AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #636 from itflow-org/master 

Merge with Master
This commit is contained in:
Johnny 2023-02-26 21:56:30 -05:00 committed by GitHub
parent 5d8e206c04 412e4eaf78
commit 762bbecb63
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
622 changed files with 37456 additions and 31507 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.github/dash.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 73 KiB

After

Width:  |  Height:  |  Size: 94 KiB

BIN
.github/readme.gif vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 96 KiB

27
.github/workflows/first-interaction.yml vendored Normal file
View File

@ -0,0 +1,27 @@
name: Welcome New Contributor
on:
issues:
types: [opened]
pull_request_target:
types: [opened]
jobs:
run:
runs-on: ubuntu-latest
steps:
- uses: actions/first-interaction@v1.1.1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
issue-message: |
Hello & Welcome! :)
Thanks for taking the time to get in touch. We'll review this issue shortly.
Whilst you're waiting, please feel free to check out the [forum](https://forum.itflow.org).
pr-message: |
Hello & Welcome! :)
Thanks for taking the time to help improve ITFlow. We're excited to review your contributions - we'll review this PR as soon as we can!
Whilst you're waiting, please feel free to check out the [forum](https://forum.itflow.org).

24
README.md
View File

@ -24,7 +24,7 @@
Username: <b>demo@demo</b> | Password: <b>demo</b>
<br />
<br />
<a href="https://itflow.org/docs.php?doc=about">About</a>
<a href="https://itflow.org/index.php?page=About">About</a>
·
<a href="https://itflow.org/docs.php">Docs</a>
·
@ -39,7 +39,7 @@
<!-- ABOUT THE PROJECT -->
## About
<b>A free ITGlue alternative, with additional ticketing / accounting features.</b>
<b>A comprehensive, free & open-source documentation, ticket management, and accounting platform.</b>
[![ITFlow][product-screenshot]](https://itflow.org)
@ -54,8 +54,8 @@
- ITFlow consolidates common MSP needs (documentation, ticketing, and accounting) into one system
### In Beta
* This project is still in early beta and is considered a **work in progress**. Many changes are being performed and may cause breakage upon updates.
* Currently, we strongly recommend against storing confidential information in ITFlow; ITFlow has not undergone a third-party security assessment.
* This project is in beta with many ongoing changes. Updates may unintentionally introduce bugs/security issues.
* Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free. Use your best judgement before deciding to store highly confidential information in ITFlow.
* We are hoping to have a stable 1.0 release by April/May 2023.
<!-- BUILT WITH -->
@ -66,6 +66,7 @@
* MariaDB
* PHPMailer
* HTML Purifier
* PHP Mime Mail Parser
* CSS
* Bootstrap
@ -84,11 +85,11 @@
<!-- GETTING STARTED -->
## Getting Started / Installation
ITFlow is self-hosted. There is a full installation guide in the [docs](https://itflow.org/docs.php?doc_id=1), but the main steps are:
ITFlow is self-hosted. There is a full installation guide in the [docs](https://wiki.itflow.org/doku.php?id=wiki:installation), but the main steps are:
1. Install a LAMP stack (Linux, Apache, MariaDB, PHP)
```sh
sudo apt install git apache2 php libapache2-mod-php php-intl php-imap php-mysqli php-curl mariadb-server
sudo apt install git apache2 php libapache2-mod-php php-intl php-imap php-mailparse php-mysqli php-curl mariadb-server
```
2. Clone the repo
```sh
@ -103,14 +104,13 @@ ITFlow is self-hosted. There is a full installation guide in the [docs](https://
* Accounting / Billing - finance dashboard, quotes, invoices, accounting, expenses, etc
* Client Portal - self service quote/invoice/ticket management for clients
* Alerting - account balance, invoices, domain/SSL renewals
* Completely free & open-source alternative to ITGlue and Hudu
<!-- ROADMAP -->
## Roadmap / Future to-do
* MeshCentral (Export common software applications to Software)
* Comprehensive API to allow custom third party integration
* CalDAV to integrate with 3rd party calendars
* CardDAV to integrate with 3rd party Address books
* Stripe Integration for online payments
* Recent caller toast alerts to click and bring up the clients account right away
* FIDO2 WebAuthn Support for passwordless auth (TPM Fingerprint), (USB Hardware keys such as Yubikey)
@ -125,7 +125,7 @@ For help using ITFlow, feature requests, and general ideas / discussions please
For bugs, please raise an [issue](https://github.com/itflow-org/itflow/issues).
### Contributing
If you are able to make a contribution that would make ITFlow better, please fork the repo and create a pull request. Please make sure you're following our [code standards](https://itflow.org/docs.php?doc=coding-standards).
If you are able to make a contribution that would make ITFlow better, please fork the repo and create a pull request. Please make sure you're following our [code standards](https://wiki.itflow.org/doku.php?id=wiki:code_standards).
For large changes / new features, please discuss the issue with other contributors first.
#### Contributors
@ -136,7 +136,7 @@ For large changes / new features, please discuss the issue with other contributo
<!-- LICENSE -->
## License
ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See `LICENSE` for details.
ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details.
<!-- MARKDOWN LINKS & IMAGES -->
@ -153,6 +153,6 @@ ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIN
[license-url]: https://github.com/itflow-org/itflow/blob/master/LICENSE
[commit-shield]: https://img.shields.io/github/last-commit/itflow-org/itflow?style=for-the-badge
[commit-url]: https://github.com/itflow-org/itflow/commits/master
[product-screenshot]: .github/dash.png
[product-screenshot]: .github/readme.gif
<!-- https://github.com/othneildrew/Best-README-Template -->

16
SECURITY.md
View File

@ -2,26 +2,22 @@
## In Beta
ITFlow is currently in early beta and is a work in progress.
We currently advise against storing confidential data in ITFlow for this reason.
ITFlow is currently in beta and is a work in progress.
**We take security seriously.** Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free. You should use your best judgment before entering confidential information into the app.
That said, in order to eventually be useful, ITFlow **must** be secure and take security seriously.
We attempt to follow security best practices where possible, including [automated code scanning](https://sonarcloud.io/component_measures?id=itflow-org_itflow&metric=security_rating&view=list).
## Supported Versions
ITFlow is in Beta.
| Version | Supported |
| ------- | ------------------ |
| Beta | :white_check_mark: |
## Reporting a Vulnerability
**Please do not report security vulnerabilities through public GitHub issues.**
**<ins>Please do not report security vulnerabilities through public GitHub issues.</ins>**
If you have discovered a security issue, please report it to us in as much detail as possible, so we can fix it.
You should expect to receive an initial acknowledgement within 72 hours. If you do not, please get in touch discretely via GitHub issues/Forum/Discord to ensure we received your e-mail.
If you have discovered a security issue, please [report it](https://github.com/itflow-org/itflow/security/advisories/new) to us in as much detail as possible, so we can fix it. You should expect to receive an initial acknowledgement within 72 hours.
Security contact:
![image](https://user-images.githubusercontent.com/32306651/160704188-763e6763-429e-41b9-9007-6a09bcfdba2b.png)
**Security contact: [GitHub Security Advisories](https://github.com/itflow-org/itflow/security/advisories/new)**

6
account_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank"></i> New Account</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>New Account</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -52,8 +52,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_account" class="btn btn-primary text-bold"><i class="fa fa-fw fa-check"></i> Create</button>
<button type="submit" name="add_account" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
account_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank"></i> Editing account: <strong><?php echo $account_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Editing account: <strong><?php echo $account_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -28,8 +28,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_account" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_account" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

50
accounts.php
View File

@ -1,17 +1,20 @@
<?php require_once("inc_all_settings.php");
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
// Default Column Sortby Filter
$sb = "account_name";
}
$o = "ASC";
require_once("inc_all.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM accounts
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM accounts
WHERE account_name LIKE '%$q%' AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to");
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -19,15 +22,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-piggy-bank"></i> Accounts</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Accounts</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAccountModal"><i class="fas fa-fw fa-plus"></i> New Account</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAccountModal"><i class="fas fa-plus mr-2"></i>New Account</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<div class="input-group">
<input type="search" class="form-control col-md-4" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Accounts">
<input type="search" class="form-control col-md-4" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Accounts">
<div class="input-group-append">
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
@ -48,23 +51,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$account_id = $row['account_id'];
$account_id = intval($row['account_id']);
$account_name = htmlentities($row['account_name']);
$opening_balance = $row['opening_balance'];
$opening_balance = floatval($row['opening_balance']);
$account_currency_code = htmlentities($row['account_currency_code']);
$account_notes = htmlentities($row['account_notes']);
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments'];
$total_payments = floatval($row['total_payments']);
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues'];
$total_revenues = floatval($row['total_revenues']);
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses'];
$total_expenses = floatval($row['total_expenses']);
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
@ -79,10 +82,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAccountModal<?php echo $account_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAccountModal<?php echo $account_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($balance == 0) { //Cannot Archive an Account until it reaches 0 Balance ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="post.php?archive_account=<?php echo $account_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?archive_account=<?php echo $account_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<?php } ?>
</div>
</div>
@ -97,14 +104,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("account_add_modal.php");
include("footer.php");
?>
require_once("account_add_modal.php");
require_once("footer.php");

22
ajax.php
View File

@ -141,7 +141,9 @@ if (isset($_GET['network_get_json_details'])) {
}
// Lookup all client locations, as networks can be associated with any client location
$locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations
$locations_sql = mysqli_query(
$mysqli,
"SELECT location_id, location_name FROM locations
WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
);
while ($row = mysqli_fetch_array($locations_sql)) {
@ -153,7 +155,7 @@ if (isset($_GET['network_get_json_details'])) {
if (isset($_POST['client_set_notes'])) {
$client_id = intval($_POST['client_id']);
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
$notes = sanitizeInput($_POST['notes']);
// Update notes
mysqli_query($mysqli, "UPDATE clients SET client_notes = '$notes' WHERE client_id = '$client_id'");
@ -165,10 +167,10 @@ if (isset($_POST['client_set_notes'])) {
if (isset($_POST['contact_set_notes'])) {
$contact_id = intval($_POST['contact_id']);
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
$notes = sanitizeInput($_POST['notes']);
// Update notes
mysqli_query($mysqli, "UPDATE contacts SET contact_notes = '$notes' WHERE contact_id = contact_id");
mysqli_query($mysqli, "UPDATE contacts SET contact_notes = '$notes' WHERE contact_id = $contact_id");
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact notes', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
@ -226,28 +228,28 @@ if (isset($_GET['share_generate_link'])) {
$item_encrypted_credential = ''; // Default empty
$client_id = intval($_GET['client_id']);
$item_type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['type'])));
$item_type = sanitizeInput($_GET['type']);
$item_id = intval($_GET['id']);
$item_note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['note'])));
$item_note = sanitizeInput($_GET['note']);
$item_view_limit = intval($_GET['views']);
$item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['expires'])));
$item_expires = sanitizeInput($_GET['expires']);
$item_key = randomString(156);
if ($item_type == "Document") {
$row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_id' AND document_client_id = '$client_id' LIMIT 1"));
$item_name = strip_tags(mysqli_real_escape_string($mysqli, $row['document_name']));
$item_name = sanitizeInput($row['document_name']);
}
if ($item_type == "File") {
$row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_id' AND file_client_id = '$client_id' LIMIT 1"));
$item_name = strip_tags(mysqli_real_escape_string($mysqli, $row['file_name']));
$item_name = sanitizeInput($row['file_name']);
}
if ($item_type == "Login") {
$login = mysqli_query($mysqli, "SELECT login_name, login_username, login_password FROM logins WHERE login_id = '$item_id' AND login_client_id = '$client_id' LIMIT 1");
$row = mysqli_fetch_array($login);
$item_name = strip_tags(mysqli_real_escape_string($mysqli, $row['login_name']));
$item_name = sanitizeInput($row['login_name']);
// Decrypt & re-encrypt username/password for sharing
$login_encryption_key = randomString();

137
api/v1/assets/asset_model.php Normal file
View File

@ -0,0 +1,137 @@
<?php
// Variable assignment from POST (or: blank/from DB is updating)
if (isset($_POST['asset_name'])) {
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_name'])));
} elseif (isset($asset_row) && isset($asset_row['asset_name'])) {
$name = $asset_row['asset_name'];
} else {
$name = '';
}
if (isset($_POST['asset_type'])) {
$type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_type'])));
} elseif (isset($asset_row) && isset($asset_row['asset_type'])) {
$type = $asset_row['asset_type'];
} else {
$type = '';
}
if (isset($_POST['asset_make'])) {
$make = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_make'])));
} elseif (isset($asset_row) && isset($asset_row['asset_make'])) {
$make = $asset_row['asset_make'];
} else {
$make = '';
}
if (isset($_POST['asset_model'])) {
$model = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_model'])));
} elseif (isset($asset_row) && isset($asset_row['asset_model'])) {
$model = $asset_row['asset_model'];
} else {
$model = '';
}
if (isset($_POST['asset_serial'])) {
$serial = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_serial'])));
} elseif (isset($asset_row) && isset($asset_row['asset_serial'])) {
$serial = $asset_row['asset_serial'];
} else {
$serial = '';
}
if (isset($_POST['asset_os'])) {
$os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
} elseif (isset($asset_row) && isset($asset_row['asset_os'])) {
$os = $asset_row['asset_os'];
} else {
$os = '';
}
if (isset($_POST['asset_ip'])) {
$aip = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_ip'])));
} elseif (isset($asset_row) && isset($asset_row['asset_ip'])) {
$aip = $asset_row['asset_ip'];
} else {
$aip = '';
}
if (isset($_POST['asset_mac'])) {
$mac = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_mac'])));
} elseif (isset($asset_row) && isset($asset_row['asset_mac'])) {
$mac = $asset_row['asset_mac'];
} else {
$mac = '';
}
if (isset($_POST['asset_status'])) {
$status = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_status'])));
} elseif (isset($asset_row) && isset($asset_row['asset_status'])) {
$status = $asset_row['asset_status'];
} else {
$status = '';
}
if (isset($_POST['asset_purchase_date']) && !empty($_POST['asset_purchase_date'])) {
$purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_purchase_date'])));
} elseif (isset($asset_row) && isset($asset_row['asset_purchase_date'])) {
$purchase_date = $asset_row['asset_purchase_date'];
} else {
$purchase_date = "0000-00-00";
}
if (isset($_POST['asset_warranty_expire']) && !empty($_POST['asset_warranty_expire'])) {
$warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_warranty_expire'])));
} elseif (isset($asset_row) && isset($asset_row['asset_warranty_expire'])) {
$warranty_expire = $asset_row['asset_warranty_expire'];
} else {
$warranty_expire = "0000-00-00";
}
if (isset($_POST['asset_install_date']) && !empty($_POST['asset_install_date'])) {
$install_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_install_date'])));
} elseif (isset($asset_row) && isset($asset_row['asset_install_date'])) {
$install_date = $asset_row['asset_install_date'];
} else {
$install_date = "0000-00-00";
}
if (isset($_POST['asset_notes'])) {
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_notes'])));
} elseif (isset($asset_row) && isset($asset_row['asset_notes'])) {
$notes = $asset_row['asset_notes'];
} else {
$notes = '';
}
if (isset($_POST['asset_vendor_id'])) {
$vendor = intval($_POST['asset_vendor_id']);
} elseif (isset($asset_row) && isset($asset_row['asset_vendor_id'])) {
$vendor = $asset_row['asset_vendor_id'];
} else {
$vendor = '0';
}
if (isset($_POST['asset_location_id'])) {
$location = intval($_POST['asset_location_id']);
} elseif (isset($asset_row) && isset($asset_row['asset_location_id'])) {
$location = $asset_row['asset_location_id'];
} else {
$location = '0';
}
if (isset($_POST['asset_contact_id'])) {
$contact = intval($_POST['asset_contact_id']);
} elseif (isset($asset_row) && isset($asset_row['asset_contact_id'])) {
$contact = $asset_row['asset_contact_id'];
} else {
$contact = '0';
}
if (isset($_POST['asset_network_id'])) {
$network = intval($_POST['asset_network_id']);
} elseif (isset($asset_row) && isset($asset_row['asset_network_id'])) {
$network = $asset_row['asset_network_id'];
} else {
$network = '0';
}

91
api/v1/assets/create.php
View File

@ -3,103 +3,22 @@
require_once('../validate_api_key.php');
require_once('../require_post_method.php');
// Parse info
// Variable assignment - assigning blank if a value is not provided
if (isset($_POST['asset_name'])) {
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_name'])));
} else {
$name = '';
}
if (isset($_POST['asset_type'])) {
$type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_type'])));
} else {
$type = '';
}
if (isset($_POST['asset_make'])) {
$make = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_make'])));
} else {
$make = '';
}
if (isset($_POST['asset_model'])) {
$model = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_model'])));
} else {
$model = '';
}
if (isset($_POST['asset_serial'])) {
$serial = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_serial'])));
} else {
$serial = '';
}
if (isset($_POST['asset_os'])) {
$os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
} else {
$os = '';
}
if (isset($_POST['asset_ip'])) {
$aip = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_ip'])));
} else {
$aip = '';
}
if (isset($_POST['asset_mac'])) {
$mac = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_mac'])));
} else {
$mac = '';
}
if (isset($_POST['asset_purchase_date'])) {
$purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_purchase_date'])));
} else {
$purchase_date = "0000-00-00";
}
if (isset($_POST['asset_warranty_expire'])) {
$warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_warranty_expire'])));
} else {
$warranty_expire = "0000-00-00";
}
if (isset($_POST['asset_install_date'])) {
$install_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_install_date'])));
} else {
$install_date = "0000-00-00";
}
if (isset($_POST['asset_notes'])) {
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_notes'])));
} else {
$notes = '';
}
if (isset($_POST['asset_vendor_id'])) {
$vendor = intval($_POST['asset_vendor_id']);
} else {
$vendor = '0';
}
if (isset($_POST['asset_location_id'])) {
$location = intval($_POST['asset_location_id']);
} else {
$location = '0';
}
if (isset($_POST['asset_contact_id'])) {
$contact = intval($_POST['asset_contact_id']);
} else {
$contact = '0';
}
if (isset($_POST['asset_network_id'])) {
$network = intval($_POST['asset_network_id']);
} else {
$network = '0';
}
// Parse POST info
require_once('asset_model.php');
// Default
$insert_id = false;
if (!empty($name) && !empty($client_id)) {
// Insert into Database
$insert_sql = mysqli_query($mysqli, "INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_created_at = NOW(), asset_network_id = $network, asset_client_id = $client_id, company_id = '$company_id'");
$insert_sql = mysqli_query($mysqli, "INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_status = '$status', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_created_at = NOW(), asset_network_id = $network, asset_client_id = $client_id, company_id = '$company_id'");
if ($insert_sql) {
$insert_id = mysqli_insert_id($mysqli);
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created asset $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created asset $name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = '$client_id', company_id = $company_id");
