = intval($stripe_vars['config_stripe_expense_vendor']);
|
||||
$config_stripe_expense_category = intval($stripe_vars['config_stripe_expense_category']);
|
||||
$config_stripe_percentage_fee = floatval($stripe_vars['config_stripe_percentage_fee']);
|
||||
$config_stripe_flat_fee = floatval($stripe_vars['config_stripe_flat_fee']);
|
||||
$config_stripe_client_pays_fees = intval($stripe_vars['config_stripe_client_pays_fees']);
|
||||
|
||||
// Check Stripe is configured
|
||||
if ($config_stripe_enable == 0 || $config_stripe_account == 0 || empty($config_stripe_publishable) || empty($config_stripe_secret)) {
|
||||
|
|
@ -75,26 +78,19 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
|
|||
$row = mysqli_fetch_array($sql);
|
||||
$company_locale = nullable_htmlentities($row['company_locale']);
|
||||
|
||||
$config_stripe_client_pays_fees = intval(getSettingValue($mysqli, 'config_stripe_client_pays_fees'));
|
||||
|
||||
// Add up all the payments for the invoice and get the total amount paid to the invoice
|
||||
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
|
||||
$row = mysqli_fetch_array($sql_amount_paid);
|
||||
$amount_paid = floatval($row['amount_paid']);
|
||||
$balance_to_pay = $invoice_amount - $amount_paid;
|
||||
|
||||
// Check config to see if client pays fees is enabled
|
||||
if ($config_stripe_client_pays_fees == 1) {
|
||||
$balance_before_fees = $balance_to_pay;
|
||||
$percentage_fee = 0.029;
|
||||
$flat_fee = 0.30;
|
||||
// Calculate the amount to charge the client
|
||||
$balance_to_pay = ($balance_to_pay + $flat_fee) / (1 - $percentage_fee);
|
||||
// Calculate the fee amount
|
||||
$gateway_fee = round($balance_to_pay - $balance_before_fees, 2);
|
||||
$balance_before_fees = $balance_to_pay;
|
||||
// Calculate the Gateway fee
|
||||
$gateway_fee = round($balance_to_pay * $config_stripe_percentage_fee + $config_stripe_flat_fee, 2);
|
||||
$balance_to_pay = $balance_to_pay + $gateway_fee;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
//Round balance to pay to 2 decimal places
|
||||
$balance_to_pay = round($balance_to_pay, 2);
|
||||
|
||||
|
|
@ -252,25 +248,22 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
|
|||
// Invoice exists - get details
|
||||
$row = mysqli_fetch_array($invoice_sql);
|
||||
$invoice_id = intval($row['invoice_id']);
|
||||
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
|
||||
$invoice_prefix = sanitizeInput($row['invoice_prefix']);
|
||||
$invoice_number = intval($row['invoice_number']);
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_currency_code = nullable_htmlentities($row['invoice_currency_code']);
|
||||
$invoice_url_key = nullable_htmlentities($row['invoice_url_key']);
|
||||
$invoice_currency_code = sanitizeInput($row['invoice_currency_code']);
|
||||
$invoice_url_key = sanitizeInput($row['invoice_url_key']);
|
||||
$client_id = intval($row['client_id']);
|
||||
$client_name = nullable_htmlentities($row['client_name']);
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$sql_company = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql_company);
|
||||
|
||||
$company_name = mysqli_real_escape_string($mysqli, nullable_htmlentities($row['company_name']));
|
||||
$company_phone = nullable_htmlentities($row['company_phone']);
|
||||
$company_locale = nullable_htmlentities($row['company_locale']);
|
||||
|
||||
$config_stripe_client_pays_fees = intval(getSettingValue($mysqli, 'config_stripe_client_pays_fees'));
|
||||
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_locale = sanitizeInput($row['company_locale']);
|
||||
|
||||
// Set Currency Formatting
|
||||
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
|
||||
|
|
@ -281,12 +274,21 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
|
|||
$amount_paid_previously = $row['amount_paid'];
|
||||
$balance_to_pay = $invoice_amount - $amount_paid_previously;
|
||||
|
||||
// Check config to see if client pays fees is enabled
|
||||
// Check config to see if client pays fees is enabled or if should expense it
|
||||
if ($config_stripe_client_pays_fees == 1) {
|
||||
$percentage_fee = 0.029;
|
||||
$flat_fee = 0.30;
|
||||
// Calculate gateway expense fee
|
||||
$gateway_fee = round($balance_to_pay * $config_stripe_percentage_fee + $config_stripe_flat_fee, 2);
|
||||
// Calculate the amount to charge the client
|
||||
$balance_to_pay = ($balance_to_pay + $flat_fee) / (1 - $percentage_fee);
|
||||
$balance_to_pay = $balance_to_pay + $gateway_fee;
|
||||
}
|
||||
|
||||
// Check to see if Expense Fields are configured and client pays fee is off then create expense
|
||||
if ($config_stripe_client_pays_fees == 0 && $config_stripe_expense_vendor > 0 && $config_stripe_expense_category > 0) {
|
||||
// Calculate gateway expense fee
|
||||
$gateway_fee = round($balance_to_pay * $config_stripe_percentage_fee + $config_stripe_flat_fee, 2);
|
||||
|
||||
// Add Expense
|
||||
mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$pi_date', expense_amount = $gateway_fee, expense_currency_code = '$invoice_currency_code', expense_account_id = $config_stripe_account, expense_vendor_id = $config_stripe_expense_vendor, expense_client_id = $client_id, expense_category_id = $config_stripe_expense_category, expense_description = 'Stripe Transaction for Invoice $invoice_prefix$invoice_number In the Amount of $balance_to_pay', expense_reference = 'Stripe - $pi_id'");
|
||||
}
|
||||
|
||||
// Round balance to pay to 2 decimal places
|
||||
|
|
@ -335,14 +337,14 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
|
|||
$config_smtp_encryption = $row['config_smtp_encryption'];
|
||||
$config_smtp_username = $row['config_smtp_username'];
|
||||
$config_smtp_password = $row['config_smtp_password'];
|
||||
$config_mail_from_email = $row['config_mail_from_email'];
|
||||
$config_mail_from_name = $row['config_mail_from_name'];
|
||||
$config_invoice_from_name = $row['config_invoice_from_name'];
|
||||
$config_invoice_from_email = $row['config_invoice_from_email'];
|
||||
$config_invoice_from_name = sanitizeInput($row['config_invoice_from_name']);
|
||||
$config_invoice_from_email = sanitizeInput($row['config_invoice_from_email']);
|
||||
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
if (!empty($config_smtp_host)) {
|
||||
$subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
|
||||
$body = "Hello $contact_name,<br><br>We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -370,11 +372,9 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
|
|||
// Redirect user to invoice
|
||||
header('Location: //' . $config_base_url . '/guest_view_invoice.php?invoice_id=' . $pi_invoice_id . '&url_key=' . $invoice_url_key);
|
||||
|
||||
|
||||
} else {
|
||||
echo "<br><h2>Oops, something went wrong! Please raise a ticket if you believe this is an error.</h2>";
|
||||
}
|
||||
|
||||
|
||||
require_once 'guest_footer.php';
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
require_once "guest_header.php";
|
||||
|
||||
|
||||
if (!isset($_GET['invoice_id'], $_GET['url_key'])) {
|
||||
echo "<br><h2>Oops, something went wrong! Please raise a ticket if you believe this is an error.</h2>";
|
||||
require_once "guest_footer.php";
|
||||
|
|
@ -80,6 +79,8 @@ if (!empty($company_logo)) {
|
|||
$company_locale = nullable_htmlentities($row['company_locale']);
|
||||
$config_invoice_footer = nullable_htmlentities($row['config_invoice_footer']);
|
||||
$config_stripe_enable = intval($row['config_stripe_enable']);
|
||||
$config_stripe_percentage_fee = floatval($row['config_stripe_percentage_fee']);
|
||||
$config_stripe_flat_fee = floatval($row['config_stripe_flat_fee']);
|
||||
$config_stripe_client_pays_fees = intval($row['config_stripe_client_pays_fees']);
|
||||
|
||||
//Set Currency Format
|
||||
|
|
@ -109,16 +110,11 @@ $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_p
|
|||
$row = mysqli_fetch_array($sql_amount_paid);
|
||||
$amount_paid = floatval($row['amount_paid']);
|
||||
|
||||
// Calculate the balance owed
|
||||
$balance = $invoice_amount - $amount_paid;
|
||||
|
||||
// Check config to see if client pays fees is enabled
|
||||
if ($config_stripe_client_pays_fees == 1) {
|
||||
$percentage_fee = 0.029;
|
||||
$flat_fee = 0.30;
|
||||
// Calculate the amount to charge the client
|
||||
$balance_to_pay = ($balance + $flat_fee) / (1 - $percentage_fee);
|
||||
$stripe_fee = $balance_to_pay - $balance;
|
||||
}
|
||||
// Calculate Gateway Fee
|
||||
$gateway_fee = round($balance * $config_stripe_percentage_fee + $config_stripe_flat_fee, 2);
|
||||
|
||||
//check to see if overdue
|
||||
$invoice_color = $invoice_badge_color; // Default
|
||||
|
|
@ -142,7 +138,7 @@ $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE it
|
|||
<a class="btn btn-primary" href="#" onclick="pdfMake.createPdf(docDefinition).download('<?php echo strtoAZaz09(html_entity_decode("$invoice_date-$company_name-Invoice-$invoice_prefix$invoice_number")); ?>');"><i class="fa fa-fw fa-download mr-2"></i>Download</a>
|
||||
<?php
|
||||
if ($invoice_status !== "Paid" && $invoice_status !== "Cancelled" && $invoice_status !== "Draft" && $config_stripe_enable == 1) { ?>
|
||||
<a class="btn btn-success" href="guest_pay_invoice_stripe.php?invoice_id=<?php echo $invoice_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-credit-card mr-2"></i>Pay Online</a>
|
||||
<a class="btn btn-success" href="guest_pay_invoice_stripe.php?invoice_id=<?php echo $invoice_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-credit-card mr-2"></i>Pay Online <?php if($config_stripe_client_pays_fees == 1) { echo "(Gateway Fee: " . numfmt_format_currency($currency_format, $gateway_fee, $invoice_currency_code) . ")"; } ?></a>
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -297,7 +293,9 @@ $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE it
|
|||
<td><div class="text-success">Paid</div></td>
|
||||
<td class="text-right text-success"><?php echo numfmt_format_currency($currency_format, $amount_paid, $invoice_currency_code); ?></td>
|
||||
</tr>
|
||||
<?php } ?>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<tr class="border-bottom">
|
||||
<td><strong>Balance</strong></td>
|
||||
<td class="text-right"><strong><?php echo numfmt_format_currency($currency_format, $balance, $invoice_currency_code); ?></strong></td>
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ require_once "functions.php";
|
|||
|
||||
require_once "check_login.php";
|
||||
|
||||
validateAdminRole();
|
||||
|
||||
require_once "header.php";
|
||||
|
||||
require_once "top_nav.php";
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@
|
|||
<div>
|
||||
<a href="//maps.<?php echo $session_map_source; ?>.com/?q=<?php echo "$location_address $location_zip"; ?>" target="_blank">
|
||||
<i class="fa fa-fw fa-map-marker-alt text-secondary ml-1 mr-2"></i><?php echo $location_address; ?>
|
||||
<div class="ml-4"><?php echo "$location_city $location_state $location_zip"; ?></div>
|
||||
<div><i class="fa fa-fw ml-1 mr-2"></i><?php echo "$location_city $location_state $location_zip"; ?></div>
|
||||
</a>
|
||||
</div>
|
||||
<?php }
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
</button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
Are you sure you?
|
||||
Are you sure?
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
|
||||
|
|
@ -16,4 +16,4 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,40 @@
|
|||
// Allow selecting and editing multiple records at once
|
||||
|
||||
var form = document.getElementById("bulkActions"); // Get the form element by its id
|
||||
var checkboxes = form.querySelectorAll('input[type="checkbox"].bulk-select'); // Select only checkboxes with class "bulk-select"
|
||||
var selectedCount = document.getElementById("selectedCount");
|
||||
var selectAllCheckbox = document.getElementById("selectAllCheckbox"); // The "select all" checkbox
|
||||
|
||||
// Event listener for each checkbox
|
||||
for (var i = 0; i < checkboxes.length; i++) {
|
||||
checkboxes[i].addEventListener("click", updateSelectedCount);
|
||||
}
|
||||
|
||||
// Function to update the count of selected checkboxes
|
||||
function updateSelectedCount() {
|
||||
var count = 0;
|
||||
for (var i = 0; i < checkboxes.length; i++) {
|
||||
if (checkboxes[i].checked) {
|
||||
count++;
|
||||
}
|
||||
}
|
||||
selectedCount.textContent = count; // Display the count
|
||||
|
||||
// Show or hide the multi-action button
|
||||
document.getElementById("bulkActionButton").hidden = count === 0;
|
||||
}
|
||||
|
||||
// Function to check/uncheck all checkboxes
|
||||
function checkAll(source) {
|
||||
for (var i = 0; i < checkboxes.length; i++) {
|
||||
checkboxes[i].checked = source.checked;
|
||||
}
|
||||
updateSelectedCount(); // Update the count after changing checkbox states
|
||||
}
|
||||
|
||||
// Event listener for the "select all" checkbox
|
||||
if (selectAllCheckbox) {
|
||||
selectAllCheckbox.addEventListener("click", function() {
|
||||
checkAll(this);
|
||||
});
|
||||
}
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
function generatePassword(login_id) {
|
||||
// Send a GET request to ajax.php as ajax.php?get_readable_pass=true
|
||||
jQuery.get(
|
||||
"ajax.php", {
|
||||
get_readable_pass: 'true'
|
||||
},
|
||||
function(data) {
|
||||
//If we get a response from post.php, parse it as JSON
|
||||
const password = JSON.parse(data);
|
||||
|
||||
document.getElementById("password").value = password;
|
||||
}
|
||||
);
|
||||
}
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
function showOTPViaLoginID(login_id) {
|
||||
// Send a GET request to ajax.php as ajax.php?get_totp_token_via_id=true&login_id=ID
|
||||
jQuery.get(
|
||||
"ajax.php", {
|
||||
get_totp_token_via_id: 'true',
|
||||
login_id: login_id
|
||||
},
|
||||
function(data) {
|
||||
//If we get a response from post.php, parse it as JSON
|
||||
const token = JSON.parse(data);
|
||||
|
||||
document.getElementById("otp_" + login_id).innerText = token
|
||||
|
||||
}
|
||||
);
|
||||
}
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
// Allow selecting and editing multiple records at once
|
||||
|
||||
var form = document.getElementById("multi_actions"); // Get the form element by its id
|
||||
var checkboxes = form.querySelectorAll('input[type="checkbox"]');
|
||||
var selectedCount = document.getElementById("selectedCount");
|
||||
|
||||
|
||||
for (var i = 0; i < checkboxes.length; i++) {
|
||||
checkboxes[i].addEventListener("click", updateSelectedCount);
|
||||
}
|
||||
|
||||
function updateSelectedCount() {
|
||||
var count = 0;
|
||||
for (var i = 0; i < checkboxes.length; i++) {
|
||||
if (checkboxes[i].checked) {
|
||||
if (checkboxes[i] !== document.getElementById("selectAllCheckbox") && checkboxes[i].checked) {
|
||||
count++;
|
||||
}
|
||||
}
|
||||
}
|
||||
selectedCount.textContent = count;
|
||||
if (count > 0) {
|
||||
document.getElementById("multiActionButton").hidden = false;
|
||||
}
|
||||
|
||||
if (count === 0) {
|
||||
document.getElementById("multiActionButton").hidden = true;
|
||||
}
|
||||
}
|
||||
|
||||
function checkAll(source) {
|
||||
for (var i = 0; i < checkboxes.length; i++) {
|
||||
checkboxes[i].checked = source.checked;
|
||||
}
|
||||
}
|
||||
|
|
@ -103,7 +103,6 @@
|
|||
document.getElementById("startStopTimer").innerText = "Start";
|
||||
}
|
||||
|
||||
|
||||
function handleInputFocus() {
|
||||
if (!isPaused) {
|
||||
pauseTimer();
|
||||
|
|
@ -126,7 +125,6 @@
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
function updateRunningTicketsCount() {
|
||||
let runningTickets = parseInt(document.getElementById('runningTicketsCount').innerText, 10);
|
||||
|
||||
|
|
@ -136,31 +134,27 @@
|
|||
runningTickets = Math.max(0, runningTickets - 1);
|
||||
}
|
||||
|
||||
document.getElementById('runningTicketsCount').innerText = runningTickets.toString();
|
||||
document.getElementById('runningTicketsCount').innerText = runningTickets.toString();
|
||||
}
|
||||
|
||||
// Function to check status and pause timer
|
||||
function checkStatusAndPauseTimer() {
|
||||
var status = document.querySelector('select[name="status"]').value;
|
||||
if (status.includes("Pending")) {
|
||||
if (status.includes("Pending") || status.includes("Close")) {
|
||||
pauseTimer();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
document.getElementById("hours").addEventListener('change', updateTimeFromInput);
|
||||
document.getElementById("minutes").addEventListener('change', updateTimeFromInput);
|
||||
document.getElementById("seconds").addEventListener('change', updateTimeFromInput);
|
||||
|
||||
|
||||
document.getElementById("hours").addEventListener('focus', handleInputFocus);
|
||||
document.getElementById("minutes").addEventListener('focus', handleInputFocus);
|
||||
document.getElementById("seconds").addEventListener('focus', handleInputFocus);
|
||||
|
||||
document.querySelector('select[name="status"]').addEventListener('change', checkStatusAndPauseTimer);
|
||||
|
||||
|
||||
document.getElementById("startStopTimer").addEventListener('click', function() {
|
||||
if (timerInterval === null) {
|
||||
startTimer();
|
||||
|
|
|
|||
|
|
@ -56,8 +56,8 @@ $config_smtp_port = intval($row['config_smtp_port']);
|
|||
$config_smtp_encryption = $row['config_smtp_encryption'];
|
||||
$config_smtp_username = $row['config_smtp_username'];
|
||||
$config_smtp_password = $row['config_smtp_password'];
|
||||
$config_mail_from_email = $row['config_mail_from_email'];
|
||||
$config_mail_from_name = $row['config_mail_from_name'];
|
||||
$config_mail_from_email = sanitizeInput($row['config_mail_from_email']);
|
||||
$config_mail_from_name = sanitizeInput($row['config_mail_from_name']);
|
||||
|
||||
// Client Portal Enabled
|
||||
$config_client_portal_enable = intval($row['config_client_portal_enable']);
|
||||
|
|
@ -113,7 +113,7 @@ if (isset($_POST['login'])) {
|
|||
$force_mfa = intval($row['user_config_force_mfa']);
|
||||
$remember_token = $row['user_config_remember_me_token'];
|
||||
if($force_mfa == 1 && $token == NULL) {
|
||||
$config_start_page = "user_profile.php";
|
||||
$config_start_page = "user_security.php";
|
||||
}
|
||||
|
||||
$bypass_2fa = false;
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
|||
|
||||
require_once "inc_portal.php";
|
||||
|
||||
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
|
|
@ -21,7 +20,6 @@ $purifier_config = HTMLPurifier_Config::createDefault();
|
|||
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
|
||||
$purifier = new HTMLPurifier($purifier_config);
|
||||
|
||||
|
||||
// Check for a document ID
|
||||
if (!isset($_GET['id']) && !intval($_GET['id'])) {
|
||||
header("Location: documents.php");
|
||||
|
|
@ -39,27 +37,6 @@ $document_content = $purifier->purify($row['document_content']);
|
|||
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
<?php } else { ?>
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo $session_contact_name ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<br>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-body prettyContent">
|
||||
<h3><?php echo $document_name; ?></h3>
|
||||
|
|
@ -72,4 +49,3 @@ $document_content = $purifier->purify($row['document_content']);
|
|||
|
||||
<?php
|
||||
require_once "portal_footer.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
|||
|
||||
require_once "inc_portal.php";
|
||||
|
||||
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
|
|
@ -17,71 +16,48 @@ if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
|||
$documents_sql = mysqli_query($mysqli, "SELECT document_id, document_name, document_created_at, folder_name FROM documents LEFT JOIN folders ON document_folder_id = folder_id WHERE document_client_id = $session_client_id AND document_template = 0 ORDER BY folder_id, document_name DESC");
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
<?php } else { ?>
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
<div class="row">
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo $session_contact_name ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
<div class="col-md-10">
|
||||
|
||||
</div>
|
||||
<table class="table tabled-bordered border border-dark">
|
||||
<thead class="thead-dark">
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>Created</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
||||
<br>
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($documents_sql)) {
|
||||
$document_id = intval($row['document_id']);
|
||||
$folder_name = nullable_htmlentities($row['folder_name']);
|
||||
$document_name = nullable_htmlentities($row['document_name']);
|
||||
$document_created_at = nullable_htmlentities($row['document_created_at']);
|
||||
|
||||
<div class="row">
|
||||
?>
|
||||
|
||||
<div class="col-md-10">
|
||||
|
||||
<table class="table tabled-bordered border border-dark">
|
||||
<thead class="thead-dark">
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>Created</th>
|
