AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #611 from wrongecho/linting 

General formatting/cleanup
This commit is contained in:
Johnny 2023-02-09 13:58:10 -05:00 committed by GitHub
parent 9e549adb7e 615f317d2b
commit 7685029016
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
151 changed files with 4982 additions and 4815 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
accounts.php
View File

@ -9,11 +9,14 @@ if (!empty($_GET['sb'])) {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM accounts
WHERE account_name LIKE '%$q%' AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM accounts
WHERE account_name LIKE '%$q%' AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

10
ajax.php
View File

@ -141,7 +141,9 @@ if (isset($_GET['network_get_json_details'])) {
}
// Lookup all client locations, as networks can be associated with any client location
$locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations
$locations_sql = mysqli_query(
$mysqli,
"SELECT location_id, location_name FROM locations
WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
);
while ($row = mysqli_fetch_array($locations_sql)) {
@ -226,11 +228,11 @@ if (isset($_GET['share_generate_link'])) {
$item_encrypted_credential = ''; // Default empty
$client_id = intval($_GET['client_id']);
$item_type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['type'])));
$item_type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['type'])));
$item_id = intval($_GET['id']);
$item_note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['note'])));
$item_note = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['note'])));
$item_view_limit = intval($_GET['views']);
$item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['expires'])));
$item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['expires'])));
$item_key = randomString(156);
if ($item_type == "Document") {

2
api/v1/contacts/create.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
require_once('contact_model.php');
// Default
$insert_id = FALSE;
$insert_id = false;
if (!empty($name) && !empty($email) && !empty($client_id)) {

2
api/v1/contacts/delete.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$delete_count = FALSE;
$delete_count = false;
if (!empty($contact_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));

2
api/v1/contacts/update.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$update_count = FALSE;
$update_count = false;
if (!empty($contact_id)) {

2
api/v1/validate_api_key.php
View File

@ -7,7 +7,7 @@
*/
// Includes
require_once( __DIR__ . '../../../functions.php');
require_once(__DIR__ . '../../../functions.php');
require_once(__DIR__ . "../../../config.php");
// JSON header

6
base32static.php
View File

@ -44,7 +44,7 @@ class Base32Static {
$i=0;
while($i < count($fiveBitBinaryArray)) {
$base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5,'0'), 2, 10)];
$base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5, '0'), 2, 10)];
$i++;
}
@ -71,7 +71,7 @@ class Base32Static {
substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false;
}
$input = str_replace('=','', $input);
$input = str_replace('=', '', $input);
$input = str_split($input);
$binaryString = "";
@ -87,7 +87,7 @@ class Base32Static {
$eightBits = str_split($x, 8);
for ($z = 0; $z < count($eightBits); $z++) {
$binaryString .= ( ($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48 ) ? $y:"";
$binaryString .= (($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48) ? $y:"";
}
}

4
calendar_event_add_modal.php
View File

@ -48,7 +48,7 @@
<option value="">- Calendar -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$calendar_id = $row['calendar_id'];
$calendar_name = htmlentities($row['calendar_name']);
@ -117,7 +117,7 @@
<option value="">- Client -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);

4
calendar_event_edit_modal.php
View File

@ -50,7 +50,7 @@
<select class="form-control select2" name="calendar" required>
<?php
$sql_calendars_select = mysqli_query($mysqli,"SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
$sql_calendars_select = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql_calendars_select)) {
$calendar_id_select = $row['calendar_id'];
$calendar_name_select = htmlentities($row['calendar_name']);
@ -116,7 +116,7 @@
<option value="">- Client -</option>
<?php
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
$sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql_clients)) {
$client_id_select = $row['client_id'];
$client_name_select = htmlentities($row['client_name']);

14
calendar_events.php
View File

@ -18,7 +18,7 @@ require_once("calendar_add_modal.php");
require_once("category_quick_add_modal.php");
//loop through IDs and create a modal for each
$sql = mysqli_query($mysqli,"SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = $row['event_id'];
$event_title = htmlentities($row['event_title']);
@ -70,7 +70,7 @@ while ($row = mysqli_fetch_array($sql)) {
},
events: [
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['event_id']);
$event_title = json_encode($row['event_title']);
@ -84,7 +84,7 @@ while ($row = mysqli_fetch_array($sql)) {
}
//Invoices Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN invoices ON client_id = invoice_client_id WHERE clients.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN invoices ON client_id = invoice_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['invoice_id']);
$event_title = json_encode($row['invoice_prefix'] . $row['invoice_number'] . " " . $row['invoice_scope']);
@ -94,7 +94,7 @@ while ($row = mysqli_fetch_array($sql)) {
}
//Quotes Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN quotes ON client_id = quote_client_id WHERE clients.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN quotes ON client_id = quote_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['quote_id']);
$event_title = json_encode($row['quote_prefix'] . $row['quote_number'] . " " . $row['quote_scope']);
@ -104,7 +104,7 @@ while ($row = mysqli_fetch_array($sql)) {
}
//Tickets Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN tickets ON client_id = ticket_client_id WHERE clients.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN tickets ON client_id = ticket_client_id WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['ticket_id']);
$event_title = json_encode($row['ticket_prefix'] . $row['ticket_number'] . " " . $row['ticket_subject']);
@ -115,7 +115,7 @@ while ($row = mysqli_fetch_array($sql)) {
}
//Vendors Added Created
$sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id WHERE vendor_template = 0 AND clients.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id WHERE vendor_template = 0 AND clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['vendor_id']);
$event_title = json_encode($row['vendor_name']);
@ -125,7 +125,7 @@ while ($row = mysqli_fetch_array($sql)) {
}
//Clients Added
$sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE clients.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE clients.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['client_id']);
$event_title = json_encode($row['client_name']);

32
categories.php
View File

@ -3,35 +3,39 @@
require_once("inc_all_settings.php");
if (isset($_GET['category'])) {
$category = strip_tags(mysqli_real_escape_string($mysqli,$_GET['category']));
$category = strip_tags(mysqli_real_escape_string($mysqli, $_GET['category']));
} else {
$category = "Expense";
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "category_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM categories
WHERE category_name LIKE '%$q%'
AND category_type = '$category'
AND category_archived_at IS NULL
AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM categories
WHERE category_name LIKE '%$q%'
AND category_type = '$category'
AND category_archived_at IS NULL
AND company_id = $session_company_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
//Colors Used
$sql_colors_used = mysqli_query($mysqli,"SELECT category_color FROM categories
WHERE category_type = '$category'
AND category_archived_at IS NULL
AND company_id = $session_company_id"
$sql_colors_used = mysqli_query(
$mysqli,
"SELECT category_color FROM categories
WHERE category_type = '$category'
AND category_archived_at IS NULL
AND company_id = $session_company_id"
);
while ($color_used_row = mysqli_fetch_array($sql_colors_used)) {

4
client_add_modal.php
View File

@ -64,7 +64,7 @@
<option value="">N/A</option>
<?php
$referral_sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
$referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($referral_sql)) {
$referral = htmlentities($row['category_name']); ?>
<option><?php echo $referral; ?></option>
@ -271,7 +271,7 @@
<ul class="list-group">
<?php
$sql_tags_select = mysqli_query($mysqli,"SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
$sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id'];

8
client_asset_add_modal.php
View File

@ -122,7 +122,7 @@
<option value="">- Location -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_name = htmlentities($row['location_name']);
@ -145,7 +145,7 @@
<option value="">- Contact -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
@ -184,7 +184,7 @@
<option value="">- Network -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$network_id = $row['network_id'];
$network_name = htmlentities($row['network_name']);
@ -232,7 +232,7 @@
<option value="">- Vendor -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);

8
client_asset_copy_modal.php
View File

@ -119,7 +119,7 @@
<option value="">- Location -</option>
<?php
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id'];
$location_name_select = htmlentities($row['location_name']);
@ -142,7 +142,7 @@
<option value="">- Contact -</option>
<?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
@ -179,7 +179,7 @@
<option value="">- Network -</option>
<?php
$sql_networks = mysqli_query($mysqli,"SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_networks)) {
$network_id_select = $row['network_id'];
$network_name_select = htmlentities($row['network_name']);
@ -227,7 +227,7 @@
<option value="">- Vendor -</option>
<?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']);

10
client_asset_edit_modal.php
View File

@ -121,7 +121,7 @@
<option value="">- Location -</option>
<?php
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id'];
$location_name_select = htmlentities($row['location_name']);
@ -143,13 +143,13 @@
<option value="">- Contact -</option>
<?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id'];
$contact_name_select = htmlentities($row['contact_name']);
?>
<option <?php if ($asset_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>">
<?php echo $contact_name_select; ?> <?php if (!empty($row['contact_archived_at'])) { echo " (Archived " . date('Y-m-d',strtotime($row['contact_archived_at'])) .")"; } ?>
<?php echo $contact_name_select; ?> <?php if (!empty($row['contact_archived_at'])) { echo " (Archived " . date('Y-m-d', strtotime($row['contact_archived_at'])) .")"; } ?>
</option>
<?php } ?>
@ -181,7 +181,7 @@
<option value="">- Network -</option>
<?php
$sql_networks = mysqli_query($mysqli,"SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
$sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_networks)) {
$network_id_select = $row['network_id'];
$network_name_select = htmlentities($row['network_name']);
@ -229,7 +229,7 @@
<option value="">- Vendor -</option>
<?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']);

2
client_asset_interface_add_modal.php
View File

@ -75,7 +75,7 @@
<option value="">- None -</option>
<?php
$sql_network_select = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
$sql_network_select = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_network_select)) {
$network_id = $row['network_id'];
$network_name = htmlentities($row['network_name']);

24
client_assets.php
View File

@ -31,7 +31,7 @@ $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM a
$other_count = $row['count'];
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "asset_name";
}
@ -53,17 +53,19 @@ if (isset($_GET['type']) && ($_GET['type']) == 'workstation') {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM assets
LEFT JOIN contacts ON asset_contact_id = contact_id
LEFT JOIN locations ON asset_location_id = location_id
LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id
AND asset_archived_at IS NULL
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
AND ($type_query)
ORDER BY $sb $o LIMIT $record_from, $record_to"
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM assets
LEFT JOIN contacts ON asset_contact_id = contact_id
LEFT JOIN locations ON asset_location_id = location_id
LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id
AND asset_archived_at IS NULL
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
AND ($type_query)
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

16
client_certificates.php
View File

@ -1,21 +1,21 @@
<?php require_once("inc_all_client.php"); ?>
<?php
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "certificate_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM certificates
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM certificates
WHERE certificate_client_id = $client_id AND (certificate_name LIKE '%$q%' OR certificate_domain LIKE '%$q%' OR certificate_issued_by LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -30,7 +30,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Certificates">
@ -62,7 +62,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$certificate_id = $row['certificate_id'];
$certificate_name = htmlentities($row['certificate_name']);

2
client_contact_add_modal.php
View File

@ -120,7 +120,7 @@
<option value="">- Location -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_name = htmlentities($row['location_name']);

8
client_contact_details.php
View File

@ -29,7 +29,7 @@ if (isset($_GET['contact_id'])) {
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);
@ -94,7 +94,7 @@ if (isset($_GET['contact_id'])) {
if (!empty($contact_mobile)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
<?php } ?>
<div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d',strtotime($contact_created_at)); ?></div>
<div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
<hr>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">
<i class="fas fa-fw fa-user-edit"></i> Edit
@ -389,7 +389,7 @@ if (isset($_GET['contact_id'])) {
$asset_licenses_array[] = $row['asset_id'];
$seat_count = $seat_count + 1;
}
$asset_licenses = implode(',',$asset_licenses_array);
$asset_licenses = implode(',', $asset_licenses_array);
// Contact Licenses
$contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
@ -398,7 +398,7 @@ if (isset($_GET['contact_id'])) {
$contact_licenses_array[] = $row['contact_id'];
$seat_count = $seat_count + 1;
}
$contact_licenses = implode(',',$contact_licenses_array);
$contact_licenses = implode(',', $contact_licenses_array);
?>
<tr>

2
client_contact_edit_modal.php
View File

@ -122,7 +122,7 @@
<option value="">- Location -</option>
<?php
$sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC");
$sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql_locations)) {
$location_id_select = $row['location_id'];
$location_name_select = htmlentities($row['location_name']);

22
client_contacts.php
View File

@ -3,9 +3,9 @@
require_once("inc_all_client.php");
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
$q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers
$n = preg_replace("/[^0-9]/", '',$q);
$n = preg_replace("/[^0-9]/", '', $q);
if (empty($n)) {
$n = $q;
}
@ -16,21 +16,21 @@ if (isset($_GET['q'])) {
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "contact_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM contacts
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM contacts
LEFT JOIN locations ON location_id = contact_location_id
WHERE contact_archived_at IS NULL
AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$n%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$n%')
AND contact_client_id = $client_id ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -133,7 +133,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);
@ -145,19 +145,19 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$auth_method = htmlentities($row['contact_auth_method']);
// Related Assets Query
$sql_related_assets = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_contact_id = $contact_id AND company_id = $session_company_id ORDER BY asset_id DESC");
$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_contact_id = $contact_id AND company_id = $session_company_id ORDER BY asset_id DESC");
$asset_count = mysqli_num_rows($sql_related_assets);
// Related Logins Query
$sql_related_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_contact_id = $contact_id AND company_id = $session_company_id ORDER BY login_id DESC");
$sql_related_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_contact_id = $contact_id AND company_id = $session_company_id ORDER BY login_id DESC");
$login_count = mysqli_num_rows($sql_related_logins);
// Related Software Query
$sql_related_software = mysqli_query($mysqli,"SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id ORDER BY software.software_id DESC");
$sql_related_software = mysqli_query($mysqli, "SELECT * FROM software, software_contacts WHERE software.software_id = software_contacts.software_id AND software_contacts.contact_id = $contact_id AND software.company_id = $session_company_id ORDER BY software.software_id DESC");
$software_count = mysqli_num_rows($sql_related_software);
// Related Tickets Query
$sql_related_tickets = mysqli_query($mysqli,"SELECT * FROM tickets WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
$ticket_count = mysqli_num_rows($sql_related_tickets);
?>

4
client_document_add_from_template_modal.php
View File

@ -20,7 +20,7 @@
<select class="form-control" name="document_template_id" required>
<option value="">- Select Template -</option>
<?php
$sql_document_templates = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_template = 1 AND company_id = $session_company_id AND document_archived_at IS NULL ORDER BY document_name ASC");
$sql_document_templates = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND company_id = $session_company_id AND document_archived_at IS NULL ORDER BY document_name ASC");
while ($row = mysqli_fetch_array($sql_document_templates)) {
$document_template_id = $row['document_id'];
$document_template_name = htmlentities($row['document_name']);
@ -54,7 +54,7 @@
<select class="form-control" name="folder">
<option value="0">/</option>
<?php
$sql_folders = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
$sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id'];
$folder_name = htmlentities($row['folder_name']);

2
client_document_add_modal.php
View File

@ -27,7 +27,7 @@
<select class="form-control" name="folder">
<option value="0">/</option>
<?php
$sql_folders = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
$sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id'];
$folder_name = htmlentities($row['folder_name']);

2
client_document_details.php
View File

@ -7,7 +7,7 @@ if (isset($_GET['document_id'])) {
}
$sql_document = mysqli_query($mysqli,"SELECT * FROM documents LEFT JOIN folders ON document_folder_id = folder_id WHERE document_client_id = $client_id AND document_id = $document_id AND documents.company_id = $session_company_id");
$sql_document = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN folders ON document_folder_id = folder_id WHERE document_client_id = $client_id AND document_id = $document_id AND documents.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_document);

2
client_document_edit_modal.php
View File

@ -27,7 +27,7 @@
<select class="form-control" name="folder">
<option value="0">/</option>
<?php
$sql_folders_select = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
$sql_folders_select = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders_select)) {
$folder_id_select = $row['folder_id'];
$folder_name_select = htmlentities($row['folder_name']);

2
client_document_template_details.php
View File

@ -8,7 +8,7 @@ if (isset($_GET['document_id'])) {
}
$sql_document = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id AND documents.company_id = $session_company_id");
$sql_document = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id AND documents.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_document);

26
client_document_templates.php
View File

@ -4,8 +4,8 @@
// Sort by
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "document_name";
}
@ -17,16 +17,18 @@ if (!empty($q)) {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM documents
WHERE document_template = 1
AND documents.company_id = $session_company_id
$query_snippet
ORDER BY $sb $o LIMIT $record_from, $record_to"
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
WHERE document_template = 1
AND documents.company_id = $session_company_id
$query_snippet
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -44,7 +46,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo intval($client_id); ?>">
<div class="input-group">
@ -76,7 +78,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$document_id = $row['document_id'];
$document_name = htmlentities($row['document_name']);
@ -110,7 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tr>
<?php
include("client_document_template_edit_modal.php");
}

26
client_documents.php
View File

@ -11,7 +11,7 @@ if (!empty($_GET['folder_id'])) {
// Sort by
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "document_name";
}
@ -24,7 +24,7 @@ if (!empty($q)) {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
// Folder ID
$get_folder_id = 0;
@ -32,16 +32,18 @@ if (!empty($_GET['folder_id'])) {
$get_folder_id = intval($_GET['folder_id']);
}
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM documents
WHERE document_client_id = $client_id
AND documents.company_id = $session_company_id
AND document_template = 0
AND document_folder_id = $folder
$query_snippet
ORDER BY $sb $o LIMIT $record_from, $record_to"
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
WHERE document_client_id = $client_id
AND documents.company_id = $session_company_id
AND document_template = 0
AND document_folder_id = $folder
$query_snippet
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -82,12 +84,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<a class="nav-link <?php if ($get_folder_id == 0) { echo "active"; } ?>" href="?client_id=<?php echo $client_id; ?>&folder_id=0">/</a>
</li>
<?php
$sql_folders = mysqli_query($mysqli,"SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
$sql_folders = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_client_id = $client_id ORDER BY folder_name ASC");
while ($row = mysqli_fetch_array($sql_folders)) {
$folder_id = $row['folder_id'];
$folder_name = htmlentities($row['folder_name']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_folder_id = $folder_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_folder_id = $folder_id"));
$num_documents = $row['num'];
?>

4
client_domain_add_modal.php
View File

@ -31,7 +31,7 @@
<option value="">- Vendor -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
@ -52,7 +52,7 @@
<option value="">- Vendor -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);