}
}

2
api/v1/assets/delete.php
View File

@ -20,7 +20,7 @@ if (!empty($asset_id)) {
$delete_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Deleted', log_description = '$asset_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Deleted', log_description = '$asset_name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $client_id, company_id = $company_id");
}
}

17
api/v1/assets/read.php
View File

@ -7,29 +7,28 @@ require_once('../require_get_method.php');
if (isset($_GET['asset_id'])) {
$id = intval($_GET['asset_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$id' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['asset_type'])) {
// Asset query via type
elseif (isset($_GET['asset_type'])) {
$type = mysqli_real_escape_string($mysqli, ucfirst($_GET['asset_type']));
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_type = '$type' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
} elseif (isset($_GET['asset_name'])) {
// Asset query via name
elseif (isset($_GET['asset_name'])) {
$name = mysqli_real_escape_string($mysqli, $_GET['asset_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_name = '$name' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
} elseif (isset($_GET['asset_serial'])) {
// Asset query via serial
elseif (isset($_GET['asset_serial'])) {
$serial = mysqli_real_escape_string($mysqli, $_GET['asset_serial']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_serial = '$serial' AND asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
} elseif (isset($_GET['client_id'])) {
// Asset query via client ID
elseif (isset($_GET['client_id']) && $client_id == "%") {
$client_id = intval($_GET['client_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}

96
api/v1/assets/update.php
View File

@ -11,104 +11,20 @@ $update_count = false;
if (!empty($asset_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$asset_id' AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
$asset_row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_id = '$asset_id' AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
// Variable assignment - assigning the current database value if a value is not provided
if (isset($_POST['asset_name'])) {
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_name'])));
} else {
$name = $row['asset_name'];
}
if (isset($_POST['asset_type'])) {
$type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_type'])));
} else {
$type = $row['asset_type'];
}
if (isset($_POST['asset_make'])) {
$make = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_make'])));
} else {
$make = $row['asset_make'];
}
if (isset($_POST['asset_model'])) {
$model = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_model'])));
} else {
$model = $row['asset_model'];
}
if (isset($_POST['asset_serial'])) {
$serial = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_serial'])));
} else {
$serial = $row['asset_serial'];
}
if (isset($_POST['asset_os'])) {
$os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
} else {
$os = $row['asset_os'];
}
if (isset($_POST['asset_os'])) {
$os = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_os'])));
} else {
$os = $row['asset_os'];
}
if (isset($_POST['asset_ip'])) {
$aip = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_ip'])));
} else {
$aip = $row['asset_ip'];
}
if (isset($_POST['asset_mac'])) {
$mac = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_mac'])));
} else {
$mac = $row['asset_mac'];
}
if (isset($_POST['asset_purchase_date'])) {
$purchase_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_purchase_date'])));
} else {
$purchase_date = $row['asset_purchase_date'];
}
if (isset($_POST['asset_warranty_expire'])) {
$warranty_expire = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_warranty_expire'])));
} else {
$warranty_expire = $row['asset_warranty_expire'];
}
if (isset($_POST['asset_install_date'])) {
$install_date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_install_date'])));
} else {
$install_date = $row['asset_install_date'];
}
if (isset($_POST['asset_notes'])) {
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['asset_notes'])));
} else {
$notes = $row['asset_notes'];
}
if (isset($_POST['asset_vendor_id'])) {
$vendor = intval($_POST['asset_vendor_id']);
} else {
$vendor = $row['asset_vendor_id'];
}
if (isset($_POST['asset_location_id'])) {
$location = intval($_POST['asset_location_id']);
} else {
$location = $row['asset_location_id'];
}
if (isset($_POST['asset_contact_id'])) {
$contact = intval($_POST['asset_contact_id']);
} else {
$contact = $row['asset_contact_id'];
}
if (isset($_POST['asset_network_id'])) {
$network = intval($_POST['asset_network_id']);
} else {
$network = $row['asset_network_id'];
}
// Variable assignment from POST - assigning the current database value if a value is not provided
require_once('asset_model.php');
$update_sql = mysqli_query($mysqli, "UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_updated_at = NOW(), asset_network_id = $network WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
$update_sql = mysqli_query($mysqli, "UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_status = '$status', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_updated_at = NOW(), asset_network_id = $network WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1");
// Check insert & get insert ID
if ($update_sql) {
$update_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated asset $name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Asset', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated asset $name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $client_id, company_id = $company_id");
}
}

15
api/v1/certificates/read.php
View File

@ -7,22 +7,21 @@ require_once('../require_get_method.php');
if (isset($_GET['certificate_id'])) {
$id = intval($_GET['certificate_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_id = '$id' AND certificate_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['certificate_name'])) {
// Certificate by name
elseif (isset($_GET['certificate_name'])) {
$name = mysqli_real_escape_string($mysqli, $_GET['certificate_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_name = '$name' AND certificate_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
}
// Certificate via client ID (if allowed)
elseif (isset($_GET['client_id']) && $client_id == "%") {
$client_id = intval($_GET['client_id']);
} elseif (isset($_GET['client_id'])) {
// Certificate via client ID
$sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
}
} else {
// All certificates
else {
$sql = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY certificate_id LIMIT $limit OFFSET $offset");
}

8
api/v1/clients/read.php
View File

@ -7,16 +7,16 @@ require_once('../require_get_method.php');
if (isset($_GET['client_id'])) {
$id = intval($_GET['client_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = '$id' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['client_name'])) {
// Specific client via name (single)
elseif (isset($_GET['client_name'])) {
$name = mysqli_real_escape_string($mysqli, $_GET['client_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_name = '$name' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} else {
// All clients
else {
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY client_id LIMIT $limit OFFSET $offset");
}

91
api/v1/contacts/contact_model.php
View File

@ -1,16 +1,107 @@
<?php
define('number_regex', '/[^0-9]/');
// Variable assignment from POST (or: blank/from DB is updating)
if (isset($_POST['contact_name'])) {
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_name'])));
} elseif ($contact_row) {
$name = $contact_row['contact_name'];
} else {
$name = '';
}
if (isset($_POST['contact_title'])) {
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_title'])));
} elseif ($contact_row) {
$title = $contact_row['contact_title'];
} else {
$title = '';
}
if (isset($_POST['contact_department'])) {
$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_department'])));
} elseif ($contact_row) {
$department = $contact_row['contact_department'];
} else {
$department = '';
}
if (isset($_POST['contact_email'])) {
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_email'])));
} elseif ($contact_row) {
$email = $contact_row['contact_email'];
} else {
$email = '';
}
if (isset($_POST['contact_phone'])) {
$phone = preg_replace(number_regex, '', $_POST['contact_phone']);
} elseif ($contact_row) {
$phone = $contact_row['contact_phone'];
} else {
$phone = '';
}
if (isset($_POST['contact_extension'])) {
$extension = preg_replace(number_regex, '', $_POST['contact_extension']);
} elseif ($contact_row) {
$extension = $contact_row['contact_extension'];
} else {
$extension = '';
}
if (isset($_POST['contact_mobile'])) {
$mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);
} elseif ($contact_row) {
$mobile = $contact_row['contact_mobile'];
} else {
$mobile = '';
}
if (isset($_POST['contact_notes'])) {
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_notes'])));
} elseif ($contact_row) {
$notes = $contact_row['contact_notes'];
} else {
$notes = '';
}
if (isset($_POST['contact_auth_method'])) {
$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_auth_method'])));
} elseif ($contact_row) {
$auth_method = $contact_row['contact_auth_method'];
} else {
$auth_method = '';
}
if (isset($_POST['contact_important'])) {
$important = intval($_POST['contact_important']);
} elseif ($contact_row) {
$important = $contact_row['contact_important'];
} else {
$important = '0';
}
if (isset($_POST['contact_billing'])) {
$billing = intval($_POST['contact_billing']);
} elseif ($contact_row) {
$billing = $contact_row['contact_billing'];
} else {
$billing = '0';
}
if (isset($_POST['contact_technical'])) {
$technical = intval($_POST['contact_technical']);
} elseif ($contact_row) {
$technical = $contact_row['contact_technical'];
} else {
$technical = '0';
}
if (isset($_POST['contact_location_id'])) {
$location_id = intval($_POST['contact_location_id']);
} elseif ($contact_row) {
$location_id = $contact_row['contact_location_id'];
} else {
$location_id = '';
}

6
api/v1/contacts/create.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
require_once('contact_model.php');
// Default
$insert_id = FALSE;
$insert_id = false;
if (!empty($name) && !empty($email) && !empty($client_id)) {
@ -23,8 +23,8 @@ if (!empty($name) && !empty($email) && !empty($client_id)) {
if ($insert_sql) {
$insert_id = mysqli_insert_id($mysqli);
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created contact $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Created', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Created contact $name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
}
}

4
api/v1/contacts/delete.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$delete_count = FALSE;
$delete_count = false;
if (!empty($contact_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
@ -20,7 +20,7 @@ if (!empty($contact_id)) {
$delete_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Deleted', log_description = '$contact_name via API ($api_key_name)', log_ip = '$ip', log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Deleted', log_description = '$contact_name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $client_id, company_id = $company_id");
}
}

8
api/v1/contacts/read.php
View File

@ -7,16 +7,16 @@ require_once('../require_get_method.php');
if (isset($_GET['contact_id'])) {
$id = intval($_GET['contact_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = '$id' AND contact_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['contact_email'])) {
// Specific contact via email (single)
elseif (isset($_GET['contact_email'])) {
$email = mysqli_real_escape_string($mysqli, $_GET['contact_email']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} else {
// All contacts
else {
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY contact_id LIMIT $limit OFFSET $offset");
}

14
api/v1/contacts/update.php
View File

@ -5,12 +5,16 @@ require_once('../require_post_method.php');
// Parse Info
$contact_id = intval($_POST['contact_id']);
require_once('contact_model.php');
// Default
$update_count = FALSE;
$update_count = false;
if (!empty($name) && !empty($email)) {
if (!empty($contact_id)) {
$contact_row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = '$contact_id' AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));
// Variable assignment from POST - assigning the current database value if a value is not provided
require_once('contact_model.php');
$update_sql = mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_department = '$department', contact_email = '$email', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_important = '$important', contact_billing = '$billing', contact_technical = '$technical', contact_updated_at = NOW(), contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
@ -19,8 +23,8 @@ if (!empty($name) && !empty($email)) {
$update_count = mysqli_affected_rows($mysqli);
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated contact $name via API ($api_key_name)', log_ip = '$ip', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Updated', log_description = '$name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API', log_action = 'Success', log_description = 'Updated contact $name via API ($api_key_name)', log_ip = '$ip', log_user_agent = '$user_agent', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id");
}
}

5
api/v1/create_output.php
View File

@ -20,6 +20,11 @@ if (isset($insert_id) && is_numeric($insert_id)) {
else {
$return_arr['success'] = "False";
$return_arr['message'] = "Auth success but insert query failed, ensure ALL required variables are provided (and aren't duplicates where applicable) and database schema is up-to-date. Turn on error logging and look for 'undefined index'.";
// Log any database/schema related errors to the PHP Error log
if (mysqli_error($mysqli)) {
error_log("API Database Error: " . mysqli_error($mysqli));
}
}
echo json_encode($return_arr);

5
api/v1/delete_output.php
View File

@ -17,6 +17,11 @@ if (isset($delete_count) && is_numeric($delete_count) && $delete_count > 0) {
else {
$return_arr['success'] = "False";
$return_arr['message'] = "Auth success but delete query failed. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: asset/client/company ID mismatch.";
// Log any database/schema related errors to the PHP Error log
if (mysqli_error($mysqli)) {
error_log("API Database Error: " . mysqli_error($mysqli));
}
}
echo json_encode($return_arr);

19
api/v1/documents/read.php Normal file
View File

@ -0,0 +1,19 @@
<?php
require_once('../validate_api_key.php');
require_once('../require_get_method.php');
if (isset($_GET['document_id'])) {
// Document via ID (single)
$id = intval($_GET['document_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = '$id' AND document_client_id LIKE '$client_id' AND company_id = '$company_id'");
} else {
// All documents
$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY document_id LIMIT $limit OFFSET $offset");
}
// Output
require_once("../read_output.php");

15
api/v1/domains/read.php
View File

@ -7,22 +7,21 @@ require_once('../require_get_method.php');
if (isset($_GET['domain_id'])) {
$id = intval($_GET['domain_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_id = '$id' AND domain_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['domain_name'])) {
// Domain by name
elseif (isset($_GET['domain_name'])) {
$name = mysqli_real_escape_string($mysqli, $_GET['domain_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$name' AND domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
// Domain via client ID (if allowed)
elseif (isset($_GET['client_id']) && $client_id == "%") {
$client_id = intval($_GET['client_id']);
} elseif (isset($_GET['client_id'])) {
// Domain via client ID
$sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY domain_id LIMIT $limit OFFSET $offset");
}
} else {
// All domains
else {
$sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY domain_id LIMIT $limit OFFSET $offset");
}

21
api/v1/expenses/read.php Normal file
View File

@ -0,0 +1,21 @@
<?php
require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Expenses aren't stored against client IDs, so we instead validate the API key is for All Clients
if (isset($_GET['expense_id']) && $client_id == "%") {
// Expense via ID (single)
$id = intval($_GET['expense_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM expenses WHERE expense_id = '$id' AND company_id = '$company_id'");
} elseif ($client_id == "%") {
// All expenses
$sql = mysqli_query($mysqli, "SELECT * FROM expenses WHERE company_id = '$company_id' ORDER BY expense_id LIMIT $limit OFFSET $offset");
}
// Output
require_once("../read_output.php");

19
api/v1/invoices/read.php Normal file
View File

@ -0,0 +1,19 @@
<?php
require_once('../validate_api_key.php');
require_once('../require_get_method.php');
if (isset($_GET['invoice_id'])) {
// Invoice via ID (single)
$id = intval($_GET['invoice_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_id = '$id' AND invoice_client_id LIKE '$client_id' AND company_id = '$company_id'");
} else {
// All invoices
$sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY invoice_id LIMIT $limit OFFSET $offset");
}
// Output
require_once("../read_output.php");

15
api/v1/networks/read.php
View File

@ -7,22 +7,21 @@ require_once('../require_get_method.php');
if (isset($_GET['network_id'])) {
$id = intval($_GET['network_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_id = '$id' AND network_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['network_name'])) {
// Network by name
elseif (isset($_GET['network_name'])) {
$name = mysqli_real_escape_string($mysqli, $_GET['network_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_name = '$name' AND network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
}
// Network via client ID (if allowed)
elseif (isset($_GET['client_id']) && $client_id == "%") {
$client_id = intval($_GET['client_id']);
} elseif (isset($_GET['client_id'])) {
// Network via client ID
$sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
}
} else {
// All networks
else {
$sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY network_id LIMIT $limit OFFSET $offset");
}

28
api/v1/payments/read.php Normal file
View File

@ -0,0 +1,28 @@
<?php
require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Payments aren't stored against client IDs, so we instead validate the API key is for All Clients
if (isset($_GET['payment_id']) && $client_id == "%") {
// Payment via ID (single)
$id = intval($_GET['payment_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM payments WHERE payment_id = '$id' AND company_id = '$company_id'");
} elseif (isset($_GET['payment_invoice_id']) && $client_id == "%") {
// Payments for an invoice
$id = intval($_GET['payment_invoice_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM payments WHERE payment_invoice_id = '$id' AND company_id = '$company_id'");
} elseif ($client_id == "%") {
// All payments
$sql = mysqli_query($mysqli, "SELECT * FROM payments WHERE company_id = '$company_id' ORDER BY payment_id LIMIT $limit OFFSET $offset");
}
// Output
require_once("../read_output.php");

21
api/v1/products/read.php Normal file
View File

@ -0,0 +1,21 @@
<?php
require_once('../validate_api_key.php');
require_once('../require_get_method.php');
// Products aren't stored against client IDs, so we instead validate the API key is for All Clients
if (isset($_GET['product_id']) && $client_id == "%") {
// product via ID (single)
$id = intval($_GET['product_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM products WHERE product_id = '$id' AND company_id = '$company_id'");
} elseif ($client_id == "%") {
// All products
$sql = mysqli_query($mysqli, "SELECT * FROM products WHERE company_id = '$company_id' ORDER BY product_id LIMIT $limit OFFSET $offset");
}
// Output
require_once("../read_output.php");

19
api/v1/quotes/read.php Normal file
View File

@ -0,0 +1,19 @@
<?php
require_once('../validate_api_key.php');
require_once('../require_get_method.php');
if (isset($_GET['quote_id'])) {
// quote via ID (single)
$id = intval($_GET['quote_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_id LIKE '$id' AND quote_client_id = '$client_id' AND company_id = '$company_id'");
} else {
// All quotes
$sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY quote_id LIMIT $limit OFFSET $offset");
}
// Output
require_once("../read_output.php");

6
api/v1/read_output.php
View File

@ -21,6 +21,12 @@ if ($sql && mysqli_num_rows($sql) > 0) {
else {
$return_arr['success'] = "False";
$return_arr['message'] = "No resource (for this client and company) with the specified parameter(s).";
// Log any database/schema related errors to the PHP Error log
if (mysqli_error($mysqli)) {
error_log("API Database Error: " . mysqli_error($mysqli));
}
echo json_encode($return_arr);
exit();
}

6
api/v1/require_get_method.php
View File

@ -7,7 +7,11 @@ if ($_SERVER['REQUEST_METHOD'] !== "GET") {
exit();
}
// Wildcard client ID for most SELECT queries
// Wildcard client ID for most SELECT queries, unless otherwise specified (and allowed)
if ($client_id == 0) {
if (isset($_GET['client_id'])) {
$client_id = intval($_GET['client_id']);
} else {
$client_id = "%";
}
}

23
api/v1/software/read.php
View File

@ -7,34 +7,33 @@ require_once('../require_get_method.php');
if (isset($_GET['software_id'])) {
$id = intval($_GET['software_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = '$id' AND software_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} elseif (isset($_GET['software_key'])) {
// Specific software via key
if (isset($_GET['software_key'])) {
$key = mysqli_real_escape_string($mysqli, $_GET['software_license']);
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_key = '$key' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
}