||||
<td><a href="document.php?id=<?php echo $document_id?>">
|
||||
<?php
|
||||
if (!empty($folder_name)) {
|
||||
echo "$folder_name / ";
|
||||
}
|
||||
echo $document_name;
|
||||
?>
|
||||
</a>
|
||||
</td>
|
||||
<td><?php echo $document_created_at; ?></td>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php } ?>
|
||||
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($documents_sql)) {
|
||||
$document_id = intval($row['document_id']);
|
||||
$folder_name = nullable_htmlentities($row['folder_name']);
|
||||
$document_name = nullable_htmlentities($row['document_name']);
|
||||
$document_created_at = nullable_htmlentities($row['document_created_at']);
|
||||
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td><a href="document.php?id=<?php echo $document_id?>">
|
||||
<?php
|
||||
if (!empty($folder_name)) {
|
||||
echo "$folder_name / ";
|
||||
}
|
||||
echo $document_name;
|
||||
?>
|
||||
</a>
|
||||
</td>
|
||||
<td><?php echo $document_created_at; ?></td>
|
||||
</tr>
|
||||
<?php } ?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<?php
|
||||
require_once "portal_footer.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -10,32 +10,8 @@ require_once "inc_portal.php";
|
|||
|
||||
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
|
||||
<?php } else { ?>
|
||||
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo $session_contact_name ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
<br>
|
||||
|
||||
<div class="col-md-2 offset-1">
|
||||
<a href="ticket_add.php" class="btn btn-primary btn-block">New ticket</a>
|
||||
</div>
|
||||
|
||||
<div class="col-md-2 offset-1">
|
||||
<a href="ticket_add.php" class="btn btn-primary btn-block">New ticket</a>
|
||||
</div>
|
||||
|
||||
<?php require_once "portal_footer.php";
|
||||
?>
|
||||
<?php require_once "portal_footer.php"; ?>
|
||||
|
|
|
|||
|
|
@ -17,106 +17,85 @@ if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
|||
$invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id = $session_client_id AND invoice_status != 'Draft' ORDER BY invoice_date DESC");
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
<?php } else { ?>
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
<div class="row">
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo $session_contact_name ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
<div class="col-md-10">
|
||||
|
||||
</div>
|
||||
<table class="table tabled-bordered border border-dark">
|
||||
<thead class="thead-dark">
|
||||
<tr>
|
||||
<th>#</th>
|
||||
<th>Scope</th>
|
||||
<th>Amount</th>
|
||||
<th>Date</th>
|
||||
<th>Due</th>
|
||||
<th>Status</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
||||
<br>
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($invoices_sql)) {
|
||||
$invoice_id = intval($row['invoice_id']);
|
||||
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
|
||||
$invoice_number = intval($row['invoice_number']);
|
||||
$invoice_scope = nullable_htmlentities($row['invoice_scope']);
|
||||
$invoice_status = nullable_htmlentities($row['invoice_status']);
|
||||
$invoice_date = nullable_htmlentities($row['invoice_date']);
|
||||
$invoice_due = nullable_htmlentities($row['invoice_due']);
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_url_key = nullable_htmlentities($row['invoice_url_key']);
|
||||
|
||||
<div class="row">
|
||||
if (empty($invoice_scope)) {
|
||||
$invoice_scope_display = "-";
|
||||
} else {
|
||||
$invoice_scope_display = $invoice_scope;
|
||||
}
|
||||
|
||||
<div class="col-md-10">
|
||||
$now = time();
|
||||
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
|
||||
$overdue_color = "text-danger font-weight-bold";
|
||||
} else {
|
||||
$overdue_color = "";
|
||||
}
|
||||
|
||||
if ($invoice_status == "Sent") {
|
||||
$invoice_badge_color = "warning text-white";
|
||||
} elseif ($invoice_status == "Viewed") {
|
||||
$invoice_badge_color = "info";
|
||||
} elseif ($invoice_status == "Partial") {
|
||||
$invoice_badge_color = "primary";
|
||||
} elseif ($invoice_status == "Paid") {
|
||||
$invoice_badge_color = "success";
|
||||
} elseif ($invoice_status == "Cancelled") {
|
||||
$invoice_badge_color = "danger";
|
||||
} else{
|
||||
$invoice_badge_color = "secondary";
|
||||
}
|
||||
?>
|
||||
|
||||
<table class="table tabled-bordered border border-dark">
|
||||
<thead class="thead-dark">
|
||||
<tr>
|
||||
<th>#</th>
|
||||
<th>Scope</th>
|
||||
<th>Amount</th>
|
||||
<th>Date</th>
|
||||
<th>Due</th>
|
||||
<th>Status</th>
|
||||
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"?>"> <?php echo "$invoice_prefix$invoice_number"; ?></a></td>
|
||||
<td><?php echo $invoice_scope_display; ?></td>
|
||||
<td><?php echo numfmt_format_currency($currency_format, $invoice_amount, $session_company_currency); ?></td>
|
||||
<td><?php echo $invoice_date; ?></td>
|
||||
<td class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></td>
|
||||
<td>
|
||||
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
|
||||
<?php echo $invoice_status; ?>
|
||||
</span>
|
||||
</td>
|
||||
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php } ?>
|
||||
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($invoices_sql)) {
|
||||
$invoice_id = intval($row['invoice_id']);
|
||||
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
|
||||
$invoice_number = intval($row['invoice_number']);
|
||||
$invoice_scope = nullable_htmlentities($row['invoice_scope']);
|
||||
$invoice_status = nullable_htmlentities($row['invoice_status']);
|
||||
$invoice_date = nullable_htmlentities($row['invoice_date']);
|
||||
$invoice_due = nullable_htmlentities($row['invoice_due']);
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_url_key = nullable_htmlentities($row['invoice_url_key']);
|
||||
|
||||
if (empty($invoice_scope)) {
|
||||
$invoice_scope_display = "-";
|
||||
} else {
|
||||
$invoice_scope_display = $invoice_scope;
|
||||
}
|
||||
|
||||
$now = time();
|
||||
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
|
||||
$overdue_color = "text-danger font-weight-bold";
|
||||
} else {
|
||||
$overdue_color = "";
|
||||
}
|
||||
|
||||
if ($invoice_status == "Sent") {
|
||||
$invoice_badge_color = "warning text-white";
|
||||
} elseif ($invoice_status == "Viewed") {
|
||||
$invoice_badge_color = "info";
|
||||
} elseif ($invoice_status == "Partial") {
|
||||
$invoice_badge_color = "primary";
|
||||
} elseif ($invoice_status == "Paid") {
|
||||
$invoice_badge_color = "success";
|
||||
} elseif ($invoice_status == "Cancelled") {
|
||||
$invoice_badge_color = "danger";
|
||||
} else{
|
||||
$invoice_badge_color = "secondary";
|
||||
}
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"?>"> <?php echo "$invoice_prefix$invoice_number"; ?></a></td>
|
||||
<td><?php echo $invoice_scope_display; ?></td>
|
||||
<td><?php echo numfmt_format_currency($currency_format, $invoice_amount, $session_company_currency); ?></td>
|
||||
<td><?php echo $invoice_date; ?></td>
|
||||
<td class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></td>
|
||||
<td>
|
||||
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
|
||||
<?php echo $invoice_status; ?>
|
||||
</span>
|
||||
</td>
|
||||
|
||||
</tr>
|
||||
<?php } ?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
<?php
|
||||
require_once "portal_footer.php";
|
||||
|
|
|
|||
|
|
@ -38,9 +38,19 @@ if (!isset($_SESSION)) {
|
|||
$ip = sanitizeInput(getIP());
|
||||
$user_agent = sanitizeInput($_SERVER['HTTP_USER_AGENT']);
|
||||
|
||||
$company_sql = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = 1");
|
||||
// Get Company Info
|
||||
$company_sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$company_results = mysqli_fetch_array($company_sql);
|
||||
$company_name = $company_results['company_name'];
|
||||
$company_name = sanitizeInput($company_results['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($company_results['company_phone']));
|
||||
$company_name_display = $company_results['company_name'];
|
||||
|
||||
// Get settings from get_settings.php and sanitize them
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
DEFINE("WORDING_ERROR", "Something went wrong! Your link may have expired. Please request a new password reset e-mail.");
|
||||
|
||||
|
|
@ -68,8 +78,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|||
|
||||
|
||||
// Send reset email
|
||||
$subject = mysqli_real_escape_string($mysqli, "Password reset for $company_name ITFlow Portal");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello, $name<br><br>Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal. <br><br><b>Please <a href='$url'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser:<br> $url<br><br><i>If you didn't request this change, you can safely ignore this email.</i><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email");
|
||||
$subject = "Password reset for $company_name Client Portal";
|
||||
$body = "Hello $name,<br><br>Someone (probably you) has requested a new password for your account on $company_name\'s Client Portal. <br><br><b>Please <a href=\'$url\'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser:<br> $url<br><br><i>If you didn\'t request this change, you can safely ignore this email.</i><br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -124,8 +134,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Reset portal password for $email.', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $client");
|
||||
|
||||
// Send confirmation email
|
||||
$subject = mysqli_real_escape_string($mysqli, "Password reset confirmation for $company_name ITFlow Portal");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello, $name<br><br>Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set! <br><br><b>If you didn't reset your password, please get in touch ASAP.</b><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email");
|
||||
$subject = "Password reset confirmation for $company_name Client Portal";
|
||||
$body = "Hello $name,<br><br>Your password for your account on $company_name\'s Client Portal was successfully reset. You should be all set! <br><br><b>If you didn\'t reset your password, please get in touch ASAP.</b><br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
|
||||
$data = [
|
||||
|
|
@ -158,16 +168,16 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<title><?php echo $company_name; ?> | Password Reset</title>
|
||||
<title><?php echo nullable_htmlentities($company_name_display); ?> | Password Reset</title>
|
||||
|
||||
<!-- Tell the browser to be responsive to screen width -->
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
|
|
@ -185,7 +195,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|||
|
||||
<body class="hold-transition login-page">
|
||||
<div class="login-box">
|
||||
<div class="login-logo"><b><?=$company_name?></b> <br>Password Reset</h2></div>
|
||||
<div class="login-logo"><b><?php echo nullable_htmlentities($company_name_display); ?></b> <br>Password Reset</h2></div>
|
||||
<div class="card">
|
||||
<div class="card-body login-card-body">
|
||||
|
||||
|
|
@ -216,9 +226,9 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<input type="hidden" name="token" value="<?=$token?>">
|
||||
<input type="hidden" name="email" value="<?=$email?>">
|
||||
<input type="hidden" name="client" value="<?=$client?>">
|
||||
<input type="hidden" name="token" value="<?php echo $token; ?>">
|
||||
<input type="hidden" name="email" value="<?php echo $email; ?>">
|
||||
<input type="hidden" name="client" value="<?php echo $client; ?>">
|
||||
|
||||
<button type="submit" class="btn btn-success btn-block mb-3" name="password_reset_set_password">Reset password</button>
|
||||
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ header("X-Frame-Options: DENY"); // Legacy
|
|||
<nav class="navbar navbar-expand-lg navbar-dark bg-dark">
|
||||
<div class="container">
|
||||
<a class="navbar-brand" href="index.php"><?php echo nullable_htmlentities($session_company_name); ?></a>
|
||||
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
|
||||
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent">
|
||||
<span class="navbar-toggler-icon"></span>
|
||||
</button>
|
||||
|
||||
|
|
@ -64,12 +64,12 @@ header("X-Frame-Options: DENY"); // Legacy
|
|||
<ul class="nav navbar-nav pull-right">
|
||||
<li class="nav-item dropdown">
|
||||
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown">
|
||||
<?php echo nullable_htmlentities($session_contact_name); ?>
|
||||
<?php echo stripslashes(nullable_htmlentities($session_contact_name)); ?>
|
||||
</a>
|
||||
<div class="dropdown-menu" aria-labelledby="navbarDropdown">
|
||||
<a class="dropdown-item" href="profile.php">Profile</a>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="profile.php"><i class="fas fa-fw fa-user mr-2"></i>Account</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="portal_post.php?logout">Sign out</a>
|
||||
<a class="dropdown-item" href="portal_post.php?logout"><i class="fas fa-fw fa-sign-out-alt mr-2"></i>Sign out</a>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
|
|
@ -81,3 +81,23 @@ header("X-Frame-Options: DENY"); // Legacy
|
|||
|
||||
<!-- Page content container -->
|
||||
<div class="container">
|
||||
|
||||
<div class="row mb-3">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
|
||||
<?php } else { ?>
|
||||
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo stripslashes(nullable_htmlentities($session_contact_name)); ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -9,23 +9,18 @@ require_once "inc_portal.php";
|
|||
|
||||
if (isset($_POST['add_ticket'])) {
|
||||
|
||||
// Get ticket prefix/number
|
||||
$sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql_settings);
|
||||
$config_ticket_prefix = sanitizeInput($row['config_ticket_prefix']);
|
||||
$config_ticket_next_number = intval($row['config_ticket_next_number']);
|
||||
|
||||
// Get email settings
|
||||
$config_ticket_from_name = $row['config_ticket_from_name'];
|
||||
$config_ticket_from_email = $row['config_ticket_from_email'];
|
||||
$config_ticket_new_ticket_notification_email = filter_var($row['config_ticket_new_ticket_notification_email'], FILTER_VALIDATE_EMAIL);
|
||||
|
||||
|
||||
$client_id = intval($session_client_id);
|
||||
$contact = intval($session_contact_id);
|
||||
$subject = sanitizeInput($_POST['subject']);
|
||||
$details = mysqli_real_escape_string($mysqli,($_POST['details']));
|
||||
|
||||
// Get settings from get_settings.php
|
||||
$config_ticket_prefix = sanitizeInput($config_ticket_prefix);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
$config_ticket_new_ticket_notification_email = filter_var($row['config_ticket_new_ticket_notification_email'], FILTER_VALIDATE_EMAIL);
|
||||
|
||||
// Ensure priority is low/med/high (as can be user defined)
|
||||
if ($_POST['priority'] !== "Low" && $_POST['priority'] !== "Medium" && $_POST['priority'] !== "High") {
|
||||
$priority = "Low";
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ require_once 'inc_portal.php';
|
|||
|
||||
<h2>Profile</h2>
|
||||
|
||||
<p>Name: <?php echo $session_contact_name ?></p>
|
||||
<p>Name: <?php echo stripslashes(nullable_htmlentities($session_contact_name)); ?></p>
|
||||
<p>Email: <?php echo $session_contact_email ?></p>
|
||||
<p>PIN: <?php echo $session_contact_pin ?></p>
|
||||
<p>Client: <?php echo $session_client_name ?></p>
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
|||
|
||||
require_once "inc_portal.php";
|
||||
|
||||
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
|
|
@ -17,98 +16,75 @@ if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
|||
$quotes_sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_client_id = $session_client_id AND quote_status != 'Draft' ORDER BY quote_date DESC");
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
<?php } else { ?>
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
<div class="row">
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo $session_contact_name ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
<div class="col-md-10">
|
||||
|
||||
</div>
|
||||
<table class="table tabled-bordered border border-dark">
|
||||
<thead class="thead-dark">
|
||||
<tr>
|
||||
<th>#</th>
|
||||
<th>Scope</th>
|
||||
<th>Amount</th>
|
||||
<th>Date</th>
|
||||
<th>Status</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
||||
<br>
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($quotes_sql)) {
|
||||
$quote_id = intval($row['quote_id']);
|
||||
$quote_prefix = nullable_htmlentities($row['quote_prefix']);
|
||||
$quote_number = intval($row['quote_number']);
|
||||
$quote_scope = nullable_htmlentities($row['quote_scope']);
|
||||
$quote_status = nullable_htmlentities($row['quote_status']);
|
||||
$quote_date = nullable_htmlentities($row['quote_date']);
|
||||
$quote_amount = floatval($row['quote_amount']);
|
||||
$quote_url_key = nullable_htmlentities($row['quote_url_key']);
|
||||
|
||||
<div class="row">
|
||||
if (empty($quote_scope)) {
|
||||
$quote_scope_display = "-";
|
||||
} else {
|
||||
$quote_scope_display = $quote_scope;
|
||||
}
|
||||
|
||||
<div class="col-md-10">
|
||||
if ($quote_status == "Sent") {
|
||||
$quote_badge_color = "warning text-white";
|
||||
} elseif ($quote_status == "Viewed") {
|
||||
$quote_badge_color = "primary";
|
||||
} elseif ($quote_status == "Accepted") {
|
||||
$quote_badge_color = "success";
|
||||
} elseif ($quote_status == "Declined") {
|
||||
$quote_badge_color = "danger";
|
||||
} elseif ($quote_status == "Invoiced") {
|
||||
$quote_badge_color = "info";
|
||||
} else {
|
||||
$quote_badge_color = "secondary";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<table class="table tabled-bordered border border-dark">
|
||||
<thead class="thead-dark">
|
||||
<tr>
|
||||
<th>#</th>
|
||||
<th>Scope</th>
|
||||
<th>Amount</th>
|
||||
<th>Date</th>
|
||||
<th>Status</th>
|
||||
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest_view_quote.php?quote_id=<?php echo "$quote_id&url_key=$quote_url_key"?>"> <?php echo "$quote_prefix$quote_number"; ?></a></td>
|
||||
<td><?php echo $quote_scope_display; ?></td>
|
||||
<td><?php echo numfmt_format_currency($currency_format, $quote_amount, $session_company_currency); ?></td>
|
||||
<td><?php echo $quote_date; ?></td>
|
||||
<td>
|
||||
<span class="p-2 badge badge-<?php echo $quote_badge_color; ?>">
|
||||
<?php echo $quote_status; ?>
|
||||
</span>
|
||||
</td>
|
||||
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php } ?>
|
||||
|
||||
<?php
|
||||
while ($row = mysqli_fetch_array($quotes_sql)) {
|
||||
$quote_id = intval($row['quote_id']);
|
||||
$quote_prefix = nullable_htmlentities($row['quote_prefix']);
|
||||
$quote_number = intval($row['quote_number']);
|
||||
$quote_scope = nullable_htmlentities($row['quote_scope']);
|
||||
$quote_status = nullable_htmlentities($row['quote_status']);
|
||||
$quote_date = nullable_htmlentities($row['quote_date']);
|
||||
$quote_amount = floatval($row['quote_amount']);
|
||||
$quote_url_key = nullable_htmlentities($row['quote_url_key']);
|
||||
|
||||
if (empty($quote_scope)) {
|
||||
$quote_scope_display = "-";
|
||||
} else {
|
||||
$quote_scope_display = $quote_scope;
|
||||
}
|
||||
|
||||
if ($quote_status == "Sent") {
|
||||
$quote_badge_color = "warning text-white";
|
||||
} elseif ($quote_status == "Viewed") {
|
||||
$quote_badge_color = "primary";
|
||||
} elseif ($quote_status == "Accepted") {
|
||||
$quote_badge_color = "success";
|
||||
} elseif ($quote_status == "Declined") {
|
||||
$quote_badge_color = "danger";
|
||||
} elseif ($quote_status == "Invoiced") {
|
||||
$quote_badge_color = "info";
|
||||
} else {
|
||||
$quote_badge_color = "secondary";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest_view_quote.php?quote_id=<?php echo "$quote_id&url_key=$quote_url_key"?>"> <?php echo "$quote_prefix$quote_number"; ?></a></td>
|
||||
<td><?php echo $quote_scope_display; ?></td>
|
||||
<td><?php echo numfmt_format_currency($currency_format, $quote_amount, $session_company_currency); ?></td>
|
||||
<td><?php echo $quote_date; ?></td>
|
||||
<td>
|
||||
<span class="p-2 badge badge-<?php echo $quote_badge_color; ?>">
|
||||
<?php echo $quote_status; ?>
|
||||
</span>
|
||||
</td>
|
||||
|
||||
</tr>
|
||||
<?php } ?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<?php
|
||||
require_once "portal_footer.php";
|
||||
|
||||
|
|
|
|||
|
|
@ -45,29 +45,6 @@ $total_tickets = intval($row['total_tickets']);
|
|||
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-md-1 text-center">
|
||||
<?php if (!empty($session_contact_photo)) { ?>
|
||||
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
|
||||
|
||||
<?php } else { ?>
|
||||
|
||||
<span class="fa-stack fa-2x rounded-left">
|
||||
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
|
||||
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
|
||||
</span>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