10
client_domains.php
View File

@ -3,19 +3,19 @@
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "domain_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM domains LEFT JOIN vendors ON domain_registrar = vendor_id
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM domains LEFT JOIN vendors ON domain_registrar = vendor_id
WHERE domain_client_id = $client_id AND (domain_name LIKE '%$q%' OR vendor_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -75,7 +75,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$domain_registrar_name = "-";
}
$sql_domain_webhost = mysqli_query($mysqli,"SELECT vendor_name FROM vendors WHERE vendor_id = $domain_webhost");
$sql_domain_webhost = mysqli_query($mysqli, "SELECT vendor_name FROM vendors WHERE vendor_id = $domain_webhost");
$row = mysqli_fetch_array($sql_domain_webhost);
$domain_webhost_name = htmlentities($row['vendor_name']);
if (empty($domain_webhost_name)) {

4
client_edit_modal.php
View File

@ -59,7 +59,7 @@
<option value="">N/A</option>
<?php
$referral_sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Referral' AND (category_archived_at > '$client_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
$referral_sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Referral' AND (category_archived_at > '$client_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($referral_sql)) {
$referral = htmlentities($row['category_name']);
?>
@ -137,7 +137,7 @@
<?php
$sql_tags_select = mysqli_query($mysqli,"SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
$sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id'];

4
client_events.php
View File

@ -22,7 +22,7 @@ if (isset($_GET['calendar_id'])) {
<?php
//loop through IDs and create a modal for each
$sql = mysqli_query($mysqli,"SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = $row['event_id'];
$event_title = htmlentities($row['event_title']);
@ -71,7 +71,7 @@ while ($row = mysqli_fetch_array($sql)) {
},
events: [
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM calendars LEFT JOIN events ON calendar_id = event_calendar_id WHERE event_client_id = $client_id AND calendars.company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$event_id = json_encode($row['event_id']);
$event_title = json_encode($row['event_title']);

284
client_invoices.php
View File

@ -1,167 +1,169 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "invoice_number";
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "invoice_number";
}
// Reverse default sort
if (!isset($_GET['o'])) {
$o = "DESC";
$disp = "ASC";
$o = "DESC";
$disp = "ASC";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
if (empty($invoice_scope)) {
$invoice_scope_display = "-";
}else{
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time() ) {
$overdue_color = "text-danger font-weight-bold";
}else{
$overdue_color = "";
}
//Set Badge color based off of invoice status
if ($invoice_status == "Sent") {
$invoice_badge_color = "warning";
}elseif ($invoice_status == "Viewed") {
$invoice_badge_color = "info";
}elseif ($invoice_status == "Partial") {
$invoice_badge_color = "primary";
}elseif ($invoice_status == "Paid") {
$invoice_badge_color = "success";
}elseif ($invoice_status == "Cancelled") {
$invoice_badge_color = "danger";
}else{
$invoice_badge_color = "secondary";
}
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
<?php echo $invoice_status; ?>
</span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
<?php
include("invoice_copy_modal.php");
include("invoice_edit_modal.php");
}
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
if (empty($invoice_scope)) {
$invoice_scope_display = "-";
} else {
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?>
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time()) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";
}
</tbody>
</table>
//Set Badge color based off of invoice status
if ($invoice_status == "Sent") {
$invoice_badge_color = "warning";
} elseif ($invoice_status == "Viewed") {
$invoice_badge_color = "info";
} elseif ($invoice_status == "Partial") {
$invoice_badge_color = "primary";
} elseif ($invoice_status == "Paid") {
$invoice_badge_color = "success";
} elseif ($invoice_status == "Cancelled") {
$invoice_badge_color = "danger";
} else {
$invoice_badge_color = "secondary";
}
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
<?php echo $invoice_status; ?>
</span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
<?php
require("invoice_copy_modal.php");
require("invoice_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("invoice_add_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("invoice_add_modal.php");
require_once("footer.php");

2
client_location_add_modal.php
View File

@ -113,7 +113,7 @@
<option value="">- Contact -</option>
<?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);

2
client_location_edit_modal.php
View File

@ -115,7 +115,7 @@
<option value="">- Contact -</option>
<?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE (contact_archived_at > '$location_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$location_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id'];
$contact_name_select = htmlentities($row['contact_name']);

12
client_locations.php
View File

@ -3,9 +3,9 @@
<?php
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
$q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q);
$phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) {
$phone_query = $q;
}
@ -15,21 +15,21 @@ if (isset($_GET['q'])) {
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{
$sb = "location_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM locations
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM locations
WHERE location_client_id = $client_id
AND location_archived_at IS NULL
AND (location_name LIKE '%$q%' OR location_address LIKE '%$q%' OR location_phone LIKE '%$phone_query%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

8
client_login_add_modal.php
View File

@ -107,7 +107,7 @@
<option value="">- Contact -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
@ -131,7 +131,7 @@
<option value="">- Vendor -</option>
<?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
@ -155,7 +155,7 @@
<option value="">- Asset -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$asset_id = $row['asset_id'];
$asset_name = htmlentities($row['asset_name']);
@ -179,7 +179,7 @@
<option value="">- software -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);

8
client_login_edit_modal.php
View File

@ -115,7 +115,7 @@
<option value="">- Contact -</option>
<?php
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id_select = $row['contact_id'];
$contact_name_select = htmlentities($row['contact_name']);
@ -136,7 +136,7 @@
<option value="0">- None -</option>
<?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']);
@ -158,7 +158,7 @@
<option value="0">- None -</option>
<?php
$sql_assets = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
$sql_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = $row['asset_id'];
$asset_name_select = htmlentities($row['asset_name']);
@ -180,7 +180,7 @@
<option value="0">- None -</option>
<?php
$sql_software = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
$sql_software = mysqli_query($mysqli, "SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql_software)) {
$software_id_select = $row['software_id'];
$software_name_select = htmlentities($row['software_name']);

17
client_logins.php
View File

@ -3,20 +3,23 @@
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
}else{
$sb = "login_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logins
WHERE login_client_id = $client_id
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logins
WHERE login_client_id = $client_id
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

39
client_logs.php
View File

@ -1,10 +1,9 @@
<?php require_once("inc_all_client.php"); ?>
<?php
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "log_id";
}
@ -15,16 +14,18 @@ if (!isset($_GET['o'])) {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logs
LEFT JOIN users ON log_user_id = user_id
WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%')
AND log_client_id = $client_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs
LEFT JOIN users ON log_user_id = user_id
WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%')
AND log_client_id = $client_id
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -37,7 +38,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Logs">
@ -69,7 +70,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$log_id = $row['log_id'];
$log_type = htmlentities($row['log_type']);
@ -84,13 +85,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$user_name = htmlentities($row['user_name']);
if (empty($user_name)) {
$user_name_display = "-";
}else{
} else {
$user_name_display = $user_name;
}
$log_entity_id = $row['log_entity_id'];
?>
<tr>
<td><?php echo $log_created_at; ?></td>
<td><?php echo $user_name_display; ?></td>
@ -109,8 +110,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("footer.php"); ?>
<?php require_once("footer.php"); ?>

2
client_network_add_modal.php
View File

@ -71,7 +71,7 @@
<option value="">- Location -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$location_id = $row['location_id'];
$location_name = htmlentities($row['location_name']);

27
client_networks.php
View File

@ -1,23 +1,22 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "network_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM networks
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM networks
LEFT JOIN locations ON location_id = network_location_id
WHERE network_client_id = $client_id
AND (network_name LIKE '%$q%' OR network_vlan LIKE '%$q%' OR network LIKE '%$q%' OR network_gateway LIKE '%$q%' OR network_dhcp_range LIKE '%$q%' OR location_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -32,7 +31,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Networks">
@ -66,7 +65,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$network_id = $row['network_id'];
$network_name = htmlentities($row['network_name']);
@ -88,14 +87,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$location_name = htmlentities($row['location_name']);
if (empty($location_name)) {
$location_name_display = "-";
}else{
} else {
$location_name_display = $location_name;
}
?>
<tr>
<th>
<i class="fa fa-fw fa-network-wired text-secondary"></i>
<i class="fa fa-fw fa-network-wired text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" onclick="populateNetworkEditModal(<?php echo $client_id, ",", $network_id ?>)" data-target="#editNetworkModal"><?php echo $network_name; ?></a></th>
<td><?php echo $network_vlan_display; ?></td>
<td><?php echo $network; ?></td>
@ -121,7 +120,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
}
?>
</tbody>
@ -140,7 +139,7 @@ include("client_network_add_modal.php");
<script>
function populateNetworkEditModal(client_id, network_id) {
// Send a GET request to post.php as post.php?network_get_json_details=true&client_id=NUM&network_id=NUM
jQuery.get(
"ajax.php",

4
client_overview.php
View File

@ -15,7 +15,9 @@ $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id
// Expiring Items
// Get Domains Expiring
$sql_domains_expiring = mysqli_query($mysqli, "SELECT * FROM domains
$sql_domains_expiring = mysqli_query(
$mysqli,
"SELECT * FROM domains
WHERE domain_client_id = $client_id
AND domain_expire != '0000-00-00'
AND domain_archived_at IS NULL

20
client_payments.php
View File

@ -3,8 +3,8 @@
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "payment_date";
}
@ -15,16 +15,16 @@ if (!isset($_GET['o'])) {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM payments
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM payments
LEFT JOIN invoices ON payment_invoice_id = invoice_id
LEFT JOIN accounts ON payment_account_id = account_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -36,7 +36,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Payments">
@ -71,7 +71,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
@ -92,7 +92,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$payment_currency_code = htmlentities($row['payment_currency_code']);
$account_name = htmlentities($row['account_name']);
?>
<tr>
<td><?php echo $payment_date; ?></td>
@ -106,9 +106,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tr>
<?php
}
?>
</tbody>

8
client_quotes.php
View File

@ -3,7 +3,7 @@
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "quote_number";
}
@ -15,15 +15,15 @@ if (!isset($_GET['o'])) {
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM quotes
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM quotes
LEFT JOIN categories ON category_id = quote_category_id
WHERE quote_client_id = $client_id
AND (CONCAT(quote_prefix,quote_number) LIKE '%$q%' OR quote_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR quote_status LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

18
client_recurring_invoices.php
View File

@ -3,21 +3,21 @@
<?php
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "recurring_id";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT * FROM recurring
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT * FROM recurring
LEFT JOIN categories ON recurring_category_id = category_id
WHERE recurring_client_id = $client_id
AND (CONCAT(recurring_prefix,recurring_number) LIKE '%$q%' OR recurring_frequency LIKE '%$q%' OR recurring_scope LIKE '%$q%' OR category_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -32,7 +32,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Recurring Invoices">
@ -68,7 +68,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$recurring_id = $row['recurring_id'];
$recurring_prefix = htmlentities($row['recurring_prefix']);
@ -119,7 +119,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_recurring=<?php echo $recurring_id; ?>">Delete</a>
</div>
</div>
</div>
</td>
</tr>

10
client_scheduled_tickets.php
View File

@ -3,23 +3,25 @@
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "scheduled_ticket_subject";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
// SQL
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM scheduled_tickets
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM scheduled_tickets
LEFT JOIN clients on scheduled_ticket_client_id = client_id
WHERE scheduled_ticket_client_id = $client_id
AND scheduled_tickets.scheduled_ticket_subject LIKE '%$q%'
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

14
client_service_edit_modal.php
View File

@ -101,7 +101,7 @@
<select multiple class="form-control" id="contacts" name="contacts[]">
<?php
// Get just the currently selected contact IDs
$selected_ids = array_column(mysqli_fetch_all($sql_contacts,MYSQLI_ASSOC), "contact_id");
$selected_ids = array_column(mysqli_fetch_all($sql_contacts, MYSQLI_ASSOC), "contact_id");
// Get all contacts
// NOTE: These are called $sql_all and $row_all for a reason - anything overwriting $sql or $row will break the current while loop we are in from client_services.php
@ -126,7 +126,7 @@
<label for="vendors">Vendors</label>
<select multiple class="form-control" id="vendors" name="vendors[]">
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_vendors,MYSQLI_ASSOC), "vendor_id");
$selected_ids = array_column(mysqli_fetch_all($sql_vendors, MYSQLI_ASSOC), "vendor_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 0 AND vendor_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) {
@ -148,7 +148,7 @@
<label for="documents">Documents</label>
<select multiple class="form-control" id="documents" name="documents[]">
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_docs,MYSQLI_ASSOC), "document_id");
$selected_ids = array_column(mysqli_fetch_all($sql_docs, MYSQLI_ASSOC), "document_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) {
@ -181,7 +181,7 @@
<label for="assets">Assets</label>
<select multiple class="form-control" id="assets" name="assets[]">
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_assets,MYSQLI_ASSOC), "asset_id");
$selected_ids = array_column(mysqli_fetch_all($sql_assets, MYSQLI_ASSOC), "asset_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) {
@ -205,7 +205,7 @@
<label for="logins">Logins</label>
<select multiple class="form-control" id="logins" name="logins[]">
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_logins,MYSQLI_ASSOC), "login_id");
$selected_ids = array_column(mysqli_fetch_all($sql_logins, MYSQLI_ASSOC), "login_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) {
@ -234,7 +234,7 @@
<label for="domains">Domains</label>
<select multiple class="form-control" id="domains" name="domains[]">
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_domains,MYSQLI_ASSOC), "domain_id");
$selected_ids = array_column(mysqli_fetch_all($sql_domains, MYSQLI_ASSOC), "domain_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) {
@ -258,7 +258,7 @@
<label for="certificates">Certificates</label>
<select multiple class="form-control" id="certificates" name="certificates[]">
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_certificates,MYSQLI_ASSOC), "certificate_id");
$selected_ids = array_column(mysqli_fetch_all($sql_certificates, MYSQLI_ASSOC), "certificate_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM certificates WHERE certificate_client_id = '$client_id'");
while ($row_all = mysqli_fetch_array($sql_all)) {

80
client_services.php
View File

@ -12,13 +12,15 @@ if (!empty($_GET['sb'])) {
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
// Overview SQL query
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM services
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM services
WHERE service_client_id = '$client_id'
AND (service_name LIKE '%$q%' OR service_description LIKE '%$q%' OR service_category LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
@ -108,36 +110,37 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
// Associated Assets (and their logins/networks/locations)
$sql_assets = mysqli_query($mysqli, "SELECT * FROM service_assets
LEFT JOIN assets
ON service_assets.asset_id = assets.asset_id
LEFT JOIN logins
ON service_assets.asset_id = logins.login_asset_id
LEFT JOIN networks
ON assets.asset_network_id = networks.network_id
LEFT JOIN locations
ON assets.asset_location_id = locations.location_id
WHERE service_id = '$service_id'"
$sql_assets = mysqli_query(
$mysqli,
"SELECT * FROM service_assets
LEFT JOIN assets ON service_assets.asset_id = assets.asset_id
LEFT JOIN logins ON service_assets.asset_id = logins.login_asset_id
LEFT JOIN networks ON assets.asset_network_id = networks.network_id
LEFT JOIN locations ON assets.asset_location_id = locations.location_id
WHERE service_id = '$service_id'"
);
// Associated logins
$sql_logins = mysqli_query($mysqli, "SELECT * FROM service_logins
LEFT JOIN logins
ON service_logins.login_id = logins.login_id
WHERE service_id = '$service_id'"
$sql_logins = mysqli_query(
$mysqli,
"SELECT * FROM service_logins
LEFT JOIN logins ON service_logins.login_id = logins.login_id
WHERE service_id = '$service_id'"
);
// Associated Domains
$sql_domains = mysqli_query($mysqli, "SELECT * FROM service_domains
LEFT JOIN domains
ON service_domains.domain_id = domains.domain_id
WHERE service_id = '$service_id'"
$sql_domains = mysqli_query(
$mysqli,
"SELECT * FROM service_domains
LEFT JOIN domains ON service_domains.domain_id = domains.domain_id
WHERE service_id = '$service_id'"
);
// Associated Certificates
$sql_certificates = mysqli_query($mysqli, "SELECT * FROM service_certificates
LEFT JOIN certificates
ON service_certificates.certificate_id = certificates.certificate_id
WHERE service_id = '$service_id'"
$sql_certificates = mysqli_query(
$mysqli,
"SELECT * FROM service_certificates
LEFT JOIN certificates ON service_certificates.certificate_id = certificates.certificate_id
WHERE service_id = '$service_id'"
);
// Associated URLs ---- REMOVED for now
@ -145,24 +148,27 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
//WHERE service_id = '$service_id'");
// Associated Vendors
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM service_vendors
LEFT JOIN vendors
ON service_vendors.vendor_id = vendors.vendor_id
WHERE service_id = '$service_id'"
$sql_vendors = mysqli_query(
$mysqli,
"SELECT * FROM service_vendors
LEFT JOIN vendors ON service_vendors.vendor_id = vendors.vendor_id
WHERE service_id = '$service_id'"
);
// Associated Contacts
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM service_contacts
LEFT JOIN contacts
ON service_contacts.contact_id = contacts.contact_id
WHERE service_id = '$service_id'"
$sql_contacts = mysqli_query(
$mysqli,
"SELECT * FROM service_contacts
LEFT JOIN contacts ON service_contacts.contact_id = contacts.contact_id
WHERE service_id = '$service_id'"
);
// Associated Documents
$sql_docs = mysqli_query($mysqli, "SELECT * FROM service_documents
LEFT JOIN documents
ON service_documents.document_id = documents.document_id
WHERE service_id = '$service_id'"
$sql_docs = mysqli_query(
$mysqli,
"SELECT * FROM service_documents
LEFT JOIN documents ON service_documents.document_id = documents.document_id
WHERE service_id = '$service_id'"
);
require("client_service_edit_modal.php");

