From 6ccbe67b59814c90c559d54b93699665800ab81e Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Thu, 22 Jun 2023 10:57:14 -0400
Subject: [PATCH] Fix some formatting and additonal white space before contact
 name in Ticket Details

---
 post.php   |  6 +++---
 setup.php  | 12 ++++++------
 ticket.php | 24 ++++++++++--------------
 3 files changed, 19 insertions(+), 23 deletions(-)

diff --git a/post.php b/post.php
index b6ebca80..49fd533f 100644
--- a/post.php
+++ b/post.php
@@ -19,8 +19,8 @@ if(isset($_POST['add_user'])){
     validateAdminRole();
     validateCSRFToken($_POST['csrf_token']);
 
-    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
-    $user_specific_encryption_ciphertext = encryptUserSpecificKey($_POST['password']);
+    $password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
+    $user_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password']));
 
     mysqli_query($mysqli,"INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext'");
 
@@ -134,7 +134,7 @@ if(isset($_POST['edit_user'])){
 
     if(!empty($new_password)){
         $new_password = password_hash($new_password, PASSWORD_DEFAULT);
-        $user_specific_encryption_ciphertext = encryptUserSpecificKey($_POST['new_password']);
+        $user_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['new_password']));
         mysqli_query($mysqli,"UPDATE users SET user_password = '$new_password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' WHERE user_id = $user_id");
         //Extended Logging
         $extended_log_description .= ", password changed";
diff --git a/setup.php b/setup.php
index 68bd0708..1627be8f 100644
--- a/setup.php
+++ b/setup.php
@@ -776,10 +776,10 @@ if (isset($_POST['add_database'])) {
         exit;
     }
 
-    $host = $_POST['host'];
-    $database = $_POST['database'];
-    $username = $_POST['username'];
-    $password = $_POST['password'];
+    $host = trim($_POST['host']);
+    $database = trim($_POST['database']);
+    $username = trim($_POST['username']);
+    $password = trim($_POST['password']);
     $config_base_url = $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']);
 
     $installation_id = randomString(32);
@@ -854,13 +854,13 @@ if (isset($_POST['add_user'])) {
 
     $name = sanitizeInput($_POST['name']);
     $email = sanitizeInput($_POST['email']);
-    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
+    $password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
 
     //Generate master encryption key
     $site_encryption_master_key = randomString();
 
     //Generate user specific key
-    $user_specific_encryption_ciphertext = setupFirstUserSpecificKey($_POST['password'], $site_encryption_master_key);
+    $user_specific_encryption_ciphertext = setupFirstUserSpecificKey(trim($_POST['password']), $site_encryption_master_key);
 
     mysqli_query($mysqli,"INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext'");
 
diff --git a/ticket.php b/ticket.php
index 5ad531b2..38404ba2 100644
--- a/ticket.php
+++ b/ticket.php
@@ -464,26 +464,22 @@ if (isset($_GET['ticket_id'])) {
                         <div>
                             <h4 class="text-secondary">Contact</h4>
                             <span class="">
- 							 <i class="fa fa-fw fa-user text-secondary ml-1 mr-2 mb-2"></i>
-  								<a href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>" class="text-dark">
-    							<strong><?php echo strtoupper($contact_name); ?></strong>
- 								 </a>
+ 							    <i class="fa fa-fw fa-user text-secondary ml-1 mr-2 mb-2"></i>
+                                <a href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>" class="text-dark">
+                                    <strong><?php echo strtoupper($contact_name); ?></strong>
+                                </a>
 							</span>
 
-
                             <span class="ml-1">
- 							 <a href="#" tabindex="0" role="button" data-toggle="popover" title="Related Tickets" data-html="true" data-content="
-    							Open tickets: <strong><a href='tickets.php?contact_id=<?php echo $contact_id; ?>&status=Open'><?php echo $ticket_related_open; ?></a></strong><br>
-    							Closed tickets: <strong><a href='tickets.php?contact_id=<?php echo $contact_id; ?>&status=Closed'><?php echo $ticket_related_closed; ?></a></strong>
-  							">
-<!--    						<span class="badge bg-secondary">--><?php //echo $ticket_related_total; ?><!--</span>-->
-  							</a>
-						</span>
-
+ 							    <a href="#" tabindex="0" role="button" data-toggle="popover" title="Related Tickets" data-html="true" 
+                                    data-content = "Open tickets: <strong><a href='tickets.php?contact_id=<?php echo $contact_id; ?>&status=Open'><?php echo $ticket_related_open; ?></a></strong><br>
+                                        Closed tickets: <strong><a href='tickets.php?contact_id=<?php echo $contact_id; ?>&status=Closed'><?php echo $ticket_related_closed; ?></a></strong>">
+                                        <!-- <span class="badge bg-secondary">--><?php //echo $ticket_related_total; ?><!--</span>-->
+                                </a>
+                            </span>
 
                             <br>
 
-
                             <?php
 
                             if (!empty($location_name)) { ?>