<div class="col-md-11 p-0">
|
||||
<h4>Welcome, <strong><?php echo $session_contact_name ?></strong>!</h4>
|
||||
<hr>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<br>
|
||||
|
||||
<div class="row">
|
||||
|
||||
<div class="col-md-10">
|
||||
|
|
|
|||
5
post.php
5
post.php
|
|
@ -10,7 +10,6 @@ require_once "functions.php";
|
|||
|
||||
require_once "check_login.php";
|
||||
|
||||
|
||||
// Load specific module logic
|
||||
require_once "post/account.php";
|
||||
|
||||
|
|
@ -20,6 +19,8 @@ require_once "post/api.php";
|
|||
|
||||
require_once "post/asset.php";
|
||||
|
||||
require_once "post/bulk_mail.php";
|
||||
|
||||
require_once "post/category.php";
|
||||
|
||||
require_once "post/certificate.php";
|
||||
|
|
@ -82,6 +83,4 @@ require_once "post/budget.php";
|
|||
|
||||
require_once "post/misc.php";
|
||||
|
||||
|
||||
?>
|
||||
|
||||
|
|
|
|||
112
post/asset.php
112
post/asset.php
|
|
@ -221,6 +221,118 @@ if (isset($_GET['delete_asset'])) {
|
|||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_assign_asset_location'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$location_id = intval($_POST['bulk_location_id']);
|
||||
|
||||
// Get Location name and client id for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT location_name, location_client_id FROM locations WHERE location_id = $location_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$location_name = sanitizeInput($row['location_name']);
|
||||
$client_id = intval($row['location_client_id']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$asset_count = count($_POST['asset_ids']);
|
||||
|
||||
// Assign Location to Selected Contacts
|
||||
if (!empty($_POST['asset_ids'])) {
|
||||
foreach($_POST['asset_ids'] as $asset_id) {
|
||||
$asset_id = intval($asset_id);
|
||||
|
||||
// Get Asset Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$asset_name = sanitizeInput($row['asset_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE assets SET asset_location_id = $location_id WHERE asset_id = $asset_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modify', log_description = '$session_name assigned $asset_name to Location $location_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $asset_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned <b>$asset_count</b> assets to location <b>$location_name</b>";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_assign_asset_contact'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$contact_id = intval($_POST['bulk_contact_id']);
|
||||
|
||||
// Get Contact name and client id for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$client_id = intval($row['contact_client_id']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$asset_count = count($_POST['asset_ids']);
|
||||
|
||||
// Assign Contact to Selected Assets
|
||||
if (!empty($_POST['asset_ids'])) {
|
||||
foreach($_POST['asset_ids'] as $asset_id) {
|
||||
$asset_id = intval($asset_id);
|
||||
|
||||
// Get Asset Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$asset_name = sanitizeInput($row['asset_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE assets SET asset_contact_id = $contact_id WHERE asset_id = $asset_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modify', log_description = '$session_name assigned $asset_name to contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $asset_id");
|
||||
|
||||
} // End Assign Contact Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned <b>$asset_count</b> assets to contact <b>$contact_name</b>";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_asset_status'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$status = sanitizeInput($_POST['bulk_status']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$asset_count = count($_POST['asset_ids']);
|
||||
|
||||
// Assign Contact to Selected Assets
|
||||
if (!empty($_POST['asset_ids'])) {
|
||||
foreach($_POST['asset_ids'] as $asset_id) {
|
||||
$asset_id = intval($asset_id);
|
||||
|
||||
// Get Asset Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT asset_name, asset_client_id FROM assets WHERE asset_id = $asset_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$asset_name = sanitizeInput($row['asset_name']);
|
||||
$client_id = intval($row['asset_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE assets SET asset_status = '$status' WHERE asset_id = $asset_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modify', log_description = '$session_name set status $status on $asset_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $asset_id");
|
||||
|
||||
} // End Assign Contact Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You set the status <b>$status</b> on <b>$asset_count</b> assets.";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST["import_client_assets_csv"])) {
|
||||
|
||||
validateTechRole();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,53 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* ITFlow - GET/POST request handler for bulk email
|
||||
*/
|
||||
|
||||
if (isset($_POST['send_bulk_mail_now'])) {
|
||||
|
||||
if ($_POST['contact']) {
|
||||
|
||||
$mail_from = sanitizeInput($_POST['mail_from']);
|
||||
$mail_from_name = sanitizeInput($_POST['mail_from_name']);
|
||||
$subject = sanitizeInput($_POST['subject']);
|
||||
$body = mysqli_escape_string($mysqli, $_POST['body']);
|
||||
$queued_at = sanitizeInput($_POST['queued_at']);
|
||||
|
||||
// Add Emails
|
||||
foreach($_POST['contact'] as $contact_id) {
|
||||
$contact_id = intval($contact_id);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$client_id = intval($row['contact_client_id']);
|
||||
|
||||
// Queue Mail
|
||||
$data[] = [
|
||||
'from' => $mail_from,
|
||||
'from_name' => $mail_from_name,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body,
|
||||
'queued_at' => $queued_at
|
||||
];
|
||||
}
|
||||
addToMailQueue($mysqli, $data);
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Bulk Mail', log_action = 'Send', log_description = '$session_name sent bulk email', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
|
||||
|
||||
$_SESSION['alert_message'] = "You Sent Bulk Mail";
|
||||
|
||||
} else {
|
||||
|
||||
$_SESSION['alert_message'] = "NO Bulk Mail SENT";
|
||||
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
168
post/contact.php
168
post/contact.php
|
|
@ -68,7 +68,6 @@ if (isset($_POST['edit_contact'])) {
|
|||
|
||||
require_once 'post/contact_model.php';
|
||||
|
||||
|
||||
$contact_id = intval($_POST['contact_id']);
|
||||
$send_email = intval($_POST['send_email']);
|
||||
|
||||
|
|
@ -98,12 +97,18 @@ if (isset($_POST['edit_contact'])) {
|
|||
// Send contact a welcome e-mail, if specified
|
||||
if ($send_email && !empty($auth_method) && !empty($config_smtp_host)) {
|
||||
|
||||
// Un-sanitizied used in body of email
|
||||
$contact_name = $_POST['name'];
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email);
|
||||
$config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
// Get Company Phone Number
|
||||
$sql = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Authentication info (azure, reset password, or tech-provided temporary password)
|
||||
|
||||
|
|
@ -112,11 +117,11 @@ if (isset($_POST['edit_contact'])) {
|
|||
} elseif (empty($_POST['contact_password'])) {
|
||||
$password_info = "Request a password reset at https://$config_base_url/portal/login_reset.php";
|
||||
} else {
|
||||
$password_info = $_POST['contact_password'] . " -- Please change on first login";
|
||||
$password_info = mysqli_real_escape_string($mysqli, $_POST['contact_password'] . " -- Please change on first login");
|
||||
}
|
||||
|
||||
$subject = sanitizeInput("Your new $session_company_name support portal account");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello, $contact_name<br><br>$session_company_name has created a support portal account for you. <br><br>Username: $email<br>Password: $password_info<br><br>Login URL: https://$config_base_url/portal/<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email");
|
||||
$subject = "Your new $company_name portal account";
|
||||
$body = "Hello $name,<br><br>$company_name has created a support portal account for you. <br><br>Username: $email<br>Password: $password_info<br><br>Login URL: https://$config_base_url/portal/<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
// Queue Mail
|
||||
$data = [
|
||||
|
|
@ -124,7 +129,7 @@ if (isset($_POST['edit_contact'])) {
|
|||
'from' => $config_mail_from_email,
|
||||
'from_name' => $config_mail_from_name,
|
||||
'recipient' => $email,
|
||||
'recipient_name' => $contact_name,
|
||||
'recipient_name' => $name,
|
||||
'subject' => $subject,
|
||||
'body' => $body,
|
||||
]
|
||||
|
|
@ -167,6 +172,149 @@ if (isset($_POST['edit_contact'])) {
|
|||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_assign_contact_location'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$location_id = intval($_POST['bulk_location_id']);
|
||||
|
||||
// Get Location name for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT location_name, location_client_id FROM locations WHERE location_id = $location_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$location_name = sanitizeInput($row['location_name']);
|
||||
$client_id = intval($row['location_client_id']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$contact_count = count($_POST['contact_ids']);
|
||||
|
||||
// Assign Location to Selected Contacts
|
||||
if (!empty($_POST['contact_ids'])) {
|
||||
foreach($_POST['contact_ids'] as $contact_id) {
|
||||
$contact_id = intval($contact_id);
|
||||
|
||||
// Get Contact Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE contacts SET contact_location_id = $location_id WHERE contact_id = $contact_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name assigned $contact_name to Location $location_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned <b>$contact_count</b> contacts to location <b>$location_name</b>";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_contact_phone'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$phone = preg_replace("/[^0-9]/", '', $_POST['bulk_phone']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$contact_count = count($_POST['contact_ids']);
|
||||
|
||||
// Assign Location to Selected Contacts
|
||||
if (!empty($_POST['contact_ids'])) {
|
||||
foreach($_POST['contact_ids'] as $contact_id) {
|
||||
$contact_id = intval($contact_id);
|
||||
|
||||
// Get Contact Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$client_id = intval($row['contact_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE contacts SET contact_phone = '$phone' WHERE contact_id = $contact_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name set Phone Number to $phone for $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You set Phone Number <b>" . formatPhoneNumber($phone) . "</b> on $contact_count</b> contacts";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_contact_department'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$department = sanitizeInput($_POST['bulk_department']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$contact_count = count($_POST['contact_ids']);
|
||||
|
||||
// Assign Location to Selected Contacts
|
||||
if (!empty($_POST['contact_ids'])) {
|
||||
foreach($_POST['contact_ids'] as $contact_id) {
|
||||
$contact_id = intval($contact_id);
|
||||
|
||||
// Get Contact Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$client_id = intval($row['contact_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE contacts SET contact_department = '$department' WHERE contact_id = $contact_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name set Department to $department for $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You set the Department to <b>$department</b> for <b>$contact_count</b> contacts";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_contact_role'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$contact_important = intval($_POST['bulk_contact_important']);
|
||||
$contact_billing = intval($_POST['bulk_contact_billing']);
|
||||
$contact_technical = intval($_POST['bulk_contact_technical']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$contact_count = count($_POST['contact_ids']);
|
||||
|
||||
// Assign Location to Selected Contacts
|
||||
if (!empty($_POST['contact_ids'])) {
|
||||
foreach($_POST['contact_ids'] as $contact_id) {
|
||||
$contact_id = intval($contact_id);
|
||||
|
||||
// Get Contact Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id FROM contacts WHERE contact_id = $contact_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$client_id = intval($row['contact_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE contacts SET contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical WHERE contact_id = $contact_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name updated $contact_name role', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You updated roles for <b>$contact_count</b> contacts";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_GET['anonymize_contact'])) {
|
||||
|
||||
validateAdminRole();
|
||||
|
|
|
|||
|
|
@ -188,6 +188,44 @@ if (isset($_POST['rename_document'])) {
|
|||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_move_document'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$folder_id = intval($_POST['bulk_folder_id']);
|
||||
|
||||
// Get folder name for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT folder_name, folder_client_id FROM folders WHERE folder_id = $folder_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$folder_name = sanitizeInput($row['folder_name']);
|
||||
$client_id = intval($row['folder_client_id']);
|
||||
|
||||
// Get Selected Document Count
|
||||
$document_count = count($_POST['document_ids']);
|
||||
|
||||
// Move Documents to Folder Loop
|
||||
if (!empty($_POST['document_ids'])) {
|
||||
foreach($_POST['document_ids'] as $document_id) {
|
||||
$document_id = intval($document_id);
|
||||
// Get document name for logging
|
||||
$sql = mysqli_query($mysqli,"SELECT document_name FROM documents WHERE document_id = $document_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$document_name = sanitizeInput($row['document_name']);
|
||||
|
||||
// Document move query
|
||||
mysqli_query($mysqli,"UPDATE documents SET document_folder_id = $folder_id WHERE document_id = $document_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document', log_action = 'Move', log_description = '$session_name moved document $document_name to folder $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $document_id");
|
||||
}
|
||||
}
|
||||
|
||||
$_SESSION['alert_message'] = "You moved <b>$document_count</b> documents to the folder <b>$folder_name</b>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['link_file_to_document'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
|
|
|||
|
|
@ -39,27 +39,31 @@ if (isset($_POST['add_event'])) {
|
|||
//If email is checked
|
||||
if ($email_event == 1) {
|
||||
|
||||
$sql_client = mysqli_query($mysqli,"SELECT * FROM clients JOIN contacts ON primary_contact = contact_id WHERE client_id = $client");
|
||||
$sql_client = mysqli_query($mysqli,"SELECT * FROM clients JOIN contacts ON contact_client_id = client_id WHERE contact_primary = 1 AND client_id = $client");
|
||||
$row = mysqli_fetch_array($sql_client);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$sql_company = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql_company);
|
||||
$company_name = $row['company_name'];
|
||||
$company_country = $row['company_country'];
|
||||
$company_address = $row['company_address'];
|
||||
$company_city = $row['company_city'];
|
||||
$company_state = $row['company_state'];
|
||||
$company_zip = $row['company_zip'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_email = $row['company_email'];
|
||||
$company_website = $row['company_website'];
|
||||
$company_logo = $row['company_logo'];
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_country = sanitizeInput($row['company_country']);
|
||||
$company_address = sanitizeInput($row['company_address']);
|
||||
$company_city = sanitizeInput($row['company_city']);
|
||||
$company_state = sanitizeInput($row['company_state']);
|
||||
$company_zip = sanitizeInput($row['company_zip']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
$company_logo = sanitizeInput($row['company_logo']);
|
||||
|
||||
// Sanitize Config Vars from get_settings.php and Session Vars from check_login.php
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
|
||||
$subject = "New Calendar Event";
|
||||
$body = "Hello $contact_name,<br><br>A calendar event has been scheduled: $title at $start<br><br><br>~<br>$company_name<br>$company_phone";
|
||||
$body = "Hello $contact_name,<br><br>A calendar event has been scheduled:<br><br>Event Title: $title<br>Event Date: $start<br><br><br>--<br>$company_name<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -75,7 +79,7 @@ if (isset($_POST['add_event'])) {
|
|||
|
||||
// Logging for email (success/fail)
|
||||
if ($mail === true) {
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar Event', log_action = 'Email', log_description = '$session_name emailed event $title to $contact_name from client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', client_id = $client, log_user_id = $session_user_id, log_entity_id = $event_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar Event', log_action = 'Email', log_description = '$session_name emailed event $title to $contact_name from client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client, log_user_id = $session_user_id, log_entity_id = $event_id");
|
||||
} else {
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email'");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
|
@ -104,28 +108,32 @@ if (isset($_POST['edit_event'])) {
|
|||
//If email is checked
|
||||
if ($email_event == 1) {
|
||||
|
||||
$sql_client = mysqli_query($mysqli,"SELECT * FROM clients JOIN contacts ON primary_contact = contact_id WHERE client_id = $client");
|
||||
$sql_client = mysqli_query($mysqli,"SELECT * FROM clients JOIN contacts ON contact_client_id = client_id WHERE contact_primary = 1 AND client_id = $client");
|
||||
$row = mysqli_fetch_array($sql_client);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$sql_company = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql_company);
|
||||
$company_name = $row['company_name'];
|
||||
$company_country = $row['company_country'];
|
||||
$company_address = $row['company_address'];
|
||||
$company_city = $row['company_city'];
|
||||
$company_state = $row['company_state'];
|
||||
$company_zip = $row['company_zip'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_email = $row['company_email'];
|
||||
$company_website = $row['company_website'];
|
||||
$company_logo = $row['company_logo'];
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_country = sanitizeInput($row['company_country']);
|
||||
$company_address = sanitizeInput($row['company_address']);
|
||||
$company_city = sanitizeInput($row['company_city']);
|
||||
$company_state = sanitizeInput($row['company_state']);
|
||||
$company_zip = sanitizeInput($row['company_zip']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
$company_logo = sanitizeInput($row['company_logo']);
|
||||
|
||||
// Sanitize Config Vars from get_settings.php and Session Vars from check_login.php
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
|
||||
|
||||
$subject = "Calendar Event Rescheduled";
|
||||
$body = "Hello $contact_name,<br><br>A calendar event has been rescheduled: $title at $start<br><br><br>~<br>$company_name<br>$company_phone";
|
||||
$body = "Hello $contact_name,<br><br>A calendar event has been rescheduled:<br><br>Event Title: $title<br>Event Date: $start<br><br><br>--<br>$company_name<br>$company_phone";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
|
|||
107
post/expense.php
107
post/expense.php
|
|
@ -108,6 +108,113 @@ if (isset($_GET['delete_expense'])) {
|
|||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_expense_category'])) {
|
||||
|
||||
$category_id = intval($_POST['bulk_category_id']);
|
||||
|
||||
// Get Category name for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT category_name FROM categories WHERE category_id = $category_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$category_name = sanitizeInput($row['category_name']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$expense_count = count($_POST['expense_ids']);
|
||||
|
||||
// Assign category to Selected Expenses
|
||||
if (!empty($_POST['expense_ids'])) {
|
||||
foreach($_POST['expense_ids'] as $expense_id) {
|
||||
$expense_id = intval($expense_id);
|
||||
|
||||