217
client_shared_items.php
View File

@ -1,131 +1,132 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q);
if (empty($phone_query)) {
$phone_query = $q;
}
}else{
$q = "";
$phone_query = "";
$q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) {
$phone_query = $q;
}
} else {
$q = "";
$phone_query = "";
}
// Sort
$sb = "item_created_at";
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM shared_items
WHERE item_client_id = $client_id
AND item_active = '1'
AND item_views != item_view_limit
AND item_expire_at > NOW()
AND (item_note LIKE '%$q%') ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM shared_items
WHERE item_client_id = $client_id
AND item_active = '1'
AND item_views != item_view_limit
AND item_expire_at > NOW()
AND (item_note LIKE '%$q%') ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fa fa-fw fa-share"></i> Shared Items (Links)</h3>
<h3 class="card-title"><i class="fa fa-fw fa-share"></i> Shared Items (Links)</h3>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Shared Items">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>Item Name</th>
<th>Item Type</th>
<th>Share Note</th>
<th>Views</th>
<th>Expires</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$item_id = $row['item_id'];
$item_active = htmlentities($row['item_active']);
$item_key = htmlentities($row['item_key']);
$item_type = htmlentities($row['item_type']);
$item_related_id = $row['item_related_id'];
$item_note = htmlentities($row['item_note']);
$item_views = htmlentities($row['item_views']);
$item_view_limit = htmlentities($row['item_view_limit']);
$item_created_at = $row['item_created_at'];
$item_expire_at = $row['item_expire_at'];
if ($item_type == 'Login') {
$share_item_sql = mysqli_query($mysqli, "SELECT login_name FROM logins WHERE login_id = '$item_related_id' AND login_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['login_name']);
}
elseif ($item_type == 'Document') {
$share_item_sql = mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_related_id' AND document_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['document_name']);
}
elseif ($item_type == 'File') {
$share_item_sql = mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['file_name']);
}
?>
<tr>
<td><?php echo $item_name; ?></td>
<td><?php echo $item_type ?></td>
<td><?php echo $item_note ?></td>
<td><?php echo "$item_views / $item_view_limit" ?></td>
<td><?php echo $item_expire_at ?></td>
<td>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger" href="post.php?deactivate_shared_item=<?php echo $item_id; ?>">Deactivate</a>
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Shared Items">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<?php } ?>
</td>
</tr>
</div>
<?php
}
?>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>Item Name</th>
<th>Item Type</th>
<th>Share Note</th>
<th>Views</th>
<th>Expires</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
while ($row = mysqli_fetch_array($sql)) {
$item_id = $row['item_id'];
$item_active = htmlentities($row['item_active']);
$item_key = htmlentities($row['item_key']);
$item_type = htmlentities($row['item_type']);
$item_related_id = $row['item_related_id'];
$item_note = htmlentities($row['item_note']);
$item_views = htmlentities($row['item_views']);
$item_view_limit = htmlentities($row['item_view_limit']);
$item_created_at = $row['item_created_at'];
$item_expire_at = $row['item_expire_at'];
if ($item_type == 'Login') {
$share_item_sql = mysqli_query($mysqli, "SELECT login_name FROM logins WHERE login_id = '$item_related_id' AND login_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['login_name']);
} elseif ($item_type == 'Document') {
$share_item_sql = mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_related_id' AND document_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['document_name']);
} elseif ($item_type == 'File') {
$share_item_sql = mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id'");
$share_item = mysqli_fetch_array($share_item_sql);
$item_name = htmlentities($share_item['file_name']);
}
?>
<tr>
<td><?php echo $item_name; ?></td>
<td><?php echo $item_type ?></td>
<td><?php echo $item_note ?></td>
<td><?php echo "$item_views / $item_view_limit" ?></td>
<td><?php echo $item_expire_at ?></td>
<td>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger" href="post.php?deactivate_shared_item=<?php echo $item_id; ?>">Deactivate</a>
</div>
</div>
<?php } ?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div>
</div>
<?php include("footer.php"); ?>
<?php
require_once("footer.php");

586
client_side_nav.php
View File

@ -1,335 +1,335 @@
<!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-<?php echo $config_theme; ?> d-print-none">
<!-- Sidebar -->
<div class="sidebar">
<!-- Sidebar Menu -->
<nav class="mt-3">
<!-- Sidebar -->
<div class="sidebar">
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<li class="nav-item">
<a href="clients.php" class="nav-link">
<i class="nav-icon fas fa-arrow-left"></i>
<p class="h4">Back | <small><strong><?php echo $client_name; ?></strong></small></p>
</a>
</li>
<!-- Sidebar Menu -->
<nav class="mt-3">
<li class="nav-item mt-3">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_overview.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Overview</p>
</a>
</li>
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<li class="nav-item">
<a href="client_contacts.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_contacts.php" || basename($_SERVER["PHP_SELF"]) == "client_contact_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>
Contacts
<?php
if ($num_contacts > 0) { ?>
<span class="right badge badge-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="clients.php" class="nav-link">
<i class="nav-icon fas fa-arrow-left"></i>
<p class="h4">Back | <small><strong><?php echo $client_name; ?></strong></small></p>
</a>
</li>
<li class="nav-item">
<a href="client_locations.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_locations.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-map-marker-alt"></i>
<p>
Locations
<?php
if ($num_locations > 0) { ?>
<span class="right badge badge-light"><?php echo $num_locations; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item mt-3">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_overview.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Overview</p>
</a>
</li>
<li class="nav-header mt-3">ASSETS</li>
<li class="nav-item">
<a href="client_contacts.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_contacts.php" || basename($_SERVER["PHP_SELF"]) == "client_contact_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>
Contacts
<?php
if ($num_contacts > 0) { ?>
<span class="right badge badge-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_assets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_assets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-desktop"></i>
<p>
Assets
<?php
if ($num_assets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_assets; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_locations.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_locations.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-map-marker-alt"></i>
<p>
Locations
<?php
if ($num_locations > 0) { ?>
<span class="right badge badge-light"><?php echo $num_locations; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_software.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-cube"></i>
<p>
Licenses
<?php
if ($num_software > 0) { ?>
<span class="right badge badge-light"><?php echo $num_software; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ASSETS</li>
<li class="nav-item">
<a href="client_logins.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logins.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-key"></i>
<p>
Passwords
<?php
if ($num_logins > 0) { ?>
<span class="right badge badge-light"><?php echo $num_logins; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_assets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_assets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-desktop"></i>
<p>
Assets
<?php
if ($num_assets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_assets; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_networks.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_networks.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-network-wired"></i>
<p>
Networks
<?php
if ($num_networks > 0) { ?>
<span class="right badge badge-light"><?php echo $num_networks; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_software.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-cube"></i>
<p>
Licenses
<?php
if ($num_software > 0) { ?>
<span class="right badge badge-light"><?php echo $num_software; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_certificates.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_certificates.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-lock"></i>
<p>
Certificates
<li class="nav-item">
<a href="client_logins.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logins.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-key"></i>
<p>
Passwords
<?php
if ($num_logins > 0) { ?>
<span class="right badge badge-light"><?php echo $num_logins; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php
if ($num_certificates > 0) { ?>
<span class="right badge badge-light"><?php echo $num_certificates; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_networks.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_networks.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-network-wired"></i>
<p>
Networks
<?php
if ($num_networks > 0) { ?>
<span class="right badge badge-light"><?php echo $num_networks; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_certs_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_certificates.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_certificates.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-lock"></i>
<p>
Certificates
<li class="nav-item">
<a href="client_domains.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_domains.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-globe"></i>
<p>
Domains
<?php
if ($num_domains > 0) { ?>
<span class="right badge badge-light"><?php echo $num_domains; ?></span>
<?php } ?>
<?php
if ($num_certificates > 0) { ?>
<span class="right badge badge-light"><?php echo $num_certificates; ?></span>
<?php } ?>
<?php if ($num_domains_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
<?php if ($num_certs_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_domains.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_domains.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-globe"></i>
<p>
Domains
<li class="nav-header mt-3">SUPPORT</li>
<?php
if ($num_domains > 0) { ?>
<span class="right badge badge-light"><?php echo $num_domains; ?></span>
<?php } ?>
<?php if ($config_module_enable_ticketing == 1) { ?>
<li class="nav-item">
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_tickets.php" || basename($_SERVER["PHP_SELF"]) == "client_scheduled_tickets.php" ) { echo "active"; } ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>
Tickets
<?php
if ($num_active_tickets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_active_tickets; ?></span>
<?php } ?>
<?php if ($num_domains_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
<?php if ($num_active_tickets > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<?php } ?>
<li class="nav-header mt-3">SUPPORT</li>
<li class="nav-item">
<a href="client_services.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_services.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-stream"></i>
<p>
Services
<?php
if ($num_services > 0) { ?>
<span class="right badge badge-light"><?php echo $num_services; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($config_module_enable_ticketing == 1) { ?>
<li class="nav-item">
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_tickets.php" || basename($_SERVER["PHP_SELF"]) == "client_scheduled_tickets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>
Tickets
<li class="nav-item">
<a href="client_vendors.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>
Vendors
<?php
if ($num_vendors > 0) { ?>
<span class="right badge badge-light"><?php echo $num_vendors; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php
if ($num_active_tickets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_active_tickets; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_events.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>
Events
<?php
if ($num_events > 0) { ?>
<span class="right badge badge-light"><?php echo $num_events; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_active_tickets > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
<li class="nav-item">
<a href="client_files.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_files.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-paperclip"></i>
<p>
Files
<?php
if ($num_files > 0) { ?>
<span class="right badge badge-light"><?php echo $num_files; ?></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<?php } ?>
<li class="nav-item">
<a href="client_documents.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_documents.php" || basename($_SERVER["PHP_SELF"]) == "client_document_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-alt"></i>
<p>
Documents
<?php
if ($num_documents > 0) { ?>
<span class="right badge badge-light"><?php echo $num_documents; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_services.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_services.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-stream"></i>
<p>
Services
<?php
if ($num_services > 0) { ?>
<span class="right badge badge-light"><?php echo $num_services; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($session_user_role == 1 || $session_user_role > 2 && $config_module_enable_accounting == 1) { ?>
<li class="nav-item">
<a href="client_vendors.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>
Vendors
<?php
if ($num_vendors > 0) { ?>
<span class="right badge badge-light"><?php echo $num_vendors; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ACCOUNTING</li>
<li class="nav-item">
<a href="client_events.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>
Events
<?php
if ($num_events > 0) { ?>
<span class="right badge badge-light"><?php echo $num_events; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Invoices
<?php
if ($num_invoices > 0) { ?>
<span class="right badge badge-light"><?php echo $num_invoices; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_files.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_files.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-paperclip"></i>
<p>
Files
<?php
if ($num_files > 0) { ?>
<span class="right badge badge-light"><?php echo $num_files; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_invoices_open > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
<li class="nav-item">
<a href="client_documents.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_documents.php" || basename($_SERVER["PHP_SELF"]) == "client_document_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-alt"></i>
<p>
Documents
<?php
if ($num_documents > 0) { ?>
<span class="right badge badge-light"><?php echo $num_documents; ?></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<?php if ($session_user_role == 1 || $session_user_role > 2 && $config_module_enable_accounting == 1) { ?>
<li class="nav-item">
<a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>
Recurring
<?php
if ($num_recurring > 0) { ?>
<span class="right badge badge-light"><?php echo $num_recurring; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ACCOUNTING</li>
<li class="nav-item">
<a href="client_quotes.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_quotes.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Quotes
<?php
if ($num_quotes > 0) { ?>
<span class="right badge badge-light"><?php echo $num_quotes; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Invoices
<li class="nav-item">
<a href="client_payments.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>
Payments
<?php
if ($num_payments > 0) { ?>
<span class="right badge badge-light"><?php echo $num_payments; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php
if ($num_invoices > 0) { ?>
<span class="right badge badge-light"><?php echo $num_invoices; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_trips.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_trips.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-route"></i>
<p>
Trips
<?php
if ($num_trips > 0) { ?>
<span class="right badge badge-light"><?php echo $num_trips; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_invoices_open > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">MORE</li>
<li class="nav-item">
<a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>
Recurring
<?php
if ($num_recurring > 0) { ?>
<span class="right badge badge-light"><?php echo $num_recurring; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-share"></i>
<p>
Shared Links
<?php
if ($num_shared_links > 0) { ?>
<span class="right badge badge-light"><?php echo $num_shared_links; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_quotes.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_quotes.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Quotes
<?php
if ($num_quotes > 0) { ?>
<span class="right badge badge-light"><?php echo $num_quotes; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_logs.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logs.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-eye"></i>
<p>Audit Logs</p>
</a>
</li>
<li class="nav-item">
<a href="client_payments.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>
Payments
<?php
if ($num_payments > 0) { ?>
<span class="right badge badge-light"><?php echo $num_payments; ?></span>
<?php } ?>
</p>
</a>
</li>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
<li class="nav-item">
<a href="client_trips.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_trips.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-route"></i>
<p>
Trips
<?php
if ($num_trips > 0) { ?>
<span class="right badge badge-light"><?php echo $num_trips; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php } ?>
<li class="nav-header mt-3">MORE</li>
<li class="nav-item">
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-share"></i>
<p>
Shared Links
<?php
if ($num_shared_links > 0) { ?>
<span class="right badge badge-light"><?php echo $num_shared_links; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_logs.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logs.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-eye"></i>
<p>Audit Logs</p>
</a>
</li>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
</aside>

354
client_software.php
View File

@ -1,200 +1,198 @@
<?php require_once("inc_all_client.php"); ?>
<?php
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "software_name";
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "software_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM software
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM software
LEFT JOIN logins ON login_software_id = software_id
WHERE software_client_id = $client_id
AND software_template = 0
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-cube"></i> Licenses</h3>
<div class="card-tools">
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addSoftwareModal">
<i class="fas fa-fw fa-plus"></i> New License
</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addSoftwareFromTemplateModal">From Template</a>
</div>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_software_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_name&o=<?php echo $disp; ?>">Software</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_license_type&o=<?php echo $disp; ?>">License Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_seats&o=<?php echo $disp; ?>">Seats</a></th>
<th></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']);
$software_type = htmlentities($row['software_type']);
$software_license_type = htmlentities($row['software_license_type']);
$software_key = htmlentities($row['software_key']);
$software_seats = htmlentities($row['software_seats']);
$software_purchase = $row['software_purchase'];
$software_expire = $row['software_expire'];
$software_notes = htmlentities($row['software_notes']);
// Get Login
$login_id = $row['login_id'];
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
$seat_count = 0;
// Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli,"SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array();
while ($row = mysqli_fetch_array($asset_licenses_sql)) {
$asset_licenses_array[] = $row['asset_id'];
$seat_count = $seat_count + 1;
}
$asset_licenses = implode(',',$asset_licenses_array);
// Contact Licenses
$contact_licenses_sql = mysqli_query($mysqli,"SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
$contact_licenses_array = array();
while ($row = mysqli_fetch_array($contact_licenses_sql)) {
$contact_licenses_array[] = $row['contact_id'];
$seat_count = $seat_count + 1;
}
$contact_licenses = implode(',',$contact_licenses_array);
?>
<tr>
<td><a class="text-dark" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>"><?php echo "$software_name<br><span class='text-secondary'>$software_version</span>"; ?></a></td>
<td><?php echo $software_type; ?></td>
<td><?php echo $software_license_type; ?></td>
<td><?php echo "$seat_count / $software_seats"; ?></td>
<td>
<?php
if ($login_id > 0) {
?>
<button type="button" class="btn btn-dark btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key"></i></button>
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> <?php echo $software_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-user"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
</div>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
}
?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-cube"></i> Licenses</h3>
<div class="card-tools">
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addSoftwareModal">
<i class="fas fa-fw fa-plus"></i> New License
</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_software=<?php echo $software_id; ?>">Archive and<br><small>Remove Licenses</small></a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_software=<?php echo $software_id; ?>">Delete and<br><small>Remove Licenses</small></a>
<?php } ?>
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addSoftwareFromTemplateModal">From Template</a>
</div>
</div>
</td>
</tr>
<?php
include("client_software_edit_modal.php");
}
?>
</tbody>
</table>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_software_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_name&o=<?php echo $disp; ?>">Software</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_license_type&o=<?php echo $disp; ?>">License Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=software_seats&o=<?php echo $disp; ?>">Seats</a></th>
<th></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']);
$software_type = htmlentities($row['software_type']);
$software_license_type = htmlentities($row['software_license_type']);
$software_key = htmlentities($row['software_key']);
$software_seats = htmlentities($row['software_seats']);
$software_purchase = $row['software_purchase'];
$software_expire = $row['software_expire'];
$software_notes = htmlentities($row['software_notes']);
// Get Login
$login_id = $row['login_id'];
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
$seat_count = 0;
// Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array();
while ($row = mysqli_fetch_array($asset_licenses_sql)) {
$asset_licenses_array[] = $row['asset_id'];
$seat_count = $seat_count + 1;
}
$asset_licenses = implode(',', $asset_licenses_array);
// Contact Licenses
$contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
$contact_licenses_array = array();
while ($row = mysqli_fetch_array($contact_licenses_sql)) {
$contact_licenses_array[] = $row['contact_id'];
$seat_count = $seat_count + 1;
}
$contact_licenses = implode(',', $contact_licenses_array);
?>
<tr>
<td><a class="text-dark" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>"><?php echo "$software_name<br><span class='text-secondary'>$software_version</span>"; ?></a></td>
<td><?php echo $software_type; ?></td>
<td><?php echo $software_license_type; ?></td>
<td><?php echo "$seat_count / $software_seats"; ?></td>
<td>
<?php
if ($login_id > 0) { ?>
<button type="button" class="btn btn-dark btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key"></i></button>
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> <?php echo $software_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-user"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
</div>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
}
?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editSoftwareModal<?php echo $software_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_software=<?php echo $software_id; ?>">Archive and<br><small>Remove Licenses</small></a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_software=<?php echo $software_id; ?>">Delete and<br><small>Remove Licenses</small></a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
require("client_software_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("client_software_add_modal.php"); ?>
<?php include("client_software_add_from_template_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("client_software_add_modal.php");
require_once("client_software_add_from_template_modal.php");
require_once("footer.php");

2
client_software_add_from_template_modal.php
View File

@ -20,7 +20,7 @@
<select class="form-control" name="software_template_id" required>
<option value="">- Select Template -</option>
<?php
$sql_software_templates = mysqli_query($mysqli,"SELECT * FROM software WHERE software_template = 1 AND company_id = $session_company_id AND software_archived_at IS NULL ORDER BY software_name ASC");
$sql_software_templates = mysqli_query($mysqli, "SELECT * FROM software WHERE software_template = 1 AND company_id = $session_company_id AND software_archived_at IS NULL ORDER BY software_name ASC");
while($row = mysqli_fetch_array($sql_software_templates)){
$software_template_id = $row['software_id'];
$software_template_name = htmlentities($row['software_name']);

4
client_software_add_modal.php
View File

@ -136,7 +136,7 @@
<ul class="list-group">
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$asset_id = $row['asset_id'];
@ -167,7 +167,7 @@
<ul class="list-group">
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];