} elseif (isset($_GET['software_name'])) {
// Software by name
elseif (isset($_GET['software_name'])) {
$name = mysqli_real_escape_string($mysqli, $_GET['software_name']);
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_name = '$name' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY asset_id LIMIT $limit OFFSET $offset");
}
} elseif (isset($_GET['software_type'])) {
// Software via type
elseif (isset($_GET['software_type'])) {
$type = intval($_GET['software_type']);
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_type = '$type' AND software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
}
// Software via client ID (if allowed)
elseif (isset($_GET['client_id']) && $client_id == "%") {
$client_id = intval($_GET['client_id']);
} elseif (isset($_GET['client_id'])) {
// Software via client ID
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
}
} else {
// All software(s)
else {
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY software_id LIMIT $limit OFFSET $offset");
}

4
api/v1/tickets/read.php
View File

@ -7,10 +7,10 @@ require_once('../require_get_method.php');
if (isset($_GET['ticket_id'])) {
$id = intval($_GET['ticket_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$id' AND ticket_client_id LIKE '$client_id' AND company_id = '$company_id'");
}
} else {
// All tickets
else {
$sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_client_id LIKE '$client_id' AND company_id = '$company_id' ORDER BY ticket_id LIMIT $limit OFFSET $offset");
}

7
api/v1/update_output.php
View File

@ -16,7 +16,12 @@ if (isset($update_count) && is_numeric($update_count) && $update_count > 0) {
// Query returned false: something went wrong, or it was declined due to required variables missing
else {
$return_arr['success'] = "False";
$return_arr['message'] = "Auth success but update query failed/returned no results. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: non-existent module ID (contact ID/ticket ID/etc)";
$return_arr['message'] = "Auth success but update query failed/returned no results. Ensure ALL required variables are provided and database schema is up-to-date. Most likely cause: non-existent module ID (i.e. bad contact ID/ticket ID/etc).";
// Log any database/schema related errors to the PHP Error log
if (mysqli_error($mysqli)) {
error_log("API Database Error: " . mysqli_error($mysqli));
}
}
echo json_encode($return_arr);

21
api/v1/validate_api_key.php
View File

@ -16,9 +16,8 @@ header('Content-Type: application/json');
// POST data
$_POST = json_decode(file_get_contents('php://input'), true);
// Get user IP
// Get IP & UA
$ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
// Get user agent
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
// Setup return array
@ -81,10 +80,10 @@ if (isset($api_key)) {
header(WORDING_UNAUTHORIZED);
echo json_encode($return_arr);
exit();
}
// Success
else {
} else {
// SUCCESS
// Set client ID, company ID & key name
$row = mysqli_fetch_array($sql);
@ -95,21 +94,17 @@ if (isset($api_key)) {
// Set limit & offset for queries
if (isset($_GET['limit'])) {
$limit = intval($_GET['limit']);
}
elseif (isset($_POST['limit'])) {
} elseif (isset($_POST['limit'])) {
$limit = intval($_POST['limit']);
}
else {
} else {
$limit = 50;
}
if (isset($_GET['offset'])) {
$offset = intval($_GET['offset']);
}
elseif (isset($_POST['offset'])) {
} elseif (isset($_POST['offset'])) {
$offset = intval($_POST['offset']);
}
else {
} else {
$offset = 0;
}

8
api_key_add_modal.php
View File

@ -5,7 +5,7 @@ $key = randomString(156);
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> New Key</h5>
<h5 class="modal-title"><i class="fas fa-fw fa-key mr-2"></i>New Key</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -63,7 +63,7 @@ $key = randomString(156);
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']); ?>
<option value="<?php echo $client_id; ?>"><?php echo "$client_name (Client ID: $client_id)"; ?></option>
<?php } ?>
@ -73,8 +73,8 @@ $key = randomString(156);
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_api_key" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_api_key" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

11
blank.php
View File

@ -18,6 +18,17 @@
<?php echo randomString(100); ?>
<br>
<form>
<?php
$timezones = DateTimeZone::listIdentifiers();
echo '<select name="timezone">';
foreach ($timezones as $timezone) {
echo '<option value="' . $timezone . '">' . $timezone . '</option>';
}
echo '</select>';
?>
</form>
<script>toastr.success('Have Fun Wozz!!')</script>

6
calendar_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus"></i> New Calendar</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus mr-2"></i>New Calendar</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -32,8 +32,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_calendar" class="btn btn-primary">Save</button>
<button type="submit" name="add_calendar" class="btn btn-primary"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

26
calendar_event_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus"></i> New Event</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus mr-2"></i>New Event</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -12,13 +12,13 @@
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-event"><i class="fa fa-fw fa-calendar"></i> Event</a>
<a class="nav-link active" data-toggle="pill" href="#pills-event"><i class="fa fa-fw fa-calendar mr-2"></i>Event</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-more"><i class="fa fa-fw fa-info-circle"></i> More</a>
<a class="nav-link" data-toggle="pill" href="#pills-more"><i class="fa fa-fw fa-info-circle mr-2"></i>More</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-attendees"><i class="fa fa-fw fa-users"></i> Attendees</a>
<a class="nav-link" data-toggle="pill" href="#pills-attendees"><i class="fa fa-fw fa-users mr-2"></i>Attendees</a>
</li>
</ul>
@ -50,15 +50,13 @@
$sql = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$calendar_id = $row['calendar_id'];
$calendar_id = intval($row['calendar_id']);
$calendar_name = htmlentities($row['calendar_name']);
$calendar_color = htmlentities($row['calendar_color']);
?>
<option <?php if ($config_default_calendar == $calendar_id) { echo "selected"; } ?> data-content="<i class='fa fa-circle mr-2' style='color:<?php echo $calendar_color; ?>;'></i> <?php echo $calendar_name; ?>" value="<?php echo $calendar_id; ?>"><?php echo $calendar_name; ?></option>
<?php } ?>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-dark" data-toggle="modal" data-target="#addQuickCalendarModal"><i class="fas fa-fw fa-plus"></i></button>
@ -106,9 +104,7 @@
<div class="tab-pane fade" id="pills-attendees">
<?php if (isset($client_id)) { ?>
<input type="hidden" name="client" value="<?php echo $client_id; ?>">
<?php } else{ ?>
<div class="form-group">
@ -123,15 +119,13 @@
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']);
$contact_email = htmlentities($row['contact_email']);
?>
<option value="<?php echo $client_id; ?>"><?php echo $client_name; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -153,8 +147,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_event" class="btn btn-primary"><strong><i class="fa fa-check"></i> Create</strong></button>
<button type="submit" name="add_event" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

29
calendar_event_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar"></i> <?php echo $event_title; ?></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-calendar mr-2"></i><?php echo $event_title; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -15,13 +15,13 @@
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-event<?php echo $event_id; ?>"><i class="fa fa-fw fa-calendar"></i> Event</a>
<a class="nav-link active" data-toggle="pill" href="#pills-event<?php echo $event_id; ?>"><i class="fa fa-fw fa-calendar mr-2"></i>Event</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-more<?php echo $event_id; ?>"><i class="fa fa-fw fa-info-circle"></i> More</a>
<a class="nav-link" data-toggle="pill" href="#pills-more<?php echo $event_id; ?>"><i class="fa fa-fw fa-info-circle mr-2"></i>More</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-attendees<?php echo $event_id; ?>"><i class="fa fa-fw fa-users"></i> Attendees</a>
<a class="nav-link" data-toggle="pill" href="#pills-attendees<?php echo $event_id; ?>"><i class="fa fa-fw fa-users mr-2"></i>Attendees</a>
</li>
</ul>
@ -52,15 +52,13 @@
$sql_calendars_select = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql_calendars_select)) {
$calendar_id_select = $row['calendar_id'];
$calendar_id_select = intval($row['calendar_id']);
$calendar_name_select = htmlentities($row['calendar_name']);
$calendar_color_select = htmlentities($row['calendar_color']);
?>
<option data-content="<i class='fa fa-circle mr-2' style='color:<?php echo $calendar_color_select; ?>;'></i> <?php echo $calendar_name_select; ?>"<?php if ($calendar_id == $calendar_id_select) { echo "selected"; } ?> value="<?php echo $calendar_id_select; ?>"><?php echo $calendar_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -105,9 +103,7 @@
<div class="tab-pane fade" id="pills-attendees<?php echo $event_id; ?>">
<?php if (isset($_GET['client_id'])) { ?>
<input type="hidden" name="client" value="<?php echo $client_id; ?>">
<?php } else { ?>
<div class="form-group">
@ -122,15 +118,14 @@
$sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql_clients)) {
$client_id_select = $row['client_id'];
$client_id_select = intval($row['client_id']);
$client_name_select = htmlentities($row['client_name']);
$contact_email_select = htmlentities($row['contact_email']);
?>
<option <?php if ($client_id == $client_id_select) { echo "selected"; } ?> value="<?php echo $client_id_select; ?>"><?php echo $client_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -150,9 +145,9 @@
</div>
<div class="modal-footer bg-white">
<a href="post.php?delete_event=<?php echo $event_id; ?>" class="btn btn-danger mr-auto"><i class="fa fa-trash"></i> Delete</a>
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_event" class="btn btn-primary"><strong><i class="fa fa-check"></i> Update</button>
<a class="btn text-danger mr-auto" href="post.php?delete_event=<?php echo $event_id; ?>"><i class="fa fa-calendar-times mr-2"></i>Delete</a>
<button type="submit" name="edit_event" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

50
calendar_events.php
View File

@ -1,26 +1,22 @@
<?php include("inc_all.php"); ?>
<link href='plugins/fullcalendar/main.min.css' rel='stylesheet' />
<?php
require_once("inc_all.php");
if (isset($_GET['calendar_id'])) {
$calendar_selected_id = intval($_GET['calendar_id']);
}
?>
<link href='plugins/fullcalendar/main.min.css' rel='stylesheet' />
<div id='calendar'></div>
<?php
include("calendar_event_add_modal.php");
include("calendar_add_modal.php");
include("category_quick_add_modal.php");
require_once("calendar_event_add_modal.php");
require_once("calendar_add_modal.php");
require_once("category_quick_add_modal.php");
?>
<?php
//loop through IDs and create a modal for each
$sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
@ -35,13 +31,13 @@ while ($row = mysqli_fetch_array($sql)) {
$calendar_color = htmlentities($row['calendar_color']);
$client_id = $row['event_client_id'];
include("calendar_event_edit_modal.php");
require("calendar_event_edit_modal.php");
}
?>
<?php include("footer.php"); ?>
<?php require_once("footer.php"); ?>
<script src='plugins/fullcalendar/main.min.js'></script>
@ -76,47 +72,41 @@ while ($row = mysqli_fetch_array($sql)) {
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['event_id']);
$event_id = intval($row['event_id']);
$event_title = json_encode($row['event_title']);
$event_start = json_encode($row['event_start']);
$event_end = json_encode($row['event_end']);
$calendar_id = json_encode($row['calendar_id']);
$calendar_id = intval($row['calendar_id']);
$calendar_name = json_encode($row['calendar_name']);
$calendar_color = json_encode($row['calendar_color']);
echo "{ id: $event_id, title: $event_title, start: $event_start, end: $event_end, color: $calendar_color },";
}
?>
<?php
//Invoices Created
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN invoices ON client_id = invoice_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['invoice_id']);
$event_id = intval($row['invoice_id']);
$event_title = json_encode($row['invoice_prefix'] . $row['invoice_number'] . " " . $row['invoice_scope']);
$event_start = json_encode($row['invoice_date']);
echo "{ id: $event_id, title: $event_title, start: $event_start, color: 'blue', url: 'invoice.php?invoice_id=$event_id' },";
}
?>
<?php
//Quotes Created
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN quotes ON client_id = quote_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['quote_id']);
$event_id = intval($row['quote_id']);
$event_title = json_encode($row['quote_prefix'] . $row['quote_number'] . " " . $row['quote_scope']);
$event_start = json_encode($row['quote_date']);
echo "{ id: $event_id, title: $event_title, start: $event_start, color: 'purple', url: 'quote.php?quote_id=$event_id' },";
}
?>
<?php
//Tickets Created
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN tickets ON client_id = ticket_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['ticket_id']);
$event_id = intval($row['ticket_id']);
$event_title = json_encode($row['ticket_prefix'] . $row['ticket_number'] . " " . $row['ticket_subject']);
$event_start = json_encode($row['ticket_created_at']);
@ -124,29 +114,25 @@ while ($row = mysqli_fetch_array($sql)) {
}
?>
<?php
//Vendors Added Created
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id WHERE vendor_template = 0 AND clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['vendor_id']);
$event_id = intval($row['vendor_id']);
$client_id = intval($row['client_id']);
$event_title = json_encode($row['vendor_name']);
$event_start = json_encode($row['vendor_created_at']);
echo "{ id: $event_id, title: $event_title, start: $event_start, color: 'brown', url: 'client_vendors.php?client_id=$event_id' },";
echo "{ id: $event_id, title: $event_title, start: $event_start, color: 'brown', url: 'client_vendors.php?client_id=$client_id' },";
}
?>
<?php
//Clients Added
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['client_id']);
$event_id = intval($row['client_id']);
$event_title = json_encode($row['client_name']);
$event_start = json_encode($row['client_created_at']);
echo "{ id: $event_id, title: $event_title, start: $event_start, color: 'green', url: 'client.php?client_id=$event_id' },";
echo "{ id: $event_id, title: $event_title, start: $event_start, color: 'green', url: 'client_overview.php?client_id=$event_id' },";
}
?>

54
categories.php
View File

@ -1,21 +1,23 @@
<?php require_once("inc_all_settings.php");
<?php
// Default Column Sortby Filter
$sb = "category_name";
$o = "ASC";
require_once("inc_all_settings.php");
if (isset($_GET['category'])) {
$category = strip_tags(mysqli_real_escape_string($mysqli,$_GET['category']));
$category = sanitizeInput($_GET['category']);
} else {
$category = "Expense";
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
} else {
$sb = "category_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM categories
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM categories
WHERE category_name LIKE '%$q%'
AND category_type = '$category'
AND category_archived_at IS NULL
@ -25,8 +27,12 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM categories
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$colors_used_array = [];
//Colors Used
$sql_colors_used = mysqli_query($mysqli,"SELECT category_color FROM categories
$sql_colors_used = mysqli_query(
$mysqli,
"SELECT category_color FROM categories
WHERE category_type = '$category'
AND category_archived_at IS NULL
AND company_id = $session_company_id"
@ -42,9 +48,9 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-list"></i> <?php echo htmlentities($category); ?> Categories</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-list mr-2"></i><?php echo htmlentities($category); ?> Categories</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCategoryModal"><i class="fas fa-fw fa-plus"></i> New</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCategoryModal"><i class="fas fa-plus mr-2"></i>New</button>
</div>
</div>
<div class="card-body">
@ -53,7 +59,7 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
<div class="row">
<div class="col-sm-4 mb-2">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Categories">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Categories">
<div class="input-group-append">
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
@ -83,14 +89,14 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
<?php
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_id = intval($row['category_id']);
$category_name = htmlentities($row['category_name']);
$category_color = htmlentities($row['category_color']);
//$colors_used_array[] = $row['category_color'];
?>
<tr>
<td><a class="text-dark" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>"><?php echo "$category_name"; ?></a></td>
<td><a class="text-dark" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>"><?php echo $category_name; ?></a></td>
<td><i class="fa fa-3x fa-circle" style="color:<?php echo $category_color; ?>;"></i></td>
<td>
<div class="dropdown dropleft text-center">
@ -98,9 +104,13 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_category=<?php echo $category_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?archive_category=<?php echo $category_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
</div>
</div>
</td>
@ -119,14 +129,10 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("category_add_modal.php");
include("footer.php");
?>
require_once("category_add_modal.php");
require_once("footer.php");

14
category_add_modal.php
View File

@ -2,13 +2,13 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-list"></i> New <?php echo $category; ?> Category</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-list mr-2"></i>New <?php echo htmlentities($category); ?> Category</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo $category; ?>">
<input type="hidden" name="type" value="<?php echo htmlentities($category); ?>">
<div class="modal-body bg-white">
@ -22,9 +22,7 @@
<?php
foreach ($colors_diff as $color) {
?>
foreach ($colors_diff as $color) { ?>
<div class="col-3 mb-3">
<div class="form-check">
@ -34,14 +32,14 @@
</label>
</div>
</div>
<?php } ?>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

13
category_edit_modal.php
View File

@ -2,14 +2,14 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-list"></i> Editing category: <strong><?php echo $category_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-list mr-2"></i>Editing category: <strong><?php echo $category_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="category_id" value="<?php echo $category_id; ?>">
<input type="hidden" name="type" value="<?php echo $category; ?>">
<input type="hidden" name="type" value="<?php echo htmlentities($category); ?>">
<div class="modal-body bg-white">
<div class="form-group">
@ -30,8 +30,7 @@
<?php
foreach($colors_diff as $color) {
?>
foreach($colors_diff as $color) { ?>
<div class="col-3 mb-3">
<div class="form-check">
<input class="form-check-input" type="radio" name="color" value="<?php echo $color; ?>">
@ -40,14 +39,14 @@
</label>
</div>
</div>
<?php } ?>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

14
check_login.php
View File

@ -2,10 +2,10 @@
if (!isset($_SESSION)) {
// HTTP Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
session_start();
}
@ -22,11 +22,9 @@ if (!isset($_SESSION['logged']) || !$_SESSION['logged']) {
exit;
}
// SESSION FINGERPRINT
$session_ip = strip_tags(mysqli_real_escape_string($mysqli,getIP()));
// User agent
$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
// User IP & UA
$session_ip = sanitizeInput(getIP());
$session_user_agent = sanitizeInput($_SERVER['HTTP_USER_AGENT']);
$session_user_id = $_SESSION['user_id'];
@ -69,7 +67,7 @@ $session_company_country = $row['company_country'];
$session_company_locale = $row['company_locale'];
$session_company_currency = $row['company_currency'];
include("get_settings.php");
require_once("get_settings.php");
//Detects if using an Apple device and uses Apple Maps instead of google
$iPod = stripos($_SERVER['HTTP_USER_AGENT'], "iPod");

18
client_add_modal.php
View File

@ -66,13 +66,10 @@
$referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($referral_sql)) {
$referral = htmlentities($row['category_name']);
?>
$referral = htmlentities($row['category_name']); ?>
<option><?php echo $referral; ?></option>
<?php } ?>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickReferralModal"><i class="fas fa-fw fa-plus"></i></button>
@ -258,7 +255,6 @@
</div>
<?php } else { ?>
<input type="hidden" name="currency_code" value="<?php echo $session_company_currency; ?>">
<input type="hidden" name="net_terms" value="0">
<?php } ?>
@ -278,7 +274,7 @@
$sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id'];
$tag_id_select = intval($row['tag_id']);
$tag_name_select = htmlentities($row['tag_name']);
$tag_color_select = htmlentities($row['tag_color']);
$tag_icon_select = htmlentities($row['tag_icon']);
@ -295,9 +291,7 @@
</div>
</li>
<?php
}
?>
<?php } ?>
</ul>
@ -306,8 +300,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_client" class="btn btn-primary text-bold" onclick="promptPrimaryContact()"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_client" class="btn btn-primary text-bold" onclick="promptPrimaryContact()"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

31
client_asset_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-desktop"></i> New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags($_GET['type'])); }else{ echo "Asset"; } ?></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-desktop mr-2"></i>New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags($_GET['type'])); }else{ echo "Asset"; } ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -124,14 +124,12 @@
$sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_id = intval($row['location_id']);
$location_name = htmlentities($row['location_name']);
?>
<option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -149,14 +147,13 @@
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']);
?>
<option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -189,16 +186,14 @@
$sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$network_id = $row['network_id'];
$network_id = intval($row['network_id']);
$network_name = htmlentities($row['network_name']);
$network = htmlentities($row['network']);
?>
<option value="<?php echo $network_id; ?>"><?php echo $network_name; ?> - <?php echo $network; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -239,14 +234,12 @@
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_id = intval($row['vendor_id']);
$vendor_name = htmlentities($row['vendor_name']);
?>
<option value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -319,8 +312,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

31
client_asset_copy_modal.php
View File

@ -1,9 +1,8 @@
<div class="modal" id="copyAssetModal<?php echo $asset_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?>"></i> Copying asset: <strong><?php echo $asset_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i>Copying asset: <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -122,14 +121,12 @@
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id'];
$location_id_select = intval($row['location_id']);
$location_name_select = htmlentities($row['location_name']);
?>
<option <?php if ($asset_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -147,14 +144,12 @@
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = $row['contact_id'];
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']);
?>
<option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -186,16 +181,14 @@
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_networks)) {
$network_id_select = $row['network_id'];
$network_id_select = intval($row['network_id']);
$network_name_select = htmlentities($row['network_name']);
$network_select = htmlentities($row['network']);
?>
<option <?php if ($asset_network_id == $network_id_select) { echo "selected"; } ?> value="<?php echo $network_id_select; ?>"><?php echo $network_name_select; ?> - <?php echo $network_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -236,14 +229,12 @@
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = htmlentities($row['vendor_name']);
?>
<option <?php if ($asset_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -317,8 +308,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Copy</button>
<button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Copy</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

10
client_asset_documents_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?>"></i> <?php echo $asset_name; ?> Documents</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i><?php echo $asset_name; ?> Documents</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -11,19 +11,17 @@
<div class="modal-body bg-white">
<?php
while ($row = mysqli_fetch_array($sql_related_documents)) {
$related_document_id = $row['document_id'];
$related_document_id = intval($row['document_id']);
$related_document_name = htmlentities($row['document_name']);
?>
<p>
<i class="fas fa-fw fa-document text-secondary"></i>
<?php echo $related_document_name; ?> <a href="client_documents.php?q=<?php echo $related_document_name; ?>"><?php echo $related_document_name; ?></a>
</p>
<?php
}
?>
<?php } ?>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</div>

30
client_asset_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?>"></i> Editing asset: <strong><?php echo $asset_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i>Editing asset: <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -123,14 +123,12 @@
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id'];
$location_id_select = intval($row['location_id']);
$location_name_select = htmlentities($row['location_name']);
?>
<option <?php if ($asset_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -147,16 +145,14 @@
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id'];
$contact_id_select = intval($row['contact_id']);
$contact_name_select = htmlentities($row['contact_name']);
?>
<option <?php if ($asset_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>">
<?php echo $contact_name_select; ?> <?php if (!empty($row['contact_archived_at'])) { echo " (Archived " . date('Y-m-d', strtotime($row['contact_archived_at'])) .")"; } ?>
</option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -187,16 +183,14 @@
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_networks)) {
$network_id_select = $row['network_id'];
$network_id_select = intval($row['network_id']);
$network_name_select = htmlentities($row['network_name']);
$network_select = htmlentities($row['network']);
?>
<option <?php if ($asset_network_id == $network_id_select) { echo "selected"; } ?> value="<?php echo $network_id_select; ?>"><?php echo $network_name_select; ?> - <?php echo $network_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -237,14 +231,12 @@
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = htmlentities($row['vendor_name']);
?>
<option <?php if ($asset_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -318,8 +310,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_asset" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

4
client_asset_import_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-desktop"></i> Import Assets</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-desktop mr-2"></i>Import Assets</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -19,7 +19,7 @@
<div>Download <a href="post.php?download_client_assets_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="import_client_assets_csv" class="btn btn-primary">Import</button>
<button type="submit" name="import_client_assets_csv" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Import</button>
</div>
</form>
</div>

5
client_asset_interface_add_modal.php
View File

@ -83,10 +83,7 @@
?>
<option value="<?php echo $network_id; ?>"><?php echo $network_name; ?> - <?php echo $network; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>

14
client_asset_tickets_modal.php
View File

@ -12,24 +12,22 @@
<?php
// Query is run from client_assets.php
while ($row = mysqli_fetch_array($sql_tickets)) {
$ticket_id = $row['ticket_id'];
$ticket_id = intval($row['ticket_id']);
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_number = intval($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
$ticket_created_at = htmlentities($row['ticket_created_at']);
$ticket_updated_at = htmlentities($row['ticket_updated_at']);
?>
<p>
<i class="fas fa-fw fa-ticket-alt"></i>
Ticket: <a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo "$ticket_prefix$ticket_number" ?></a> on <?php echo $ticket_created_at; ?> <?php echo $ticket_subject; ?>
</p>
<?php
}
?>
<?php } ?>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</div>

177
client_assets.php
View File

@ -1,39 +1,39 @@
<?php include("inc_all_client.php");
<?php
// Default Column Sortby Filter
$sb = "asset_name";
$o = "ASC";
require_once("inc_all_client.php");
//Get Asset Counts
//All Asset Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE asset_archived_at IS NULL AND asset_client_id = $client_id"));
$all_count = $row['count'];
$all_count = intval($row['count']);
//Workstation Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'laptop' OR asset_type = 'desktop')
AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
$workstation_count = $row['count'];
$workstation_count = intval($row['count']);
//Server Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'server')
AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
$server_count = $row['count'];
$server_count = intval($row['count']);
//Virtual Server Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'virtual machine')
AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
$virtual_count = $row['count'];
$virtual_count = intval($row['count']);
//Network Device Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'Firewall/Router' OR asset_type = 'switch' OR asset_type = 'access point')
AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
$network_count = $row['count'];
$network_count = intval($row['count']);
//Other Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type NOT LIKE 'laptop' AND asset_type NOT LIKE 'desktop' AND asset_type NOT LIKE 'server' AND asset_type NOT LIKE 'virtual machine' AND asset_type NOT LIKE 'firewall/router' AND asset_type NOT LIKE 'switch' AND asset_type NOT LIKE 'access point')
AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
$other_count = $row['count'];
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
} else {
$sb = "asset_name";
}
$other_count = intval($row['count']);
//Asset Type from GET
if (isset($_GET['type']) && ($_GET['type']) == 'workstation') {
@ -54,7 +54,9 @@ if (isset($_GET['type']) && ($_GET['type']) == 'workstation') {
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM assets
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM assets
LEFT JOIN contacts ON asset_contact_id = contact_id
LEFT JOIN locations ON asset_location_id = location_id
LEFT JOIN logins ON login_asset_id = asset_id
@ -71,20 +73,20 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-desktop"></i> Assets</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetModal"><i class="fas fa-fw fa-plus"></i> New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags(htmlentities($_GET['type']))); }else{ echo "Asset"; } ?></button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetModal"><i class="fas fa-plus mr-2"></i>New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags(htmlentities($_GET['type']))); } else { echo "Asset"; } ?></button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="type" value="<?php echo strip_tags(htmlentities($_GET['type'])); ?>">
<input type="hidden" name="type" value="<?php echo stripslashes(htmlentities($_GET['type'])); ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags(htmlentities($_GET['type']))); }else{ echo "Asset"; } ?>s">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search <?php if (!empty($_GET['type'])) { echo ucwords(stripslashes(htmlentities($_GET['type']))); } else { echo "Asset"; } ?>s">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -97,23 +99,19 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if ($workstation_count > 0) { ?>
<a href="?<?php echo $url_query_strings_sb; ?>&type=workstation" class="btn <?php if ($_GET['type'] == 'workstation') { echo 'btn-primary'; } else { echo 'btn-default'; } ?>"><i class="fa fa-fw fa-desktop"></i> Workstations <span class="right badge badge-light"><?php echo $workstation_count; ?></span></a>
<?php
} ?>
<?php
}
if ($server_count > 0) { ?>
<a href="?<?php echo $url_query_strings_sb; ?>&type=server" class="btn <?php if ($_GET['type'] == 'server') { echo 'btn-primary'; } else { echo 'btn-default'; } ?>"><i class="fa fa-fw fa-server"></i> Servers <span class="right badge badge-light"><?php echo $server_count; ?></span></a>
<?php
} ?>
<?php
}
if ($virtual_count > 0) { ?>
<a href="?<?php echo $url_query_strings_sb; ?>&type=virtual" class="btn <?php if ($_GET['type'] == 'virtual') { echo 'btn-primary'; } else { echo 'btn-default'; } ?>"><i class="fa fa-fw fa-cloud"></i> Virtual <span class="right badge badge-light"><?php echo $virtual_count; ?></span></a>
<?php
} ?>
<?php
}
if ($network_count > 0) { ?>
<a href="?<?php echo $url_query_strings_sb; ?>&type=network" class="btn <?php if ($_GET['type'] == 'network') { echo 'btn-primary'; } else { echo 'btn-default'; } ?>"><i class="fa fa-fw fa-network-wired"></i> Network <span class="right badge badge-light"><?php echo $network_count; ?></span></a>
<?php
} ?>
<?php
}
if ($network_count > 0) { ?>
<a href="?<?php echo $url_query_strings_sb; ?>&type=other" class="btn <?php if ($_GET['type'] == 'other') { echo 'btn-primary'; } else { echo 'btn-default'; } ?>"><i class="fa fa-fw fa-tag"></i> Other <span class="right badge badge-light"><?php echo $other_count; ?></span></a>
<?php
@ -138,16 +136,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_name&o=<?php echo $disp; ?>">Name</a></th>
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_type&o=<?php echo $disp; ?>">Type</a></th>
<?php } ?>
<?php if ($_GET['type'] !== 'virtual') { ?>
<?php }
if ($_GET['type'] !== 'virtual') { ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_make&o=<?php echo $disp; ?>">Make/Model</a></th>
<?php } ?>
<?php if ($_GET['type'] !== 'virtual') { ?>
<?php }
if ($_GET['type'] !== 'virtual') { ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_serial&o=<?php echo $disp; ?>">Serial Number</a></th>
<?php } ?>
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
<?php }
if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_os&o=<?php echo $disp; ?>">Operating System</a></th>
<?php } ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_ip&o=<?php echo $disp; ?>">IP</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_install_date&o=<?php echo $disp; ?>">Install Date</a></th>
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'servers' && $_GET['type'] !== 'other') { ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=contact_name&o=<?php echo $disp; ?>">Assigned To</a></th>
@ -161,7 +160,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$asset_id = $row['asset_id'];
$asset_id = intval($row['asset_id']);
$asset_type = htmlentities($row['asset_type']);
$asset_name = htmlentities($row['asset_name']);
$asset_make = htmlentities($row['asset_make']);
@ -182,64 +181,38 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (empty($asset_ip)) {
$asset_ip_display = "-";
} else {
$asset_ip_display = "$asset_ip<button class='btn btn-sm' data-clipboard-text='$asset_ip'><i class='far fa-copy text-secondary'></i></button>";
$asset_ip_display = "$asset_ip<button class='btn btn-sm' data-clipboard-text=" . $asset_ip . "><i class='far fa-copy text-secondary'></i></button>";
}
$asset_mac = htmlentities($row['asset_mac']);
$asset_status = htmlentities($row['asset_status']);
$asset_purchase_date = $row['asset_purchase_date'];
$asset_warranty_expire = $row['asset_warranty_expire'];
$asset_install_date = $row['asset_install_date'];
$asset_purchase_date = htmlentities($row['asset_purchase_date']);
$asset_warranty_expire = htmlentities($row['asset_warranty_expire']);
$asset_install_date = htmlentities($row['asset_install_date']);
if (empty($asset_install_date)) {
$asset_install_date_display = "-";
} else {
$asset_install_date_display = $asset_install_date;
}
$asset_notes = htmlentities($row['asset_notes']);
$asset_created_at = $row['asset_created_at'];
$asset_vendor_id = $row['asset_vendor_id'];
$asset_location_id = $row['asset_location_id'];
$asset_contact_id = $row['asset_contact_id'];
$asset_network_id = $row['asset_network_id'];
$asset_created_at = htmlentities($row['asset_created_at']);
$asset_vendor_id = intval($row['asset_vendor_id']);
$asset_location_id = intval($row['asset_location_id']);
$asset_contact_id = intval($row['asset_contact_id']);
$asset_network_id = intval($row['asset_network_id']);
if ($asset_type == 'Laptop') {
$device_icon = "laptop";
}elseif ($asset_type == 'Desktop') {
$device_icon = "desktop";
}elseif ($asset_type == 'Server') {
$device_icon = "server";
}elseif ($asset_type == 'Printer') {
$device_icon = "print";
}elseif ($asset_type == 'Camera') {
$device_icon = "video";
}elseif ($asset_type == 'Switch' || $asset_type == 'Firewall/Router') {
$device_icon = "network-wired";
}elseif ($asset_type == 'Access Point') {
$device_icon = "wifi";
}elseif ($asset_type == 'Phone') {
$device_icon = "phone";
}elseif ($asset_type == 'Mobile Phone') {
$device_icon = "mobile-alt";
}elseif ($asset_type == 'Tablet') {
$device_icon = "tablet-alt";
}elseif ($asset_type == 'TV') {
$device_icon = "tv";
}elseif ($asset_type == 'Virtual Machine') {
$device_icon = "cloud";
}else{
$device_icon = "tag";
}
$device_icon = getAssetIcon($asset_type);
$contact_name = $row['contact_name'];
$contact_name = htmlentities($row['contact_name']);
if (empty($contact_name)) {
$contact_name = "-";
}
$location_name = $row['location_name'];
$location_name = htmlentities($row['location_name']);
if (empty($location_name)) {
$location_name = "-";
}
$login_id = $row['login_id'];
$login_id = intval($row['login_id']);
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
@ -289,7 +262,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
<input type="password" class="form-control" data-toggle="password" value="<?php echo $login_password; ?>" readonly autocomplete="off">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<div class="input-group-append">
<button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $login_password; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div>
</div>
</div>
</div>
@ -297,9 +276,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
</div>
<?php
}
?>
<?php } ?>
</th>
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
@ -314,6 +291,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other') { ?>
<td><?php echo $asset_os_display; ?></td>
<?php } ?>
<td><?php echo $asset_ip_display; ?></td>
<td><?php echo $asset_install_date_display; ?></td>
<?php if ($_GET['type'] !== 'network' && $_GET['type'] !== 'other' && $_GET['type'] !== 'servers') { ?>
<td><?php echo $contact_name; ?></td>
@ -324,19 +302,34 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addAssetInterfaceModal<?php echo $asset_id; ?>">Interfaces</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">Copy</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addAssetInterfaceModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-ethernet mr-2"></i>Interfaces
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-copy mr-2"></i>Copy
</a>
<?php if ($document_count > 0) { ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetDocumentsModal<?php echo $asset_id; ?>">Documents (<?php echo $document_count; ?>)</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetDocumentsModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-document mr-2"></i>Documents (<?php echo $document_count; ?>)
</a>
<?php } ?>
<?php if ($ticket_count > 0) { ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetTicketsModal<?php echo $asset_id; ?>">Tickets (<?php echo $ticket_count; ?>)</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetTicketsModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-life-ring mr-2"></i>Tickets (<?php echo $ticket_count; ?>)
</a>
<?php } ?>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a>
<a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_asset=<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete</a>
<?php } ?>
</div>
</div>
@ -345,10 +338,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
include("client_asset_edit_modal.php");
include("client_asset_copy_modal.php");
include("client_asset_tickets_modal.php");
include("client_asset_interface_add_modal.php");
require("client_asset_edit_modal.php");
require("client_asset_copy_modal.php");
require("client_asset_tickets_modal.php");
require("client_asset_interface_add_modal.php");
}
?>
@ -356,13 +349,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("client_asset_add_modal.php");
include("client_asset_import_modal.php");
?>
<?php include("footer.php"); ?>
require_once("client_asset_add_modal.php");
require_once("client_asset_import_modal.php");
require_once("footer.php");

6
client_certificate_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-lock"></i> New Certificate</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-lock mr-2"></i>New Certificate</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -75,7 +75,7 @@
<?php
$domains_sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'");
while ($domain_row = mysqli_fetch_array($domains_sql)) {
$domain_id = $domain_row['domain_id'];
$domain_id = intval($domain_row['domain_id']);
$domain_name = htmlentities($domain_row['domain_name']);
echo "<option value=\"$domain_id\">$domain_name</option>";
}
@ -86,8 +86,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_certificate" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

7
client_certificate_edit_modal.php
View File

@ -2,13 +2,14 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-lock"></i> Editing certificate: <span class="text-bold" id="editHeader"></span></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-lock mr-2"></i>Editing certificate: <span class="text-bold" id="editHeader"></span></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="certificate_id" value="" id="editCertificateId">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
@ -76,8 +77,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_certificate" class="btn btn-primary">Save</button>
<button type="submit" name="edit_certificate" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

34
client_certificates.php
View File

@ -1,12 +1,10 @@
<?php include("inc_all_client.php"); ?>
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "certificate_name";
}
$o = "ASC";
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
@ -21,9 +19,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-lock"></i> Certificates</h3>
<h3 class="card-title mt-2"><i class="fas fa-fw fa-lock mr-2"></i>Certificates</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCertificateModal"><i class="fas fa-fw fa-plus"></i> New Certificate</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCertificateModal"><i class="fas fa-plus mr-2"></i>New Certificate</button>
</div>
</div>
<div class="card-body">