// Get Expense Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT expense_description, expense_client_id FROM expenses WHERE expense_id = $expense_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$expense_description = sanitizeInput($row['expense_description']);
|
||||
$client_id = intval($row['expense_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE expenses SET expense_category_id = $category_id WHERE expense_id = $expense_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Edit', log_description = '$session_name assigned $expense_description to expense category $category_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $expense_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned expense category <b>$category_name</b> to <b>$expense_count</b> expenses";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_expense_account'])) {
|
||||
|
||||
$account_id = intval($_POST['bulk_account_id']);
|
||||
|
||||
// Get Account name for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT account_name FROM accounts WHERE account_id = $account_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$account_name = sanitizeInput($row['account_name']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$expense_count = count($_POST['expense_ids']);
|
||||
|
||||
// Assign category to Selected Expenses
|
||||
if (!empty($_POST['expense_ids'])) {
|
||||
foreach($_POST['expense_ids'] as $expense_id) {
|
||||
$expense_id = intval($expense_id);
|
||||
|
||||
// Get Expense Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT expense_description, expense_client_id FROM expenses WHERE expense_id = $expense_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$expense_description = sanitizeInput($row['expense_description']);
|
||||
$client_id = intval($row['expense_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE expenses SET expense_account_id = $account_id WHERE expense_id = $expense_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Edit', log_description = '$session_name assigned $expense_description to account $account_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $expense_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned account <b>$account_name</b> to <b>$expense_count</b> expenses";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_expense_client'])) {
|
||||
|
||||
$client_id = intval($_POST['bulk_client_id']);
|
||||
|
||||
// Get Client name for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT client_name FROM clients WHERE client_id = $client_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
|
||||
// Get Selected Contacts Count
|
||||
$expense_count = count($_POST['expense_ids']);
|
||||
|
||||
// Assign category to Selected Expenses
|
||||
if (!empty($_POST['expense_ids'])) {
|
||||
foreach($_POST['expense_ids'] as $expense_id) {
|
||||
$expense_id = intval($expense_id);
|
||||
|
||||
// Get Expense Details for Logging
|
||||
$sql = mysqli_query($mysqli,"SELECT expense_description FROM expenses WHERE expense_id = $expense_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$expense_description = sanitizeInput($row['expense_description']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE expenses SET expense_client_id = $client_id WHERE expense_id = $expense_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Edit', log_description = '$session_name assigned $expense_description to client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $expense_id");
|
||||
|
||||
} // End Assign Location Loop
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned Client <b>$client_name</b> to <b>$expense_count</b> expenses";
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['export_expenses_csv'])) {
|
||||
$date_from = sanitizeInput($_POST['date_from']);
|
||||
$date_to = sanitizeInput($_POST['date_to']);
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ if (isset($_POST['upload_files'])) {
|
|||
'size' => $_FILES['file']['size'][$i]
|
||||
];
|
||||
|
||||
if ($file_reference_name = checkFileUpload($single_file, array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', 'md', 'doc', 'docx', 'odt', 'csv', 'xls', 'xlsx', 'ods', 'pptx', 'odp', 'zip', 'tar', 'gz', 'xml', 'msg', 'json', 'wav', 'mp3', 'ogg', 'mov', 'mp4', 'av1', 'ovpn', 'cfg', 'ps1'))) {
|
||||
if ($file_reference_name = checkFileUpload($single_file, array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', 'md', 'doc', 'docx', 'odt', 'csv', 'xls', 'xlsx', 'ods', 'pptx', 'odp', 'zip', 'tar', 'gz', 'xml', 'msg', 'json', 'wav', 'mp3', 'ogg', 'mov', 'mp4', 'av1', 'ovpn', 'cfg', 'ps1', 'vsdx', 'drawio'))) {
|
||||
|
||||
$file_tmp_path = $_FILES['file']['tmp_name'][$i];
|
||||
|
||||
|
|
@ -143,3 +143,41 @@ if (isset($_POST['delete_file'])) {
|
|||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_move_files'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$folder_id = intval($_POST['bulk_folder_id']);
|
||||
|
||||
// Get folder name for logging and Notification
|
||||
$sql = mysqli_query($mysqli,"SELECT folder_name, folder_client_id FROM folders WHERE folder_id = $folder_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$folder_name = sanitizeInput($row['folder_name']);
|
||||
$client_id = intval($row['folder_client_id']);
|
||||
|
||||
// Get Selected file Count
|
||||
$file_count = count($_POST['file_ids']);
|
||||
|
||||
// Move Documents to Folder Loop
|
||||
if (!empty($_POST['file_ids'])) {
|
||||
foreach($_POST['file_ids'] as $file_id) {
|
||||
$file_id = intval($file_id);
|
||||
// Get file name for logging
|
||||
$sql = mysqli_query($mysqli,"SELECT file_name FROM files WHERE file_id = $file_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$file_name = sanitizeInput($row['file_name']);
|
||||
|
||||
// file move query
|
||||
mysqli_query($mysqli,"UPDATE files SET file_folder_id = $folder_id WHERE file_id = $file_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Move', log_description = '$session_name moved file $file_name to folder $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $file_id");
|
||||
}
|
||||
}
|
||||
|
||||
$_SESSION['alert_message'] = "You moved <b>$file_count</b> files to the folder <b>$folder_name</b>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
|
|
|||
190
post/invoice.php
190
post/invoice.php
|
|
@ -631,39 +631,35 @@ if (isset($_POST['add_payment'])) {
|
|||
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_prefix = $row['invoice_prefix'];
|
||||
$invoice_prefix = sanitizeInput($row['invoice_prefix']);
|
||||
$invoice_number = intval($row['invoice_number']);
|
||||
$invoice_url_key = $row['invoice_url_key'];
|
||||
$invoice_currency_code = $row['invoice_currency_code'];
|
||||
$invoice_url_key = sanitizeInput($row['invoice_url_key']);
|
||||
$invoice_currency_code = sanitizeInput($row['invoice_currency_code']);
|
||||
$client_id = intval($row['client_id']);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$contact_phone = sanitizeInput(formatPhoneNumber($row['contact_phone']));
|
||||
$contact_extension = preg_replace("/[^0-9]/", '',$row['contact_extension']);
|
||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
||||
|
||||
$invoice_prefix_escaped = sanitizeInput($row['invoice_prefix']);
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
$contact_mobile = sanitizeInput(formatPhoneNumber($row['contact_mobile']));
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$company_name = $row['company_name'];
|
||||
$company_country = $row['company_country'];
|
||||
$company_address = $row['company_address'];
|
||||
$company_city = $row['company_city'];
|
||||
$company_state = $row['company_state'];
|
||||
$company_zip = $row['company_zip'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_email = $row['company_email'];
|
||||
$company_website = $row['company_website'];
|
||||
$company_logo = $row['company_logo'];
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_country = sanitizeInput($row['company_country']);
|
||||
$company_address = sanitizeInput($row['company_address']);
|
||||
$company_city = sanitizeInput($row['company_city']);
|
||||
$company_state = sanitizeInput($row['company_state']);
|
||||
$company_zip = sanitizeInput($row['company_zip']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
$company_logo = sanitizeInput($row['company_logo']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_invoice_from_name_escaped = sanitizeInput($config_invoice_from_name);
|
||||
$config_invoice_from_email_escaped = sanitizeInput($config_invoice_from_email);
|
||||
$config_invoice_from_name = sanitizeInput($config_invoice_from_name);
|
||||
$config_invoice_from_email = sanitizeInput($config_invoice_from_email);
|
||||
|
||||
//Calculate the Invoice balance
|
||||
$invoice_balance = $invoice_amount - $total_payments_amount;
|
||||
|
|
@ -677,15 +673,15 @@ if (isset($_POST['add_payment'])) {
|
|||
|
||||
if ($email_receipt == 1) {
|
||||
|
||||
$subject = sanitizeInput("Payment Received - Invoice $invoice_prefix$invoice_number");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>We have received your payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
$subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>We have received your payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>--<br>$company_name - Billing Department<br>$config_invoice_from_email<br>$company_phone";
|
||||
|
||||
// Queue Mail
|
||||
$email = [
|
||||
'from' => $config_invoice_from_email,
|
||||
'from_name' => $config_invoice_from_name,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
|
@ -710,15 +706,15 @@ if (isset($_POST['add_payment'])) {
|
|||
if ($email_receipt == 1) {
|
||||
|
||||
|
||||
$subject = sanitizeInput("Partial Payment Recieved - Invoice $invoice_prefix$invoice_number");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>We have recieved partial payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " and it has been applied to invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
$subject = "Partial Payment Recieved - Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>We have recieved partial payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " and it has been applied to invoice <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
|
||||
// Queue Mail
|
||||
$email = [
|
||||
'from' => $config_invoice_from_email,
|
||||
'from_name' => $config_invoice_from_name,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
|
@ -753,7 +749,7 @@ if (isset($_POST['add_payment'])) {
|
|||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Create', log_description = '$payment_amount', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $payment_id");
|
||||
|
||||
if ($email_receipt == 1) {
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Email', log_description = 'Payment receipt for invoice $invoice_prefix_escaped$invoice_number queued to $contact_email_escaped Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $payment_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Email', log_description = 'Payment receipt for invoice $invoice_prefix$invoice_number queued to $contact_email Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $payment_id");
|
||||
}
|
||||
|
||||
$_SESSION['alert_message'] .= "Payment added";
|
||||
|
|
@ -839,7 +835,7 @@ if (isset($_POST['add_bulk_payment'])) {
|
|||
|
||||
// Add to Email Body Invoice Portion
|
||||
|
||||
$email_body_invoices .= mysqli_real_escape_string($mysqli, "<br>Invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a> - Outstanding Amount: " . numfmt_format_currency($currency_format, $invoice_balance, $currency_code) . " - Payment Applied: " . numfmt_format_currency($currency_format, $payment_amount, $currency_code) . " - New Balance: " . numfmt_format_currency($currency_format, $remaining_invoice_balance, $currency_code));
|
||||
$email_body_invoices .= "<br>Invoice <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>$invoice_prefix$invoice_number</a> - Outstanding Amount: " . numfmt_format_currency($currency_format, $invoice_balance, $currency_code) . " - Payment Applied: " . numfmt_format_currency($currency_format, $payment_amount, $currency_code) . " - New Balance: " . numfmt_format_currency($currency_format, $remaining_invoice_balance, $currency_code);
|
||||
|
||||
|
||||
} // End Invoice Loop
|
||||
|
|
@ -855,34 +851,31 @@ if (isset($_POST['add_bulk_payment'])) {
|
|||
);
|
||||
|
||||
$row = mysqli_fetch_array($sql_client);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
|
||||
$sql_company = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$sql_company = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql_company);
|
||||
|
||||
$company_name = $row['company_name'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_invoice_from_name_escaped = sanitizeInput($config_invoice_from_name);
|
||||
$config_invoice_from_email_escaped = sanitizeInput($config_invoice_from_email);
|
||||
$config_invoice_from_name = sanitizeInput($config_invoice_from_name);
|
||||
$config_invoice_from_email = sanitizeInput($config_invoice_from_email);
|
||||
|
||||
$subject = sanitizeInput("Payment Received - Multiple Invoices");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>Thank you for your payment of " . numfmt_format_currency($currency_format, $bulk_payment_amount_static, $currency_code) . " We've applied your payment to the following invoices, updating their balances accordingly:<br><br>$email_body_invoices<br><br><br>We appreciate your continued business!<br><br>Sincerely,<br>$company_name Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
$subject = "Payment Received - Multiple Invoices";
|
||||
$body = "Hello $contact_name,<br><br>Thank you for your payment of " . numfmt_format_currency($currency_format, $bulk_payment_amount_static, $currency_code) . " We\'ve applied your payment to the following invoices, updating their balances accordingly:<br><br>$email_body_invoices<br><br><br>We appreciate your continued business!<br><br>Sincerely,<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
|
||||
// Queue Mail
|
||||
mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_invoice_from_email_escaped', email_from_name = '$config_invoice_from_name_escaped', email_subject = '$subject', email_content = '$body'");
|
||||
mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email', email_recipient_name = '$contact_name', email_from = '$config_invoice_from_email', email_from_name = '$config_invoice_from_name', email_subject = '$subject', email_content = '$body'");
|
||||
|
||||
// Get Email ID for reference
|
||||
$email_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Email Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Email', log_description = 'Bulk Payment receipt for multiple Invoices queued to $contact_email_escaped Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $payment_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Email', log_description = 'Bulk Payment receipt for multiple Invoices queued to $contact_email Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $payment_id");
|
||||
|
||||
$_SESSION['alert_message'] .= "Email receipt sent and ";
|
||||
|
||||
|
|
@ -954,39 +947,36 @@ if (isset($_GET['email_invoice'])) {
|
|||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$invoice_id = intval($row['invoice_id']);
|
||||
$invoice_prefix = $row['invoice_prefix'];
|
||||
$invoice_prefix = sanitizeInput($row['invoice_prefix']);
|
||||
$invoice_number = intval($row['invoice_number']);
|
||||
$invoice_status = $row['invoice_status'];
|
||||
$invoice_date = $row['invoice_date'];
|
||||
$invoice_due = $row['invoice_due'];
|
||||
$invoice_status = sanitizeInput($row['invoice_status']);
|
||||
$invoice_date = sanitizeInput($row['invoice_date']);
|
||||
$invoice_due = sanitizeInput($row['invoice_due']);
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_url_key = $row['invoice_url_key'];
|
||||
$invoice_currency_code = $row['invoice_currency_code'];
|
||||
$invoice_url_key = sanitizeInput($row['invoice_url_key']);
|
||||
$invoice_currency_code = sanitizeInput($row['invoice_currency_code']);
|
||||
$client_id = intval($row['client_id']);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$invoice_prefix_escaped = sanitizeInput($row['invoice_prefix']);
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$company_name = $row['company_name'];
|
||||
$company_country = $row['company_country'];
|
||||
$company_address = $row['company_address'];
|
||||
$company_city = $row['company_city'];
|
||||
$company_state = $row['company_state'];
|
||||
$company_zip = $row['company_zip'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_email = $row['company_email'];
|
||||
$company_website = $row['company_website'];
|
||||
$company_logo = $row['company_logo'];
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_country = sanitizeInput($row['company_country']);
|
||||
$company_address = sanitizeInput($row['company_address']);
|
||||
$company_city = sanitizeInput($row['company_city']);
|
||||
$company_state = sanitizeInput($row['company_state']);
|
||||
$company_zip = sanitizeInput($row['company_zip']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
$company_logo = sanitizeInput($row['company_logo']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_invoice_from_name_escaped = sanitizeInput($config_invoice_from_name);
|
||||
$config_invoice_from_email_escaped = sanitizeInput($config_invoice_from_email);
|
||||
$config_invoice_from_name = sanitizeInput($config_invoice_from_name);
|
||||
$config_invoice_from_email = sanitizeInput($config_invoice_from_email);
|
||||
|
||||
$sql_payments = mysqli_query($mysqli,"SELECT * FROM payments, accounts WHERE payment_account_id = account_id AND payment_invoice_id = $invoice_id ORDER BY payment_id DESC");
|
||||
|
||||
|
|
@ -998,20 +988,20 @@ if (isset($_GET['email_invoice'])) {
|
|||
$balance = $invoice_amount - $amount_paid;
|
||||
|
||||
if ($invoice_status == 'Paid') {
|
||||
$subject = sanitizeInput("Invoice $invoice_prefix$invoice_number Receipt");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>Please click on the link below to see your invoice marked <b>paid</b>.<br><br><a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>Invoice Link</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
$subject = "Invoice $invoice_prefix$invoice_number Receipt";
|
||||
$body = "Hello $contact_name,<br><br>Please click on the link below to see your invoice marked <b>paid</b>.<br><br><a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>Invoice Link</a><br><br><br>--<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
} else {
|
||||
$subject = sanitizeInput("Invoice $invoice_prefix$invoice_number");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Balance Due: " . numfmt_format_currency($currency_format, $balance, $invoice_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone");
|
||||
$subject = "Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Balance Due: " . numfmt_format_currency($currency_format, $balance, $invoice_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key\'>here</a><br><br><br>--<br>$company_name - Billing<br>$config_invoice_from_email<br>$company_phone";
|
||||
}
|
||||
|
||||
// Queue Mail
|
||||
$data = [
|
||||
[
|
||||
'from' => $config_invoice_from_email_escaped,
|
||||
'from_name' => $config_invoice_from_name_escaped,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'from' => $config_invoice_from_email,
|
||||
'from_name' => $config_invoice_from_name,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
]
|
||||
|
|
@ -1031,7 +1021,7 @@ if (isset($_GET['email_invoice'])) {
|
|||
}
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Email', log_description = 'Invoice $invoice_prefix_escaped$invoice_number queued to $contact_email_escaped Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $invoice_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Email', log_description = 'Invoice $invoice_prefix$invoice_number queued to $contact_email Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $invoice_id");
|
||||
|
||||
// Send copies of the invoice to any additional billing contacts
|
||||
$sql_billing_contacts = mysqli_query(
|
||||
|
|
@ -1061,7 +1051,7 @@ if (isset($_GET['email_invoice'])) {
|
|||
];
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Email', log_description = 'Invoice $invoice_prefix_escaped$invoice_number queued to $billing_contact_email Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $invoice_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Email', log_description = 'Invoice $invoice_prefix$invoice_number queued to $billing_contact_email Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $invoice_id");
|
||||
}
|
||||
|
||||
addToMailQueue($mysqli, $data);
|
||||
|
|
@ -1152,32 +1142,32 @@ if (isset($_GET['force_recurring'])) {
|
|||
);
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$invoice_prefix = $row['invoice_prefix'];
|
||||
$invoice_prefix = sanitizeInput($row['invoice_prefix']);
|
||||
$invoice_number = intval($row['invoice_number']);
|
||||
$invoice_scope = $row['invoice_scope'];