8
client_software_edit_modal.php
View File

@ -136,7 +136,7 @@
<ul class="list-group">
<?php
$sql_assets_select = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
$sql_assets_select = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets_select)) {
$asset_id_select = $row['asset_id'];
@ -147,7 +147,7 @@
?>
<li class="list-group-item">
<div class="form-check">
<input type="checkbox" class="form-check-input" name="assets[]" value="<?php echo $asset_id_select; ?>" <?php if (in_array($asset_id_select,$asset_licenses_array)) { echo "checked"; } ?>>
<input type="checkbox" class="form-check-input" name="assets[]" value="<?php echo $asset_id_select; ?>" <?php if (in_array($asset_id_select, $asset_licenses_array)) { echo "checked"; } ?>>
<label class="form-check-label ml-2"><?php echo "$asset_name_select - $contact_name_select"; ?></label>
</div>
</li>
@ -167,7 +167,7 @@
<ul class="list-group">
<?php
$sql_contacts_select = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
$sql_contacts_select = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_contacts_select)) {
$contact_id_select = $row['contact_id'];
@ -177,7 +177,7 @@
?>
<li class="list-group-item">
<div class="form-check">
<input type="checkbox" class="form-check-input" name="contacts[]" value="<?php echo $contact_id_select; ?>" <?php if (in_array("$contact_id_select",$contact_licenses_array)) { echo "checked"; } ?>>
<input type="checkbox" class="form-check-input" name="contacts[]" value="<?php echo $contact_id_select; ?>" <?php if (in_array("$contact_id_select", $contact_licenses_array)) { echo "checked"; } ?>>
<label class="form-check-label ml-2"><?php echo "$contact_name_select - $contact_email_select"; ?></label>
</div>
</li>

37
client_software_templates.php
View File

@ -1,23 +1,22 @@
<?php require_once("inc_all_client.php"); ?>
<?php
<?php
require_once("inc_all_client.php");
if(!empty($_GET['sb'])){
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "software_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM software
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM software
LEFT JOIN logins ON login_software_id = software_id
WHERE software_template = 1
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -36,7 +35,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if(isset($q)){ echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Licenses">
@ -65,8 +64,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</thead>
<tbody>
<?php
while($row = mysqli_fetch_array($sql)){
while($row = mysqli_fetch_array($sql)){
$software_id = $row['software_id'];
$software_name = htmlentities($row['software_name']);
$software_version = htmlentities($row['software_version']);
@ -96,24 +95,24 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<a class="dropdown-item text-danger" href="post.php?delete_software=<?php echo $software_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
</div>
</td>
</tr>
<?php
include("client_software_template_edit_modal.php");
require("client_software_template_edit_modal.php");
}
?>
</tbody>
</table>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("client_software_template_add_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("client_software_template_add_modal.php");
require_once("footer.php");

360
client_tickets.php
View File

@ -1,203 +1,203 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "ticket_number";
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "ticket_number";
}
// Reverse default sort
if (!isset($_GET['o'])) {
$o = "DESC";
$disp = "ASC";
$o = "DESC";
$disp = "ASC";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM tickets
LEFT JOIN contacts ON ticket_contact_id = contact_id
LEFT JOIN users ON ticket_assigned_to = user_id
LEFT JOIN assets ON ticket_asset_id = asset_id
LEFT JOIN locations ON ticket_location_id = location_id
WHERE ticket_client_id = $client_id
AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM tickets
LEFT JOIN contacts ON ticket_contact_id = contact_id
LEFT JOIN users ON ticket_assigned_to = user_id
LEFT JOIN assets ON ticket_asset_id = asset_id
LEFT JOIN locations ON ticket_location_id = location_id
WHERE ticket_client_id = $client_id
AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Tickets</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="client_scheduled_tickets.php?client_id=<?php echo $client_id; ?>">Scheduled Tickets</a>
</div>
<div class="card-tools">
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal"><i class="fas fa-fw fa-plus"></i> New Ticket</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Tickets</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addScheduledTicketModal">Scheduled</a>
<a class="dropdown-item text-dark" href="client_scheduled_tickets.php?client_id=<?php echo $client_id; ?>">Scheduled Tickets</a>
</div>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Tickets">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_tickets_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_subject&o=<?php echo $disp; ?>">Subject</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=contact_name&o=<?php echo $disp; ?>">Contact</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_priority&o=<?php echo $disp; ?>">Priority</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_status&o=<?php echo $disp; ?>">Status</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=user_name&o=<?php echo $disp; ?>">Assigned</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_updated_at&o=<?php echo $disp; ?>">Last Response</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_created_at&o=<?php echo $disp; ?>">Created</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$ticket_id = $row['ticket_id'];
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = $row['ticket_details'];
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>";
}
else{
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
}
} else {
$ticket_updated_at_display = $ticket_updated_at;
}
$ticket_closed_at = $row['ticket_closed_at'];
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
}elseif ($ticket_status == "Working") {
$ticket_status_display = "<span class='p-2 badge badge-success'>$ticket_status</span>";
}else{
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
}
if ($ticket_priority == "High") {
$ticket_priority_display = "<span class='p-2 badge badge-danger'>$ticket_priority</span>";
}elseif ($ticket_priority == "Medium") {
$ticket_priority_display = "<span class='p-2 badge badge-warning'>$ticket_priority</span>";
}elseif ($ticket_priority == "Low") {
$ticket_priority_display = "<span class='p-2 badge badge-info'>$ticket_priority</span>";
}else{
$ticket_priority_display = "-";
}
$ticket_assigned_to = $row['ticket_assigned_to'];
if (empty($ticket_assigned_to)) {
if ($ticket_status == "Closed") {
$ticket_assigned_to_display = "<p>Not Assigned</p>";
}
else{
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
}
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
if (empty($contact_name)) {
$contact_display = "-";
}else{
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
$contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_extension = htmlentities($row['contact_extension']);
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
?>
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
<td><?php echo $contact_display; ?></td>
<td><?php echo $ticket_priority_display; ?></td>
<td><?php echo $ticket_status_display; ?></td>
<td><?php echo $ticket_assigned_to_display; ?></td>
<td><?php echo $ticket_updated_at_display; ?></td>
<td><?php echo $ticket_created_at; ?></td>
<td>
<?php if ($ticket_status !== "Closed") { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketModal<?php echo $ticket_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_ticket=<?php echo $ticket_id; ?>">Delete</a>
<?php } ?>
</div>
<div class="card-tools">
<div class="btn-group">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal"><i class="fas fa-fw fa-plus"></i> New Ticket</button>
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#addScheduledTicketModal">Scheduled</a>
</div>
<?php } ?>
</td>
</tr>
<?php
include("ticket_edit_modal.php");
}
?>
</tbody>
</table>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Tickets">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_tickets_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_subject&o=<?php echo $disp; ?>">Subject</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=contact_name&o=<?php echo $disp; ?>">Contact</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_priority&o=<?php echo $disp; ?>">Priority</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_status&o=<?php echo $disp; ?>">Status</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=user_name&o=<?php echo $disp; ?>">Assigned</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_updated_at&o=<?php echo $disp; ?>">Last Response</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=ticket_created_at&o=<?php echo $disp; ?>">Created</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$ticket_id = $row['ticket_id'];
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = $row['ticket_details'];
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>";
}
else{
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
}
} else {
$ticket_updated_at_display = $ticket_updated_at;
}
$ticket_closed_at = $row['ticket_closed_at'];
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
} elseif ($ticket_status == "Working") {
$ticket_status_display = "<span class='p-2 badge badge-success'>$ticket_status</span>";
} else{
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
}
if ($ticket_priority == "High") {
$ticket_priority_display = "<span class='p-2 badge badge-danger'>$ticket_priority</span>";
} elseif ($ticket_priority == "Medium") {
$ticket_priority_display = "<span class='p-2 badge badge-warning'>$ticket_priority</span>";
} elseif ($ticket_priority == "Low") {
$ticket_priority_display = "<span class='p-2 badge badge-info'>$ticket_priority</span>";
} else{
$ticket_priority_display = "-";
}
$ticket_assigned_to = $row['ticket_assigned_to'];
if (empty($ticket_assigned_to)) {
if ($ticket_status == "Closed") {
$ticket_assigned_to_display = "<p>Not Assigned</p>";
}
else {
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
}
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
if (empty($contact_name)) {
$contact_display = "-";
} else {
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
$contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_extension = htmlentities($row['contact_extension']);
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
?>
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
<td><?php echo $contact_display; ?></td>
<td><?php echo $ticket_priority_display; ?></td>
<td><?php echo $ticket_status_display; ?></td>
<td><?php echo $ticket_assigned_to_display; ?></td>
<td><?php echo $ticket_updated_at_display; ?></td>
<td><?php echo $ticket_created_at; ?></td>
<td>
<?php if ($ticket_status !== "Closed") { ?>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editTicketModal<?php echo $ticket_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_ticket=<?php echo $ticket_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
<?php } ?>
</td>
</tr>
<?php
require("ticket_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php
include("ticket_add_modal.php");
include("scheduled_ticket_add_modal.php");
?>
<?php include("footer.php"); ?>
require_once("ticket_add_modal.php");
require_once("scheduled_ticket_add_modal.php");
require_once("footer.php");

12
client_trips.php
View File

@ -3,7 +3,7 @@
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "trip_date";
}
@ -16,17 +16,17 @@ if (!isset($_GET['o'])) {
//Date From and Date To Filter
if (isset($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} else {
$dtf = "0000-00-00";
$dtt = "9999-00-00";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM trips
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM trips
LEFT JOIN users ON trip_user_id = user_id
WHERE (trip_purpose LIKE '%$q%' OR trip_source LIKE '%$q%' OR trip_destination LIKE '%$q%' OR user_name LIKE '%$q%')
AND DATE(trip_date) BETWEEN '$dtf' AND '$dtt'
@ -34,7 +34,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM trips
AND trip_client_id = $client_id
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

312
client_vendor_templates.php
View File

@ -1,180 +1,170 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q);
if (empty($phone_query)) {
$phone_query = $q;
}
}else{
$q = "";
$phone_query = "";
$q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) {
$phone_query = $q;
}
} else {
$q = "";
$phone_query = "";
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "vendor_name";
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "vendor_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_template = 1
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_template = 1
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2">
<i class="fa fa-fw fa-building"></i> Vendor Templates
</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="client_vendors.php?client_id=<?php echo $client_id; ?>">Vendors</a>
</div>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addVendorTemplateModal">
<i class="fas fa-fw fa-plus"></i> New Template
</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Vendors Templates">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
<div class="card-header py-2">
<h3 class="card-title mt-2">
<i class="fa fa-fw fa-building"></i> Vendor Templates
</h3>
<button type="button" class="btn btn-dark dropdown-toggle ml-1" data-toggle="dropdown"></button>
<div class="dropdown-menu">
<a class="dropdown-item text-dark" href="client_vendors.php?client_id=<?php echo $client_id; ?>">Vendors</a>
</div>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addVendorTemplateModal">
<i class="fas fa-fw fa-plus"></i> New Template
</button>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_name&o=<?php echo $disp; ?>">Vendor</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_description&o=<?php echo $disp; ?>">Description</a></th>
<th>Contact</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
$vendor_description = htmlentities($row['vendor_description']);
if (empty($vendor_description)) {
$vendor_description_display = "-";
}else{
$vendor_description_display = $vendor_description;
}
$vendor_account_number = htmlentities($row['vendor_account_number']);
$vendor_contact_name = htmlentities($row['vendor_contact_name']);
if (empty($vendor_contact_name)) {
$vendor_contact_name_display = "-";
}else{
$vendor_contact_name_display = $vendor_contact_name;
}
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = htmlentities($row['vendor_extension']);
$vendor_email = htmlentities($row['vendor_email']);
$vendor_website = htmlentities($row['vendor_website']);
$vendor_hours = htmlentities($row['vendor_hours']);
$vendor_sla = htmlentities($row['vendor_sla']);
$vendor_code = htmlentities($row['vendor_code']);
$vendor_notes = htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
?>
<tr>
<th>
<i class="fa fa-fw fa-building text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></a>
<?php
if (!empty($vendor_account_number)) {
?>
<br>
<small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<?php
}
?>
</th>
<td><?php echo $vendor_description_display; ?></td>
<td>
<?php
if (!empty($vendor_contact_name)) {
?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<br>
<?php
}else{
echo $vendor_contact_name_display;
}
?>
<?php
if (!empty($vendor_phone)) {
?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
<br>
<?php
}
?>
<?php
if (!empty($vendor_email)) {
?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
<br>
<?php
}
?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
include("vendor_template_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Vendors Templates">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_name&o=<?php echo $disp; ?>">Vendor</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_description&o=<?php echo $disp; ?>">Description</a></th>
<th>Contact</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
$vendor_description = htmlentities($row['vendor_description']);
if (empty($vendor_description)) {
$vendor_description_display = "-";
} else {
$vendor_description_display = $vendor_description;
}
$vendor_account_number = htmlentities($row['vendor_account_number']);
$vendor_contact_name = htmlentities($row['vendor_contact_name']);
if (empty($vendor_contact_name)) {
$vendor_contact_name_display = "-";
} else {
$vendor_contact_name_display = $vendor_contact_name;
}
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = htmlentities($row['vendor_extension']);
$vendor_email = htmlentities($row['vendor_email']);
$vendor_website = htmlentities($row['vendor_website']);
$vendor_hours = htmlentities($row['vendor_hours']);
$vendor_sla = htmlentities($row['vendor_sla']);
$vendor_code = htmlentities($row['vendor_code']);
$vendor_notes = htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
?>
<tr>
<th>
<i class="fa fa-fw fa-building text-secondary"></i>
<a class="text-dark" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></a>
<?php
if (!empty($vendor_account_number)) { ?>
<br>
<small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<?php } ?>
</th>
<td><?php echo $vendor_description_display; ?></td>
<td>
<?php
if (!empty($vendor_contact_name)) { ?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<br>
<?php } else {
echo $vendor_contact_name_display;
}
if (!empty($vendor_phone)) { ?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
<br>
<?php }
if (!empty($vendor_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
<br>
<?php } ?>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editVendorTemplateModal<?php echo $vendor_id; ?>">Edit</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">Delete</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php
require("vendor_template_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("vendor_template_add_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("vendor_template_add_modal.php");
require_once("footer.php");

12
client_vendors.php
View File

@ -3,9 +3,9 @@
require_once("inc_all_client.php");
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,$_GET['q']));
$q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$q);
$phone_query = preg_replace("/[^0-9]/", '', $q);
if (empty($phone_query)) {
$phone_query = $q;
}
@ -15,20 +15,20 @@ if (isset($_GET['q'])) {
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "vendor_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM vendors
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_client_id = $client_id
AND vendor_template = 0
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

46
clients.php
View File

@ -15,9 +15,9 @@ if (isset($_GET['p'])) {
//Custom Query Filter
if (isset($_GET['query'])) {
$query = strip_tags(mysqli_real_escape_string($mysqli,$_GET['query']));
$query = strip_tags(mysqli_real_escape_string($mysqli, $_GET['query']));
//Phone Numbers
$phone_query = preg_replace("/[^0-9]/", '',$query);
$phone_query = preg_replace("/[^0-9]/", '', $query);
if (empty($phone_query)) {
$phone_query = $query;
}
@ -28,7 +28,7 @@ if (isset($_GET['query'])) {
//Column Filter
if (!empty($_GET['sortby'])) {
$sortby = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sortby']));
$sortby = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sortby']));
} else {
$sortby = "client_accessed_at";
}
@ -55,41 +55,41 @@ if (empty($_GET['canned_date'])) {
//Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['date_from'])) {
$date_from = strip_tags(mysqli_real_escape_string($mysqli,$_GET['date_from']));
$date_to = strip_tags(mysqli_real_escape_string($mysqli,$_GET['date_to']));
$date_from = strip_tags(mysqli_real_escape_string($mysqli, $_GET['date_from']));
$date_to = strip_tags(mysqli_real_escape_string($mysqli, $_GET['date_to']));
} elseif ($_GET['canned_date'] == "today") {
$date_from = date('Y-m-d');
$date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") {
$date_from = date('Y-m-d',strtotime("yesterday"));
$date_to = date('Y-m-d',strtotime("yesterday"));
$date_from = date('Y-m-d', strtotime("yesterday"));
$date_to = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") {
$date_from = date('Y-m-d',strtotime("monday this week"));
$date_from = date('Y-m-d', strtotime("monday this week"));
$date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") {
$date_from = date('Y-m-d',strtotime("monday last week"));
$date_to = date('Y-m-d',strtotime("sunday last week"));
$date_from = date('Y-m-d', strtotime("monday last week"));
$date_to = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") {
$date_from = date('Y-m-01');
$date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") {
$date_from = date('Y-m-d',strtotime("first day of last month"));
$date_to = date('Y-m-d',strtotime("last day of last month"));
$date_from = date('Y-m-d', strtotime("first day of last month"));
$date_to = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") {
$date_from = date('Y-01-01');
$date_to = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") {
$date_from = date('Y-m-d',strtotime("first day of january last year"));
$date_to = date('Y-m-d',strtotime("last day of december last year"));
$date_from = date('Y-m-d', strtotime("first day of january last year"));
$date_to = date('Y-m-d', strtotime("last day of december last year"));
} else {
$date_from = "0000-00-00";
$date_to = "9999-00-00";
}
//Rebuild URL
$url_query_strings_sortby = http_build_query(array_merge($_GET,array('sortby' => $sortby, 'order' => $order)));
$url_query_strings_sortby = http_build_query(array_merge($_GET, array('sortby' => $sortby, 'order' => $order)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM clients
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM clients
LEFT JOIN contacts ON clients.primary_contact = contacts.contact_id AND contact_archived_at IS NULL
LEFT JOIN locations ON clients.primary_location = locations.location_id AND location_archived_at IS NULL
WHERE (client_name LIKE '%$query%' OR client_type LIKE '%$query%' OR client_referral LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_name LIKE '%$query%' OR contact_phone LIKE '%$phone_query%'
@ -100,7 +100,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM clients
ORDER BY $sortby $order LIMIT $record_from, $record_to
");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -202,7 +202,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$client_net_terms = htmlentities($row['client_net_terms']);
$client_referral = htmlentities($row['client_referral']);
$client_notes = htmlentities($row['client_notes']);
$client_created_at = date('Y-m-d',strtotime($row['client_created_at']));
$client_created_at = date('Y-m-d', strtotime($row['client_created_at']));
$client_updated_at = $row['client_updated_at'];
$client_archive_at = $row['client_archived_at'];
@ -210,7 +210,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$client_tag_name_display_array = array();
$client_tag_id_array = array();
$sql_client_tags = mysqli_query($mysqli,"SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
$sql_client_tags = mysqli_query($mysqli, "SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
while ($row = mysqli_fetch_array($sql_client_tags)) {
$client_tag_id = $row['tag_id'];
@ -231,12 +231,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$client_tags_display = implode('', $client_tag_name_display_array);
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' ");
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' ");
$row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = $row['invoice_amounts'];
$sql_amount_paid = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id");
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id");
$row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = $row['amount_paid'];
@ -250,13 +250,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
}
//Get Monthly Recurring Total
$sql_recurring_monthly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$sql_recurring_monthly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_monthly_total);
$recurring_monthly_total = $row['recurring_monthly_total'];
//Get Yearly Recurring Total
$sql_recurring_yearly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$sql_recurring_yearly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_yearly_total);
$recurring_yearly_total = $row['recurring_yearly_total'] / 12;