@ -33,7 +31,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Certificates">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Certificates">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -42,7 +40,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_certificates_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<a href="post.php?export_client_certificates_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-download mr-2"></i>Export</a>
</div>
</div>
@ -64,7 +62,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$certificate_id = $row['certificate_id'];
$certificate_id = intval($row['certificate_id']);
$certificate_name = htmlentities($row['certificate_name']);
$certificate_domain = htmlentities($row['certificate_domain']);
$certificate_issued_by = htmlentities($row['certificate_issued_by']);
@ -82,10 +80,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" onclick="populateCertificateEditModal(<?php echo $client_id, ",", $certificate_id ?>)" data-target="#editCertificateModal">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" onclick="populateCertificateEditModal(<?php echo $client_id, ",", $certificate_id ?>)" data-target="#editCertificateModal">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_certificate=<?php echo $certificate_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_certificate=<?php echo $certificate_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -99,13 +101,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("client_certificate_edit_modal.php");
include("client_certificate_add_modal.php");
require_once("client_certificate_edit_modal.php");
require_once("client_certificate_add_modal.php");
?>
<script>

26
client_contact_add_modal.php
View File

@ -2,27 +2,33 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-user-plus"></i> New Contact</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-user-plus mr-2"></i>New Contact</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<!-- Prevent undefined checkbox errors on submit -->
<input type="hidden" name="primary_contact" value="0">
<input type="hidden" name="contact_important" value="0">
<input type="hidden" name="contact_billing" value="0">
<input type="hidden" name="contact_technical" value="0">
<!-- End prevent undefined errors -->
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details">Details</a>
<a class="nav-link active" data-toggle="pill" href="#pills-details"><i class="fa fa-fw fa-user mr-2"></i>Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-photo">Photo</a>
<a class="nav-link" data-toggle="pill" href="#pills-photo"><i class="fa fa-fw fa-image mr-2"></i>Photo</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-portal">Portal</a>
<a class="nav-link" data-toggle="pill" href="#pills-portal"><i class="fa fa-fw fa-lock mr-2"></i>Portal</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes">Notes</a>
<a class="nav-link" data-toggle="pill" href="#pills-notes"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a>
</li>
</ul>
@ -116,14 +122,12 @@
$sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_id = intval($row['location_id']);
$location_name = htmlentities($row['location_name']);
?>
<option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -198,8 +202,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_contact" class="btn btn-primary text-bold"><i class="fas fa-check"></i> Create</button>
<button type="submit" name="add_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

219
client_contact_details.php
View File

@ -1,4 +1,6 @@
<?php include("inc_all_client.php");
<?php
require_once("inc_all_client.php");
if (isset($_GET['contact_id'])) {
$contact_id = intval($_GET['contact_id']);
@ -9,7 +11,6 @@ if (isset($_GET['contact_id'])) {
");
$row = mysqli_fetch_array($sql);
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
$contact_title = htmlentities($row['contact_title']);
$contact_department =htmlentities($row['contact_department']);
@ -23,18 +24,13 @@ if (isset($_GET['contact_id'])) {
$contact_important = intval($row['contact_important']);
$contact_billing = intval($row['contact_billing']);
$contact_technical = intval($row['contact_technical']);
$contact_created_at = $row['contact_created_at'];
$contact_created_at = htmlentities($row['contact_created_at']);
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
if (empty($contact_name)) {
$contact_ticket_display = "-";
} else {
$contact_ticket_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_location_id = $row['contact_location_id'];
$contact_location_id = intval($row['contact_location_id']);
$location_name = htmlentities($row['location_name']);
if (empty($location_name)) {
$location_name_display = "-";
@ -44,8 +40,7 @@ if (isset($_GET['contact_id'])) {
$auth_method = htmlentities($row['contact_auth_method']);
// Related Assets Query
$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_contact_id = $contact_id AND company_id = $session_company_id ORDER BY asset_name DESC");
$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN logins ON logins.login_asset_id = assets.asset_id WHERE asset_contact_id = $contact_id AND assets.company_id = $session_company_id ORDER BY asset_name DESC");
$asset_count = mysqli_num_rows($sql_related_assets);
// Related Logins Query
@ -53,7 +48,16 @@ if (isset($_GET['contact_id'])) {
$login_count = mysqli_num_rows($sql_related_logins);
// Related Software Query
$sql_related_software = mysqli_query($mysqli, "SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id ORDER BY software.software_id DESC");
//$sql_related_software = mysqli_query($mysqli, "SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id ORDER BY software.software_id DESC");
$sql_related_software = mysqli_query(
$mysqli,
"SELECT * FROM software_contacts
LEFT JOIN software ON software_contacts.software_id = software.software_id
LEFT JOIN logins on software.software_id = logins.login_software_id
WHERE software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id
ORDER BY software.software_id DESC"
);
$software_count = mysqli_num_rows($sql_related_software);
// Related Tickets Query
@ -86,14 +90,14 @@ if (isset($_GET['contact_id'])) {
<hr>
<?php if (!empty($location_name)) { ?>
<div class="mb-1"><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name_display; ?></div>
<?php } ?>
<?php if (!empty($contact_email)) { ?>
<?php }
if (!empty($contact_email)) { ?>
<div><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php } ?>
<?php if (!empty($contact_phone)) { ?>
<?php }
if (!empty($contact_phone)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo "$contact_phone $contact_extension"; ?></div>
<?php } ?>
<?php if (!empty($contact_mobile)) { ?>
<?php }
if (!empty($contact_mobile)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
<?php } ?>
<div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
@ -102,7 +106,7 @@ if (isset($_GET['contact_id'])) {
<i class="fas fa-fw fa-user-edit"></i> Edit
</button>
<?php include("client_contact_edit_modal.php"); ?>
<?php require_once("client_contact_edit_modal.php"); ?>
</div>
</div>
@ -121,7 +125,7 @@ if (isset($_GET['contact_id'])) {
<div class="col-md-9">
<ol class="breadcrumb d-print-none">
<ol class="breadcrumb">
<li class="breadcrumb-item">
<a href="invoices.php">Home</a>
</li>
@ -139,7 +143,7 @@ if (isset($_GET['contact_id'])) {
<div class="card card-dark <?php if ($asset_count == 0) { echo "d-none"; } ?>">
<div class="card-header">
<h3 class="card-title"><i class="fa fa-fw fa-desktop"></i> Assets</h3>
<h3 class="card-title"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</h3>
</div>
<div class="card-body">
<div class="table-responsive">
@ -160,7 +164,7 @@ if (isset($_GET['contact_id'])) {
<?php
while ($row = mysqli_fetch_array($sql_related_assets)) {
$asset_id = $row['asset_id'];
$asset_id = intval($row['asset_id']);
$asset_type = htmlentities($row['asset_type']);
$asset_name = htmlentities($row['asset_name']);
$asset_make = htmlentities($row['asset_make']);
@ -185,47 +189,26 @@ if (isset($_GET['contact_id'])) {
}
$asset_mac = htmlentities($row['asset_mac']);
$asset_status = htmlentities($row['asset_status']);
$asset_purchase_date = $row['asset_purchase_date'];
$asset_warranty_expire = $row['asset_warranty_expire'];
$asset_install_date = $row['asset_install_date'];
$asset_purchase_date = htmlentities($row['asset_purchase_date']);
$asset_warranty_expire = htmlentities($row['asset_warranty_expire']);
$asset_install_date = htmlentities($row['asset_install_date']);
if (empty($asset_install_date)) {
$asset_install_date_display = "-";
} else {
$asset_install_date_display = $asset_install_date;
}
$asset_notes = htmlentities($row['asset_notes']);
$asset_created_at = $row['asset_created_at'];
$asset_vendor_id = $row['asset_vendor_id'];
$asset_location_id = $row['asset_location_id'];
$asset_network_id = $row['asset_network_id'];
$asset_contact_id = $row['asset_contact_id'];
if ($asset_type == 'Laptop') {
$device_icon = "laptop";
} elseif ($asset_type == 'Desktop') {
$device_icon = "desktop";
} elseif ($asset_type == 'Server') {
$device_icon = "server";
} elseif ($asset_type == 'Printer') {
$device_icon = "print";
} elseif ($asset_type == 'Camera') {
$device_icon = "video";
} elseif ($asset_type == 'Switch' || $asset_type == 'Firewall/Router') {
$device_icon = "network-wired";
} elseif ($asset_type == 'Access Point') {
$device_icon = "wifi";
} elseif ($asset_type == 'Phone') {
$device_icon = "phone";
} elseif ($asset_type == 'Mobile Phone') {
$device_icon = "mobile-alt";
} elseif ($asset_type == 'Tablet') {
$device_icon = "tablet-alt";
} elseif ($asset_type == 'TV') {
$device_icon = "tv";
} elseif ($asset_type == 'Virtual Machine') {
$device_icon = "cloud";
} else {
$device_icon = "tag";
}
$asset_created_at = htmlentities($row['asset_created_at']);
$asset_vendor_id = intval($row['asset_vendor_id']);
$asset_location_id = intval($row['asset_location_id']);
$asset_network_id = intval($row['asset_network_id']);
$asset_contact_id = intval($row['asset_contact_id']);
$login_id = $row['login_id'];
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
$device_icon = getAssetIcon($asset_type);
?>
<tr>
@ -244,12 +227,20 @@ if (isset($_GET['contact_id'])) {
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addAssetInterfaceModal<?php echo $asset_id; ?>">Interfaces</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">Copy</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-copy mr-2"></i>Copy
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a>
<a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_asset=<?php echo $asset_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -258,10 +249,9 @@ if (isset($_GET['contact_id'])) {
<?php
include("client_asset_edit_modal.php");
include("client_asset_copy_modal.php");
//include("client_asset_tickets_modal.php");
include("client_asset_interface_add_modal.php");
require("client_asset_edit_modal.php");
require("client_asset_copy_modal.php");
require("client_asset_interface_add_modal.php");
}
@ -276,7 +266,7 @@ if (isset($_GET['contact_id'])) {
<div class="card card-dark <?php if ($login_count == 0) { echo "d-none"; } ?>">
<div class="card-header">
<h3 class="card-title"><i class="fa fa-fw fa-key"></i> Passwords</h3>
<h3 class="card-title"><i class="fa fa-fw fa-key mr-2"></i>Passwords</h3>
</div>
<div class="card-body">
<div class="table-responsive">
@ -295,7 +285,7 @@ if (isset($_GET['contact_id'])) {
<?php
while ($row = mysqli_fetch_array($sql_related_logins)) {
$login_id = $row['login_id'];
$login_id = intval($row['login_id']);
$login_name = htmlentities($row['login_name']);
$login_uri = htmlentities($row['login_uri']);
if (empty($login_uri)) {
@ -318,10 +308,11 @@ if (isset($_GET['contact_id'])) {
$otp_display = "<span onmouseenter='showOTP($login_id_with_secret)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
}
$login_note = htmlentities($row['login_note']);
$login_contact_id = $row['login_contact_id'];
$login_vendor_id = $row['login_vendor_id'];
$login_asset_id = $row['login_asset_id'];
$login_software_id = $row['login_software_id'];
$login_important = intval($row['login_important']);
$login_contact_id = intval($row['login_contact_id']);
$login_vendor_id = intval($row['login_vendor_id']);
$login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
?>
<tr>
@ -343,11 +334,17 @@ if (isset($_GET['contact_id'])) {
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLoginModal<?php echo $login_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Login', $login_id"; ?>)">Share</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLoginModal<?php echo $login_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Login', $login_id"; ?>)">
<i class="fas fa-fw fa-share-alt mr-2"></i>Share
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_login=<?php echo $login_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_login=<?php echo $login_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -356,7 +353,7 @@ if (isset($_GET['contact_id'])) {
<?php
include("client_login_edit_modal.php");
require("client_login_edit_modal.php");
}
?>
@ -370,7 +367,7 @@ if (isset($_GET['contact_id'])) {
<div class="card card-dark <?php if ($software_count == 0) { echo "d-none"; } ?>">
<div class="card-header">
<h3 class="card-title"><i class="fa fa-fw fa-cube"></i> Licenses</h3>
<h3 class="card-title"><i class="fa fa-fw fa-cube mr-2"></i>Licenses</h3>
</div>
<div class="card-body">
<div class="table-responsive">
@ -388,24 +385,29 @@ if (isset($_GET['contact_id'])) {
<?php
while ($row = mysqli_fetch_array($sql_related_software)) {
$software_id = $row['software_id'];
$software_id = intval($row['software_id']);
$software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']);
$software_type = htmlentities($row['software_type']);
$software_license_type = htmlentities($row['software_license_type']);
$software_key = htmlentities($row['software_key']);
$software_seats = htmlentities($row['software_seats']);
$software_purchase = $row['software_purchase'];
$software_expire = $row['software_expire'];
$software_purchase = htmlentities($row['software_purchase']);
$software_expire = htmlentities($row['software_expire']);
$software_notes = htmlentities($row['software_notes']);
$seat_count = 0;
// Get Login
$login_id = intval($row['login_id']);
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
// Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array();
while ($row = mysqli_fetch_array($asset_licenses_sql)) {
$asset_licenses_array[] = $row['asset_id'];
$asset_licenses_array[] = intval($row['asset_id']);
$seat_count = $seat_count + 1;
}
$asset_licenses = implode(',', $asset_licenses_array);
@ -414,7 +416,7 @@ if (isset($_GET['contact_id'])) {
$contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
$contact_licenses_array = array();
while ($row = mysqli_fetch_array($contact_licenses_sql)) {
$contact_licenses_array[] = $row['contact_id'];
$contact_licenses_array[] = intval($row['contact_id']);
$seat_count = $seat_count + 1;
}
$contact_licenses = implode(',', $contact_licenses_array);
@ -431,10 +433,14 @@ if (isset($_GET['contact_id'])) {
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_software=<?php echo $software_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_software=<?php echo $software_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -443,7 +449,7 @@ if (isset($_GET['contact_id'])) {
<?php
include("client_software_edit_modal.php");
require("client_software_edit_modal.php");
}
?>
@ -456,7 +462,7 @@ if (isset($_GET['contact_id'])) {
<div class="card card-dark <?php if ($ticket_count == 0) { echo "d-none"; } ?>">
<div class="card-header">
<h3 class="card-title"><i class="fa fa-fw fa-life-ring"></i> Tickets</h3>
<h3 class="card-title"><i class="fa fa-fw fa-life-ring mr-2"></i>Tickets</h3>
</div>
<div class="card-body">
<div class="table-responsive">
@ -470,22 +476,20 @@ if (isset($_GET['contact_id'])) {
<th>Assigned</th>
<th>Last Response</th>
<th>Created</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql_related_tickets)) {
$ticket_id = $row['ticket_id'];
$ticket_id = intval($row['ticket_id']);
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_number = intval($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = $row['ticket_details'];
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
$ticket_created_at = htmlentities($row['ticket_created_at']);
$ticket_updated_at = htmlentities($row['ticket_updated_at']);
if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>";
@ -495,7 +499,7 @@ if (isset($_GET['contact_id'])) {
} else {
$ticket_updated_at_display = $ticket_updated_at;
}
$ticket_closed_at = $row['ticket_closed_at'];
$ticket_closed_at = htmlentities($row['ticket_closed_at']);
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
@ -514,7 +518,7 @@ if (isset($_GET['contact_id'])) {
} else {
$ticket_priority_display = "-";
}
$ticket_assigned_to = $row['ticket_assigned_to'];
$ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) {
if ($ticket_status == "Closed") {
$ticket_assigned_to_display = "<p>Not Assigned</p>";
@ -530,33 +534,15 @@ if (isset($_GET['contact_id'])) {
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
<td><?php echo $contact_ticket_display; ?></td>
<td><?php echo $ticket_priority_display; ?></td>
<td><?php echo $ticket_status_display; ?></td>
<td><?php echo $ticket_assigned_to_display; ?></td>
<td><?php echo $ticket_updated_at_display; ?></td>
<td><?php echo $ticket_created_at; ?></td>
<td>
<?php if ($ticket_status !== "Closed") { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketModal<?php echo $ticket_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_ticket=<?php echo $ticket_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
<?php } ?>
</td>
</tr>
<?php
include("ticket_edit_modal.php");
}
?>
@ -573,7 +559,7 @@ if (isset($_GET['contact_id'])) {
<?php
include("share_modal.php");
require_once("share_modal.php");
?>
@ -583,7 +569,7 @@ if (isset($_GET['contact_id'])) {
function updateContactNotes(contact_id) {
var notes = document.getElementById("contactNotes").value;
// Send a POST request to ajax.php as ajax.php with data client_set_notes=true, client_id=NUM, notes=NOTES
// Send a POST request to ajax.php as ajax.php with data contact_set_notes=true, contact_id=NUM, notes=NOTES
jQuery.post(
"ajax.php",
{
@ -592,9 +578,8 @@ function updateContactNotes(contact_id) {
notes: notes
}
)
}
</script>
<?php include("footer.php"); ?>
<?php
require_once("footer.php");

129
client_contact_details_modal.php
View File

@ -1,129 +0,0 @@
<div class="modal" id="contactDetailsModal<?php echo $contact_id; ?>" tabindex="-1">
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title text-white"><i class="fa fa-fw fa-user mr-2"></i><?php echo $contact_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pillsRelatedAssets<?php echo $contact_id; ?>">Assets</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsRelatedLogins<?php echo $contact_id; ?>">Logins</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsRelatedSoftware<?php echo $contact_id; ?>">Software</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsRelatedTickets<?php echo $contact_id; ?>">Tickets</a>
</li>
</ul>
<hr>
<div class="tab-content">
<div class="tab-pane fade show active" id="pillsRelatedAssets<?php echo $contact_id; ?>">
<ul>
<?php
while ($row = mysqli_fetch_array($sql_related_assets)) {
$asset_id = $row['asset_id'];
$asset_type = htmlentities($row['asset_type']);
$asset_name = htmlentities($row['asset_name']);
$asset_make = htmlentities($row['asset_make']);
$asset_model = htmlentities($row['asset_model']);
$asset_serial = htmlentities($row['asset_serial']);
?>
<li><?php echo $asset_name; ?></li>
<?php
}
?>
</ul>
</div>
<div class="tab-pane fade" id="pillsRelatedLogins<?php echo $contact_id; ?>">
<ul>
<?php
while ($row = mysqli_fetch_array($sql_related_logins)) {
$login_id = $row['login_id'];
$login_name = htmlentities($row['login_name']);
$login_uri = htmlentities($row['login_uri']);
$login_username = htmlentities($row['login_username']);
$login_password = htmlentities($row['login_password']);
$login_note = htmlentities($row['login_note']);
$vendor_id = $row['vendor_id'];
$asset_id = $row['asset_id'];
$software_id = $row['software_id'];
?>
<li><?php echo "$login_name - $login_username"; ?></li>
<?php
}
?>
</ul>
</div>
<div class="tab-pane fade" id="pillsRelatedSoftware<?php echo $contact_id; ?>">
<ul>
<?php
while ($row = mysqli_fetch_array($sql_related_software)) {
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);
$software_type = htmlentities($row['software_type']);
$software_notes = htmlentities($row['software_notes']);
?>
<li><?php echo "$software_name - $software_type"; ?></li>
<?php
}
?>
</ul>
</div>
<div class="tab-pane fade" id="pillsRelatedTickets<?php echo $contact_id; ?>">
<ul>
<?php
while ($row = mysqli_fetch_array($sql_related_tickets)) {
$ticket_id = $row['ticket_id'];
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = $row['ticket_number'];
$ticket_subject = htmlentities($row['ticket_subject']);
?>
<li><a href="ticket.php?ticket_id=<?=$ticket_id ?>"><?php echo "[$ticket_prefix$ticket_number] - $ticket_subject"; ?></a></li>
<?php
}
?>
</ul>
</div>
</div>
</div>
</div>
</div>
</div>

26
client_contact_edit_modal.php
View File

@ -2,12 +2,18 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-user-edit"></i> Editing: <strong><?php echo $contact_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-user-edit mr-2"></i>Editing: <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<!-- Prevent undefined checkbox errors on submit -->
<input type="hidden" name="primary_contact" value="0">
<input type="hidden" name="contact_important" value="0">
<input type="hidden" name="contact_billing" value="0">
<input type="hidden" name="contact_technical" value="0">
<!-- End prevent undefined errors -->
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="existing_file_name" value="<?php echo $contact_photo; ?>">
@ -15,16 +21,16 @@
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $contact_id; ?>">Details</a>
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $contact_id; ?>"><i class="fa fa-fw fa-user mr-2"></i>Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-photo<?php echo $contact_id; ?>">Photo</a>