|
||||
$invoice_date = $row['invoice_date'];
|
||||
$invoice_due = $row['invoice_due'];
|
||||
$invoice_scope = sanitizeInput($row['invoice_scope']);
|
||||
$invoice_date = sanitizeInput($row['invoice_date']);
|
||||
$invoice_due = sanitizeInput($row['invoice_due']);
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_url_key = $row['invoice_url_key'];
|
||||
$invoice_url_key = sanitizeInput($row['invoice_url_key']);
|
||||
$client_id = intval($row['client_id']);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
||||
$contact_extension = $row['contact_extension'];
|
||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$contact_phone = sanitizeInput(formatPhoneNumber($row['contact_phone']));
|
||||
$contact_extension = intval($row['contact_extension']);
|
||||
$contact_mobile = sanitizeInput(formatPhoneNumber($row['contact_mobile']));
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = $row['company_name'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_email = $row['company_email'];
|
||||
$company_website = $row['company_website'];
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
|
||||
// Email to client
|
||||
|
||||
$subject = mysqli_real_escape_string($mysqli, "Invoice $invoice_prefix$invoice_number");
|
||||
$body = mysqli_real_escape_string($mysqli, "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: $$invoice_amount<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>$company_phone");
|
||||
$subject = "Invoice $invoice_prefix$invoice_number";
|
||||
$body = "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: $$invoice_amount<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href=\'https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key\'>here</a><br><br><br>--<br>$company_name - Billing<br>$company_phone";
|
||||
|
||||
|
||||
$data = [
|
||||
|
|
|
|||
|
|
@ -3,4 +3,6 @@ $date = sanitizeInput($_POST['date']);
|
|||
$category = intval($_POST['category']);
|
||||
$scope = sanitizeInput($_POST['scope']);
|
||||
$invoice_discount = floatval($_POST['invoice_discount']);
|
||||
$recurring_discount = floatval($_POST['recurring_discount']);
|
||||
$recurring_discount = floatval($_POST['recurring_discount']);
|
||||
|
||||
$config_invoice_prefix = sanitizeInput($config_invoice_prefix);
|
||||
|
|
@ -21,7 +21,12 @@ if (isset($_POST['edit_your_user_details'])) {
|
|||
|
||||
// Email notification when password or email is changed
|
||||
$user_old_email_sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT user_email FROM users WHERE user_id = $session_user_id"));
|
||||
$user_old_email = $user_old_email_sql['user_email'];
|
||||
$user_old_email = sanitizeInput($user_old_email_sql['user_email']);
|
||||
|
||||
// Sanitize Config Vars from get_settings.php and Session Vars from check_login.php
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
$config_app_name = sanitizeInput($config_app_name);
|
||||
|
||||
if (!empty($config_smtp_host) && ($user_old_email !== $email)) {
|
||||
|
||||
|
|
@ -39,7 +44,7 @@ if (isset($_POST['edit_your_user_details'])) {
|
|||
'subject' => $subject,
|
||||
'body' => $body
|
||||
]
|
||||
];
|
||||
];
|
||||
$mail = addToMailQueue($mysqli, $data);
|
||||
}
|
||||
|
||||
|
|
@ -92,17 +97,27 @@ if (isset($_POST['edit_your_user_password'])) {
|
|||
|
||||
$new_password = trim($_POST['new_password']);
|
||||
|
||||
if (empty($new_password)) {
|
||||
header('Location: user_security.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
// Email notification when password or email is changed
|
||||
$user_sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT user_name, user_email FROM users WHERE user_id = $session_user_id"));
|
||||
$name = $user_sql['user_name'];
|
||||
$user_email = $user_sql['user_email'];
|
||||
$name = sanitizeInput($user_sql['user_name']);
|
||||
$user_email = sanitizeInput($user_sql['user_email']);
|
||||
|
||||
// Sanitize Config Vars from get_settings.php and Session Vars from check_login.php
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
$config_app_name = sanitizeInput($config_app_name);
|
||||
|
||||
if (!empty($config_smtp_host)){
|
||||
|
||||
$details = "Your password was changed.";
|
||||
|
||||
$subject = "$config_app_name account update confirmation for $name";
|
||||
$body = "Hi $name, <br><br>Your $config_app_name account has been updated, details below: <br><br> <b>$details</b> <br><br> If you did not perform this change, contact your $config_app_name administrator immediately. <br><br>Thanks, <br>ITFlow<br>$session_company_name";
|
||||
$body = "Hi $name, <br><br>Your $config_app_name account has been updated, details below: <br><br> <b>$details</b> <br><br> If you did not perform this change, contact your $config_app_name administrator immediately. <br><br>Thanks, <br>$config_app_name";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -205,6 +220,11 @@ if(isset($_POST['disable_2fa'])){
|
|||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User Settings', log_action = 'Modify', log_description = '$session_name disabled 2FA on their account', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
||||
// Sanitize Config Vars from get_settings.php and Session Vars from check_login.php
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
$config_app_name = sanitizeInput($config_app_name);
|
||||
|
||||
// Email notification
|
||||
if (!empty($config_smtp_host)) {
|
||||
$subject = "$config_app_name account update confirmation for $session_name";
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ if (isset($_POST['add_quote'])) {
|
|||
|
||||
require_once 'post/quote_model.php';
|
||||
|
||||
|
||||
$client = intval($_POST['client']);
|
||||
|
||||
//Get the last Quote Number and add 1 for the new Quote number
|
||||
|
|
@ -356,51 +355,49 @@ if (isset($_GET['email_quote'])) {
|
|||
);
|
||||
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$quote_prefix = $row['quote_prefix'];
|
||||
$quote_prefix = sanitizeInput($row['quote_prefix']);
|
||||
$quote_number = intval($row['quote_number']);
|
||||
$quote_scope = $row['quote_scope'];
|
||||
$quote_status = $row['quote_status'];
|
||||
$quote_date = $row['quote_date'];
|
||||
$quote_expire = $row['quote_expire'];
|
||||
$quote_scope = sanitizeInput($row['quote_scope']);
|
||||
$quote_status = sanitizeInput($row['quote_status']);
|
||||
$quote_date = sanitizeInput($row['quote_date']);
|
||||
$quote_expire = sanitizeInput($row['quote_expire']);
|
||||
$quote_amount = floatval($row['quote_amount']);
|
||||
$quote_url_key = $row['quote_url_key'];
|
||||
$quote_currency_code = $row['quote_currency_code'];
|
||||
$quote_url_key = sanitizeInput($row['quote_url_key']);
|
||||
$quote_currency_code = sanitizeInput($row['quote_currency_code']);
|
||||
$client_id = intval($row['client_id']);
|
||||
$client_name = $row['client_name'];
|
||||
$contact_name = $row['contact_name'];
|
||||
$contact_email = $row['contact_email'];
|
||||
$quote_prefix_escaped = sanitizeInput($row['quote_prefix']);
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
$client_name = sanitizeInput($row['client_name']);
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$company_name = $row['company_name'];
|
||||
$company_country = $row['company_country'];
|
||||
$company_address = $row['company_address'];
|
||||
$company_city = $row['company_city'];
|
||||
$company_state = $row['company_state'];
|
||||
$company_zip = $row['company_zip'];
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$company_email = $row['company_email'];
|
||||
$company_website = $row['company_website'];
|
||||
$company_logo = $row['company_logo'];
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_country = sanitizeInput($row['company_country']);
|
||||
$company_address = sanitizeInput($row['company_address']);
|
||||
$company_city = sanitizeInput($row['company_city']);
|
||||
$company_state = sanitizeInput($row['company_state']);
|
||||
$company_zip = sanitizeInput($row['company_zip']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
$company_email = sanitizeInput($row['company_email']);
|
||||
$company_website = sanitizeInput($row['company_website']);
|
||||
$company_logo = sanitizeInput($row['company_logo']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_quote_from_name_escaped = sanitizeInput($config_quote_from_name);
|
||||
$config_quote_from_email_escaped = sanitizeInput($config_quote_from_email);
|
||||
$config_quote_from_name = sanitizeInput($config_quote_from_name);
|
||||
$config_quote_from_email = sanitizeInput($config_quote_from_email);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
$subject = sanitizeInput("Quote [$quote_scope]");
|
||||
$body = mysqli_escape_string($mysqli, "Hello $contact_name,<br><br>Thank you for your inquiry, we are pleased to provide you with the following estimate.<br><br><br>$quote_scope<br>Total Cost: " . numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code) . "<br><br><br>View and accept your estimate online <a href='https://$config_base_url/guest_view_quote.php?quote_id=$quote_id&url_key=$quote_url_key'>here</a><br><br><br>~<br>$company_name<br>Sales<br>$config_quote_from_email<br>$company_phone");
|
||||
$subject = "Quote [$quote_scope]";
|
||||
$body = "Hello $contact_name,<br><br>Thank you for your inquiry, we are pleased to provide you with the following estimate.<br><br><br>$quote_scope<br>Total Cost: " . numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code) . "<br><br><br>View and accept your estimate online <a href=\'https://$config_base_url/guest_view_quote.php?quote_id=$quote_id&url_key=$quote_url_key\'>here</a><br><br><br>--<br>$company_name - Sales<br>$config_quote_from_email<br>$company_phone";
|
||||
|
||||
// Queue Mail
|
||||
$data = [
|
||||
[
|
||||
'from' => $config_quote_from_email,
|
||||
'from_name' => $config_quote_from_name,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body,
|
||||
]
|
||||
|
|
@ -409,7 +406,7 @@ if (isset($_GET['email_quote'])) {
|
|||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Emailed Quote!', history_quote_id = $quote_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Email', log_description = '$session_name emailed Quote $quote_prefix_escaped$quote_number to $contact_email_escaped Email ID: ', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $quote_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Email', log_description = '$session_name emailed Quote $quote_prefix$quote_number to $contact_email Email ID: ', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $quote_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Quote has been sent";
|
||||
|
||||
|
|
|
|||
|
|
@ -4,3 +4,5 @@ $expire = sanitizeInput($_POST['expire']);
|
|||
$category = intval($_POST['category']);
|
||||
$scope = sanitizeInput($_POST['scope']);
|
||||
$quote_discount = floatval($_POST['quote_discount']);
|
||||
|
||||
$config_quote_prefix = sanitizeInput($config_quote_prefix);
|
||||
|
|
|
|||
|
|
@ -169,7 +169,7 @@ if (isset($_POST['test_email_smtp'])) {
|
|||
|
||||
$email_to = sanitizeInput($_POST['email_to']);
|
||||
$subject = "Test email from ITFlow";
|
||||
$body = "This is a test email from ITFlow. If you are reading this, it worked!";
|
||||
$body = "This is a test email from ITFlow. If you are reading this, it worked!";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
@ -271,7 +271,7 @@ if (isset($_POST['edit_ticket_settings'])) {
|
|||
$config_ticket_autoclose_hours = intval($_POST['config_ticket_autoclose_hours']);
|
||||
$config_ticket_new_ticket_notification_email = sanitizeInput($_POST['config_ticket_new_ticket_notification_email']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name', config_ticket_email_parse = '$config_ticket_email_parse', config_ticket_autoclose = $config_ticket_autoclose, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email' WHERE company_id = 1");
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_email_parse = $config_ticket_email_parse, config_ticket_autoclose = $config_ticket_autoclose, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email' WHERE company_id = 1");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified ticket settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
|
@ -373,8 +373,13 @@ if (isset($_POST['edit_online_payment_settings'])) {
|
|||
$config_stripe_publishable = sanitizeInput($_POST['config_stripe_publishable']);
|
||||
$config_stripe_secret = sanitizeInput($_POST['config_stripe_secret']);
|
||||
$config_stripe_account = intval($_POST['config_stripe_account']);
|
||||
$config_stripe_expense_vendor = intval($_POST['config_stripe_expense_vendor']);
|
||||
$config_stripe_expense_category = intval($_POST['config_stripe_expense_category']);
|
||||
$config_stripe_percentage_fee = floatval($_POST['config_stripe_percentage_fee']) / 100;
|
||||
$config_stripe_flat_fee = floatval($_POST['config_stripe_flat_fee']);
|
||||
$config_stripe_client_pays_fees = intval($_POST['config_stripe_client_pays_fees']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account WHERE company_id = 1");
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account, config_stripe_expense_vendor = $config_stripe_expense_vendor, config_stripe_expense_category = $config_stripe_expense_category, config_stripe_percentage_fee = $config_stripe_percentage_fee, config_stripe_flat_fee = $config_stripe_flat_fee, config_stripe_client_pays_fees = $config_stripe_client_pays_fees WHERE company_id = 1");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified online payment settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
|
@ -626,6 +631,10 @@ if (isset($_GET['update'])) {
|
|||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM tickets"));
|
||||
$ticket_count = $row['num'];
|
||||
|
||||
// Scheduled Ticket Count
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('scheduled_ticket_id') AS num FROM scheduled_tickets"));
|
||||
$scheduled_ticket_count = $row['num'];
|
||||
|
||||
// Calendar Event Count
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events"));
|
||||
$calendar_event_count = $row['num'];
|
||||
|
|
@ -791,6 +800,7 @@ if (isset($_GET['update'])) {
|
|||
'comments' => "$comments",
|
||||
'client_count' => $client_count,
|
||||
'ticket_count' => $ticket_count,
|
||||
'scheduled_ticket_count' => $scheduled_ticket_count,
|
||||
'calendar_event_count' => $calendar_event_count,
|
||||
'quote_count' => $quote_count,
|
||||
'invoice_count' => $invoice_count,
|
||||
|
|
@ -884,19 +894,3 @@ if (isset($_GET['update_db'])) {
|
|||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['config_stripe_client_pays_fees'])) {
|
||||
|
||||
validateAdminRole();
|
||||
|
||||
$config_stripe_client_pays_fees = intval($_POST['config_stripe_client_pays_fees']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_stripe_client_pays_fees = $config_stripe_client_pays_fees WHERE company_id = 1");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified stripe client pays fees', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Stripe client pays fees updated";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
|
|
|||
684
post/ticket.php
684
post/ticket.php
|
|
@ -41,6 +41,13 @@ if (isset($_POST['add_ticket'])) {
|
|||
//Get the next Ticket Number and add 1 for the new ticket number
|
||||
$ticket_number = $config_ticket_next_number;
|
||||
$new_config_ticket_next_number = $config_ticket_next_number + 1;
|
||||
|
||||
// Sanitize Config Vars from get_settings.php and Session Vars from check_login.php
|
||||
$config_ticket_prefix = sanitizeInput($config_ticket_prefix);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_billable = '$billable', ticket_status = '$ticket_status', ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id, ticket_created_by = $session_user_id, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_client_id = $client_id, ticket_invoice_id = 0");
|
||||
|
|
@ -65,97 +72,69 @@ if (isset($_POST['add_ticket'])) {
|
|||
WHERE ticket_id = $ticket_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
// Unescaped Content used for email body and subject because it will get escaped as a whole
|
||||
$contact_name = $row['contact_name'];
|
||||
$ticket_prefix = $row['ticket_prefix'];
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_category = $row['ticket_category'];
|
||||
$ticket_subject = $row['ticket_subject'];
|
||||
$ticket_details = $row['ticket_details'];
|
||||
$ticket_priority = $row['ticket_priority'];
|
||||
$ticket_status = $row['ticket_status'];
|
||||
$ticket_category = sanitizeInput($row['ticket_category']);
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$ticket_details = mysqli_escape_string($mysqli, $row['ticket_details']);
|
||||
$ticket_priority = sanitizeInput($row['ticket_priority']);
|
||||
$ticket_status = sanitizeInput($row['ticket_status']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
$ticket_created_by = intval($row['ticket_created_by']);
|
||||
$ticket_assigned_to = intval($row['ticket_assigned_to']);
|
||||
|
||||
// Escaped content used for everything else except email subject and body
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix_escaped = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_subject_escaped = sanitizeInput($row['ticket_subject']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT company_phone FROM companies WHERE company_id = 1");
|
||||
|
||||
$company_phone = formatPhoneNumber($row['company_phone']); // TODO: Check if this even works
|
||||
// Get Company Phone Number
|
||||
$sql = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Verify contact email is valid
|
||||
if (filter_var($contact_email_escaped, FILTER_VALIDATE_EMAIL)) {
|
||||
if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$email_custom_vars = array(
|
||||
"#TICKET_CONTACT_NAME#" => $contact_name,
|
||||
"#TICKET_PREFIX#" => $ticket_prefix,
|
||||
"#TICKET_NUMBER#" => $ticket_number,
|
||||
"#TICKET_URL#" => "https://$config_base_url/portal/ticket.php?id=$ticket_id",
|
||||
"#TICKET_SUBJECT#" => $ticket_subject,
|
||||
"#TICKET_PRIORITY#" => $ticket_priority,
|
||||
"#TICKET_STATUS#" => $ticket_status,
|
||||
"#TICKET_CATEGORY#" => $ticket_category,
|
||||
"#TICKET_AGENT#", // todo
|
||||
"#TICKET_COMPANY_NAME#" => $session_company_name,
|
||||
"#TICKET_COMPANY_EMAIL" => $config_ticket_from_email,
|
||||
);
|
||||
$ticket_subject_base = "Ticket created - [#TICKET_PREFIX##TICKET_NUMBER#] - #TICKET_SUBJECT#"; // Eventually this will come from the DB instead
|
||||
$subject = "Ticket created [$ticket_prefix$ticket_number] - $ticket_subject";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>A ticket regarding \"$ticket_subject\" has been created for you.<br><br>--------------------------------<br>$ticket_details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
foreach ($email_custom_vars as $key => $item) {
|
||||
$ticket_subject_base = str_replace($key, $item, $ticket_subject_base);
|
||||
}
|
||||
|
||||
$subject_escaped = mysqli_escape_string($mysqli, "$ticket_subject_base");
|
||||
$body_escaped = mysqli_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>A ticket regarding \"$ticket_subject\" has been created for you.<br><br>--------------------------------<br>$ticket_details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
|
||||
// Email Ticket Contact
|
||||
// Email Ticket Contact
|
||||
// Queue Mail
|
||||
$data = [
|
||||
[
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
]
|
||||
$data = [];
|
||||
|
||||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
// Also Email all the watchers
|
||||
$sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
|
||||
$body_escaped .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
$body .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
while ($row = mysqli_fetch_array($sql_watchers)) {
|
||||
$watcher_email_escaped = sanitizeInput($row['watcher_email']);
|
||||
$watcher_email = sanitizeInput($row['watcher_email']);
|
||||
|
||||
// Queue Mail
|
||||
$data = [
|
||||
[
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $watcher_email_escaped,
|
||||
'recipient_name' => $watcher_email_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
]
|
||||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $watcher_email,
|
||||
'recipient_name' => $watcher_email,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
}
|
||||
addToMailQueue($mysqli, $data);
|
||||
}
|
||||
}
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = '$session_name created ticket $config_ticket_prefix_escaped$ticket_number - $ticket_subject_escaped', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = '$session_name created ticket $config_ticket_prefix$ticket_number - $ticket_subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Ticket <strong>$config_ticket_prefix$ticket_number</strong> created";
|
||||
$_SESSION['alert_message'] = "You created Ticket $ticket_subject <strong>$config_ticket_prefix$ticket_number</strong>";
|
||||
|
||||