8
companies.php
View File

@ -2,20 +2,20 @@
require_once("inc_all_settings.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "company_name";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM companies, settings
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM companies, settings
WHERE companies.company_id = settings.company_id
AND (company_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

245
cron.php
View File

@ -3,7 +3,7 @@
require_once("config.php");
require_once("functions.php");
$sql_companies = mysqli_query($mysqli,"SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id");
$sql_companies = mysqli_query($mysqli, "SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id");
while($row = mysqli_fetch_array($sql_companies)){
$company_id = $row['company_id'];
@ -50,7 +50,7 @@ while($row = mysqli_fetch_array($sql_companies)){
if ($config_enable_cron == 1) {
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Cron', log_action = 'Started', log_description = 'Cron started for $company_name', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Started', log_description = 'Cron started for $company_name', company_id = $company_id");
// REFRESH DOMAIN WHOIS DATA (1 a day)
@ -70,7 +70,7 @@ while($row = mysqli_fetch_array($sql_companies)){
$whois = mysqli_real_escape_string($mysqli, $records['whois']);
// Update the domain
mysqli_query($mysqli,"UPDATE domains SET domain_name = '$domain_name', domain_expire = '$expire', domain_ip = '$a', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_txt = '$txt', domain_raw_whois = '$whois' WHERE domain_id = $domain_id");
mysqli_query($mysqli, "UPDATE domains SET domain_name = '$domain_name', domain_expire = '$expire', domain_ip = '$a', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_txt = '$txt', domain_raw_whois = '$whois' WHERE domain_id = $domain_id");
}
// GET NOTIFICATIONS
@ -82,7 +82,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($domainAlertArray as $day){
//Get Domains Expiring
$sql = mysqli_query($mysqli,"SELECT * FROM domains
$sql = mysqli_query(
$mysqli,
"SELECT * FROM domains
LEFT JOIN clients ON domain_client_id = client_id
WHERE domain_expire = CURDATE() + INTERVAL $day DAY
AND domains.company_id = $company_id"
@ -90,12 +92,12 @@ while($row = mysqli_fetch_array($sql_companies)){
while($row = mysqli_fetch_array($sql)){
$domain_id = $row['domain_id'];
$domain_name = mysqli_real_escape_string($mysqli,$row['domain_name']);
$domain_name = mysqli_real_escape_string($mysqli, $row['domain_name']);
$domain_expire = $row['domain_expire'];
$client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']);
$client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Domain', notification = 'Domain $domain_name for $client_name will expire in $day Days on $domain_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Domain', notification = 'Domain $domain_name for $client_name will expire in $day Days on $domain_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
}
@ -108,7 +110,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($certificateAlertArray as $day){
//Get Certs Expiring
$sql = mysqli_query($mysqli,"SELECT * FROM certificates
$sql = mysqli_query(
$mysqli,
"SELECT * FROM certificates
LEFT JOIN clients ON certificate_client_id = client_id
WHERE certificate_expire = CURDATE() + INTERVAL $day DAY
AND certificates.company_id = $company_id"
@ -116,13 +120,13 @@ while($row = mysqli_fetch_array($sql_companies)){
while($row = mysqli_fetch_array($sql)){
$certificate_id = $row['certificate_id'];
$certificate_name = mysqli_real_escape_string($mysqli,$row['certificate_name']);
$certificate_name = mysqli_real_escape_string($mysqli, $row['certificate_name']);
$certificate_domain = $row['certificate_domain'];
$certificate_expire = $row['certificate_expire'];
$client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']);
$client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Certificate', notification = 'Certificate $certificate_name for $client_name will expire in $day Days on $certificate_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Certificate', notification = 'Certificate $certificate_name for $client_name will expire in $day Days on $certificate_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
}
@ -135,7 +139,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($warranty_alert_array as $day){
//Get Asset Warranty Expiring
$sql = mysqli_query($mysqli,"SELECT * FROM assets
$sql = mysqli_query(
$mysqli,
"SELECT * FROM assets
LEFT JOIN clients ON asset_client_id = client_id
WHERE asset_warranty_expire = CURDATE() + INTERVAL $day DAY
AND assets.company_id = $company_id"
@ -143,12 +149,12 @@ while($row = mysqli_fetch_array($sql_companies)){
while($row = mysqli_fetch_array($sql)){
$asset_id = $row['asset_id'];
$asset_name = mysqli_real_escape_string($mysqli,$row['asset_name']);
$asset_name = mysqli_real_escape_string($mysqli, $row['asset_name']);
$asset_warranty_expire = $row['asset_warranty_expire'];
$client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']);
$client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Asset', notification = 'Asset $asset_name warranty for $client_name will expire in $day Days on $asset_warranty_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Asset', notification = 'Asset $asset_name warranty for $client_name will expire in $day Days on $asset_warranty_expire', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
}
@ -166,8 +172,8 @@ while($row = mysqli_fetch_array($sql_companies)){
if(mysqli_num_rows($sql_scheduled_tickets) > 0){
while($row = mysqli_fetch_array($sql_scheduled_tickets)){
$schedule_id = $row['scheduled_ticket_id'];
$subject = mysqli_real_escape_string($mysqli,$row['scheduled_ticket_subject']);
$details = mysqli_real_escape_string($mysqli,$row['scheduled_ticket_details']);
$subject = mysqli_real_escape_string($mysqli, $row['scheduled_ticket_subject']);
$details = mysqli_real_escape_string($mysqli, $row['scheduled_ticket_details']);
$priority = $row['scheduled_ticket_priority'];
$frequency = strtolower($row['scheduled_ticket_frequency']);
$created_id = $row['scheduled_ticket_created_by'];
@ -179,20 +185,20 @@ while($row = mysqli_fetch_array($sql_companies)){
//Get the next Ticket Number and add 1 for the new ticket number
$ticket_number = $config_ticket_next_number;
$new_config_ticket_next_number = $config_ticket_next_number + 1;
mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = '$company_id'");
mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = '$company_id'");
// Raise the ticket
mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = $created_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = $created_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id, company_id = $company_id");
$id = mysqli_insert_id($mysqli);
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'System created scheduled $frequency ticket - $subject', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id, log_user_id = $created_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'System created scheduled $frequency ticket - $subject', log_created_at = NOW(), log_client_id = $client_id, company_id = $company_id, log_user_id = $created_id");
// E-mail client
if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1) {
// Get contact/ticket/company details
$sql = mysqli_query($mysqli,"SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, company_phone FROM tickets
$sql = mysqli_query($mysqli, "SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, company_phone FROM tickets
LEFT JOIN clients ON ticket_client_id = client_id
LEFT JOIN contacts ON ticket_contact_id = contact_id
LEFT JOIN companies ON tickets.company_id = companies.company_id
@ -212,14 +218,23 @@ while($row = mysqli_fetch_array($sql_companies)){
$subject = "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)";
$body = "<i style='color: #808080'>#--itflow--#</i><br><br>Hello, $contact_name<br><br>A ticket regarding \"$ticket_subject\" has been automatically created for you.<br><br>--------------------------------<br>$details--------------------------------<br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: Open<br>Portal: https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_ticket_from_email, $config_ticket_from_name,
$contact_email, $contact_name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_ticket_from_email,
$config_ticket_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
if ($mail !== true) {
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
}
}
@ -273,7 +288,9 @@ while($row = mysqli_fetch_array($sql_companies)){
foreach($invoiceAlertArray as $day){
$sql = mysqli_query($mysqli,"SELECT * FROM invoices
$sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON contact_id = primary_contact
WHERE invoice_status NOT LIKE 'Draft'
@ -295,29 +312,38 @@ while($row = mysqli_fetch_array($sql_companies)){
$invoice_amount = $row['invoice_amount'];
$invoice_currency_code = $row['invoice_currency_code'];
$client_id = $row['client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']);
$client_name = mysqli_real_escape_string($mysqli, $row['client_name']);
$contact_name = $row['contact_name'];
$contact_email = $row['contact_email'];
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Invoice Overdue', notification = 'Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount is overdue by $day days', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Invoice Overdue', notification = 'Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount is overdue by $day days', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
$subject = "Overdue Invoice $invoice_prefix$invoice_number";
$body = "Hello $contact_name,<br><br>According to our records, we have not received payment for invoice $invoice_prefix$invoice_number. Please submit your payment as soon as possible. If you have any questions please contact us at $company_phone.
<br><br>
Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_invoice_from_email, $config_invoice_from_name,
$contact_email, $contact_name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_invoice_from_email,
$config_invoice_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
if ($mail === true) {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id");
} else {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Failed to send Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Failed to send Overdue Invoice', history_created_at = NOW(), history_invoice_id = $invoice_id, company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
}
}
@ -327,7 +353,7 @@ while($row = mysqli_fetch_array($sql_companies)){
//Send Recurring Invoices that match todays date and are active
//Loop through all recurring that match today's date and is active
$sql_recurring = mysqli_query($mysqli,"SELECT * FROM recurring LEFT JOIN clients ON client_id = recurring_client_id WHERE recurring_next_date = CURDATE() AND recurring_status = 1 AND recurring.company_id = $company_id");
$sql_recurring = mysqli_query($mysqli, "SELECT * FROM recurring LEFT JOIN clients ON client_id = recurring_client_id WHERE recurring_next_date = CURDATE() AND recurring_status = 1 AND recurring.company_id = $company_id");
while($row = mysqli_fetch_array($sql_recurring)){
$recurring_id = $row['recurring_id'];
@ -338,36 +364,36 @@ while($row = mysqli_fetch_array($sql_companies)){
$recurring_next_date = $row['recurring_next_date'];
$recurring_amount = $row['recurring_amount'];
$recurring_currency_code = $row['recurring_currency_code'];
$recurring_note = mysqli_real_escape_string($mysqli,$row['recurring_note']); //Escape SQL
$recurring_note = mysqli_real_escape_string($mysqli, $row['recurring_note']); //Escape SQL
$category_id = $row['recurring_category_id'];
$client_id = $row['recurring_client_id'];
$client_name = mysqli_real_escape_string($mysqli,$row['client_name']); //Escape SQL just in case a name is like Safran's etc
$client_name = mysqli_real_escape_string($mysqli, $row['client_name']); //Escape SQL just in case a name is like Safran's etc
$client_net_terms = $row['client_net_terms'];
//Get the last Invoice Number and add 1 for the new invoice number
$sql_invoice_number = mysqli_query($mysqli,"SELECT * FROM settings WHERE company_id = $company_id");
$sql_invoice_number = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = $company_id");
$row = mysqli_fetch_array($sql_invoice_number);
$config_invoice_next_number = $row['config_invoice_next_number'];
$new_invoice_number = $config_invoice_next_number;
$new_config_invoice_next_number = $config_invoice_next_number + 1;
mysqli_query($mysqli,"UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $company_id");
mysqli_query($mysqli, "UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $company_id");
//Generate a unique URL key for clients to access
$url_key = randomString(156);
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_amount = '$recurring_amount', invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_created_at = NOW(), invoice_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_amount = '$recurring_amount', invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_created_at = NOW(), invoice_client_id = $client_id, company_id = $company_id");
$new_invoice_id = mysqli_insert_id($mysqli);
//Copy Items from original recurring invoice to new invoice
$sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id ORDER BY item_id ASC");
$sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id ORDER BY item_id ASC");
while($row = mysqli_fetch_array($sql_invoice_items)){
$item_id = $row['item_id'];
$item_name = mysqli_real_escape_string($mysqli,$row['item_name']); //SQL Escape incase of ,
$item_description = mysqli_real_escape_string($mysqli,$row['item_description']); //SQL Escape incase of ,
$item_name = mysqli_real_escape_string($mysqli, $row['item_name']); //SQL Escape incase of ,
$item_description = mysqli_real_escape_string($mysqli, $row['item_description']); //SQL Escape incase of ,
$item_quantity = $row['item_quantity'];
$item_price = $row['item_price'];
$item_subtotal = $row['item_subtotal'];
@ -376,20 +402,22 @@ while($row = mysqli_fetch_array($sql_companies)){
$tax_id = $row['item_tax_id'];
//Insert Items into New Invoice
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = '$item_quantity', item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), item_tax_id = $tax_id, item_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = '$item_quantity', item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), item_tax_id = $tax_id, item_invoice_id = $new_invoice_id, company_id = $company_id");
}
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice Generated from Recurring!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice Generated from Recurring!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Recurring Sent', notification = 'Recurring Invoice $config_invoice_prefix$new_invoice_number for $client_name Sent', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Recurring Sent', notification = 'Recurring Invoice $config_invoice_prefix$new_invoice_number for $client_name Sent', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
//Update recurring dates
mysqli_query($mysqli,"UPDATE recurring SET recurring_last_sent = CURDATE(), recurring_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_frequency), recurring_updated_at = NOW() WHERE recurring_id = $recurring_id");
mysqli_query($mysqli, "UPDATE recurring SET recurring_last_sent = CURDATE(), recurring_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_frequency), recurring_updated_at = NOW() WHERE recurring_id = $recurring_id");
if($config_recurring_auto_send_invoice == 1){
$sql = mysqli_query($mysqli,"SELECT * FROM invoices
$sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON contact_id = primary_contact
WHERE invoice_id = $new_invoice_id
@ -412,20 +440,29 @@ while($row = mysqli_fetch_array($sql_companies)){
$subject = "Invoice $invoice_prefix$invoice_number";
$body = "Hello $contact_name,<br><br>Please view the details of the invoice below.<br><br>Invoice: $invoice_prefix$invoice_number<br>Issue Date: $invoice_date<br>Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "<br>Due Date: $invoice_due<br><br><br>To view your invoice click <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$new_invoice_id&url_key=$invoice_url_key'>here</a><br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_invoice_from_email, $config_invoice_from_name,
$contact_email, $contact_name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_invoice_from_email,
$config_invoice_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
if ($mail === true) {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli,"UPDATE invoices SET invoice_status = 'Sent', invoice_updated_at = NOW(), invoice_client_id = $client_id WHERE invoice_id = $new_invoice_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli, "UPDATE invoices SET invoice_status = 'Sent', invoice_updated_at = NOW(), invoice_client_id = $client_id WHERE invoice_id = $new_invoice_id");
} else {
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'Cron Failed to send Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Draft', history_description = 'Cron Failed to send Invoice!', history_created_at = NOW(), history_invoice_id = $new_invoice_id, company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', company_id = $company_id");
}
} //End if Autosend is on
@ -436,163 +473,163 @@ while($row = mysqli_fetch_array($sql_companies)){
$current_version = exec("git rev-parse HEAD");
// Client Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('client_id') AS num FROM clients"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('client_id') AS num FROM clients"));
$client_count = $row['num'];
// Ticket Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM tickets"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM tickets"));
$ticket_count = $row['num'];
// Calendar Event Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('event_id') AS num FROM events"));
$calendar_event_count = $row['num'];
// Quote Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('quote_id') AS num FROM quotes"));
$quote_count = $row['num'];
// Invoice Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices"));
$invoice_count = $row['num'];
// Revenue Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('revenue_id') AS num FROM revenues"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('revenue_id') AS num FROM revenues"));
$revenue_count = $row['num'];
// Recurring Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM recurring"));
$recurring_count = $row['num'];
// Account Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('account_id') AS num FROM accounts"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('account_id') AS num FROM accounts"));
$account_count = $row['num'];
// Tax Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tax_id') AS num FROM taxes"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('tax_id') AS num FROM taxes"));
$tax_count = $row['num'];
// Product Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('product_id') AS num FROM products"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('product_id') AS num FROM products"));
$product_count = $row['num'];
// Payment Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0"));
$payment_count = $row['num'];
// Company Vendor Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0"));
$company_vendor_count = $row['num'];
// Expense Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0"));
$expense_count = $row['num'];
// Trip Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('trip_id') AS num FROM trips"));
$trip_count = $row['num'];
// Transfer Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('transfer_id') AS num FROM transfers"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('transfer_id') AS num FROM transfers"));
$transfer_count = $row['num'];
// Contact Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS num FROM contacts"));
$contact_count = $row['num'];
// Location Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('location_id') AS num FROM locations"));
$location_count = $row['num'];
// Asset Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS num FROM assets"));
$asset_count = $row['num'];
// Software Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0"));
$software_count = $row['num'];
// Software Template Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1"));
$software_template_count = $row['num'];
// Password Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('login_id') AS num FROM logins"));
$password_count = $row['num'];
// Network Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('network_id') AS num FROM networks"));
$network_count = $row['num'];
// Certificate Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') AS num FROM certificates"));
$certificate_count = $row['num'];
// Domain Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') AS num FROM domains"));
$domain_count = $row['num'];
// Service Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services"));
$service_count = $row['num'];
// Client Vendor Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0"));
$client_vendor_count = $row['num'];
// Vendor Template Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1"));
$vendor_template_count = $row['num'];
// File Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('file_id') AS num FROM files"));
$file_count = $row['num'];
// Document Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0"));
$document_count = $row['num'];
// Document Template Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1"));
$document_template_count = $row['num'];
// Shared Item Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('item_id') AS num FROM shared_items"));
$shared_item_count = $row['num'];
// Company Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('company_id') AS num FROM companies"));
$company_count = $row['num'];
// User Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('user_id') AS num FROM users"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('user_id') AS num FROM users"));
$user_count = $row['num'];
// Category Expense Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'"));
$category_expense_count = $row['num'];
// Category Income Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'"));
$category_income_count = $row['num'];
// Category Referral Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'"));
$category_referral_count = $row['num'];
// Category Payment Method Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'"));
$category_payment_method_count = $row['num'];
// Tag Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tag_id') AS num FROM tags"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('tag_id') AS num FROM tags"));
$tag_count = $row['num'];
// API Key Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('api_key_id') AS num FROM api_keys"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('api_key_id') AS num FROM api_keys"));
$api_key_count = $row['num'];
// Log Count
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('log_id') AS num FROM logs"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('log_id') AS num FROM logs"));
$log_count = $row['num'];
$postdata = http_build_query(
@ -668,14 +705,14 @@ while($row = mysqli_fetch_array($sql_companies)){
$result = file_get_contents('https://telemetry.itflow.org', false, $context);
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Cron', log_action = 'Telemetry', log_description = 'Cron sent telemetry results to ITFlow Developers', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Telemetry', log_description = 'Cron sent telemetry results to ITFlow Developers', company_id = $company_id");
}
//Send Alert to inform Cron was run
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Cron', notification = 'Cron.php successfully executed', notification_timestamp = NOW(), company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Cron', notification = 'Cron.php successfully executed', notification_timestamp = NOW(), company_id = $company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Cron', log_action = 'Ended', log_description = 'Cron executed successfully for $company_name', company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Ended', log_description = 'Cron executed successfully for $company_name', company_id = $company_id");
} //End Cron Check
} //End Company Loop through