<a class="nav-link" data-toggle="pill" href="#pills-photo<?php echo $contact_id; ?>"><i class="fa fa-fw fa-image mr-2"></i>Photo</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-portal<?php echo $contact_id; ?>">Portal</a>
<a class="nav-link" data-toggle="pill" href="#pills-portal<?php echo $contact_id; ?>"><i class="fa fa-fw fa-lock mr-2"></i>Portal</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $contact_id; ?>">Notes</a>
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $contact_id; ?>"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a>
</li>
</ul>
@ -118,14 +124,12 @@
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id'];
$location_id_select = intval($row['location_id']);
$location_name_select = htmlentities($row['location_name']);
?>
<option <?php if ($contact_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -232,8 +236,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_contact" class="btn btn-primary"><i class="fas fa-check"></i> Save</button>
<button type="submit" name="edit_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

7
client_contact_import_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-users"></i> Import Contacts</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-users mr-2"></i>Import Contacts</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -16,10 +16,11 @@
<input type="file" class="form-control-file" name="file" accept=".csv">
</div>
<hr>
<div>Download <a href="post.php?download_client_contacts_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
<div>Download: <a class="text-bold" href="post.php?download_client_contacts_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="import_client_contacts_csv" class="btn btn-primary">Import</button>
<button type="submit" name="import_client_contacts_csv" class="btn btn-primary text-strong"><i class="fas fa-upload mr-2"></i>Import</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
client_contact_invite_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-user-plus"></i> Invite Contact</h5>
<h5 class="modal-title"><i class="fas fa-fw fa-user-plus mr-2"></i>Invite Contact</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -73,8 +73,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="invite_contact" class="btn btn-primary"><strong><i class="fas fa-paper-plane"></i> Send Invite</strong></button>
<button type="submit" name="invite_contact" class="btn btn-primary text-bold"><i class="fas fa-paper-plane mr-2"></i>Send Invite</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>

79
client_contacts.php
View File

@ -1,25 +1,10 @@
<?php include("inc_all_client.php"); ?>
<?php
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
//Phone Numbers
$n = preg_replace("/[^0-9]/", '',$q);
if (empty($n)) {
$n = $q;
}
}else{
$q = "";
//Phone Numbers
$n = "";
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "contact_name";
}
$o = "ASC";
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
@ -27,8 +12,10 @@ $url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM contacts
LEFT JOIN locations ON location_id = contact_location_id
WHERE contact_archived_at IS NULL
AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$n%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$n%')
AND contact_client_id = $client_id ORDER BY $sb $o LIMIT $record_from, $record_to");
AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$phone_query%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$phone_query%')
AND contact_client_id = $client_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -36,11 +23,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-users"></i> Contacts</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-users mr-2"></i>Contacts</h3>
<div class="card-tools">
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addContactModal">
<i class="fas fa-fw fa-plus"></i> New Contact
<i class="fas fa-plus mr-2"></i>New Contact
</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu">
@ -56,7 +43,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Contacts">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Contacts">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -65,8 +52,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_contacts_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importContactModal"><i class="fa fa-fw fa-upload"></i> Import</button>
<a href="post.php?export_client_contacts_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importContactModal"><i class="fa fa-fw fa-upload mr-2"></i>Import</button>
</div>
</div>
@ -90,7 +77,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']);
$contact_title = htmlentities($row['contact_title']);
if (empty($contact_title)) {
@ -129,13 +116,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$contact_important = intval($row['contact_important']);
$contact_billing = intval($row['contact_billing']);
$contact_technical = intval($row['contact_technical']);
$contact_created_at = $row['contact_created_at'];
$contact_created_at = htmlentities($row['contact_created_at']);
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$contact_location_id = intval($row['contact_location_id']);
$location_name = htmlentities($row['location_name']);
if (empty($location_name)) {
$location_name_display = "-";
@ -174,6 +161,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
</span>
<br>
<?php } ?>
@ -194,13 +182,21 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">View Details</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">Edit</a>
<a class="dropdown-item" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
<i class="fas fa-fw fa-eye mr-2"></i>Details
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3 && $contact_id !== $primary_contact) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_contact=<?php echo $contact_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?archive_contact=<?php echo $contact_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_contact=<?php echo $contact_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_contact=<?php echo $contact_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -209,7 +205,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
include("client_contact_edit_modal.php");
require("client_contact_edit_modal.php");
}
@ -218,16 +214,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("client_contact_add_modal.php");
include("client_contact_invite_modal.php");
include("client_contact_import_modal.php");
?>
<?php include("footer.php"); ?>
require_once("client_contact_add_modal.php");
require_once("client_contact_invite_modal.php");
require_once("client_contact_import_modal.php");
require_once("footer.php");

12
client_delete_modal.php
View File

@ -1,14 +1,3 @@
<script>
function validateClientNameDelete(client_id) {
if (document.getElementById("clientNameProvided" + client_id).value === document.getElementById("clientName" + client_id).value) {
document.getElementById("clientDeleteButton" + client_id).className = "btn btn-danger btn-lg px-5";
}
else{
document.getElementById("clientDeleteButton" + client_id).className = "btn btn-danger btn-lg px-5 disabled";
}
}
</script>
<div class="modal" id="deleteClientModal<?php echo $client_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
@ -28,3 +17,4 @@
</div>
</div>
</div>
<script src="js/client_delete_confirm.js"></script>

10
client_document_add_from_template_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt"></i> New Document from Template</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>New Document from Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -22,7 +22,7 @@
<?php
$sql_document_templates = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND company_id = $session_company_id AND document_archived_at IS NULL ORDER BY document_name ASC");
while ($row = mysqli_fetch_array($sql_document_templates)) {
$document_template_id = $row['document_id'];
$document_template_id = intval($row['document_id']);
$document_template_name = htmlentities($row['document_name']);
?>
@ -56,7 +56,7 @@
<?php
$sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id'];
$folder_id = intval($row['folder_id']);
$folder_name = htmlentities($row['folder_name']);
?>
@ -73,8 +73,8 @@
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_document_from_template" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create & edit</button>
<button type="submit" name="add_document_from_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create & edit</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>

8
client_document_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-xl">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt"></i> New Document</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>New Document</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -29,7 +29,7 @@
<?php
$sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id'];
$folder_id = intval($row['folder_id']);
$folder_name = htmlentities($row['folder_name']);
?>
@ -43,8 +43,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_document" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

37
client_document_details.php
View File

@ -1,4 +1,4 @@
<?php include("inc_all_client.php"); ?>
<?php require_once("inc_all_client.php"); ?>
<?php
@ -14,9 +14,9 @@ $row = mysqli_fetch_array($sql_document);
$folder_name = htmlentities($row['folder_name']);
$document_name = htmlentities($row['document_name']);
$document_content = $row['document_content'];
$document_created_at = $row['document_created_at'];
$document_updated_at = $row['document_updated_at'];
$document_folder_id = $row['document_folder_id'];
$document_created_at = htmlentities($row['document_created_at']);
$document_updated_at = htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
?>
@ -35,10 +35,10 @@ $document_folder_id = $row['document_folder_id'];
</li>
<?php if ($document_folder_id > 0) { ?>
<li class="breadcrumb-item">
<a href="client_documents.php?client_id=<?php echo $client_id; ?>&folder_id=<?php echo $document_folder_id; ?>"><i class="fas fa-folder-open"></i> <?php echo $folder_name; ?></a>
<a href="client_documents.php?client_id=<?php echo $client_id; ?>&folder_id=<?php echo $document_folder_id; ?>"><i class="fas fa-fw fa-folder-open mr-2"></i><?php echo $folder_name; ?></a>
</li>
<?php } ?>
<li class="breadcrumb-item active"><i class="fas fa-file"></i> <?php echo "$document_name"; ?></li>
<li class="breadcrumb-item active"><i class="fas fa-file"></i> <?php echo $document_name; ?></li>
</ol>
<div class="row">
@ -55,16 +55,23 @@ $document_folder_id = $row['document_folder_id'];
<div class="col-md-3">
<div class="card bg-light">
<div class="card-body">
<button type="button" class="btn btn-success" data-toggle="modal" data-target="#editDocumentModal<?php echo $document_id; ?>"><i class="fas fa-edit"></i> Edit</button>
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#editDocumentModal"><i class="fas fa-copy"></i> Copy</button>
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Document', $document_id"; ?>)"><i class="fas fa-share"></i> Share</button>
<button type="button" class="btn btn-success" data-toggle="modal" data-target="#editDocumentModal<?php echo $document_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</button>
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#editDocumentModal">
<i class="fas fa-fw fa-copy mr-2"></i>Copy
</button>
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#shareModal"
onclick="populateShareModal(<?php echo "$client_id, 'Document', $document_id"; ?>)">
<i class="fas fa-fw fa-share mr-2"></i>Share
</button>
<hr>
<h6><i class="fas fa-paperclip"></i> Files</h6>
<h6><i class="fas fa-key"></i> Passwords</h6>
<h6><i class="fas fa-users"></i> Contacts</h6>
<h6><i class="fas fa-laptop"></i> Assets</h6>
<h6><i class="fas fa-cube"></i> Software</h6>
<h6><i class="fas fa-building"></i> Vendors</h6>
<h6><i class="fas fa-fw fa-paperclip mr-2"></i>Files</h6>
<h6><i class="fas fa-fw fa-key mr-2"></i>Passwords</h6>
<h6><i class="fas fa-fw fa-users mr-2"></i>Contacts</h6>
<h6><i class="fas fa-fw fa-laptop mr-2"></i>Assets</h6>
<h6><i class="fas fa-fw fa-cube mr-2"></i>Software</h6>
<h6><i class="fas fa-fw fa-building mr-2"></i>Vendors</h6>
</div>
</div>

9
client_document_edit_modal.php
View File

@ -2,13 +2,14 @@
<div class="modal-dialog modal-xl">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt"></i> Editing document: <strong><?php echo $document_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing document: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
@ -29,7 +30,7 @@
<?php
$sql_folders_select = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders_select)) {
$folder_id_select = $row['folder_id'];
$folder_id_select = intval($row['folder_id']);
$folder_name_select = htmlentities($row['folder_name']);
?>
<option <?php if ($folder_id_select == $document_folder_id) echo "selected"; ?> value="<?php echo $folder_id_select ?>"><?php echo $folder_name_select; ?></option>
@ -42,8 +43,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_document" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
client_document_folder_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-folder-plus"></i> New Folder</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-folder-plus mr-2"></i>New Folder</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -23,8 +23,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_folder" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_folder" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

7
client_document_folder_rename_modal.php
View File

@ -2,13 +2,14 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-folder"></i> Renaming folder: <strong><?php echo $folder_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-folder mr-2"></i>Renaming folder: <strong><?php echo $folder_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="folder_id" value="<?php echo $folder_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
@ -23,8 +24,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="rename_folder" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Rename</button>
<button type="submit" name="rename_folder" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Rename</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
client_document_template_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-xl">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt"></i> New Document Template</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>New Document Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -22,8 +22,8 @@
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_document_template" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_document_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>

18
client_document_template_details.php
View File

@ -1,4 +1,4 @@
<?php include("inc_all_client.php"); ?>
<?php require_once("inc_all_client.php"); ?>
<?php
@ -14,8 +14,8 @@ $row = mysqli_fetch_array($sql_document);
$document_name = htmlentities($row['document_name']);
$document_content = $row['document_content'];
$document_created_at = $row['document_created_at'];
$document_updated_at = $row['document_updated_at'];
$document_created_at = htmlentities($row['document_created_at']);
$document_updated_at = htmlentities($row['document_updated_at']);
?>
@ -35,18 +35,22 @@ $document_updated_at = $row['document_updated_at'];
<li class="breadcrumb-item">
<a href="client_document_templates.php?client_id=<?php echo $client_id; ?>">Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-file"></i> <?php echo "$document_name"; ?></li>
<li class="breadcrumb-item active"><i class="fas fa-file"></i> <?php echo $document_name; ?></li>
</ol>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> <?php echo $document_name; ?></h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_name; ?></h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#editDocumentTemplateModal<?php echo $document_id; ?>"><i class="fas fa-edit"></i> Edit</button>
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#editDocumentModal"><i class="fas fa-copy"></i> Copy</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#editDocumentTemplateModal<?php echo $document_id; ?>">
<i class="fas fa-edit mr-2"></i>Edit
</button>
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#editDocumentModal">
<i class="fas fa-copy mr-2"></i>Copy
</button>
</div>
</div>
<div class="card-body">

6
client_document_template_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-xl">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt"></i> Editing template: <strong><?php echo $document_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -21,8 +21,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_document_template" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_document_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

34
client_document_templates.php
View File

@ -1,10 +1,10 @@
<?php include("inc_all_client.php"); ?>
<?php require_once("inc_all_client.php"); ?>
<?php
// Sort by
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = sanitizeInput($_GET['sb']);
} else {
$sb = "document_name";
}
@ -19,7 +19,9 @@ if (!empty($q)) {
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM documents
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
WHERE document_template = 1
AND documents.company_id = $session_company_id
$query_snippet
@ -32,23 +34,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Document Templates</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i>Document Templates</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="client_documents.php?client_id=<?php echo $client_id; ?>">Documents</a>
</div>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addDocumentTemplateModal">
<i class="fas fa-fw fa-plus"></i> New Template
<i class="fas fa-plus mr-2"></i>New Template
</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo intval($client_id); ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="input-group">
<input type="search" class="form-control " name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search templates">
<input type="search" class="form-control " name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search templates">
<div class="input-group-append">
<button class="btn btn-secondary"><i class="fa fa-search"></i></button>
</div>
@ -78,12 +80,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$document_id = $row['document_id'];
$document_id = intval($row['document_id']);
$document_name = htmlentities($row['document_name']);
$document_content = $row['document_content'];
$document_created_at = $row['document_created_at'];
$document_updated_at = $row['document_updated_at'];
$document_folder_id = $row['document_folder_id'];
$document_content = htmlentities($row['document_content']);
$document_created_at = htmlentities($row['document_created_at']);
$document_updated_at = htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
?>
@ -99,10 +101,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editDocumentTemplateModal<?php echo $document_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editDocumentTemplateModal<?php echo $document_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_document=<?php echo $document_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>

89
client_documents.php
View File

@ -1,7 +1,11 @@
<?php include("inc_all_client.php"); ?>
<?php
// Default Column Sortby Filter
$sb = "document_name";
$o = "ASC";
require_once("inc_all_client.php");
// Folder
if (!empty($_GET['folder_id'])) {
$folder = intval($_GET['folder_id']);
@ -9,13 +13,6 @@ if (!empty($_GET['folder_id'])) {
$folder = 0;
}
// Sort by
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "document_name";
}
// Search query SQL snippet
if (!empty($q)) {
$query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q') OR document_name LIKE '%$q%')";
@ -32,7 +29,9 @@ if (!empty($_GET['folder_id'])) {
$get_folder_id = intval($_GET['folder_id']);
}
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM documents
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
WHERE document_client_id = $client_id
AND documents.company_id = $session_company_id
AND document_template = 0
@ -48,7 +47,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2">
<i class="fa fa-fw fa-file-alt"></i> Documents
<i class="fa fa-fw fa-file-alt mr-2"></i>Documents
</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
@ -59,11 +58,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addDocumentModal">
<i class="fas fa-fw fa-plus"></i> New Document
<i class="fas fa-plus mr-2"></i>New Document
</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addFolderModal"><i class="fa fa-fw fa-folder-plus"></i> Folder</a>
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addFolderModal">
<i class="fa fa-fw fa-folder-plus mr-2"></i>Folder
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addDocumentFromTemplateModal">From Template</a>
</div>
@ -84,11 +85,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
$sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id'];
$folder_id = intval($row['folder_id']);
$folder_name = htmlentities($row['folder_name']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_folder_id = $folder_id"));
$num_documents = $row['num'];
$num_documents = intval($row['num']);
?>
@ -99,9 +100,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
if ($get_folder_id == $folder_id) { ?>
<i class="fas fa-fw fa-folder-open"></i>
<?php
}else{
?>
<?php } else { ?>
<i class="fas fa-fw fa-folder"></i>
<?php } ?>
@ -114,10 +113,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#renameFolderModal<?php echo $folder_id; ?>">Rename</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#renameFolderModal<?php echo $folder_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Rename
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_folder=<?php echo $folder_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_folder=<?php echo $folder_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -126,20 +129,20 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</li>