header("Location: ticket.php?ticket_id=" . $ticket_id);
|
||||
|
||||
|
|
@ -375,17 +354,11 @@ if (isset($_POST['assign_ticket'])) {
|
|||
$agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND user_settings.user_role > 1");
|
||||
$agent_details = mysqli_fetch_array($agent_details_sql);
|
||||
|
||||
//Unescaped
|
||||
$agent_name = $agent_details['user_name'];
|
||||
$agent_email = $agent_details['user_email'];
|
||||
$agent_name = sanitizeInput($agent_details['user_name']);
|
||||
$agent_email = sanitizeInput($agent_details['user_email']);
|
||||
$ticket_reply = "Ticket re-assigned to $agent_name.";
|
||||
|
||||
// Escaped
|
||||
$agent_name_escaped = sanitizeInput($agent_details['user_name']);
|
||||
$agent_email_escaped = sanitizeInput($agent_details['user_email']);
|
||||
$ticket_reply_escaped = mysqli_real_escape_string($mysqli, "Ticket re-assigned to $agent_name.");
|
||||
|
||||
if (!$agent_name_escaped) {
|
||||
if (!$agent_name) {
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Invalid agent!";
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
|
@ -397,17 +370,12 @@ if (isset($_POST['assign_ticket'])) {
|
|||
$ticket_details_sql = mysqli_query($mysqli, "SELECT ticket_prefix, ticket_number, ticket_subject, ticket_client_id FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_status != 'Closed'");
|
||||
$ticket_details = mysqli_fetch_array($ticket_details_sql);
|
||||
|
||||
//Unescaped
|
||||
$ticket_prefix = $ticket_details['ticket_prefix'];
|
||||
$ticket_subject = $ticket_details['ticket_subject'];
|
||||
|
||||
//Escaped
|
||||
$ticket_prefix_escaped = sanitizeInput($ticket_details['ticket_prefix']);
|
||||
$ticket_prefix = sanitizeInput($ticket_details['ticket_prefix']);
|
||||
$ticket_number = intval($ticket_details['ticket_number']);
|
||||
$ticket_subject_escaped = sanitizeInput($ticket_details['ticket_subject']);
|
||||
$ticket_subject = sanitizeInput($ticket_details['ticket_subject']);
|
||||
$client_id = intval($ticket_details['ticket_client_id']);
|
||||
|
||||
if (!$ticket_subject_escaped) {
|
||||
if (!$ticket_subject) {
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Invalid ticket!";
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
|
@ -417,27 +385,28 @@ if (isset($_POST['assign_ticket'])) {
|
|||
// Update ticket & insert reply
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_assigned_to = $assigned_to, ticket_status = '$ticket_status' WHERE ticket_id = $ticket_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply_escaped', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Edit', log_description = '$session_name reassigned ticket $ticket_prefix_escaped$ticket_number - $ticket_subject_escaped to $agent_name_escaped', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Edit', log_description = '$session_name reassigned ticket $ticket_prefix$ticket_number - $ticket_subject to $agent_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
|
||||
|
||||
// Notification
|
||||
if ($session_user_id != $assigned_to && $assigned_to != 0) {
|
||||
|
||||
// App Notification
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = 'Ticket $ticket_prefix_escaped$ticket_number - Subject: $ticket_subject_escaped has been assigned to you by $session_name', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $assigned_to");
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = 'Ticket $ticket_prefix$ticket_number - Subject: $ticket_subject has been assigned to you by $session_name', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $assigned_to");
|
||||
|
||||
// Email Notification
|
||||
if (!empty($config_smtp_host)) {
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$company_name = sanitizeInput($session_company_name);
|
||||
|
||||
$subject_escaped = mysqli_escape_string($mysqli, "$config_app_name ticket $ticket_prefix$ticket_number assigned to you");
|
||||
$body_escaped = mysqli_escape_string($mysqli, "Hi $agent_name, <br><br>A ticket has been assigned to you!<br><br>Ticket Number: $ticket_prefix$ticket_number<br> Subject: $ticket_subject <br><br>Thanks, <br>$session_name<br>$session_company_name");
|
||||
$subject = "$config_app_name - ticket $ticket_prefix$ticket_number assigned to you";
|
||||
$body = "Hi $agent_name, <br><br>A ticket has been assigned to you!<br><br>Ticket Number: $ticket_prefix$ticket_number<br> Subject: $ticket_subject <br><br>Thanks, <br>$session_name<br>$company_name";
|
||||
|
||||
// Email Ticket Agent
|
||||
// Queue Mail
|
||||
|
|
@ -445,10 +414,10 @@ if (isset($_POST['assign_ticket'])) {
|
|||
[
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $agent_email_escaped,
|
||||
'recipient_name' => $agent_name_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
'recipient' => $agent_email,
|
||||
'recipient_name' => $agent_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body,
|
||||
]
|
||||
];
|
||||
addToMailQueue($mysqli, $data);
|
||||
|
|
@ -497,15 +466,403 @@ if (isset($_GET['delete_ticket'])) {
|
|||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_assign_ticket'])) {
|
||||
|
||||
// Role check
|
||||
validateTechRole();
|
||||
|
||||
// POST variables
|
||||
$assign_to = intval($_POST['assign_to']);
|
||||
|
||||
// Get a Ticket Count
|
||||
$ticket_count = count($_POST['ticket_ids']);
|
||||
|
||||
// Assign Tech to Selected Tickets
|
||||
if (!empty($_POST['ticket_ids'])) {
|
||||
foreach($_POST['ticket_ids'] as $ticket_id) {
|
||||
$ticket_id = intval($ticket_id);
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = $ticket_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_status = sanitizeInput($row['ticket_status']);
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
|
||||
if($ticket_status == 'Pending-Assignment' && $assign_to > 0){
|
||||
$ticket_status = 'Assigned';
|
||||
}
|
||||
|
||||
// Allow for un-assigning tickets
|
||||
if ($assign_to == 0) {
|
||||
$ticket_reply = "Ticket unassigned, pending re-assignment.";
|
||||
$agent_name = "No One";
|
||||
$ticket_status = "Pending-Assignment";
|
||||
} else {
|
||||
// Get & verify assigned agent details
|
||||
$agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to AND user_settings.user_role > 1");
|
||||
$agent_details = mysqli_fetch_array($agent_details_sql);
|
||||
|
||||
$agent_name = sanitizeInput($agent_details['user_name']);
|
||||
$agent_email = sanitizeInput($agent_details['user_email']);
|
||||
$ticket_reply = "Ticket re-assigned to $agent_name.";
|
||||
|
||||
if (!$agent_name) {
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Invalid agent!";
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
// Update ticket & insert reply
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_assigned_to = $assign_to, ticket_status = '$ticket_status' WHERE ticket_id = $ticket_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Edit', log_description = '$session_name reassigned ticket $ticket_prefix$ticket_number - $ticket_subject to $agent_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
|
||||
$tickets_assigned_body .= "$ticket_prefix$ticket_number - $ticket_subject<br>";
|
||||
|
||||
} // End For Each Ticket ID Loop
|
||||
|
||||
// Notification
|
||||
if ($session_user_id != $assign_to && $assign_to != 0) {
|
||||
|
||||
// App Notification
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$ticket_count Tickets have been assigned to you by $session_name', notification_action = 'tickets.php?status=Open&assigned=$assign_to', notification_client_id = $client_id, notification_user_id = $assign_to");
|
||||
|
||||
// Agent Email Notification
|
||||
if (!empty($config_smtp_host)) {
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$company_name = sanitizeInput($session_company_name);
|
||||
|
||||
$subject = "$config_app_name - $ticket_count tickets have been assigned to you";
|
||||
$body = "Hi $agent_name, <br><br>$session_name assigned $ticket_count tickets to you!<br><br>$tickets_assigned_body<br>Thanks, <br>$session_name<br>$company_name";
|
||||
|
||||
// Email Ticket Agent
|
||||
// Queue Mail
|
||||
$data = [
|
||||
[
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $agent_email,
|
||||
'recipient_name' => $agent_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body,
|
||||
]
|
||||
];
|
||||
addToMailQueue($mysqli, $data);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
$_SESSION['alert_message'] = "You assigned <b>$ticket_count</b> Tickets to <b>$agent_name</b>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_edit_ticket_priority'])) {
|
||||
|
||||
// Role check
|
||||
validateTechRole();
|
||||
|
||||
// POST variables
|
||||
$priority = sanitizeInput($_POST['bulk_priority']);
|
||||
|
||||
// Get a Ticket Count
|
||||
$ticket_count = count($_POST['ticket_ids']);
|
||||
|
||||
// Assign Tech to Selected Tickets
|
||||
if (!empty($_POST['ticket_ids'])) {
|
||||
foreach($_POST['ticket_ids'] as $ticket_id) {
|
||||
$ticket_id = intval($ticket_id);
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = $ticket_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_status = sanitizeInput($row['ticket_status']);
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$current_ticket_priority = sanitizeInput($row['ticket_priority']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
|
||||
// Update ticket & insert reply
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_priority = '$priority' WHERE ticket_id = $ticket_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$session_name updated the priority from $current_ticket_priority to $priority', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Edit', log_description = '$session_name updated the priority on ticket $ticket_prefix$ticket_number - $ticket_subject from $current_ticket_priority to $priority', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
|
||||
} // End For Each Ticket ID Loop
|
||||
}
|
||||
|
||||
$_SESSION['alert_message'] = "You updated the priority for <b>$ticket_count</b> Tickets to <b>$priority</b>";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_close_tickets'])) {
|
||||
|
||||
// Role check
|
||||
validateTechRole();
|
||||
|
||||
// POST variables
|
||||
$details = mysqli_escape_string($mysqli, $_POST['bulk_details']);
|
||||
$private_note = intval($_POST['bulk_private_note']);
|
||||
if($private_note == 1){
|
||||
$ticket_reply_type = 'Internal';
|
||||
} else {
|
||||
$ticket_reply_type = 'Public';
|
||||
}
|
||||
|
||||
// Get a Ticket Count
|
||||
$ticket_count = count($_POST['ticket_ids']);
|
||||
|
||||
// Assign Tech to Selected Tickets
|
||||
if (!empty($_POST['ticket_ids'])) {
|
||||
foreach($_POST['ticket_ids'] as $ticket_id) {
|
||||
$ticket_id = intval($ticket_id);
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = $ticket_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_status = sanitizeInput($row['ticket_status']);
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$current_ticket_priority = sanitizeInput($row['ticket_priority']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
|
||||
// Update ticket & insert reply
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_status = 'Closed' WHERE ticket_id = $ticket_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$details', ticket_reply_type = '$ticket_reply_type', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Close', log_description = '$session_name closed $ticket_prefix$ticket_number - $ticket_subject in a bulk action', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
|
||||
|
||||
// Client notification email
|
||||
if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1 && $private_note == 0) {
|
||||
|
||||
// Get Contact details
|
||||
$ticket_sql = mysqli_query($mysqli,"SELECT contact_name, contact_email FROM tickets
|
||||
LEFT JOIN contacts ON ticket_contact_id = contact_id
|
||||
WHERE ticket_id = $ticket_id
|
||||
");
|
||||
$row = mysqli_fetch_array($ticket_sql);
|
||||
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$from_name = sanitizeInput($config_ticket_from_name);
|
||||
$from_email = sanitizeInput($config_ticket_from_email);
|
||||
$base_url = sanitizeInput($config_base_url);
|
||||
|
||||
// Get Company Info
|
||||
$sql = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Check email valid
|
||||
if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$data = [];
|
||||
|
||||
$subject = "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)";
|
||||
$body = "Hello $contact_name,<br><br>Your ticket regarding \"$ticket_subject\" has been closed.<br><br>$details<br><br> We hope the issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Portal: https://$base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
// Email Ticket Contact
|
||||
// Queue Mail
|
||||
|
||||
$data[] = [
|
||||
'from' => $from_email,
|
||||
'from_name' => $from_name,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
// Also Email all the watchers
|
||||
$sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
|
||||
$body .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
while ($row = mysqli_fetch_array($sql_watchers)) {
|
||||
$watcher_email = sanitizeInput($row['watcher_email']);
|
||||
|
||||
// Queue Mail
|
||||
$data[] = [
|
||||
'from' => $from_email,
|
||||
'from_name' => $from_name,
|
||||
'recipient' => $watcher_email,
|
||||
'recipient_name' => $watcher_email,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
}
|
||||
}
|
||||
addToMailQueue($mysqli, $data);
|
||||
} // End Mail IF
|
||||
} // End Loop
|
||||
} // End Array Empty Check
|
||||
|
||||
$_SESSION['alert_message'] = "You closed <b>$ticket_count</b> Tickets";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['bulk_ticket_reply'])) {
|
||||
|
||||
// Role check
|
||||
validateTechRole();
|
||||
|
||||
// POST variables
|
||||
$ticket_reply = mysqli_escape_string($mysqli, $_POST['bulk_reply_details']);
|
||||
$ticket_status = sanitizeInput($_POST['bulk_status']);
|
||||
$private_note = intval($_POST['bulk_private_reply']);
|
||||
if($private_note == 1){
|
||||
$ticket_reply_type = 'Internal';
|
||||
} else {
|
||||
$ticket_reply_type = 'Public';
|
||||
}
|
||||
|
||||
// Get a Ticket Count
|
||||
$ticket_count = count($_POST['ticket_ids']);
|
||||
|
||||
// Loop Through Tickets and Add Reply along with Email notifications
|
||||
if (!empty($_POST['ticket_ids'])) {
|
||||
foreach($_POST['ticket_ids'] as $ticket_id) {
|
||||
$ticket_id = intval($ticket_id);
|
||||
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = $ticket_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$current_ticket_priority = sanitizeInput($row['ticket_priority']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
|
||||
// Add reply
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_time_worked = '00:01:00', ticket_reply_type = '$ticket_reply_type', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
|
||||
$ticket_reply_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Update Ticket Status
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_status = '$ticket_status' WHERE ticket_id = $ticket_id");
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Reply', log_action = 'Create', log_description = '$session_name replied to ticket $ticket_prefix$ticket_number - $ticket_subject and was a $ticket_reply_type reply', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_reply_id");
|
||||
|
||||
// Get Contact Details
|
||||
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_email, ticket_created_by, ticket_assigned_to
|
||||
FROM tickets
|
||||
LEFT JOIN contacts ON ticket_contact_id = contact_id
|
||||
WHERE ticket_id = $ticket_id"
|
||||
);
|
||||
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$ticket_created_by = intval($row['ticket_created_by']);
|
||||
$ticket_assigned_to = intval($row['ticket_assigned_to']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$from_name = sanitizeInput($config_ticket_from_name);
|
||||
$from_email = sanitizeInput($config_ticket_from_email);
|
||||
$base_url = sanitizeInput($config_base_url);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Send e-mail to client if public update & email is set up
|
||||
if ($private_note == 0 && !empty($config_smtp_host)) {
|
||||
|
||||
if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$subject = "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>Your ticket regarding $ticket_subject has been updated.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$from_email<br>$company_phone";
|
||||
|
||||
$data = [];
|
||||
|
||||
// Email Ticket Contact
|
||||
// Queue Mail
|
||||
$data[] = [
|
||||
'from' => $from_email,
|
||||
'from_name' => $from_name,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
// Also Email all the watchers
|
||||
$sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
|
||||
$body .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
while ($row = mysqli_fetch_array($sql_watchers)) {
|
||||
$watcher_email = sanitizeInput($row['watcher_email']);
|
||||
|
||||
// Queue Mail
|
||||
$data[] = [
|
||||
'from' => $from_email,
|
||||
'from_name' => $from_name,
|
||||
'recipient' => $watcher_email,
|
||||
'recipient_name' => $watcher_email,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
}
|
||||
}
|
||||
addToMailQueue($mysqli, $data);
|
||||
} //End Mail IF
|
||||
|
||||
// Notification for assigned ticket user
|
||||
if ($session_user_id != $ticket_assigned_to && $ticket_assigned_to != 0) {
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$session_name updated Ticket $ticket_prefix$ticket_number - Subject: $ticket_subject that is assigned to you', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $ticket_assigned_to");
|
||||
}
|
||||
|
||||
// Notification for user that opened the ticket
|
||||
if ($session_user_id != $ticket_created_by && $ticket_created_by != 0) {
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$session_name updated Ticket $ticket_prefix$ticket_number - Subject: $ticket_subject that you opened', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $ticket_created_by");
|
||||
}
|
||||
|
||||
} // End Ticket Lopp
|
||||
|
||||
}
|
||||
|
||||
$_SESSION['alert_message'] = "You updated <b>$ticket_count</b> tickets";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['add_ticket_reply'])) {
|
||||
|
||||
validateTechRole();
|
||||
|
||||
$ticket_id = intval($_POST['ticket_id']);
|
||||
$ticket_reply_escaped = mysqli_real_escape_string($mysqli,$_POST['ticket_reply']);
|
||||
$ticket_reply = $_POST['ticket_reply'];
|
||||
$ticket_status_escaped = sanitizeInput($_POST['status']);
|
||||
$ticket_status = $_POST['status'];
|
||||
$ticket_reply = mysqli_real_escape_string($mysqli,$_POST['ticket_reply']);
|
||||
$ticket_status = sanitizeInput($_POST['status']);
|
||||
// Handle the time inputs for hours, minutes, and seconds
|
||||
$hours = intval($_POST['hours']);
|
||||
$minutes = intval($_POST['minutes']);
|
||||
|
|
@ -515,8 +872,7 @@ if (isset($_POST['add_ticket_reply'])) {
|
|||
//exit;
|
||||
|
||||
// Combine into a single time string
|
||||
$ticket_reply_time_worked = sprintf("%02d:%02d:%02d", $hours, $minutes, $seconds);
|
||||
$ticket_reply_time_worked_escaped = sanitizeInput($ticket_reply_time_worked);
|
||||
$ticket_reply_time_worked = sanitizeInput(sprintf("%02d:%02d:%02d", $hours, $minutes, $seconds));
|
||||
|
||||
$client_id = intval($_POST['client_id']);
|
||||
|
||||
|
|
@ -527,12 +883,12 @@ if (isset($_POST['add_ticket_reply'])) {
|
|||
}
|
||||
|
||||
// Add reply
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply_escaped', ticket_reply_time_worked = '$ticket_reply_time_worked_escaped', ticket_reply_type = '$ticket_reply_type', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id") or die(mysqli_error($mysqli));
|
||||
mysqli_query($mysqli,"INSERT INTO ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_time_worked = '$ticket_reply_time_worked', ticket_reply_type = '$ticket_reply_type', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id");
|
||||
|
||||
$ticket_reply_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Update Ticket Last Response Field
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_status = '$ticket_status_escaped' WHERE ticket_id = $ticket_id") or die(mysqli_error($mysqli));
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_status = '$ticket_status' WHERE ticket_id = $ticket_id");
|
||||
|
||||
if ($ticket_status == 'Closed') {
|
||||
mysqli_query($mysqli,"UPDATE tickets SET ticket_closed_at = NOW() WHERE ticket_id = $ticket_id");
|
||||
|
|
@ -548,47 +904,43 @@ if (isset($_POST['add_ticket_reply'])) {
|
|||
|
||||
$row = mysqli_fetch_array($ticket_sql);
|
||||
|
||||
// Unescaped Content used for email body and subject because it will get escaped as a whole
|
||||
$contact_name = $row['contact_name'];
|
||||
$ticket_prefix = $row['ticket_prefix'];
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_subject = $row['ticket_subject'];
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