19
cron_ticket_email_parser.php
View File

@ -88,10 +88,19 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $comp
$email_subject = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject";
$email_body = "<i style='color: #808080'>#--itflow--#</i><br><br>Hello, $contact_name<br><br>Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.<br><br>Ticket: $config_ticket_prefix$ticket_number<br>Subject: $subject<br>Status: Open<br>https://$config_base_url/portal/ticket.php?id=$id<br><br>~<br>$company_name<br>Support Department<br>$config_ticket_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_ticket_from_email, $config_ticket_from_name,
$contact_email, $contact_name,
$email_subject, $email_body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_ticket_from_email,
$config_ticket_from_name,
$contact_email,
$contact_name,
$email_subject,
$email_body
);
if ($mail !== true) {
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $company_id");
@ -203,7 +212,7 @@ if (array_search("{{$imap_mailbox}}$imap_folder", $list) === false) {
}
// Search for unread ("UNSEEN") emails
$emails = imap_search($imap,'UNSEEN');
$emails = imap_search($imap, 'UNSEEN');
if ($emails) {

14
dashboard_financial.php
View File

@ -58,17 +58,21 @@ $profit = $total_income - $total_expenses;
$sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE company_id = $session_company_id");
$sql_latest_invoice_payments = mysqli_query($mysqli, "SELECT * FROM payments, invoices, clients
$sql_latest_invoice_payments = mysqli_query(
$mysqli,
"SELECT * FROM payments, invoices, clients
WHERE payment_invoice_id = invoice_id
AND invoice_client_id = client_id
AND clients.company_id = $session_company_id
AND clients.company_id = $session_company_id
ORDER BY payment_id DESC LIMIT 5"
);
$sql_latest_expenses = mysqli_query($mysqli, "SELECT * FROM expenses, vendors, categories
$sql_latest_expenses = mysqli_query(
$mysqli,
"SELECT * FROM expenses, vendors, categories
WHERE expense_vendor_id = vendor_id
AND expense_category_id = category_id
AND expenses.company_id = $session_company_id
AND expenses.company_id = $session_company_id
ORDER BY expense_id DESC LIMIT 5"
);
@ -194,7 +198,7 @@ $vendors_added = $row['vendors_added'];
<!-- small box -->
<a class="small-box bg-secondary" href="trips.php?dtf=<?php echo $year; ?>-01-01&dtt=<?php echo $year; ?>-12-31">
<div class="inner">
<h3><?php echo number_format($total_miles,2); ?></h3>
<h3><?php echo number_format($total_miles, 2); ?></h3>
<p>Miles Traveled</p>
</div>
<div class="icon">

28
dashboard_technical.php
View File

@ -9,7 +9,9 @@ if (isset($_GET['year'])) {
}
// GET unique years from expenses, payments and revenues
$sql_payment_years = mysqli_query($mysqli, "SELECT YEAR(expense_date) AS all_years FROM expenses
$sql_payment_years = mysqli_query(
$mysqli,
"SELECT YEAR(expense_date) AS all_years FROM expenses
WHERE company_id = $session_company_id
UNION DISTINCT SELECT YEAR(payment_date) FROM payments WHERE company_id = $session_company_id
UNION DISTINCT SELECT YEAR(revenue_date) FROM revenues WHERE company_id = $session_company_id
@ -17,28 +19,36 @@ $sql_payment_years = mysqli_query($mysqli, "SELECT YEAR(expense_date) AS all_yea
);
// Get Total Clients added
$sql_clients = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('client_id') AS clients_added FROM clients
$sql_clients = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('client_id') AS clients_added FROM clients
WHERE YEAR(client_created_at) = $year
AND company_id = $session_company_id"
));
$clients_added = $sql_clients['clients_added'];
// Get Total contacts added
$sql_contacts = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS contacts_added FROM contacts
$sql_contacts = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('contact_id') AS contacts_added FROM contacts
WHERE YEAR(contact_created_at) = $year
AND company_id = $session_company_id"
));
$contacts_added = $sql_contacts['contacts_added'];
// Get Total assets added
$sql_assets = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS assets_added FROM assets
$sql_assets = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('asset_id') AS assets_added FROM assets
WHERE YEAR(asset_created_at) = $year
AND company_id = $session_company_id"
));
$assets_added = $sql_assets['assets_added'];
// Ticket count
$sql_tickets = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS active_tickets
$sql_tickets = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('ticket_id') AS active_tickets
FROM tickets
WHERE ticket_status != 'Closed'
AND company_id = $session_company_id"
@ -46,7 +56,9 @@ $sql_tickets = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id
$active_tickets = $sql_tickets['active_tickets'];
// Expiring domains (but not ones that have already expired)
$sql_domains_expiring = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') as expiring_domains
$sql_domains_expiring = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('domain_id') as expiring_domains
FROM domains
WHERE domain_expire != '0000-00-00'
AND domain_expire > CURRENT_DATE
@ -57,7 +69,9 @@ $sql_domains_expiring = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('
$expiring_domains = $sql_domains_expiring['expiring_domains'];
// Expiring Certificates (but not ones that have already expired)
$sql_certs_expiring = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') as expiring_certs
$sql_certs_expiring = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('certificate_id') as expiring_certs
FROM certificates
WHERE certificate_expire != '0000-00-00'
AND certificate_expire > CURRENT_DATE

14
expense_add_modal.php
View File

@ -43,28 +43,28 @@
<option value="">- Account -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$account_id = $row['account_id'];
$account_name = htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses'];
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($config_default_expense_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><div class="float-left"><?php echo $account_name; ?></div><div class="float-right"> [$<?php echo number_format($balance,2); ?>]</div></option>
<option <?php if ($config_default_expense_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><div class="float-left"><?php echo $account_name; ?></div><div class="float-right"> [$<?php echo number_format($balance, 2); ?>]</div></option>
<?php
}
@ -83,7 +83,7 @@
<option value="">- Vendor -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL AND company_id = $session_company_id ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL AND company_id = $session_company_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = htmlentities($row['vendor_name']);
@ -118,7 +118,7 @@
<option value="">- Category -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);

14
expense_copy_modal.php
View File

@ -44,27 +44,27 @@
<select class="form-control select2" name="account" required>
<?php
$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE company_id = $session_company_id ORDER BY account_name ASC");
$sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql_accounts)) {
$account_id_select = $row['account_id'];
$account_name_select = htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select");
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select");
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses'];
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance,2); ?>]</option>
<option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance, 2); ?>]</option>
<?php
}
@ -82,7 +82,7 @@
<select class="form-control select2" name="vendor" required>
<?php
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND company_id = $session_company_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']);
@ -114,7 +114,7 @@
<select class="form-control select2" name="category" required>
<?php
$sql_categories = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
$sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']);

14
expense_edit_modal.php
View File

@ -46,28 +46,28 @@
<select class="form-control select2" name="account" required>
<?php
$sql_accounts = mysqli_query($mysqli,"SELECT * FROM accounts WHERE (account_archived_at > '$expense_created_at' OR account_archived_at IS NULL) AND company_id = $session_company_id ORDER BY account_name ASC");
$sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE (account_archived_at > '$expense_created_at' OR account_archived_at IS NULL) AND company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql_accounts)) {
$account_id_select = $row['account_id'];
$account_name_select = htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select");
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select");
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id_select");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses'];
$balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance,2); ?>]</option>
<option <?php if ($expense_account_id == $account_id_select) { ?> selected <?php } ?> value="<?php echo $account_id_select; ?>"><?php echo $account_name_select; ?> [$<?php echo number_format($balance, 2); ?>]</option>
<?php
}
@ -85,7 +85,7 @@
<select class="form-control select2" name="vendor" required>
<?php
$sql_select = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) AND company_id = $session_company_id ORDER BY vendor_name ASC");
$sql_select = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) AND company_id = $session_company_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id_select = $row['vendor_id'];
$vendor_name_select = htmlentities($row['vendor_name']);
@ -120,7 +120,7 @@
<select class="form-control select2" name="category" required>
<?php
$sql_select = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Expense' AND (category_archived_at > '$expense_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
$sql_select = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Expense' AND (category_archived_at > '$expense_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$category_id_select = $row['category_id'];
$category_name_select = htmlentities($row['category_name']);

32
expenses.php
View File

@ -5,7 +5,7 @@ require_once("inc_all.php");
//$o = "DESC";
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "expense_date";
}
@ -24,41 +24,41 @@ if (empty($_GET['canned_date'])) {
//Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday"));
$dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week"));
$dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week"));
$dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month"));
$dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year"));
$dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d', strtotime("last day of december last year"));
} else {
$dtf = "0000-00-00";
$dtt = "9999-00-00";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM expenses
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM expenses
LEFT JOIN categories ON expense_category_id = category_id
LEFT JOIN vendors ON expense_vendor_id = vendor_id
LEFT JOIN accounts ON expense_account_id = account_id
@ -68,7 +68,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM expenses
AND (vendor_name LIKE '%$q%' OR category_name LIKE '%$q%' OR account_name LIKE '%$q%' OR expense_description LIKE '%$q%' OR expense_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
@ -176,7 +176,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<td><?php echo $receipt_attached; ?> <a class="text-dark" href="#" data-toggle="modal" data-target="#editExpenseModal<?php echo $expense_id; ?>"><?php echo $expense_date; ?></a></td>
<td><?php echo $vendor_name; ?></td>
<td><?php echo $category_name; ?></td>
<td><?php echo truncate($expense_description,50); ?></td>
<td><?php echo truncate($expense_description, 50); ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $expense_amount, $expense_currency_code); ?></td>
<td><?php echo $account_name; ?></td>
<td>

24
functions.php
View File

@ -50,7 +50,7 @@ function initials($str) {
$ret = '';
foreach (explode(' ', $str) as $word)
$ret .= strtoupper($word[0]);
$ret = substr($ret,0, 2);
$ret = substr($ret, 0, 2);
return $ret;
}
}
@ -139,7 +139,7 @@ function getDevice() {
if (preg_match('/(up.browser|up.link|mmp|symbian|smartphone|midp|wap|phone|android|iemobile)/i', strtolower($_SERVER['HTTP_USER_AGENT']))) {
$mobile_browser++;
}
if ((strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml') > 0) || ((isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE'])))) {
if ((strpos(strtolower($_SERVER['HTTP_ACCEPT']), 'application/vnd.wap.xhtml+xml') > 0) || ((isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE'])))) {
$mobile_browser++;
}
$mobile_ua = strtolower(substr(getUserAgent(), 0, 4));
@ -153,10 +153,10 @@ function getDevice() {
'sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-',
'tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp',
'wapr','webc','winw','winw','xda ','xda-');
if (in_array($mobile_ua,$mobile_agents)) {
if (in_array($mobile_ua, $mobile_agents)) {
$mobile_browser++;
}
if (strpos(strtolower(getUserAgent()),'opera mini') > 0) {
if (strpos(strtolower(getUserAgent()), 'opera mini') > 0) {
$mobile_browser++;
//Check for tablets on Opera Mini alternative headers
$stock_ua = strtolower(isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])?$_SERVER['HTTP_X_OPERAMINI_PHONE_UA']:(isset($_SERVER['HTTP_DEVICE_STOCK_UA'])?$_SERVER['HTTP_DEVICE_STOCK_UA']:''));
@ -183,13 +183,13 @@ function truncate($text, $chars) {
return $text;
}
$text = $text." ";
$text = substr($text,0,$chars);
$text = substr($text,0,strrpos($text,' '));
$text = substr($text, 0, $chars);
$text = substr($text, 0, strrpos($text, ' '));
return $text."...";
}
function formatPhoneNumber($phoneNumber) {
$phoneNumber = preg_replace('/[^0-9]/','',$phoneNumber);
$phoneNumber = preg_replace('/[^0-9]/', '', $phoneNumber);
if (strlen($phoneNumber) > 10) {
$countryCode = substr($phoneNumber, 0, strlen($phoneNumber)-10);
@ -358,8 +358,8 @@ function getDomainExpirationDate($name) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://lookup.itflow.org:8080/$name");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
$response = json_decode(curl_exec($ch),1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = json_decode(curl_exec($ch), 1);
if ($response) {
if (is_array($response['expiration_date'])) {
@ -405,7 +405,7 @@ function getDomainRecords($name) {
function getSSL($name) {
$certificate = array();
$certificate['success'] = FALSE;
$certificate['success'] = false;
// Only run if we think the domain is valid
if (!filter_var($name, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
@ -417,7 +417,7 @@ function getSSL($name) {
// Get SSL/TSL certificate (using verify peer false to allow for self-signed certs) for domain on default port
$socket = "ssl://$name:443";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => true, "verify_peer" => false,)));
$read = stream_socket_client($socket, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $get);
// If the socket connected
@ -427,7 +427,7 @@ function getSSL($name) {
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
if ($cert_public_key_obj) {
$certificate['success'] = TRUE;
$certificate['success'] = true;
$certificate['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$certificate['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$certificate['public_key'] = $export;

4
get_credential.php
View File

@ -30,8 +30,8 @@ require_once("config.php");
require_once("functions.php");
// IP & User Agent for logging
$ip = strip_tags(mysqli_real_escape_string($mysqli,getIP()));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
$ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
// Define wording for the user
DEFINE("WORDING_ROLECHECK_FAILED", "ITFlow - You are not permitted to use this application!");

2
get_settings.php
View File

@ -1,7 +1,7 @@
<?php
// Query Settings
$sql_settings = mysqli_query($mysqli,"SELECT * FROM settings WHERE company_id = $session_company_id");
$sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = $session_company_id");
$row = mysqli_fetch_array($sql_settings);
// Database version

14
global_search.php
View File

@ -4,22 +4,22 @@ require_once("inc_all.php");
if (isset($_GET['query'])) {
$query = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['query'])));
$query = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['query'])));
$phone_query = preg_replace("/[^0-9]/", '',$query);
$phone_query = preg_replace("/[^0-9]/", '', $query);
if (empty($phone_query)) {
$phone_query = $query;
}
$ticket_num_query = str_replace("$config_ticket_prefix", "", "$query");
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN locations ON clients.primary_location = locations.location_id WHERE client_name LIKE '%$query%' AND clients.company_id = $session_company_id ORDER BY client_id DESC LIMIT 5");
$sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN clients ON client_id = contact_client_id WHERE (contact_name LIKE '%$query%' OR contact_title LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_phone LIKE '%$phone_query%' OR contact_mobile LIKE '%$phone_query%') AND contacts.company_id = $session_company_id ORDER BY contact_id DESC LIMIT 5");
$sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%') AND company_id = $session_company_id ORDER BY vendor_id DESC LIMIT 5");
$sql_products = mysqli_query($mysqli,"SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5");
$sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN locations ON clients.primary_location = locations.location_id WHERE client_name LIKE '%$query%' AND clients.company_id = $session_company_id ORDER BY client_id DESC LIMIT 5");
$sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts LEFT JOIN clients ON client_id = contact_client_id WHERE (contact_name LIKE '%$query%' OR contact_title LIKE '%$query%' OR contact_email LIKE '%$query%' OR contact_phone LIKE '%$phone_query%' OR contact_mobile LIKE '%$phone_query%') AND contacts.company_id = $session_company_id ORDER BY contact_id DESC LIMIT 5");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%') AND company_id = $session_company_id ORDER BY vendor_id DESC LIMIT 5");
$sql_products = mysqli_query($mysqli, "SELECT * FROM products WHERE product_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY product_id DESC LIMIT 5");
$sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') AND documents.company_id = $session_company_id ORDER BY document_id DESC LIMIT 5");
$sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') AND tickets.company_id = $session_company_id ORDER BY ticket_id DESC LIMIT 5");
$sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
$sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_name LIKE '%$query%' AND company_id = $session_company_id ORDER BY login_id DESC LIMIT 5");
$q = htmlentities($_GET['query']);
?>

8
guest_download_file.php
View File

@ -3,12 +3,12 @@
require_once("config.php");
require_once("functions.php");
$ip = trim(strip_tags(mysqli_real_escape_string($mysqli,getIP())));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
$ip = trim(strip_tags(mysqli_real_escape_string($mysqli, getIP())));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
if (isset($_GET['id']) && isset($_GET['key'])) {
$item_id = intval($_GET['id']);
$item_key = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['key'])));
$item_key = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['key'])));
$sql = mysqli_query($mysqli, "SELECT * FROM shared_items WHERE item_id = '$item_id' AND item_key = '$item_key' AND item_expire_at > NOW() LIMIT 1");
$row = mysqli_fetch_array($sql);
@ -62,6 +62,6 @@ if (isset($_GET['id']) && isset($_GET['key'])) {
mysqli_query($mysqli, "UPDATE shared_items SET item_views = '$new_item_views' WHERE item_id = '$item_id'");
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Downloaded shared file $file_name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Downloaded shared file $file_name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
}

16
guest_pay_invoice_stripe.php
View File

@ -275,10 +275,18 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
$subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
$body = "Hello $contact_name,<br><br>We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_invoice_from_email, $config_invoice_from_name,
$contact_email, $contact_name,
$subject, $body
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_invoice_from_email,
$config_invoice_from_name,
$contact_email,
$contact_name,
$subject,
$body
);
// Email Logging

