AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-22 13:35:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed broken Guest view of Invoice and Quote due to modification of get Browser and get OS functions

Browse Source
This commit is contained in:
johnnyq
2023-01-21 14:02:54 -05:00
parent 7f2a9e04d5
commit 73490f5448
3 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
guest_view_invoice.php
View File

@@ -68,8 +68,10 @@ if(isset($_GET['invoice_id'], $_GET['url_key'])){
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY); $currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip())); $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
$os = strip_tags(mysqli_real_escape_string($mysqli,get_os()));
$browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser())); $session_user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
$os = strip_tags(mysqli_real_escape_string($mysqli,get_os($session_user_agent)));
$browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser($session_user_agent)));
//Set Badge color based off of invoice status //Set Badge color based off of invoice status
if($invoice_status == "Sent"){ if($invoice_status == "Sent"){

13
guest_view_quote.php
View File

@@ -64,10 +64,11 @@ if(isset($_GET['quote_id'], $_GET['url_key'])){
//Set Currency Format //Set Currency Format
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY); $currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
$ip = get_ip(); $ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
$os = get_os();
$browser = get_web_browser(); $session_user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
$device = get_device(); $os = strip_tags(mysqli_real_escape_string($mysqli,get_os($session_user_agent)));
$browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser($session_user_agent)));
//Update status to Viewed only if invoice_status = "Sent" //Update status to Viewed only if invoice_status = "Sent"
if($quote_status == 'Sent'){ if($quote_status == 'Sent'){
@@ -75,11 +76,11 @@ if(isset($_GET['quote_id'], $_GET['url_key'])){
} }
//Mark viewed in history //Mark viewed in history
mysqli_query($mysqli,"INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser - $device', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id"); mysqli_query($mysqli,"INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
//Prevent SQL Error if client_name has ' in their name example Bill's Market //Prevent SQL Error if client_name has ' in their name example Bill's Market
$client_name_escaped = mysqli_escape_string($mysqli,$row['client_name']); $client_name_escaped = mysqli_escape_string($mysqli,$row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser - $device', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id"); mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
?> ?>

BIN
plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/4.15.0,4114918a13a428a8482a8a449792a5a8747582b5,1.ser Normal file
View File

Binary file not shown.