$ticket_created_by = intval($row['ticket_created_by']);
|
||||
$ticket_assigned_to = intval($row['ticket_assigned_to']);
|
||||
|
||||
// Escaped content used for everything else except email subject and body
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix_escaped = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_subject_escaped = sanitizeInput($row['ticket_subject']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT company_phone FROM companies WHERE company_id = 1");
|
||||
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
$sql = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Send e-mail to client if public update & email is set up
|
||||
if ($ticket_reply_type == 'Public' && !empty($config_smtp_host)) {
|
||||
|
||||
if (filter_var($contact_email_escaped, FILTER_VALIDATE_EMAIL)) {
|
||||
if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
// Slightly different email subject/text depending on if this update closed the ticket or not
|
||||
|
||||
if ($ticket_status == 'Closed') {
|
||||
$subject_escaped = mysqli_escape_string($mysqli, "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)");
|
||||
$body_escaped = mysqli_escape_string($mysqli, "Hello, $contact_name<br><br>Your ticket regarding $ticket_subject has been closed.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>We hope the issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject = "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)";
|
||||
$body = "Hello $contact_name,<br><br>Your ticket regarding $ticket_subject has been closed.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>We hope the issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
} elseif ($ticket_status == 'Auto Close') {
|
||||
$subject_escaped = mysqli_escape_string($mysqli, "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)");
|
||||
$body_escaped = mysqli_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>Your ticket regarding $ticket_subject has been updated and is pending closure.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>If your issue is resolved, you can ignore this email. If you need further assistance, please respond! <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject = "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>Your ticket regarding $ticket_subject has been updated and is pending closure.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>If your issue is resolved, you can ignore this email. If you need further assistance, please respond! <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
} else {
|
||||
$subject_escaped = mysqli_escape_string($mysqli, "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject");
|
||||
$body_escaped = mysqli_escape_string($mysqli, "<i style='color: #808080'>##- Please type your reply above this line -##</i><br><br>Hello, $contact_name<br><br>Your ticket regarding $ticket_subject has been updated.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject = "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject";
|
||||
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>Your ticket regarding $ticket_subject has been updated.<br><br>--------------------------------<br>$ticket_reply<br>--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -599,27 +951,28 @@ if (isset($_POST['add_ticket_reply'])) {
|
|||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
// Also Email all the watchers
|
||||
$sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
|
||||
$body_escaped .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
$body .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
while ($row = mysqli_fetch_array($sql_watchers)) {
|
||||
$watcher_email_escaped = sanitizeInput($row['watcher_email']);
|
||||
$watcher_email = sanitizeInput($row['watcher_email']);
|
||||
|
||||
// Queue Mail
|
||||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $watcher_email_escaped,
|
||||
'recipient_name' => $watcher_email_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
'recipient' => $watcher_email,
|
||||
'recipient_name' => $watcher_email,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
}
|
||||
addToMailQueue($mysqli, $data);
|
||||
}
|
||||
|
|
@ -629,17 +982,17 @@ if (isset($_POST['add_ticket_reply'])) {
|
|||
// Notification for assigned ticket user
|
||||
if ($session_user_id != $ticket_assigned_to && $ticket_assigned_to != 0) {
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$session_name updated Ticket $ticket_prefix_escaped$ticket_number - Subject: $ticket_subject_escaped that is assigned to you', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $ticket_assigned_to");
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$session_name updated Ticket $ticket_prefix$ticket_number - Subject: $ticket_subject that is assigned to you', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $ticket_assigned_to");
|
||||
}
|
||||
|
||||
// Notification for user that opened the ticket
|
||||
if ($session_user_id != $ticket_created_by && $ticket_created_by != 0) {
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$session_name updated Ticket $ticket_prefix_escaped$ticket_number - Subject: $ticket_subject_escaped that you opened', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $ticket_created_by");
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Ticket', notification = '$session_name updated Ticket $ticket_prefix$ticket_number - Subject: $ticket_subject that you opened', notification_action = 'ticket.php?ticket_id=$ticket_id', notification_client_id = $client_id, notification_user_id = $ticket_created_by");
|
||||
}
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Reply', log_action = 'Create', log_description = '$session_name replied to ticket $ticket_prefix_escaped$ticket_number - $ticket_subject_escaped and was a $ticket_reply_type reply', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_reply_id");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Reply', log_action = 'Create', log_description = '$session_name replied to ticket $ticket_prefix$ticket_number - $ticket_subject and was a $ticket_reply_type reply', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_reply_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Ticket <strong>$ticket_prefix$ticket_number</strong> has been updated with your reply and was <strong>$ticket_reply_type</strong>";
|
||||
|
||||
|
|
@ -787,37 +1140,34 @@ if (isset($_GET['close_ticket'])) {
|
|||
");
|
||||
$row = mysqli_fetch_array($ticket_sql);
|
||||
|
||||
// Unescaped Content used for email body and subject because it will get escaped as a whole
|
||||
$contact_name = $row['contact_name'];
|
||||
$ticket_prefix = $row['ticket_prefix'];
|
||||
$contact_name = sanitizeInput($row['contact_name']);
|
||||
$contact_email = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_subject = $row['ticket_subject'];
|
||||
$ticket_details = $row['ticket_details'];
|
||||
$ticket_subject = sanitizeInput($row['ticket_subject']);
|
||||
$ticket_details = sanitizeInput($row['ticket_details']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
$ticket_created_by = intval($row['ticket_created_by']);
|
||||
$ticket_assigned_to = intval($row['ticket_assigned_to']);
|
||||
|
||||
// Escaped content used for everything else except email subject and body
|
||||
$contact_name_escaped = sanitizeInput($row['contact_name']);
|
||||
$contact_email_escaped = sanitizeInput($row['contact_email']);
|
||||
$ticket_prefix_escaped = sanitizeInput($row['ticket_prefix']);
|
||||
$ticket_subject_escaped = sanitizeInput($row['ticket_subject']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email);
|
||||
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT company_phone FROM companies WHERE company_id = 1");
|
||||
|
||||
$company_phone = formatPhoneNumber($row['company_phone']);
|
||||
// Get Company Info
|
||||
$sql = mysqli_query($mysqli,"SELECT company_name, company_phone FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
|
||||
|
||||
// Check email valid
|
||||
if (filter_var($contact_email_escaped, FILTER_VALIDATE_EMAIL)) {
|
||||
if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$data = [];
|
||||
|
||||
$subject_escaped = mysqli_escape_string($mysqli, "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)");
|
||||
$body_escaped = mysqli_escape_string($mysqli, "Hello, $contact_name<br><br>Your ticket regarding \"$ticket_subject\" has been closed. <br><br> We hope the issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone");
|
||||
$subject = "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)";
|
||||
$body = "Hello $contact_name,<br><br>Your ticket regarding \"$ticket_subject\" has been closed. <br><br> We hope the issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email. <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id<br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
|
||||
|
||||
// Email Ticket Contact
|
||||
// Queue Mail
|
||||
|
|
@ -825,31 +1175,29 @@ if (isset($_GET['close_ticket'])) {
|
|||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $contact_email_escaped,
|
||||
'recipient_name' => $contact_name_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
'recipient' => $contact_email,
|
||||
'recipient_name' => $contact_name,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
|
||||
// Also Email all the watchers
|
||||
$sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
|
||||
$body_escaped .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
$body .= "<br><br>----------------------------------------<br>DO NOT REPLY - YOU ARE RECEIVING THIS EMAIL BECAUSE YOU ARE A WATCHER";
|
||||
while ($row = mysqli_fetch_array($sql_watchers)) {
|
||||
$watcher_email_escaped = sanitizeInput($row['watcher_email']);
|
||||
$watcher_email = sanitizeInput($row['watcher_email']);
|
||||
|
||||
// Queue Mail
|
||||
$data[] = [
|
||||
'from' => $config_ticket_from_email,
|
||||
'from_name' => $config_ticket_from_name,
|
||||
'recipient' => $watcher_email_escaped,
|
||||
'recipient_name' => $watcher_email_escaped,
|
||||
'subject' => $subject_escaped,
|
||||
'body' => $body_escaped,
|
||||
'recipient' => $watcher_email,
|
||||
'recipient_name' => $watcher_email,
|
||||
'subject' => $subject,
|
||||
'body' => $body
|
||||
];
|
||||
}
|
||||
|
||||
addToMailQueue($mysqli, $data);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ if (isset($_POST['add_user'])) {
|
|||
|
||||
require_once 'post/user_model.php';
|
||||
|
||||
|
||||
validateAdminRole();
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
|
|
@ -47,11 +46,24 @@ if (isset($_POST['add_user'])) {
|
|||
// Create Settings
|
||||
mysqli_query($mysqli, "INSERT INTO user_settings SET user_id = $user_id, user_role = $role, user_config_force_mfa = $force_mfa");
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_name = sanitizeInput($row['company_name']);
|
||||
|
||||
// Sanitize Config vars from get_settings.php
|
||||
$config_mail_from_name = sanitizeInput($config_mail_from_name);
|
||||
$config_mail_from_email = sanitizeInput($config_mail_from_email);
|
||||
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
|
||||
$config_login_key_secret = mysqli_real_escape_string($mysqli, $config_login_key_secret);
|
||||
$config_base_url = sanitizeInput($config_base_url);
|
||||
|
||||
// Send user e-mail, if specified
|
||||
if (isset($_POST['send_email']) && !empty($config_smtp_host) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
|
||||
$subject = "Your new $session_company_name ITFlow account";
|
||||
$body = "Hello, $name<br><br>An ITFlow account has been setup for you. Please change your password upon login. <br><br>Username: $email <br>Password: $_POST[password]<br>Login URL: https://$config_base_url/login.php?key=$config_login_key_secret<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email";
|
||||
$password = mysqli_real_escape_string($mysqli, $_POST['password']);
|
||||
|
||||
$subject = "Your new $company_name ITFlow account";
|
||||
$body = "Hello $name,<br><br>An ITFlow account has been setup for you. Please change your password upon login. <br><br>Username: $email <br>Password: $password<br>Login URL: https://$config_base_url/login.php?key=$config_login_key_secret<br><br>--<br>$company_name - Support<br>$config_ticket_from_email";
|
||||
|
||||
$data = [
|
||||
[
|
||||
|
|
|
|||
|
|
@ -50,9 +50,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
<div class="col-md-8">
|
||||
|
||||
<div class="dropdown float-right" id="multiActionButton" hidden>
|
||||
<button class="btn btn-default dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-list mr-2"></i>Selected (<span id="selectedCount">0</span>)
|
||||
<div class="dropdown float-right" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<button class="dropdown-item text-danger text-bold"
|
||||
|
|
@ -69,11 +69,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
|
||||
<div class="table-responsive-sm">
|
||||
|
||||
<form id="multi_actions" action="post.php" method="post">
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
|
||||
|
||||
<table class="table table-striped table-borderless table-hover">
|
||||
<thead class="<?php if ($num_rows[0] == 0) {
|
||||
<thead class="<?php if (!$num_rows[0]) {
|
||||
echo "d-none";
|
||||
} ?>">
|
||||
<tr>
|
||||
|
|
@ -108,7 +108,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
<tr>
|
||||
<td class="pr-0">
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" type="checkbox" name="scheduled_ticket_ids[]" value="<?php echo $scheduled_ticket_id ?>">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="scheduled_ticket_ids[]" value="<?php echo $scheduled_ticket_id ?>">
|
||||
</div>
|
||||
</td>
|
||||
|
||||
|
|
@ -167,7 +167,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|||
</div>
|
||||
|
||||
<script src="js/scheduled_tickets_edit_modal.js"></script>
|
||||
<script src="js/multi_actions.js"></script>
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
require_once "scheduled_ticket_add_modal.php";
|
||||
|
|
|
|||
|
|
@ -21,10 +21,10 @@ require_once "inc_all_settings.php";
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<?php if ($config_stripe_enable == 1) { ?>
|
||||
<div class="<?php if ($config_stripe_enable == 0) { echo "d-none"; } ?>">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Publishable</label>
|
||||
<label>Publishable key</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
|
||||
|
|
@ -34,7 +34,7 @@ require_once "inc_all_settings.php";
|
|||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Secret</label>
|
||||
<label>Secret key</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
|
||||
|
|
@ -44,12 +44,12 @@ require_once "inc_all_settings.php";
|
|||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Account</label>
|
||||
<label>Expense / Income Account</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fas fa-fw fa-piggy-bank"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="config_stripe_account" required>
|
||||
<select class="form-control select2" name="config_stripe_account">
|
||||
<option value="">- Account -</option>
|
||||
<?php
|
||||
$sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts LEFT JOIN account_types ON account_types.account_type_id = accounts.account_type WHERE account_type_parent = 1 AND account_archived_at IS NULL ORDER BY account_name ASC");
|
||||
|
|
@ -65,15 +65,88 @@ require_once "inc_all_settings.php";
|
|||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Client Pays Fees</label>
|
||||
<label>Percentage Fee</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="config_stripe_percentage_fee" placeholder="Enter Percentage" value="<?php echo $config_stripe_percentage_fee * 100; ?>">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Flat Fee</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="config_stripe_flat_fee" placeholder="0.030" value="<?php echo number_format($config_stripe_flat_fee, 2, '.', ''); ?>">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Client Pays Fees <small class="muted">(if disabled you may choose to expense the selected account)</small></label>
|
||||
<div class="custom-control custom-switch">
|
||||
<input type="checkbox" class="custom-control-input" name="config_stripe_client_pays_fees" <?php if ($config_stripe_client_pays_fees == 1) { echo "checked"; } ?> value="1" id="clientPaysFeesSwitch">
|
||||
<label class="custom-control-label" for="clientPaysFeesSwitch">Enable</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="<?php if ($config_stripe_client_pays_fees == 1) { echo "d-none"; } ?>">
|
||||
|
||||
<?php } ?>
|
||||
<div class="form-group">
|
||||
<label>Expense Vendor</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="config_stripe_expense_vendor">
|
||||
<option value="">- Do not Enable Account Expensure -</option>
|
||||
<?php
|
||||
|
||||
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_select)) {
|
||||
$vendor_id = intval($row['vendor_id']);
|
||||
$vendor_name = nullable_htmlentities($row['vendor_name']);
|
||||
?>
|
||||
<option <?php if ($config_stripe_expense_vendor == $vendor_id) { ?> selected <?php } ?> value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
|
||||
<?php
|
||||
}
|
||||
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Expense Category</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="config_stripe_expense_category">
|
||||
<option value="">- Do not Enable Account Expensure -</option>
|
||||
<?php
|
||||
|
||||
$sql_select = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL ORDER BY category_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_select)) {
|
||||
$category_id = intval($row['category_id']);
|
||||
$category_name = nullable_htmlentities($row['category_name']);
|
||||
?>
|
||||
<option <?php if ($config_stripe_expense_category == $category_id) { ?> selected <?php } ?> value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
|
||||
<?php
|
||||
}
|
||||
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<hr>
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ require_once "inc_all_settings.php";
|
|||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-life-ring"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="config_ticket_prefix" placeholder="Ticket Prefix" value="<?php echo nullable_htmlentities($config_ticket_prefix); ?>">
|
||||
<input type="text" class="form-control" name="config_ticket_prefix" placeholder="Ticket Prefix" value="<?php echo nullable_htmlentities($config_ticket_prefix); ?>" pattern="^[A-Za-z-]+$" title="Only letters and hyphens are allowed" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -378,7 +378,7 @@ if (isset($_GET['ticket_id'])) {
|
|||
<?php } ?>
|
||||
|
||||
<div class="col-md-2">
|
||||
<button type="submit" id="ticket_add_reply" name="add_ticket_reply" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Respond</button>
|
||||
<button type="submit" id="ticket_add_reply" name="add_ticket_reply" class="btn btn-primary text-bold"><i class="fas fa-paper-plane mr-2"></i>Respond</button>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Wather Email</label>
|
||||
<label>Watcher Email</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,46 @@
|
|||
<div class="modal" id="bulkAssignTicketModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-user-check mr-2"></i>Bulk Assigning Selected Tickets:</strong></h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Assign to</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user-check"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="assign_to">
|
||||
<option value="0">Not Assigned</option>
|
||||
<?php
|
||||
$sql_users_select = mysqli_query($mysqli, "SELECT * FROM users
|
||||
LEFT JOIN user_settings on users.user_id = user_settings.user_id
|
||||
WHERE user_role > 1
|
||||
AND user_archived_at IS NULL
|
||||
ORDER BY user_name DESC"
|
||||
);
|
||||
while ($row = mysqli_fetch_array($sql_users_select)) {
|
||||
$user_id_select = intval($row['user_id']);
|
||||
$user_name_select = nullable_htmlentities($row['user_name']);
|
||||
|
||||
?>
|
||||
<option value="<?php echo $user_id_select; ?>"><?php echo $user_name_select; ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_assign_ticket" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Bulk Assign</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
<div class="modal" id="bulkCloseTicketsModal" tabindex="-1">
|
||||
<div class="modal-dialog modal-lg">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fas fa-fw fa-gavel mr-2"></i>Closing Multiple Tickets</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<input type="hidden" name="bulk_private_note" value="0">
|
||||
|
||||
<div class="form-group">
|
||||
<textarea class="form-control tinymce" rows="5" name="bulk_details" placeholder="Enter closing remarks"></textarea>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="bulkPrivateCheckbox" name="bulk_private_note" value="1">
|
||||