16
guest_post.php
View File

@ -9,15 +9,15 @@ if (isset($_GET['accept_quote'], $_GET['company_id'], $_GET['url_key'])) {
$quote_id = intval($_GET['accept_quote']);
$company_id = intval($_GET['company_id']);
$url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']);
$url_key = mysqli_real_escape_string($mysqli, $_GET['url_key']);
$sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND company_id = $company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND company_id = $company_id");
if (mysqli_num_rows($sql) == 1) {
mysqli_query($mysqli,"UPDATE quotes SET quote_status = 'Accepted' WHERE quote_id = $quote_id");
mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Accepted' WHERE quote_id = $quote_id");
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Accepted', history_description = 'Client accepted Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Accepted', history_description = 'Client accepted Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
$_SESSION['alert_message'] = "Quote Accepted";
@ -32,15 +32,15 @@ if (isset($_GET['decline_quote'], $_GET['company_id'], $_GET['url_key'])) {
$quote_id = intval($_GET['decline_quote']);
$company_id = intval($_GET['company_id']);
$url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']);
$url_key = mysqli_real_escape_string($mysqli, $_GET['url_key']);
$sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND quote_url_key = '$url_key' AND company_id = $company_id");
$sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND quote_url_key = '$url_key' AND company_id = $company_id");
if (mysqli_num_rows($sql) == 1) {
mysqli_query($mysqli,"UPDATE quotes SET quote_status = 'Declined' WHERE quote_id = $quote_id");
mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Declined' WHERE quote_id = $quote_id");
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Declined', history_description = 'Client declined Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Declined', history_description = 'Client declined Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Quote Declined";

1092
guest_view_invoice.php
View File

File diff suppressed because it is too large Load Diff

8
guest_view_item.php
View File

@ -1,7 +1,7 @@
<?php
header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
require_once("guest_header.php"); ?>
@ -18,7 +18,7 @@ if (!isset($_GET['id']) || !isset($_GET['key'])) {
}
$item_id = intval($_GET['id']);
$item_key = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['key'])));
$item_key = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['key'])));
$sql = mysqli_query($mysqli, "SELECT * FROM shared_items WHERE item_id = '$item_id' AND item_key = '$item_key' AND item_expire_at > NOW() LIMIT 1");
$row = mysqli_fetch_array($sql);
@ -77,7 +77,7 @@ if ($item_type == "Document") {
// Logging
$name = mysqli_real_escape_string($mysqli, $doc_title);
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
} elseif ($item_type == "File") {
$file_sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = '$item_related_id' AND file_client_id = '$client_id' LIMIT 1");
@ -142,7 +142,7 @@ if ($item_type == "Document") {
// Logging
$name = mysqli_real_escape_string($mysqli, $login_name);
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'View', log_description = 'Viewed shared $item_type $name via link', log_client_id = '$client_id', log_created_at = NOW(), log_ip = '$ip', log_user_agent = '$user_agent', company_id = '1'");
}

10
guest_view_quote.php
View File

@ -79,15 +79,15 @@ $currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
//Update status to Viewed only if invoice_status = "Sent"
if ($quote_status == 'Sent') {
mysqli_query($mysqli,"UPDATE quotes SET quote_status = 'Viewed' WHERE quote_id = $quote_id");
mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Viewed' WHERE quote_id = $quote_id");
}
//Mark viewed in history
mysqli_query($mysqli,"INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Viewed") {
$client_name_escaped = mysqli_escape_string($mysqli, $row['client_name']);
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser', notification_timestamp = NOW(), notification_client_id = $client_id, company_id = $company_id");
}
?>
@ -159,7 +159,7 @@ if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Vie
</div>
</div>
<?php $sql_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); ?>
<?php $sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); ?>
<div class="row mb-4">
<div class="col-md-12">
@ -390,7 +390,7 @@ if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Vie
$total_tax = 0;
$sub_total = 0;
$sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC");
$sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC");
while ($row = mysqli_fetch_array($sql_invoice_items)) {
$item_name = $row['item_name'];

88
inc_all_client.php
View File

@ -9,9 +9,9 @@ require_once("top_nav.php");
if (isset($_GET['client_id'])) {
$client_id = intval($_GET['client_id']);
$sql = mysqli_query($mysqli,"UPDATE clients SET client_accessed_at = NOW() WHERE client_id = $client_id AND company_id = $session_company_id");
$sql = mysqli_query($mysqli, "UPDATE clients SET client_accessed_at = NOW() WHERE client_id = $client_id AND company_id = $session_company_id");
$sql = mysqli_query($mysqli,"SELECT * FROM clients
$sql = mysqli_query($mysqli, "SELECT * FROM clients
LEFT JOIN locations ON primary_location = location_id AND location_archived_at IS NULL
LEFT JOIN contacts ON primary_contact = contact_id AND contact_archived_at IS NULL
WHERE client_id = $client_id
@ -56,7 +56,7 @@ if (isset($_GET['client_id'])) {
$client_tag_name_display_array = array();
$client_tag_id_array = array();
$sql_client_tags = mysqli_query($mysqli,"SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
$sql_client_tags = mysqli_query($mysqli, "SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
while ($row = mysqli_fetch_array($sql_client_tags)) {
$client_tag_id = $row['tag_id'];
@ -73,12 +73,12 @@ if (isset($_GET['client_id'])) {
$client_tags_display = "<i class='fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2'></i> " . implode('', $client_tag_name_display_array);
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'");
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'");
$row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = $row['invoice_amounts'];
$sql_amount_paid = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id");
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id");
$row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = $row['amount_paid'];
@ -86,13 +86,13 @@ if (isset($_GET['client_id'])) {
$balance = $invoice_amounts - $amount_paid;
//Get Monthly Recurring Total
$sql_recurring_monthly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$sql_recurring_monthly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_monthly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'month' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_monthly_total);
$recurring_monthly_total = $row['recurring_monthly_total'];
//Get Yearly Recurring Total
$sql_recurring_yearly_total = mysqli_query($mysqli,"SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$sql_recurring_yearly_total = mysqli_query($mysqli, "SELECT SUM(recurring_amount) AS recurring_yearly_total FROM recurring WHERE recurring_status = 1 AND recurring_frequency = 'year' AND recurring_client_id = $client_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_recurring_yearly_total);
$recurring_yearly_total = $row['recurring_yearly_total'] / 12;
@ -101,91 +101,93 @@ if (isset($_GET['client_id'])) {
//Badge Counts
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS num FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id"));
$num_contacts = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('location_id') AS num FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id"));
$num_locations = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets WHERE asset_archived_at IS NULL AND asset_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS num FROM assets WHERE asset_archived_at IS NULL AND asset_client_id = $client_id"));
$num_assets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status != 'Closed' AND ticket_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status != 'Closed' AND ticket_client_id = $client_id"));
$num_active_tickets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status = 'Closed' AND ticket_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_status = 'Closed' AND ticket_client_id = $client_id"));
$num_closed_tickets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services WHERE service_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services WHERE service_client_id = $client_id"));
$num_services = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0"));
$num_vendors = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins WHERE login_archived_at IS NULL AND login_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('login_id') AS num FROM logins WHERE login_archived_at IS NULL AND login_client_id = $client_id"));
$num_logins = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('network_id') AS num FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id"));
$num_networks = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains WHERE domain_archived_at IS NULL AND domain_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') AS num FROM domains WHERE domain_archived_at IS NULL AND domain_client_id = $client_id"));
$num_domains = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates WHERE certificate_archived_at IS NULL AND certificate_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') AS num FROM certificates WHERE certificate_archived_at IS NULL AND certificate_client_id = $client_id"));
$num_certificates = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_archived_at IS NULL AND software_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_archived_at IS NULL AND software_client_id = $client_id"));
$num_software = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Partial') AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Partial') AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_open = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_draft = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_sent = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Viewed' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Viewed' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_viewed = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_partial = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Paid' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Paid' AND invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices_paid = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_archived_at IS NULL AND invoice_client_id = $client_id"));
$num_invoices = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes WHERE quote_archived_at IS NULL AND quote_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('quote_id') AS num FROM quotes WHERE quote_archived_at IS NULL AND quote_client_id = $client_id"));
$num_quotes = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring WHERE recurring_archived_at IS NULL AND recurring_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM recurring WHERE recurring_archived_at IS NULL AND recurring_client_id = $client_id"));
$num_recurring = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('payment_id') AS num FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_client_id = $client_id"));
$num_payments = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files WHERE file_archived_at IS NULL AND file_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('file_id') AS num FROM files WHERE file_archived_at IS NULL AND file_client_id = $client_id"));
$num_files = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_archived_at IS NULL AND document_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_archived_at IS NULL AND document_client_id = $client_id"));
$num_documents = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events WHERE event_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('event_id') AS num FROM events WHERE event_client_id = $client_id"));
$num_events = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips WHERE trip_archived_at IS NULL AND trip_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('trip_id') AS num FROM trips WHERE trip_archived_at IS NULL AND trip_client_id = $client_id"));
$num_trips = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items WHERE item_client_id = $client_id"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('item_id') AS num FROM shared_items WHERE item_client_id = $client_id"));
$num_shared_links = $row['num'];
// Expiring Items
// Count Domains Expiring within 30 Days
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains
$row = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('domain_id') AS num FROM domains
WHERE domain_client_id = $client_id
AND domain_expire != '0000-00-00'
AND domain_expire < CURRENT_DATE + INTERVAL 30 DAY
@ -195,7 +197,9 @@ if (isset($_GET['client_id'])) {
$num_domains_expiring = $row['num'];
// Count Certificates Expiring within 30 Days
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates
$row = mysqli_fetch_assoc(mysqli_query(
$mysqli,
"SELECT COUNT('certificate_id') AS num FROM certificates
WHERE certificate_client_id = $client_id
AND certificate_expire != '0000-00-00'
AND certificate_expire < CURRENT_DATE + INTERVAL 30 DAY
@ -205,7 +209,9 @@ if (isset($_GET['client_id'])) {
$num_certs_expiring = $row['num'];
// Get Asset Warranties Expiring
$sql_asset_warranties_expiring = mysqli_query($mysqli,"SELECT * FROM assets
$sql_asset_warranties_expiring = mysqli_query(
$mysqli,
"SELECT * FROM assets
WHERE asset_client_id = $client_id
AND asset_warranty_expire != '0000-00-00'
AND asset_archived_at IS NULL
@ -214,7 +220,9 @@ if (isset($_GET['client_id'])) {
);
// Get Assets Retiring
$sql_asset_retire = mysqli_query($mysqli,"SELECT * FROM assets
$sql_asset_retire = mysqli_query(
$mysqli,
"SELECT * FROM assets
WHERE asset_client_id = $client_id
AND asset_install_date != '0000-00-00'
AND asset_archived_at IS NULL
@ -223,7 +231,9 @@ if (isset($_GET['client_id'])) {
);
// Get Stale Tickets
$sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets
$sql_tickets_stale = mysqli_query(
$mysqli,
"SELECT * FROM tickets
WHERE ticket_client_id = $client_id
AND ticket_created_at < CURRENT_DATE - INTERVAL 14 DAY
AND ticket_status != 'Closed'

4
invoice_add_modal.php
View File

@ -24,7 +24,7 @@
<option value="">- Client -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
@ -60,7 +60,7 @@
<option value="">- Category -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);

2
invoice_edit_modal.php
View File

@ -42,7 +42,7 @@
<option value="">- Category -</option>
<?php
$sql_income_category = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$invoice_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
$sql_income_category = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$invoice_created_at' OR category_archived_at IS NULL) AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_income_category)) {
$category_id_select= $row['category_id'];
$category_name_select = htmlentities($row['category_name']);

12
invoice_payment_add_modal.php
View File

@ -54,28 +54,28 @@
<option value="">- Account -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL AND company_id = $session_company_id ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$account_id = $row['account_id'];
$account_name = htmlentities($row['account_name']);
$opening_balance = $row['opening_balance'];
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments);
$total_payments = $row['total_payments'];
$sql_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = $row['total_revenues'];
$sql_expenses = mysqli_query($mysqli,"SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = $row['total_expenses'];
$account_balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><?php echo $account_name; ?> [$<?php echo number_format($account_balance,2); ?>]</option>
<option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?> value="<?php echo $account_id; ?>"><?php echo $account_name; ?> [$<?php echo number_format($account_balance, 2); ?>]</option>
<?php
}
@ -94,7 +94,7 @@
<option value="">- Method of Payment -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_name = htmlentities($row['category_name']);
?>

26
invoices.php
View File

@ -85,39 +85,39 @@ if (isset($_GET['status']) && ($_GET['status']) == 'Draft') {
//Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday"));
$dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week"));
$dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week"));
$dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month"));
$dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year"));
$dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d', strtotime("last day of december last year"));
} else {
$dtf = "0000-00-00";
$dtt = "9999-00-00";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
@ -293,7 +293,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$now = time();
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";

2
item_edit_modal.php
View File

@ -77,7 +77,7 @@
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE (tax_archived_at > '$item_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC");
$taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE (tax_archived_at > '$item_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id_select = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);

42
login.php
View File

@ -47,11 +47,11 @@ $config_mail_from_email = $row['config_mail_from_email'];
$config_mail_from_name = $row['config_mail_from_name'];
// HTTP-Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
// Tell client to only send cookie(s) over HTTPS
if ($config_https_only) {
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
// Handle POST login request
@ -99,16 +99,25 @@ if (isset($_POST['login'])) {
$subject = "$config_app_name new login for $user_name";
$body = "Hi $user_name, <br><br>A recent successful login to your $config_app_name account was considered a little unusual. If this was you, you can safely ignore this email!<br><br>IP Address: $ip<br> User Agent: $user_agent <br><br>If you did not perform this login, your credentials may be compromised. <br><br>Thanks, <br>ITFlow";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_mail_from_email, $config_mail_from_name,
$user_email, $user_name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$user_email,
$user_name,
$subject,
$body
);
}
// Determine whether 2FA was used (for logs)
$extended_log = ''; // Default value
if ($current_code !== 0 ) {
if ($current_code !== 0) {
$extended_log = 'with 2FA';
}
@ -120,7 +129,7 @@ if (isset($_POST['login'])) {
$_SESSION['user_name'] = $user_name;
$_SESSION['user_role'] = $row['user_role'];
$_SESSION['csrf_token'] = randomString(156);
$_SESSION['logged'] = TRUE;
$_SESSION['logged'] = true;
// Setup encryption session key
if (isset($row['user_specific_encryption_ciphertext']) && $row['user_role'] > 1) {
@ -174,10 +183,19 @@ if (isset($_POST['login'])) {
$subject = "Important: $config_app_name failed 2FA login attempt for $user_name";
$body = "Hi $user_name, <br><br>A recent login to your $config_app_name account was unsuccessful due to an incorrect 2FA code. If you did not attempt this login, your credentials may be compromised. <br><br>Thanks, <br>ITFlow";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_mail_from_email, $config_mail_from_name,
$user_email, $user_name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$user_email,
$user_name,
$subject,
$body
);
}
// HTML feedback for incorrect 2FA code

30
logs.php
View File

@ -3,7 +3,7 @@
require_once("inc_all_settings.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "log_id";
}
@ -22,41 +22,43 @@ if (empty($_GET['canned_date'])) {
//Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday"));
$dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week"));
$dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week"));
$dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month"));
$dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year"));
$dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d', strtotime("last day of december last year"));
} else {
$dtf = "0000-00-00";
$dtt = "9999-00-00";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM logs
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs
LEFT JOIN users ON log_user_id = user_id
LEFT JOIN clients ON log_client_id = client_id
WHERE (log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%' OR log_ip LIKE '%$q%' OR log_user_agent LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%')

12
notifications_dismissed.php
View File

@ -3,7 +3,7 @@ require_once("inc_all.php");
//Column Filter
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "notification_timestamp";
}
@ -16,8 +16,8 @@ if (!isset($_GET['o'])) {
//Date From and Date To Filter
if (!empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} else {
$dtf = "0000-00-00";
$dtt = "9999-00-00";
@ -25,9 +25,9 @@ if (!empty($_GET['dtf'])) {
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM notifications
$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM notifications
LEFT JOIN users ON notification_dismissed_by = user_id
LEFT JOIN clients ON notification_client_id = client_id
WHERE (notification_type LIKE '%$q%' OR notification LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%')
@ -39,7 +39,7 @@ $sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM notifications
LIMIT $record_from, $record_to
");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>