<?php
include("client_document_folder_rename_modal.php");
require("client_document_folder_rename_modal.php");
}
?>
</ul>
<?php include("client_document_folder_add_modal.php"); ?>
<?php require_once("client_document_folder_add_modal.php"); ?>
</div>
<div class="col-md-9">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo intval($client_id); ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="folder_id" value="<?php echo $get_folder_id; ?>">
<div class="input-group">
<input type="search" class="form-control " name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Documents">
<input type="search" class="form-control " name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Documents">
<div class="input-group-append">
<button class="btn btn-secondary"><i class="fa fa-search"></i></button>
</div>
@ -169,12 +172,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$document_id = $row['document_id'];
$document_id = intval($row['document_id']);
$document_name = htmlentities($row['document_name']);
$document_content = $row['document_content'];
$document_created_at = $row['document_created_at'];
$document_updated_at = $row['document_updated_at'];
$document_folder_id = $row['document_folder_id'];
$document_content = htmlentities($row['document_content']);
$document_created_at = htmlentities($row['document_created_at']);
$document_updated_at = htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
?>
@ -190,21 +193,27 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editDocumentModal<?php echo $document_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Document', $document_id"; ?>)">Share</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editDocumentModal<?php echo $document_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Document', $document_id"; ?>)">
<i class="fas fa-fw fa-share mr-2"></i>Share
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_document=<?php echo $document_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
<?php include("client_document_view_modal.php"); ?>
<?php require("client_document_view_modal.php"); ?>
</td>
</tr>
<?php
include("client_document_edit_modal.php");
require("client_document_edit_modal.php");
}
?>
@ -213,15 +222,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</table>
<br>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
</div>
</div>
<?php include("share_modal.php"); ?>
<?php include("client_document_add_modal.php"); ?>
<?php include("client_document_add_from_template_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("share_modal.php");
require_once("client_document_add_modal.php");
require_once("client_document_add_from_template_modal.php");
require_once("footer.php");

20
client_domain_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-globe"></i> New Domain</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-globe mr-2"></i>New Domain</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -33,14 +33,11 @@
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_id = intval($row['vendor_id']);
$vendor_name = htmlentities($row['vendor_name']);
?>
<option value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -57,14 +54,11 @@
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_id = intval($row['vendor_id']);
$vendor_name = htmlentities($row['vendor_name']);
?>
<option value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -81,8 +75,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_domain" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_domain" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

7
client_domain_edit_modal.php
View File

@ -2,13 +2,14 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-globe"></i> Editing domain: <span class="text-bold" id="editHeader"></span></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-globe mr-2"></i>Editing domain: <span class="text-bold" id="editHeader"></span></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="domain_id" value="" id="editDomainId">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">
@ -128,8 +129,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_domain" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_domain" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

120
client_domains.php
View File

@ -1,12 +1,10 @@
<?php include("inc_all_client.php"); ?>
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "domain_name";
}
$o = "ASC";
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
@ -21,9 +19,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-globe"></i> Domains</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-globe mr-2"></i>Domains</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addDomainModal"><i class="fas fa-fw fa-plus"></i> New Domain</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addDomainModal"><i class="fas fa-plus mr-2"></i>New Domain</button>
</div>
</div>
@ -34,7 +32,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Domains">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Domains">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -43,7 +41,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_domains_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<a href="post.php?export_client_domains_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-download mr-2"></i>Export</a>
</div>
</div>
@ -65,10 +63,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$domain_id = $row['domain_id'];
$domain_id = intval($row['domain_id']);
$domain_name = htmlentities($row['domain_name']);
$domain_registrar = htmlentities($row['domain_registrar']);
$domain_webhost = htmlentities($row['domain_webhost']);
$domain_registrar = intval($row['domain_registrar']);
$domain_webhost = intval($row['domain_webhost']);
$domain_expire = htmlentities($row['domain_expire']);
$domain_registrar_name = htmlentities($row['vendor_name']);
if (empty($domain_registrar_name)) {
@ -94,10 +92,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" onclick="populateDomainEditModal(<?php echo $client_id, ",", $domain_id ?>)" data-target="#editDomainModal">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" onclick="populateDomainEditModal(<?php echo $client_id, ",", $domain_id ?>)" data-target="#editDomainModal">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_domain=<?php echo $domain_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_domain=<?php echo $domain_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -111,90 +113,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<script src="js/domain_edit_modal.js"></script>
<?php
include("client_domain_edit_modal.php");
include("client_domain_add_modal.php");
?>
<script>
function populateDomainEditModal(client_id, domain_id) {
// Send a GET request to post.php as post.php?domain_get_json_details=true&client_id=NUM&domain_id=NUM
jQuery.get(
"ajax.php",
{domain_get_json_details: 'true', client_id: client_id, domain_id: domain_id},
function(data) {
// If we get a response from post.php, parse it as JSON
const response = JSON.parse(data);
// Access the domain info (one), registrars (multiple) and webhosts (multiple)
const domain = response.domain[0];
const vendors = response.vendors;
// Populate the domain modal fields
document.getElementById("editHeader").innerText = domain.domain_name;
document.getElementById("editDomainId").value = domain_id;
document.getElementById("editDomainName").value = domain.domain_name;
document.getElementById("editExpire").value = domain.domain_expire;
document.getElementById("editDomainIP").value = domain.domain_ip;
document.getElementById("editNameServers").value = domain.domain_name_servers;
document.getElementById("editMailServers").value = domain.domain_mail_servers;
document.getElementById("editTxtRecords").value = domain.domain_txt;
document.getElementById("editRawWhois").value = domain.domain_raw_whois;
/* DROPDOWNS */
// Registrar dropdown
var registrarDropdown = document.getElementById("editRegistrarId");
// Clear registrar dropdown
var i, L = registrarDropdown.options.length -1;
for(i = L; i >= 0; i--) {
registrarDropdown.remove(i);
}
registrarDropdown[registrarDropdown.length] = new Option('- Vendor -', '0');
// Populate dropdown
vendors.forEach(vendor => {
if (parseInt(vendor.vendor_id) == parseInt(domain.domain_registrar)) {
// Selected domain
registrarDropdown[registrarDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id, true, true);
}
else{
registrarDropdown[registrarDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id);
}
});
// Webhost dropdown
var webhostDropdown = document.getElementById("editWebhostId");
// Clear registrar dropdown
var i, L = webhostDropdown.options.length -1;
for(i = L; i >= 0; i--) {
webhostDropdown.remove(i);
}
webhostDropdown[webhostDropdown.length] = new Option('- Vendor -', '0');
// Populate dropdown
vendors.forEach(vendor => {
if (parseInt(vendor.vendor_id) == parseInt(domain.domain_webhost)) {
// Selected domain
webhostDropdown[webhostDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id, true, true);
}
else{
webhostDropdown[webhostDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id);
}
});
}
);
}
</script>
<?php include("footer.php"); ?>
require_once("client_domain_edit_modal.php");
require_once("client_domain_add_modal.php");
require_once("footer.php");

186
client_download_pdf_modal.php Normal file
View File

@ -0,0 +1,186 @@
<div class="modal" id="exportClientPDFModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-pdf mr-2"></i>Export PDF</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<ul class="list-group">
<div class="row">
<div class="col-sm-6">
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="contacts" name="export_contacts" value="1" checked>
<label for="contacts" class="custom-control-label">
<i class='fas fa-fw fa-users mr-2'></i>Contacts
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="locations" name="export_locations" value="1" checked>
<label for="locations" class="custom-control-label">
<i class='fas fa-fw fa-map-marker-alt mr-2'></i>Locations
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="assets" name="export_assets" value="1" checked>
<label for="assets" class="custom-control-label">
<i class='fas fa-fw fa-desktop mr-2'></i>Assets
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="software" name="export_software" value="1" checked>
<label for="software" class="custom-control-label">
<i class='fas fa-fw fa-cube mr-2'></i>Software / Licenses
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="logins" name="export_logins" value="1">
<label for="logins" class="custom-control-label">
<i class='fas fa-fw fa-key mr-2'></i>Logins/Passwords
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="networks" name="export_networks" value="1" checked>
<label for="networks" class="custom-control-label">
<i class='fas fa-fw fa-network-wired mr-2'></i>networks
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="certificates" name="export_certificates" value="1" checked>
<label for="certificates" class="custom-control-label">
<i class='fas fa-fw fa-lock mr-2'></i>Certificates
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="domains" name="export_domains" value="1" checked>
<label for="domains" class="custom-control-label">
<i class='fas fa-fw fa-globe mr-2'></i>Domains
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="tickets" name="export_tickets" value="1" checked>
<label for="tickets" class="custom-control-label">
<i class='fas fa-fw fa-life-ring mr-2'></i>Tickets
</label>
</div>
</li>
</div>
<div class="col-sm-6">
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="scheduled_tickets" name="export_scheduled_tickets" value="1" checked>
<label for="scheduled_tickets" class="custom-control-label">
<i class='fas fa-fw fa-clock mr-2'></i>Scheduled Tickets
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="vendors" name="export_vendors" value="1" checked>
<label for="vendors" class="custom-control-label">
<i class='fas fa-fw fa-building mr-2'></i>Vendors
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="invoices" name="export_invoices" value="1" checked>
<label for="invoices" class="custom-control-label">
<i class='fas fa-fw fa-file-invoice mr-2'></i>Invoices
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="recurring" name="export_recurring" value="1" checked>
<label for="recurring" class="custom-control-label">
<i class='fas fa-fw fa-sync mr-2'></i>Recurring Invoices
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="quotes" name="export_quotes" value="1" checked>
<label for="quotes" class="custom-control-label">
<i class='fas fa-fw fa-file mr-2'></i>Quotes
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="payments" name="export_payments" value="1" checked>
<label for="payments" class="custom-control-label">
<i class='fas fa-fw fa-credit-card mr-2'></i>Payments
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="trips" name="export_trips" value="1" checked>
<label for="trips" class="custom-control-label">
<i class='fas fa-fw fa-route mr-2'></i>Trips
</label>
</div>
</li>
<li class="list-group-item">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="logs" name="export_logs" value="1" checked>
<label for="logs" class="custom-control-label">
<i class='fas fa-fw fa-eye mr-2'></i>Audit Log
</label>
</div>
</li>
</div>
</div>
</ul>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="export_client_pdf" class="btn btn-primary text-bold"><i class="fa fa-fw fa-download mr-2"></i>Export</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

11
client_edit_modal.php
View File

@ -117,7 +117,6 @@
</div>
<?php } else { ?>
<input type="hidden" name="currency_code" value="<?php echo $currency_code; ?>">
<input type="hidden" name="net_terms" value="<?php echo $net_term_value; ?>">
<?php } ?>
@ -141,7 +140,7 @@
$sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id'];
$tag_id_select = intval($row['tag_id']);
$tag_name_select = htmlentities($row['tag_name']);
$tag_color_select = htmlentities($row['tag_color']);
$tag_icon_select = htmlentities($row['tag_icon']);
@ -158,9 +157,7 @@
</div>
</li>
<?php
}
?>
<?php } ?>
</ul>
@ -169,8 +166,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_client" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_client" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

28
client_events.php
View File

@ -1,40 +1,37 @@
<?php include("inc_all_client.php"); ?>
<link href='plugins/fullcalendar/main.min.css' rel='stylesheet' />
<?php
require_once("inc_all_client.php");
if (isset($_GET['calendar_id'])) {
$calendar_selected_id = intval($_GET['calendar_id']);
}
?>
<link href='plugins/fullcalendar/main.min.css' rel='stylesheet' />
<div class="card">
<div id='calendar'></div>
</div>
<?php include("calendar_event_add_modal.php"); ?>
<?php include("calendar_add_modal.php"); ?>
<?php
?>
include("calendar_event_add_modal.php");
include("calendar_add_modal.php");
<?php
//loop through IDs and create a modal for each
$sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = $row['event_id'];
$event_id = intval($row['event_id']);
$event_title = htmlentities($row['event_title']);
$event_description = htmlentities($row['event_description']);
$event_start = htmlentities($row['event_start']);
$event_end = htmlentities($row['event_end']);
$event_repeat = htmlentities($row['event_repeat']);
$calendar_id = $row['calendar_id'];
$calendar_id = intval($row['calendar_id']);
$calendar_name = htmlentities($row['calendar_name']);
$calendar_color = htmlentities($row['calendar_color']);
include("calendar_event_edit_modal.php");
require("calendar_event_edit_modal.php");
}
@ -73,11 +70,11 @@ while ($row = mysqli_fetch_array($sql)) {
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['event_id']);
$event_id = intval($row['event_id']);
$event_title = json_encode($row['event_title']);
$event_start = json_encode($row['event_start']);
$event_end = json_encode($row['event_end']);
$calendar_id = json_encode($row['calendar_id']);
$calendar_id = intval($row['calendar_id']);
$calendar_name = json_encode($row['calendar_name']);
$calendar_color = json_encode($row['calendar_color']);
@ -95,4 +92,5 @@ while ($row = mysqli_fetch_array($sql)) {
</script>
<?php include("footer.php"); ?>
<?php
require("footer.php");

6
client_file_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-cloud-upload-alt"></i> Upload File</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-cloud-upload-alt mr-2"></i>Upload File</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -27,8 +27,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_file" class="btn btn-primary text-bold"><i class="fa fa-fw fa-upload"></i> Upload</button>
<button type="submit" name="add_file" class="btn btn-primary text-bold"><i class="fa fa-upload mr-2"></i>Upload</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

2
client_file_view_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-xl ">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-image"></i> <?php echo $file_name; ?></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-image mr-2"></i><?php echo $file_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>

33
client_files.php
View File

@ -1,4 +1,6 @@
<?php include("inc_all_client.php");
<?php
require_once("inc_all_client.php");
$sql_files_images = mysqli_query($mysqli, "SELECT * FROM files WHERE file_client_id = $client_id AND (file_ext LIKE 'JPG' OR file_ext LIKE 'jpg' OR file_ext LIKE 'JPEG' OR file_ext LIKE 'jpeg' OR file_ext LIKE 'png' OR file_ext LIKE 'PNG') ORDER BY file_name ASC");
@ -10,27 +12,24 @@ $num_of_files = mysqli_num_rows($sql_files_images) + mysqli_num_rows($sql_files_
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-paperclip"></i> Files</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-paperclip mr-2"></i>Files</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addFileModal"><i class="fas fa-fw fa-cloud-upload-alt"></i> Upload File</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addFileModal"><i class="fas fa-fw fa-cloud-upload-alt mr-2"></i>Upload File</button>
</div>
</div>
<div class="card-body">
<?php
if ($num_of_files == 0) {
echo "<div style='text-align: center;'><h3 class='text-secondary'>No Records Here</h3></div>";
}
?>
} ?>
<div class="row">
<?php
while ($row = mysqli_fetch_array($sql_files_images)) {
$file_id = $row['file_id'];
$file_id = intval($row['file_id']);
$file_name = htmlentities($row['file_name']);
$file_reference_name = htmlentities($row['file_reference_name']);
$file_ext = htmlentities($row['file_ext']);
@ -40,23 +39,21 @@ $num_of_files = mysqli_num_rows($sql_files_images) + mysqli_num_rows($sql_files_
<div class="col-xl-3 col-lg-3 col-md-6 col-sm-6 mb-3">
<div class="card">
<a href="#" data-toggle="modal" data-target="#viewFileModal<?php echo $file_id; ?>">
<img class="img-fluid" src="<?php echo "uploads/clients/$session_company_id/$client_id/$file_reference_name"; ?>">
<img class="img-fluid" src="<?php echo "uploads/clients/$session_company_id/$client_id/$file_reference_name"; ?>" alt="<?php echo $file_reference_name ?>">
</a>
<div class="card-footer bg-dark text-white p-1">
<center>
<div class="card-footer bg-dark text-white p-1" style="text-align: center;">
<a href="<?php echo "uploads/clients/$session_company_id/$client_id/$file_reference_name"; ?>" download="<?php echo $file_name; ?>" class="text-white float-left ml-1"><i class="fa fa-cloud-download-alt"></i></a>
<a href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'File', $file_id"; ?>)" class="text-white float-left ml-1"><i class="fa fa-share"></i></a>
<small><?php echo $file_name; ?></small>
<a href="post.php?delete_file=<?php echo $file_id; ?>" class="text-white float-right mr-1"><i class="fa fa-times"></i></a>
</center>
</div>
</div>
</div>
<?php
include("client_file_view_modal.php");
require("client_file_view_modal.php");
}
?>
</div>
@ -67,7 +64,7 @@ $num_of_files = mysqli_num_rows($sql_files_images) + mysqli_num_rows($sql_files_
<?php
while ($row = mysqli_fetch_array($sql_files_other)) {
$file_id = $row['file_id'];
$file_id = intval($row['file_id']);
$file_name = htmlentities($row['file_name']);
$file_reference_name = htmlentities($row['file_reference_name']);
$file_ext = htmlentities($row['file_ext']);
@ -105,8 +102,6 @@ $num_of_files = mysqli_num_rows($sql_files_images) + mysqli_num_rows($sql_files_
</div>
<?php
include("client_file_add_modal.php");
include("share_modal.php");
?>
<?php include("footer.php"); ?>
require_once("client_file_add_modal.php");
require_once("share_modal.php");
require_once("footer.php");

71
client_invoices.php
View File

@ -1,27 +1,22 @@
<?php include("inc_all_client.php"); ?>
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "invoice_number";
}
// Reverse default sort
if (!isset($_GET['o'])) {
$o = "DESC";
$disp = "ASC";
}
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -29,9 +24,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file-invoice mr-2"></i>Invoices</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-plus mr-2"></i>New Invoice</button>
</div>
</div>
<div class="card-body">
@ -41,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Invoices">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -50,7 +45,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-download mr-2"></i>Export</a>
</div>
</div>
@ -75,7 +70,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
@ -85,12 +80,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_date = htmlentities($row['invoice_date']);
$invoice_due = htmlentities($row['invoice_due']);
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$invoice_created_at = htmlentities($row['invoice_created_at']);
$category_id = intval($row['category_id']);
$category_name = htmlentities($row['category_name']);
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time()) {
@ -117,9 +112,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td class="text-bold"><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td class="text-bold text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