<label class="custom-control-label" for="bulkPrivateCheckbox">Mark as a Private</label>
|
||||
<small class="form-text text-muted">If checked the contact and any watcher will not be informed</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_close_tickets" class="btn btn-primary text-bold"><i class="fas fa-gavel mr-2"></i>Close</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
<div class="modal" id="bulkEditPriorityTicketModal" tabindex="-1">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fa fa-fw fa-thermometer-half mr-2"></i>Bulk Editing Priority:</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Priority</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_priority">
|
||||
<option>Low</option>
|
||||
<option>Medium</option>
|
||||
<option>High</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_edit_ticket_priority" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
<div class="modal" id="bulkReplyTicketModal" tabindex="-1">
|
||||
<div class="modal-dialog modal-lg">
|
||||
<div class="modal-content bg-dark">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title"><i class="fas fa-fw fa-paper-plane mr-2"></i>Bulk Reply</h5>
|
||||
<button type="button" class="close text-white" data-dismiss="modal">
|
||||
<span>×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
<input type="hidden" name="bulk_private_reply" value="0">
|
||||
|
||||
<div class="input-group mb-3">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2" name="bulk_status">
|
||||
<option>In-Progress</option>
|
||||
<option>Pending-Client</option>
|
||||
<option>Pending-Vendor</option>
|
||||
<option>Pending-Shipment</option>
|
||||
<option>Scheduled</option>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<textarea class="form-control tinymce" rows="5" name="bulk_reply_details" placeholder="Type an update here"></textarea>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="bulkPrivateReplyCheckbox" name="bulk_private_reply" value="1">
|
||||
<label class="custom-control-label" for="bulkPrivateReplyCheckbox">Mark as a Private</label>
|
||||
<small class="form-text text-muted">If checked the contact and any watcher will not be informed</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="submit" name="bulk_ticket_reply" class="btn btn-primary text-bold"><i class="fas fa-paper-plane mr-2"></i>Reply</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
411
tickets.php
411
tickets.php
|
|
@ -102,11 +102,9 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']);
|
|||
</small>
|
||||
</h3>
|
||||
<div class='card-tools'>
|
||||
<div class="float-left">
|
||||
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal">
|
||||
<i class="fas fa-plus mr-2"></i>New Ticket
|
||||
</button>
|
||||
</div>
|
||||
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal">
|
||||
<i class="fas fa-plus mr-2"></i>New Ticket
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
|
|
@ -123,19 +121,45 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']);
|
|||
</div>
|
||||
</div>
|
||||
<div class="col-sm-8">
|
||||
<div class="btn-group btn-group-lg float-right">
|
||||
<button class="btn btn-outline-dark dropdown-toggle" style="border-top-right-radius: 0; border-bottom-right-radius: 0;" type="button" id="dropdownMenuButton"
|
||||
data-toggle="dropdown">
|
||||
<i class="fa fa-fw fa-envelope"></i> My Tickets
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="?status=Open&assigned=<?php echo $session_user_id ?>">Active tickets (<?php echo $user_active_assigned_tickets ?>)</a>
|
||||
<a class="dropdown-item " href="?status=Closed&assigned=<?php echo $session_user_id ?>">Closed tickets</a>
|
||||
<div class="btn-group float-right">
|
||||
<div class="btn-group">
|
||||
<button class="btn btn-outline-dark dropdown-toggle" id="dropdownMenuButton" data-toggle="dropdown">
|
||||
<i class="fa fa-fw fa-envelope mr-2"></i>My Tickets
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="?status=Open&assigned=<?php echo $session_user_id ?>">Active tickets (<?php echo $user_active_assigned_tickets ?>)</a>
|
||||
<a class="dropdown-item " href="?status=Closed&assigned=<?php echo $session_user_id ?>">Closed tickets</a>
|
||||
</div>
|
||||
</div>
|
||||
<a href="?assigned=unassigned" class="btn btn-outline-danger"><i class="fa fa-fw fa-exclamation-triangle"></i>
|
||||
Unassigned Tickets | <strong> <?php echo $total_tickets_unassigned; ?></strong></a>
|
||||
<!-- <a href="#" class="btn btn-outline-info"><i class="fa fa-fw fa-cogs"></i> Tasks</a>-->
|
||||
<a href="?assigned=unassigned" class="btn btn-outline-danger">
|
||||
<i class="fa fa-fw fa-exclamation-triangle mr-2"></i>Unassigned Tickets | <strong> <?php echo $total_tickets_unassigned; ?></strong>
|
||||
</a>
|
||||
|
||||
<div class="dropdown ml-2" id="bulkActionButton" hidden>
|
||||
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown">
|
||||
<i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
|
||||
</button>
|
||||
<div class="dropdown-menu">
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkAssignTicketModal">
|
||||
<i class="fas fa-fw fa-user-check mr-2"></i>Assign Tech
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkEditPriorityTicketModal">
|
||||
<i class="fas fa-fw fa-thermometer-half mr-2"></i>Update Priority
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkCloseTicketsModal">
|
||||
<i class="fas fa-fw fa-gavel mr-2"></i>Close
|
||||
</a>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#bulkReplyTicketModal">
|
||||
<i class="fas fa-fw fa-paper-plane mr-2"></i>Bulk Reply
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -235,196 +259,213 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']);
|
|||
</div>
|
||||
</form>
|
||||
<hr>
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table table-striped table-borderless table-hover">
|
||||
<thead class="text-dark <?php if ($num_rows[0] == 0) {
|
||||
echo "d-none";
|
||||
} ?>">
|
||||
<tr>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_number&order=<?php echo $disp; ?>">Number</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_subject&order=<?php echo $disp; ?>">Subject</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=client_name&order=<?php echo $disp; ?>">Client / Contact</a>
|
||||
</th>
|
||||
<?php if ($config_module_enable_accounting) {
|
||||
?>
|
||||
<th class="text-center"><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_billable&order=<?php echo $disp; ?>">Billable</a>
|
||||
<form id="bulkActions" action="post.php" method="post">
|
||||
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
|
||||
<div class="table-responsive-sm">
|
||||
<table class="table table-striped table-borderless table-hover">
|
||||
<thead class="text-dark <?php if (!$num_rows[0]) { echo "d-none"; } ?>">
|
||||
<tr>
|
||||
<td>
|
||||
<div class="form-check">
|
||||
<input class="form-check-input" id="selectAllCheckbox" type="checkbox" onclick="checkAll(this)">
|
||||
</div>
|
||||
</td>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_number&order=<?php echo $disp; ?>">Number</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_subject&order=<?php echo $disp; ?>">Subject</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=client_name&order=<?php echo $disp; ?>">Client / Contact</a>
|
||||
</th>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_priority&order=<?php echo $disp; ?>">Priority</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_status&order=<?php echo $disp; ?>">Status</a>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=user_name&order=<?php echo $disp; ?>">Assigned</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_updated_at&order=<?php echo $disp; ?>">Last Response</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_created_at&order=<?php echo $disp; ?>">Created</a>
|
||||
</th>
|
||||
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$ticket_id = intval($row['ticket_id']);
|
||||
$ticket_prefix = nullable_htmlentities($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_subject = nullable_htmlentities($row['ticket_subject']);
|
||||
$ticket_priority = nullable_htmlentities($row['ticket_priority']);
|
||||
$ticket_status = nullable_htmlentities($row['ticket_status']);
|
||||
$ticket_billable = intval($row['ticket_billable']);
|
||||
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
|
||||
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
|
||||
$ticket_created_at_time_ago = timeAgo($row['ticket_created_at']);
|
||||
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
|
||||
$ticket_updated_at_time_ago = timeAgo($row['ticket_updated_at']);
|
||||
if (empty($ticket_updated_at)) {
|
||||
if ($ticket_status == "Closed") {
|
||||
$ticket_updated_at_display = "<p>Never</p>";
|
||||
} else {
|
||||
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
|
||||
}
|
||||
} else {
|
||||
$ticket_updated_at_display = "$ticket_updated_at_time_ago<br><small class='text-secondary'>$ticket_updated_at</small>";
|
||||
}
|
||||
$ticket_closed_at = nullable_htmlentities($row['ticket_closed_at']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
$client_name = nullable_htmlentities($row['client_name']);
|
||||
$contact_id = intval($row['ticket_contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
$contact_title = nullable_htmlentities($row['contact_title']);
|
||||
$contact_email = nullable_htmlentities($row['contact_email']);
|
||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
||||
$contact_extension = nullable_htmlentities($row['contact_extension']);
|
||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
||||
if ($ticket_status == "Pending-Assignment") {
|
||||
$ticket_status_color = "danger";
|
||||
} elseif ($ticket_status == "Assigned") {
|
||||
$ticket_status_color = "primary";
|
||||
} elseif ($ticket_status == "In-Progress") {
|
||||
$ticket_status_color = "success";
|
||||
} elseif ($ticket_status == "Closed") {
|
||||
$ticket_status_color = "dark";
|
||||
} elseif ($ticket_status == "Auto Close") {
|
||||
$ticket_status_color = "dark";
|
||||
} elseif ($ticket_status == "Client-Replied") {
|
||||
$ticket_status_color = "warning";
|
||||
} else{
|
||||
$ticket_status_color = "secondary";
|
||||
}
|
||||
|
||||
if ($ticket_priority == "High") {
|
||||
$ticket_priority_color = "danger";
|
||||
} elseif ($ticket_priority == "Medium") {
|
||||
$ticket_priority_color = "warning";
|
||||
} else{
|
||||
$ticket_priority_color = "info";
|
||||
}
|
||||
$ticket_assigned_to = intval($row['ticket_assigned_to']);
|
||||
if (empty($ticket_assigned_to)) {
|
||||
if ($ticket_status == "Closed") {
|
||||
$ticket_assigned_to_display = "<p>Not Assigned</p>";
|
||||
} else {
|
||||
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
|
||||
}
|
||||
} else {
|
||||
$ticket_assigned_to_display = nullable_htmlentities($row['user_name']);
|
||||
}
|
||||
|
||||
if (empty($contact_name)) {
|
||||
$contact_display = "-";
|
||||
} else {
|
||||
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
|
||||
}
|
||||
|
||||
$asset_id = intval($row['ticket_asset_id']);
|
||||
$vendor_id = intval($row['ticket_vendor_id']);
|
||||
|
||||
?>
|
||||
|
||||
<tr class="<?php if(empty($ticket_updated_at)) { echo "text-bold"; }?>">
|
||||
<td>
|
||||
<a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>">
|
||||
<span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span>
|
||||
</a>
|
||||
</td>
|
||||
<td>
|
||||
<a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a>
|
||||
</td>
|
||||
<td>
|
||||
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>"><strong><?php echo $client_name; ?></strong></a>
|
||||
|
||||
<div class="mt-1"><?php echo $contact_display; ?></div>
|
||||
</td>
|
||||
<?php if ($config_module_enable_accounting) {
|
||||
?>
|
||||
<td class="text-center">
|
||||
<a href="#" data-toggle="modal" data-target="#editTicketBillableModal<?php echo $ticket_id; ?>">
|
||||
?>
|
||||
<th class="text-center"><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_billable&order=<?php echo $disp; ?>">Billable</a>
|
||||
</th>
|
||||
<?php
|
||||
if ($ticket_billable == 1) {
|
||||
echo "<span class='badge badge-pill badge-success'>$</span>";
|
||||
} else {
|
||||
echo "<span class='badge badge-pill badge-secondary'>X</span>";
|
||||
}
|
||||
?></td>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
<td><a href="#" data-toggle="modal" data-target="#editTicketPriorityModal<?php echo $ticket_id; ?>"><span class='p-2 badge badge-pill badge-<?php echo $ticket_priority_color; ?>'><?php echo $ticket_priority; ?></span></a></td>
|
||||
<td><span class='p-2 badge badge-pill badge-<?php echo $ticket_status_color; ?>'><?php echo $ticket_status; ?></span></td>
|
||||
<td><a href="#" data-toggle="modal" data-target="#assignTicketModal<?php echo $ticket_id; ?>"><?php echo $ticket_assigned_to_display; ?></a></td>
|
||||
<td><?php echo $ticket_updated_at_display; ?></td>
|
||||
<td>
|
||||
<?php echo $ticket_created_at_time_ago; ?>
|
||||
<br>
|
||||
<small class="text-secondary"><?php echo $ticket_created_at; ?></small>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_priority&order=<?php echo $disp; ?>">Priority</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_status&order=<?php echo $disp; ?>">Status</a>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=user_name&order=<?php echo $disp; ?>">Assigned</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_updated_at&order=<?php echo $disp; ?>">Last Response</a>
|
||||
</th>
|
||||
<th><a class="text-dark"
|
||||
href="?<?php echo $url_query_strings_sort; ?>&sort=ticket_created_at&order=<?php echo $disp; ?>">Created</a>
|
||||
</th>
|
||||
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
|
||||
if ($ticket_status !== "Closed") {
|
||||
// Temp performance boost for closed tickets, until we move to dynamic modals
|
||||
while ($row = mysqli_fetch_array($sql)) {
|
||||
$ticket_id = intval($row['ticket_id']);
|
||||
$ticket_prefix = nullable_htmlentities($row['ticket_prefix']);
|
||||
$ticket_number = intval($row['ticket_number']);
|
||||
$ticket_subject = nullable_htmlentities($row['ticket_subject']);
|
||||
$ticket_priority = nullable_htmlentities($row['ticket_priority']);
|
||||
$ticket_status = nullable_htmlentities($row['ticket_status']);
|
||||
$ticket_billable = intval($row['ticket_billable']);
|
||||
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
|
||||
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
|
||||
$ticket_created_at_time_ago = timeAgo($row['ticket_created_at']);
|
||||
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
|
||||
$ticket_updated_at_time_ago = timeAgo($row['ticket_updated_at']);
|
||||
if (empty($ticket_updated_at)) {
|
||||
if ($ticket_status == "Closed") {
|
||||
$ticket_updated_at_display = "<p>Never</p>";
|
||||
} else {
|
||||
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
|
||||
}
|
||||
} else {
|
||||
$ticket_updated_at_display = "$ticket_updated_at_time_ago<br><small class='text-secondary'>$ticket_updated_at</small>";
|
||||
}
|
||||
$ticket_closed_at = nullable_htmlentities($row['ticket_closed_at']);
|
||||
$client_id = intval($row['ticket_client_id']);
|
||||
$client_name = nullable_htmlentities($row['client_name']);
|
||||
$contact_id = intval($row['ticket_contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
$contact_title = nullable_htmlentities($row['contact_title']);
|
||||
$contact_email = nullable_htmlentities($row['contact_email']);
|
||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
||||
$contact_extension = nullable_htmlentities($row['contact_extension']);
|
||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
||||
if ($ticket_status == "Pending-Assignment") {
|
||||
$ticket_status_color = "danger";
|
||||
} elseif ($ticket_status == "Assigned") {
|
||||
$ticket_status_color = "primary";
|
||||
} elseif ($ticket_status == "In-Progress") {
|
||||
$ticket_status_color = "success";
|
||||
} elseif ($ticket_status == "Closed") {
|
||||
$ticket_status_color = "dark";
|
||||
} elseif ($ticket_status == "Auto Close") {
|
||||
$ticket_status_color = "dark";
|
||||
} elseif ($ticket_status == "Client-Replied") {
|
||||
$ticket_status_color = "warning";
|
||||
} else{
|
||||
$ticket_status_color = "secondary";
|
||||
}
|
||||
|
||||
require "ticket_assign_modal.php";
|
||||
if ($ticket_priority == "High") {
|
||||
$ticket_priority_color = "danger";
|
||||
} elseif ($ticket_priority == "Medium") {
|
||||
$ticket_priority_color = "warning";
|
||||
} else{
|
||||
$ticket_priority_color = "info";
|
||||
}
|
||||
$ticket_assigned_to = intval($row['ticket_assigned_to']);
|
||||
if (empty($ticket_assigned_to)) {
|
||||
if ($ticket_status == "Closed") {
|
||||
$ticket_assigned_to_display = "<p>Not Assigned</p>";
|
||||
} else {
|
||||
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
|
||||
}
|
||||
} else {
|
||||
$ticket_assigned_to_display = nullable_htmlentities($row['user_name']);
|
||||
}
|
||||
|
||||
require "ticket_edit_priority_modal.php";
|
||||
if (empty($contact_name)) {
|
||||
$contact_display = "-";
|
||||
} else {
|
||||
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
|
||||
}
|
||||
|
||||
$asset_id = intval($row['ticket_asset_id']);
|
||||
$vendor_id = intval($row['ticket_vendor_id']);
|
||||
|
||||
?>
|
||||
|
||||
<tr class="<?php if(empty($ticket_updated_at)) { echo "text-bold"; }?>">
|
||||
<td>
|
||||
<?php if($ticket_status !== "Closed") { ?>
|
||||
<div class="form-check">
|
||||
<input class="form-check-input bulk-select" type="checkbox" name="ticket_ids[]" value="<?php echo $ticket_id ?>">
|
||||
</div>
|
||||
<?php } ?>
|
||||
</td>
|
||||
<td>
|
||||
<a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>">
|
||||
<span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span>
|
||||
</a>
|
||||
</td>
|
||||
<td>
|
||||
<a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a>
|
||||
</td>
|
||||
<td>
|
||||
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>"><strong><?php echo $client_name; ?></strong></a>
|
||||
|
||||
<div class="mt-1"><?php echo $contact_display; ?></div>
|
||||
</td>
|
||||
<?php if ($config_module_enable_accounting) {
|
||||
?>
|
||||
<td class="text-center">
|
||||
<a href="#" data-toggle="modal" data-target="#editTicketBillableModal<?php echo $ticket_id; ?>">
|
||||
<?php
|
||||
if ($ticket_billable == 1) {
|
||||
echo "<span class='badge badge-pill badge-success'>$</span>";
|
||||
} else {
|
||||
echo "<span class='badge badge-pill badge-secondary'>X</span>";
|
||||
}
|
||||
?></td>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<td><a href="#" data-toggle="modal" data-target="#editTicketPriorityModal<?php echo $ticket_id; ?>"><span class='p-2 badge badge-pill badge-<?php echo $ticket_priority_color; ?>'><?php echo $ticket_priority; ?></span></a></td>
|
||||
<td><span class='p-2 badge badge-pill badge-<?php echo $ticket_status_color; ?>'><?php echo $ticket_status; ?></span></td>
|
||||
<td><a href="#" data-toggle="modal" data-target="#assignTicketModal<?php echo $ticket_id; ?>"><?php echo $ticket_assigned_to_display; ?></a></td>
|
||||
<td><?php echo $ticket_updated_at_display; ?></td>
|
||||
<td>
|
||||
<?php echo $ticket_created_at_time_ago; ?>
|
||||
<br>
|
||||
<small class="text-secondary"><?php echo $ticket_created_at; ?></small>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
|
||||
if ($ticket_status !== "Closed") {
|
||||
// Temp performance boost for closed tickets, until we move to dynamic modals
|
||||
|
||||
require "ticket_assign_modal.php";
|
||||
|
||||
require "ticket_edit_priority_modal.php";
|
||||
|
||||
if ($config_module_enable_accounting) {
|
||||
require "ticket_edit_billable_modal.php";
|
||||
}
|
||||
|
||||
if ($config_module_enable_accounting) {
|
||||
require "ticket_edit_billable_modal.php";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
?>
|
||||
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php require_once "ticket_bulk_assign_modal.php"; ?>
|
||||
<?php require_once "ticket_bulk_edit_priority_modal.php"; ?>
|
||||
<?php require_once "ticket_bulk_close_modal.php"; ?>
|
||||
<?php require_once "ticket_bulk_reply_modal.php"; ?>
|
||||
</form>
|
||||
<?php require_once "pagination.php";
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script src="js/bulk_actions.js"></script>
|
||||
|
||||
<?php
|
||||
require_once "ticket_add_modal.php";
|
||||
|
||||
require_once "footer.php";
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -12,12 +12,12 @@ require_once "inc_all_user.php";
|
|||
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Your New Password</label>
|
||||
<label>Your New Password <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
|
||||
</div>
|
||||
<input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password" minlength="8">
|
||||
<input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password" minlength="8" required>
|
||||
<div class="input-group-append">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in New Issue