142
pagination.php
View File

@ -11,89 +11,89 @@ $total_found_rows = $num_rows[0];
$total_pages = ceil($total_found_rows / $_SESSION['records_per_page']);
if ($total_found_rows > 10) {
$i=0;
$i=0;
?>
?>
<hr>
<hr>
<div class="row">
<div class="col mb-3">
<form action="post.php" method="post">
<select onchange="this.form.submit()" class="input-form select2" name="change_records_per_page">
<option <?php if ($_SESSION['records_per_page'] == 5) { echo "selected"; } ?> >5</option>
<option <?php if ($_SESSION['records_per_page'] == 10) { echo "selected"; } ?> >10</option>
<option <?php if ($_SESSION['records_per_page'] == 20) { echo "selected"; } ?> >20</option>
<option <?php if ($_SESSION['records_per_page'] == 50) { echo "selected"; } ?> >50</option>
<option <?php if ($_SESSION['records_per_page'] == 100) { echo "selected"; } ?> >100</option>
<option <?php if ($_SESSION['records_per_page'] == 500) { echo "selected"; } ?> >500</option>
</select>
</form>
</div>
<div class="col mb-3">
<p class="text-center mt-2"><?php echo $total_found_rows; ?></p>
</div>
<div class="col mb-3">
<div class="row">
<div class="col mb-3">
<form action="post.php" method="post">
<select onchange="this.form.submit()" class="input-form select2" name="change_records_per_page">
<option <?php if ($_SESSION['records_per_page'] == 5) { echo "selected"; } ?> >5</option>
<option <?php if ($_SESSION['records_per_page'] == 10) { echo "selected"; } ?> >10</option>
<option <?php if ($_SESSION['records_per_page'] == 20) { echo "selected"; } ?> >20</option>
<option <?php if ($_SESSION['records_per_page'] == 50) { echo "selected"; } ?> >50</option>
<option <?php if ($_SESSION['records_per_page'] == 100) { echo "selected"; } ?> >100</option>
<option <?php if ($_SESSION['records_per_page'] == 500) { echo "selected"; } ?> >500</option>
</select>
</form>
</div>
<div class="col mb-3">
<p class="text-center mt-2"><?php echo $total_found_rows; ?></p>
</div>
<div class="col mb-3">
<ul class="pagination justify-content-end">
<ul class="pagination justify-content-end">
<?php
if ($total_pages <= 100) {
$pages_split = 10;
}
if (($total_pages <= 1000) && ($total_pages > 100)) {
$pages_split = 100;
}
if (($total_pages <= 10000) && ($total_pages > 1000)) {
$pages_split = 1000;
}
if ($p > 1) {
$prev_class = "";
}else{
$prev_class = "disabled";
}
if ($p <> $total_pages) {
$next_class = "";
}else{
$next_class = "disabled";
}
$url_query_strings = http_build_query(array_merge($_GET,array('p' => $i)));
$prev_page = $p - 1;
$next_page = $p + 1;
if ($p > 1) {
echo "<li class='page-item $prev_class'><a class='page-link' href='?$url_query_strings&p=$prev_page'>Prev</a></li>";
}
while ($i < $total_pages) {
$i++;
if (($i == 1) || (($p <= 3) && ($i <= 6)) || (($i > $total_pages - 6) && ($p > $total_pages - 3 )) || (is_int($i / $pages_split)) || (($p > 3) && ($i >= $p - 2) && ($i <= $p + 3)) || ($i == $total_pages)) {
if ($p == $i ) {
$page_class = "active";
}else{
$page_class = "";
}
echo "<li class='page-item $page_class'><a class='page-link' href='?$url_query_strings&p=$i'>$i</a></li>";
}
}
<?php
if ($p <> $total_pages) {
echo "<li class='page-item $next_class'><a class='page-link' href='?$url_query_strings&p=$next_page'>Next</a></li>";
}
if ($total_pages <= 100) {
$pages_split = 10;
}
if (($total_pages <= 1000) && ($total_pages > 100)) {
$pages_split = 100;
}
if (($total_pages <= 10000) && ($total_pages > 1000)) {
$pages_split = 1000;
}
if ($p > 1) {
$prev_class = "";
} else {
$prev_class = "disabled";
}
if ($p <> $total_pages) {
$next_class = "";
} else {
$next_class = "disabled";
}
$url_query_strings = http_build_query(array_merge($_GET, array('p' => $i)));
$prev_page = $p - 1;
$next_page = $p + 1;
?>
if ($p > 1) {
echo "<li class='page-item $prev_class'><a class='page-link' href='?$url_query_strings&p=$prev_page'>Prev</a></li>";
}
</ul>
</div>
</div>
while ($i < $total_pages) {
$i++;
if (($i == 1) || (($p <= 3) && ($i <= 6)) || (($i > $total_pages - 6) && ($p > $total_pages - 3)) || (is_int($i / $pages_split)) || (($p > 3) && ($i >= $p - 2) && ($i <= $p + 3)) || ($i == $total_pages)) {
if ($p == $i) {
$page_class = "active";
} else {
$page_class = "";
}
echo "<li class='page-item $page_class'><a class='page-link' href='?$url_query_strings&p=$i'>$i</a></li>";
}
}
<?php
if ($p <> $total_pages) {
echo "<li class='page-item $next_class'><a class='page-link' href='?$url_query_strings&p=$next_page'>Next</a></li>";
}
?>
</ul>
</div>
</div>
<?php
}
if ($total_found_rows == 0) {
echo "<center class='my-3'><i class='far fa-fw fa-6x fa-meh-rolling-eyes text-secondary'></i><h3 class='text-secondary mt-3'>No Results</h3></center>";
echo "<center class='my-3'><i class='far fa-fw fa-6x fa-meh-rolling-eyes text-secondary'></i><h3 class='text-secondary mt-3'>No Results</h3></center>";
}
?>

38
pagination_head.php
View File

@ -9,32 +9,32 @@
// Paging
if (isset($_GET['p'])) {
$p = intval($_GET['p']);
$record_from = (($p)-1)*$_SESSION['records_per_page'];
$record_to = $_SESSION['records_per_page'];
}else{
$record_from = 0;
$record_to = $_SESSION['records_per_page'];
$p = 1;
$p = intval($_GET['p']);
$record_from = (($p)-1)*$_SESSION['records_per_page'];
$record_to = $_SESSION['records_per_page'];
} else {
$record_from = 0;
$record_to = $_SESSION['records_per_page'];
$p = 1;
}
// Order
if (isset($_GET['o'])) {
if ($_GET['o'] == 'ASC') {
if ($_GET['o'] == 'ASC') {
$o = "ASC";
$disp = "DESC";
} else {
$o = "DESC";
$disp = "ASC";
}
} else {
$o = "ASC";
$disp = "DESC";
}else{
$o = "DESC";
$disp = "ASC";
}
}else{
$o = "ASC";
$disp = "DESC";
}
// Search
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli,trim($_GET['q'])));
}else{
$q = "";
}
$q = strip_tags(mysqli_real_escape_string($mysqli, trim($_GET['q'])));
} else {
$q = "";
}

319
payments.php
View File

@ -1,186 +1,185 @@
<?php include("inc_all.php");
<?php
require_once("inc_all.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "payment_date";
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
} else {
$sb = "payment_date";
}
// Reverse default sort
if (!isset($_GET['o'])) {
$o = "DESC";
$disp = "ASC";
$o = "DESC";
$disp = "ASC";
}
if (empty($_GET['canned_date'])) {
//Prevents lots of undefined variable errors.
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
$_GET['canned_date'] = 'custom';
//Prevents lots of undefined variable errors.
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
$_GET['canned_date'] = 'custom';
}
//Date Filter
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
}elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d');
$dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d',strtotime("yesterday"));
$dtt = date('Y-m-d',strtotime("yesterday"));
}elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d',strtotime("monday this week"));
$dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d',strtotime("monday last week"));
$dtt = date('Y-m-d',strtotime("sunday last week"));
}elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01');
$dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d',strtotime("first day of last month"));
$dtt = date('Y-m-d',strtotime("last day of last month"));
}elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01');
$dtt = date('Y-m-d');
}elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d',strtotime("first day of january last year"));
$dtt = date('Y-m-d',strtotime("last day of december last year"));
}else{
$dtf = "0000-00-00";
$dtt = "9999-00-00";
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
} elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "yesterday") {
$dtf = date('Y-m-d', strtotime("yesterday"));
$dtt = date('Y-m-d', strtotime("yesterday"));
} elseif ($_GET['canned_date'] == "thisweek") {
$dtf = date('Y-m-d', strtotime("monday this week"));
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastweek") {
$dtf = date('Y-m-d', strtotime("monday last week"));
$dtt = date('Y-m-d', strtotime("sunday last week"));
} elseif ($_GET['canned_date'] == "thismonth") {
$dtf = date('Y-m-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastmonth") {
$dtf = date('Y-m-d', strtotime("first day of last month"));
$dtt = date('Y-m-d', strtotime("last day of last month"));
} elseif ($_GET['canned_date'] == "thisyear") {
$dtf = date('Y-01-01');
$dtt = date('Y-m-d');
} elseif ($_GET['canned_date'] == "lastyear") {
$dtf = date('Y-m-d', strtotime("first day of january last year"));
$dtt = date('Y-m-d', strtotime("last day of december last year"));
} else {
$dtf = "0000-00-00";
$dtt = "9999-00-00";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM payments
LEFT JOIN invoices ON payment_invoice_id = invoice_id
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN accounts ON payment_account_id = account_id
WHERE payments.company_id = $session_company_id
AND DATE(payment_date) BETWEEN '$dtf' AND '$dtt'
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%' OR payment_reference LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM payments
LEFT JOIN invoices ON payment_invoice_id = invoice_id
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN accounts ON payment_account_id = account_id
WHERE payments.company_id = $session_company_id
AND DATE(payment_date) BETWEEN '$dtf' AND '$dtt'
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR account_name LIKE '%$q%' OR payment_method LIKE '%$q%' OR payment_reference LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fa fa-fw fa-credit-card"></i> Payments</h3>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Payments">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fa fa-fw fa-credit-card"></i> Payments</h3>
</div>
</div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo strip_tags(htmlentities($q));} ?>" placeholder="Search Payments">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
<div class="collapse mt-3 <?php if (!empty($_GET['dtf'])) { echo "show"; } ?>" id="advancedFilter">
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label>Canned Date</label>
<select class="form-control select2" name="canned_date">
<option <?php if ($_GET['canned_date'] == "custom") { echo "selected"; } ?> value="custom">Custom</option>
<option <?php if ($_GET['canned_date'] == "today") { echo "selected"; } ?> value="today">Today</option>
<option <?php if ($_GET['canned_date'] == "yesterday") { echo "selected"; } ?> value="yesterday">Yesterday</option>
<option <?php if ($_GET['canned_date'] == "thisweek") { echo "selected"; } ?> value="thisweek">This Week</option>
<option <?php if ($_GET['canned_date'] == "lastweek") { echo "selected"; } ?> value="lastweek">Last Week</option>
<option <?php if ($_GET['canned_date'] == "thismonth") { echo "selected"; } ?> value="thismonth">This Month</option>
<option <?php if ($_GET['canned_date'] == "lastmonth") { echo "selected"; } ?> value="lastmonth">Last Month</option>
<option <?php if ($_GET['canned_date'] == "thisyear") { echo "selected"; } ?> value="thisyear">This Year</option>
<option <?php if ($_GET['canned_date'] == "lastyear") { echo "selected"; } ?> value="lastyear">Last Year</option>
</select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_date&o=<?php echo $disp; ?>">Payment Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Invoice Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Invoice</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_method&o=<?php echo $disp; ?>">Payment Method</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_reference&o=<?php echo $disp; ?>">Reference</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=account_name&o=<?php echo $disp; ?>">Account</a></th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$payment_date = $row['payment_date'];
$payment_method = htmlentities($row['payment_method']);
$payment_amount = floatval($row['payment_amount']);
$payment_currency_code = htmlentities($row['payment_currency_code']);
$payment_reference = htmlentities($row['payment_reference']);
if (empty($payment_reference)) {
$payment_reference_display = "-";
} else {
$payment_reference_display = $payment_reference;
}
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$account_name = htmlentities($row['account_name']);
?>
<tr>
<td><?php echo $payment_date; ?></td>
<td><?php echo $invoice_date; ?></td>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><a href="client_payments.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $payment_amount, $payment_currency_code); ?></td>
<td><?php echo $payment_method; ?></td>
<td><?php echo $payment_reference_display; ?></td>
<td><?php echo $account_name; ?></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date From</label>
<input type="date" class="form-control" name="dtf" max="2999-12-31" value="<?php echo htmlentities($dtf); ?>">
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label>Date To</label>
<input type="date" class="form-control" name="dtt" max="2999-12-31" value="<?php echo htmlentities($dtt); ?>">
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_date&o=<?php echo $disp; ?>">Payment Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Invoice Date</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Invoice</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=client_name&o=<?php echo $disp; ?>">Client</a></th>
<th class="text-right"><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_method&o=<?php echo $disp; ?>">Payment Method</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=payment_reference&o=<?php echo $disp; ?>">Reference</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=account_name&o=<?php echo $disp; ?>">Account</a></th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$payment_date = $row['payment_date'];
$payment_method = htmlentities($row['payment_method']);
$payment_amount = floatval($row['payment_amount']);
$payment_currency_code = htmlentities($row['payment_currency_code']);
$payment_reference = htmlentities($row['payment_reference']);
if (empty($payment_reference)) {
$payment_reference_display = "-";
}else{
$payment_reference_display = $payment_reference;
}
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
$account_name = htmlentities($row['account_name']);
?>
<tr>
<td><?php echo $payment_date; ?></td>
<td><?php echo $invoice_date; ?></td>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><a href="client_payments.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $payment_amount, $payment_currency_code); ?></td>
<td><?php echo $payment_method; ?></td>
<td><?php echo $payment_reference_display; ?></td>
<td><?php echo $account_name; ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("footer.php"); ?>
<?php require_once("footer.php"); ?>

4
portal/inc_portal.php
View File

@ -11,10 +11,10 @@ require_once('portal_functions.php');
if (!isset($_SESSION)) {
// HTTP Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
session_start();
}

9
portal/invoices.php
View File

@ -18,9 +18,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
<div class="col-md-1 text-center">
<?php if (!empty($session_contact_photo)) { ?>
<img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<?php } else { ?>
<span class="fa-stack fa-2x rounded-left">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
@ -73,7 +71,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
}
$now = time();
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";
@ -107,9 +105,8 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
</td>
</tr>
<?php
}
?>
<?php } ?>
</tbody>
</table>

2
portal/login.php
View File

@ -46,7 +46,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
if ($row['contact_auth_method'] == 'local') {
if (password_verify($password, $row['contact_password_hash'])) {
$_SESSION['client_logged_in'] = TRUE;
$_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id'];

11
portal/login_microsoft.php
View File

@ -60,9 +60,12 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
// Send request via CURL (server side) so user cannot see the client secret
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_grant_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,
http_build_query($params));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt(
$ch,
CURLOPT_POSTFIELDS,
http_build_query($params)
);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
#curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // DEBUG ONLY - WAMP
@ -95,7 +98,7 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
$row = mysqli_fetch_array($sql);
if ($row['contact_auth_method'] == 'azure') {
$_SESSION['client_logged_in'] = TRUE;
$_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id'];

36
portal/login_reset.php
View File

@ -24,7 +24,7 @@ if (!isset($_SESSION)) {
session_start();
}
$ip = strip_tags(mysqli_real_escape_string($mysqli,getIP()));
$ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
$company_sql = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = '1'");
@ -61,10 +61,19 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$subject = "Password reset for $company_name ITFlow Portal";
$body = "Hello, $name<br><br>Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal. <br><br><b>Please <a href='$url'>click here</a> to reset your password.</b> <br><br>Alternatively, copy and paste this URL into your browser:<br> $url<br><br><i>If you didn't request this change, you can safely ignore this email.</i><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_mail_from_email, $config_mail_from_name,
$email, $name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$email,
$name,
$subject,
$body
);
// Error handling
if ($mail !== true) {
@ -112,10 +121,19 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$body = "Hello, $name<br><br>Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set! <br><br><b>If you didn't reset your password, please get in touch ASAP.</b><br><br>~<br>$company_name<br>Support Department<br>$config_mail_from_email";
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
$config_mail_from_email, $config_mail_from_name,
$email, $name,
$subject, $body);
$mail = sendSingleEmail(
$config_smtp_host,
$config_smtp_username,
$config_smtp_password,
$config_smtp_encryption,
$config_smtp_port,
$config_mail_from_email,
$config_mail_from_name,
$email,
$name,
$subject,
$body
);
// Error handling
if ($mail !== true) {

46
post.php
View File

@ -284,7 +284,7 @@ if(isset($_POST['edit_profile'])){
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$new_password = trim($_POST['new_password']);
$existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
$logout = FALSE;
$logout = false;
$extended_log_description = '';
// Email notification when password or email is changed
@ -367,7 +367,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli,"UPDATE users SET user_password = '$new_password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' WHERE user_id = $user_id");
$extended_log_description .= ", password changed";
$logout = TRUE;
$logout = true;
}
// Enable extension access, only if it isn't already setup (user doesn't have cookie)
@ -377,7 +377,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli, "UPDATE users SET user_extension_key = '$extension_key' WHERE user_id = $user_id");
$extended_log_description .= ", extension access enabled";
$logout = TRUE;
$logout = true;
}
}
@ -4788,19 +4788,19 @@ if(isset($_POST["import_client_contacts_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -4808,7 +4808,7 @@ if(isset($_POST["import_client_contacts_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -4818,7 +4818,7 @@ if(isset($_POST["import_client_contacts_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@ -5209,19 +5209,19 @@ if(isset($_POST["import_client_locations_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -5229,7 +5229,7 @@ if(isset($_POST["import_client_locations_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 7) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -5239,7 +5239,7 @@ if(isset($_POST["import_client_locations_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@ -5519,19 +5519,19 @@ if(isset($_POST["import_client_assets_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -5539,7 +5539,7 @@ if(isset($_POST["import_client_assets_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -5549,7 +5549,7 @@ if(isset($_POST["import_client_assets_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@ -6163,19 +6163,19 @@ if(isset($_POST["import_client_logins_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -6183,7 +6183,7 @@ if(isset($_POST["import_client_logins_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 4) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -6193,7 +6193,7 @@ if(isset($_POST["import_client_logins_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));

202
product_add_modal.php
View File

@ -1,106 +1,106 @@
<div class="modal" id="addProductModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-box"></i> New Product</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-box"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Product name" required autofocus>
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-box"></i> New Product</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
</div>
<div class="form-group">
<label>Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<select class="form-control select2" name="category" required>
<option value="">- Select Category -</option>
<?php
$sql = mysqli_query($mysqli,"SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
<div class="form-row">
<div class="col">
<div class="form-group">
<label>Price <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="number" step="0.01" min="0" class="form-control" name="price" placeholder="Price" required>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Tax</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<select class="form-control select2" name="tax">
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE tax_archived_at IS NULL AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);
$tax_percent = htmlentities($row['tax_percent']);
?>
<option value="<?php echo $tax_id; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="form-group">
<label>Description</label>
<textarea class="form-control" rows="5" name="description" placeholder="Product description"></textarea>
</div>
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-box"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Product name" required autofocus>
</div>
</div>
<div class="form-group">
<label>Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<select class="form-control select2" name="category" required>
<option value="">- Select Category -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
<div class="form-row">
<div class="col">
<div class="form-group">
<label>Price <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="number" step="0.01" min="0" class="form-control" name="price" placeholder="Price" required>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Tax</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<select class="form-control select2" name="tax">
<option value="0">None</option>
<?php
$taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE tax_archived_at IS NULL AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id = $row['tax_id'];
$tax_name = htmlentities($row['tax_name']);
$tax_percent = htmlentities($row['tax_percent']);
?>
<option value="<?php echo $tax_id; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Description</label>
<textarea class="form-control" rows="5" name="description" placeholder="Product description"></textarea>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_product" class="btn btn-primary"><storng><i class="fas fa-check"></i> Create</storng></button>
</div>
</form>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_product" class="btn btn-primary"><storng><i class="fas fa-check"></i> Create</storng></button>
</div>
</form>
</div>
</div>
</div>
</div>

Some files were not shown because too many files have changed in this diff Show More