@ -135,13 +130,21 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-paper-plane mr-2"></i>Send
</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-copy mr-2"></i>Copy
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
@ -149,8 +152,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
include("invoice_copy_modal.php");
include("invoice_edit_modal.php");
require("invoice_copy_modal.php");
require("invoice_edit_modal.php");
}
?>
@ -158,10 +161,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("invoice_add_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("invoice_add_modal.php");
require_once("footer.php");

10
client_location_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt"></i> Creating location</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt mr-2"></i>Creating location</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -119,10 +119,8 @@
$contact_name = htmlentities($row['contact_name']);
?>
<option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -165,8 +163,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_location" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_location" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

12
client_location_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt"></i> Editing location: <strong><?php echo $location_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt mr-2"></i>Editing location: <strong><?php echo $location_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -117,15 +117,13 @@
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$location_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id'];
$contact_id_select = intval($row['contact_id']);
$contact_name_select = htmlentities($row['contact_name']);
?>
<option <?php if ($location_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -174,8 +172,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_location" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_location" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

7
client_location_import_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt"></i> Import Locations</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-map-marker-alt mr-2"></i>Import Locations</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -16,10 +16,11 @@
<input type="file" class="form-control-file" name="file" accept=".csv">
</div>
<hr>
<div>Download <a href="post.php?download_client_locations_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
<div>Download: <a class="text-bold" href="post.php?download_client_locations_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="import_client_locations_csv" class="btn btn-primary">Import</button>
<button type="submit" name="import_client_locations_csv" class="btn btn-primary text-bold"><i class="fa fa-upload mr-2"></i>Import</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

77
client_locations.php
View File

@ -1,33 +1,22 @@
<?php include("inc_all_client.php"); ?>
<?php
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q);
if (empty($phone_query)) {
$phone_query = $q;
}
}else{
$q = "";
$phone_query = "";
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "location_name";
}
$o = "ASC";
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM locations
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM locations
WHERE location_client_id = $client_id
AND location_archived_at IS NULL
AND (location_name LIKE '%$q%' OR location_address LIKE '%$q%' OR location_phone LIKE '%$phone_query%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -35,9 +24,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-map-marker-alt"></i> Locations</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-map-marker-alt mr-2"></i>Locations</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLocationModal"><i class="fas fa-fw fa-plus"></i> New Location</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLocationModal"><i class="fas fa-plus mr-2"></i>New Location</button>
</div>
</div>
<div class="card-body">
@ -47,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Locations">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Locations">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -56,8 +45,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_locations_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importLocationModal"><i class="fa fa-fw fa-upload"></i> Import</button>
<a href="post.php?export_client_locations_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importLocationModal"><i class="fa fa-fw fa-upload mr-2"></i>Import</button>
</div>
</div>
@ -79,7 +68,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_id = intval($row['location_id']);
$location_name = htmlentities($row['location_name']);
$location_country = htmlentities($row['location_country']);
$location_address = htmlentities($row['location_address']);
@ -100,8 +89,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
}
$location_photo = htmlentities($row['location_photo']);
$location_notes = htmlentities($row['location_notes']);
$location_created_at = $row['location_created_at'];
$location_contact_id = $row['location_contact_id'];
$location_created_at = htmlentities($row['location_created_at']);
$location_contact_id = intval($row['location_contact_id']);
if ($location_id == $primary_location) {
$primary_location_display = "<p class='text-success'>Primary Location</p>";
} else {
@ -124,36 +113,36 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLocationModal<?php echo $location_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLocationModal<?php echo $location_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3 && $location_id !== $primary_location) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_location=<?php echo $location_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?delete_location=<?php echo $location_id; ?>">Delete</a>
<a class="dropdown-item text-danger" href="post.php?archive_location=<?php echo $location_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_location=<?php echo $location_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
<?php include("client_location_edit_modal.php"); ?>
<?php require("client_location_edit_modal.php"); ?>
</td>
</tr>
<?php
}
?>
<?php } ?>
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("client_location_add_modal.php");
include("client_location_import_modal.php");
?>
<?php include("footer.php"); ?>
require_once("client_location_add_modal.php");
require_once("client_location_import_modal.php");
require_once("footer.php");

14
client_login_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> New Login</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i>New Login</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -109,7 +109,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']);
?>
<option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
@ -133,7 +133,7 @@
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id = $row['vendor_id'];
$vendor_id = intval($row['vendor_id']);
$vendor_name = htmlentities($row['vendor_name']);
?>
<option value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
@ -157,7 +157,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$asset_id = $row['asset_id'];
$asset_id = intval($row['asset_id']);
$asset_name = htmlentities($row['asset_name']);
?>
<option value="<?php echo $asset_id; ?>"><?php echo $asset_name; ?></option>
@ -181,7 +181,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id'];
$software_id = intval($row['software_id']);
$software_name = htmlentities($row['software_name']);
?>
<option value="<?php echo $software_id; ?>"><?php echo $software_name; ?></option>
@ -206,8 +206,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_login" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_login" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

32
client_login_edit_modal.php
View File

@ -2,13 +2,14 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> Editing password: <strong><?php echo $login_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i>Editing password: <strong><?php echo $login_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="login_id" value="<?php echo $login_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">
@ -116,14 +117,11 @@
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id'];
$contact_id_select = intval($row['contact_id']);
$contact_name_select = htmlentities($row['contact_name']);
?>
<option <?php if ($login_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -140,14 +138,12 @@
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = htmlentities($row['vendor_name']);
?>
<option <?php if ($login_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
<?php } ?>
<?php
}
?>
</select>
</div>
</div>
@ -164,14 +160,12 @@
$sql_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = $row['asset_id'];
$asset_id_select = intval($row['asset_id']);
$asset_name_select = htmlentities($row['asset_name']);
?>
<option <?php if ($login_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo $asset_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -188,14 +182,12 @@
$sql_software = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql_software)) {
$software_id_select = $row['software_id'];
$software_id_select = intval($row['software_id']);
$software_name_select = htmlentities($row['software_name']);
?>
<option <?php if ($login_software_id == $software_id_select) { echo "selected"; } ?> value="<?php echo $software_id_select; ?>"><?php echo $software_name_select; ?></option>
<?php
}
?>
<?php } ?>
</select>
</div>
</div>
@ -213,8 +205,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_login" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_login" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

5
client_login_import_modal.php
View File

@ -16,10 +16,11 @@
<input type="file" class="form-control-file" name="file" accept=".csv">
</div>
<hr>
<div>Download <a href="post.php?download_client_logins_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
<div>Download <a class="text-bold" href="post.php?download_client_logins_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="import_client_logins_csv" class="btn btn-primary">Import</button>
<button type="submit" name="import_client_logins_csv" class="btn btn-primary"><i class="fa fa-upload mr-2"></i>Import</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

68
client_logins.php
View File

@ -1,20 +1,21 @@
<?php include("inc_all_client.php"); ?>
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "login_name";
}
$o = "ASC";
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logins
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logins
WHERE login_client_id = $client_id
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -22,9 +23,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-key"></i> Passwords</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-key mr-2"></i>Passwords</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLoginModal"><i class="fas fa-fw fa-plus"></i> New Login</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLoginModal"><i class="fas fa-plus mr-2"></i>New Login</button>
</div>
</div>
<div class="card-body">
@ -34,7 +35,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Passwords">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Passwords">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -43,8 +44,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_logins_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importLoginModal"><i class="fa fa-fw fa-upload"></i> Import</button>
<a href="post.php?export_client_logins_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importLoginModal"><i class="fa fa-fw fa-upload mr-2"></i>Import</button>
</div>
</div>
@ -56,7 +57,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_username&o=<?php echo $disp; ?>">Username</a></th>
<th>Username</th>
<th>Password</th>
<th>OTP</th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_uri&o=<?php echo $disp; ?>">URI</a></th>
@ -67,7 +68,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$login_id = $row['login_id'];
$login_id = intval($row['login_id']);
$login_name = htmlentities($row['login_name']);
$login_uri = htmlentities($row['login_uri']);
if (empty($login_uri)) {
@ -90,11 +91,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$otp_display = "<span onmouseenter='showOTP($login_id_with_secret)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
}
$login_note = htmlentities($row['login_note']);
$login_important = $row['login_important'];
$login_contact_id = $row['login_contact_id'];
$login_vendor_id = $row['login_vendor_id'];
$login_asset_id = $row['login_asset_id'];
$login_software_id = $row['login_software_id'];
$login_important = intval($row['login_important']);
$login_contact_id = intval($row['login_contact_id']);
$login_vendor_id = intval($row['login_vendor_id']);
$login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
?>
<tr>
@ -116,11 +117,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLoginModal<?php echo $login_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Login', $login_id"; ?>)">Share</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLoginModal<?php echo $login_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Login', $login_id"; ?>)">
<i class="fas fa-fw fa-share mr-2"></i>Share
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_login=<?php echo $login_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_login=<?php echo $login_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
@ -129,7 +136,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
include("client_login_edit_modal.php");
require("client_login_edit_modal.php");
}
?>
@ -137,7 +144,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
@ -164,10 +171,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
include("client_login_add_modal.php");
include("share_modal.php");
include("client_login_import_modal.php");
?>
<?php include("footer.php"); ?>
require_once("client_login_add_modal.php");
require_once("share_modal.php");
require_once("client_login_import_modal.php");
require_once("footer.php");

36
client_logs.php
View File

@ -1,23 +1,17 @@
<?php include("inc_all_client.php"); ?>
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "log_id";
}
// Reverse default sort
if (!isset($_GET['o'])) {
$o = "DESC";
$disp = "ASC";
}
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logs
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs
LEFT JOIN users ON log_user_id = user_id
WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%')
AND log_client_id = $client_id
@ -30,7 +24,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fa fa-fw fa-eye"></i> Audit Logs</h3>
<h3 class="card-title"><i class="fa fa-fw fa-eye mr-2"></i>Audit Logs</h3>
</div>
<div class="card-body">
@ -40,7 +34,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Logs">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Logs">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -64,13 +58,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_description&o=<?php echo $disp; ?>">Description</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_ip&o=<?php echo $disp; ?>">IP Address</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_user_agent&o=<?php echo $disp; ?>">User Agent</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_entity_id&o=<?php echo $disp; ?>">Entity ID</a></th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$log_id = $row['log_id'];
$log_id = intval($row['log_id']);
$log_type = htmlentities($row['log_type']);
$log_action = htmlentities($row['log_action']);
$log_description = htmlentities($row['log_description']);
@ -78,14 +73,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$log_user_agent = htmlentities($row['log_user_agent']);
$log_user_os = getOS($log_user_agent);
$log_user_browser = getWebBrowser($log_user_agent);
$log_created_at = $row['log_created_at'];
$user_id = $row['user_id'];
$log_created_at = htmlentities($row['log_created_at']);
$user_id = intval($row['user_id']);
$user_name = htmlentities($row['user_name']);
if (empty($user_name)) {
$user_name_display = "-";
} else {
$user_name_display = $user_name;
}
$log_entity_id = intval($row['log_entity_id']);
?>
@ -97,6 +93,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<td><?php echo $log_description; ?></td>
<td><?php echo $log_ip; ?></td>
<td><?php echo "$log_user_os<br>$log_user_browser"; ?></td>
<td><?php echo $log_entity_id; ?></td>
</tr>
<?php
@ -106,8 +103,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("footer.php"); ?>
<?php
require_once("footer.php");

10
client_network_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-network-wired"></i> New Network</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-network-wired mr-2"></i>New Network</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -52,7 +52,7 @@
</div>
<div class="form-group">
<label>DHCP Range</label>
<label>DHCP Range / IPs</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-server"></i></span>
@ -73,7 +73,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_id = intval($row['location_id']);
$location_name = htmlentities($row['location_name']);
?>
<option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
@ -87,8 +87,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_network" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_network" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

9
client_network_edit_modal.php
View File

@ -2,13 +2,14 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-network-wired"></i> Edit network: <span class="text-bold" id="editNetworkHeader"></span></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-network-wired mr-2"></i>Edit network: <span class="text-bold" id="editNetworkHeader"></span></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="network_id" id="editNetworkId" value="">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
@ -52,7 +53,7 @@
</div>
<div class="form-group">
<label>DHCP Range</label>
<label>DHCP Range / IPs</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-server"></i></span>
@ -75,8 +76,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_network" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_network" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

59
client_networks.php
View File

@ -1,21 +1,22 @@
<?php include("inc_all_client.php"); ?>
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
// Default Column Sortby Filter
$sb = "network_name";
}
$o = "ASC";
require_once("inc_all_client.php");
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM networks
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM networks
LEFT JOIN locations ON location_id = network_location_id
WHERE network_client_id = $client_id
AND (network_name LIKE '%$q%' OR network_vlan LIKE '%$q%' OR network LIKE '%$q%' OR network_gateway LIKE '%$q%' OR network_dhcp_range LIKE '%$q%' OR location_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -23,9 +24,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-network-wired"></i> Networks</h3>
<h3 class="card-title mt-2"><i class="fas fa-fw fa-network-wired mr-2"></i>Networks</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addNetworkModal"><i class="fas fa-fw fa-plus"></i> New Network</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addNetworkModal"><i class="fas fa-plus mr-2"></i>New Network</button>
</div>
</div>
<div class="card-body">
@ -35,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Networks">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Networks">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
@ -44,7 +45,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_networks_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<a href="post.php?export_client_networks_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
</div>
</div>
@ -68,9 +69,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$network_id = $row['network_id'];
$network_id = intval($row['network_id']);
$network_name = htmlentities($row['network_name']);
$network_vlan = htmlentities($row['network_vlan']);
$network_vlan = intval($row['network_vlan']);
if (empty($network_vlan)) {
$network_vlan_display = "-";
} else {
@ -84,7 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
} else {
$network_dhcp_range_display = $network_dhcp_range;
}
$network_location_id = $row['network_location_id'];
$network_location_id = intval($row['network_location_id']);
$location_name = htmlentities($row['location_name']);
if (empty($location_name)) {
$location_name_display = "-";
@ -96,7 +97,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<tr>
<th>
<i class="fa fa-fw fa-network-wired text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)" data-target="#editNetworkModal"><?php echo $network_name; ?></a></th>
<a class="text-dark" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)"
data-target="#editNetworkModal"><?php echo $network_name; ?>
</a>
</th>
<td><?php echo $network_vlan_display; ?></td>
<td><?php echo $network; ?></td>
<td><?php echo $network_gateway; ?></td>
@ -108,33 +112,33 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)" data-target="#editNetworkModal">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)" data-target="#editNetworkModal">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_network=<?php echo $network_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_network=<?php echo $network_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
}
?>
<?php } ?>
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php
include("client_network_edit_modal.php");
include("client_network_add_modal.php");
require_once("client_network_edit_modal.php");
require_once("client_network_add_modal.php");
?>
@ -187,4 +191,5 @@ function populateNetworkEditModal(client_id, network_id) {
}
</script>
<?php include("footer.php"); ?>
<?php
require_once("footer.php");

Some files were not shown because too many files have changed in this diff Show More