mirror of
https://github.com/itflow-org/itflow
synced 2026-03-22 21:45:37 +00:00
Johnny
GitHub
@@ -4,10 +4,13 @@ define('number_regex', '/[^0-9]/');
|
|||||||
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_name'])));
|
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_name'])));
|
||||||
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_title'])));
|
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_title'])));
|
||||||
$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_department'])));
|
$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_department'])));
|
||||||
|
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_email'])));
|
||||||
$phone = preg_replace(number_regex, '', $_POST['contact_phone']);
|
$phone = preg_replace(number_regex, '', $_POST['contact_phone']);
|
||||||
$extension = preg_replace(number_regex, '', $_POST['contact_extension']);
|
$extension = preg_replace(number_regex, '', $_POST['contact_extension']);
|
||||||
$mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);
|
$mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);
|
||||||
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_email'])));
|
|
||||||
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_notes'])));
|
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_notes'])));
|
||||||
$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_auth_method'])));
|
$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_auth_method'])));
|
||||||
|
$important = intval($_POST['contact_important']);
|
||||||
|
$billing = intval($_POST['contact_billing']);
|
||||||
|
$technical = intval($_POST['contact_technical']);
|
||||||
$location_id = intval($_POST['contact_location_id']);
|
$location_id = intval($_POST['contact_location_id']);
|
||||||
@@ -17,7 +17,7 @@ if (!empty($name) && !empty($email) && !empty($client_id)) {
|
|||||||
if (mysqli_num_rows($email_duplication_sql) == 0) {
|
if (mysqli_num_rows($email_duplication_sql) == 0) {
|
||||||
|
|
||||||
// Insert contact
|
// Insert contact
|
||||||
$insert_sql = mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_created_at = NOW(), contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
|
$insert_sql = mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_department = '$department', contact_email = '$email', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_important = '$important', contact_billing = '$billing', contact_technical = '$technical', contact_created_at = NOW(), contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
|
||||||
|
|
||||||
// Check insert & get insert ID
|
// Check insert & get insert ID
|
||||||
if ($insert_sql) {
|
if ($insert_sql) {
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ $update_count = FALSE;
|
|||||||
|
|
||||||
if (!empty($name) && !empty($email)) {
|
if (!empty($name) && !empty($email)) {
|
||||||
|
|
||||||
$update_sql = mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_updated_at = NOW(), contact_department_id = $department, contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
|
$update_sql = mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_department = '$department', contact_email = '$email', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_important = '$important', contact_billing = '$billing', contact_technical = '$technical', contact_updated_at = NOW(), contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
|
||||||
|
|
||||||
// Check insert & get insert ID
|
// Check insert & get insert ID
|
||||||
if ($update_sql) {
|
if ($update_sql) {
|
||||||
|
|||||||
@@ -29,6 +29,11 @@ if (isset($_GET['contact_id'])) {
|
|||||||
} else {
|
} else {
|
||||||
$primary_contact_display = FALSE;
|
$primary_contact_display = FALSE;
|
||||||
}
|
}
|
||||||
|
if (empty($contact_name)) {
|
||||||
|
$contact_ticket_display = "-";
|
||||||
|
} else {
|
||||||
|
$contact_ticket_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
|
||||||
|
}
|
||||||
$contact_location_id = $row['contact_location_id'];
|
$contact_location_id = $row['contact_location_id'];
|
||||||
$location_name = htmlentities($row['location_name']);
|
$location_name = htmlentities($row['location_name']);
|
||||||
if (empty($location_name)) {
|
if (empty($location_name)) {
|
||||||
@@ -52,7 +57,7 @@ if (isset($_GET['contact_id'])) {
|
|||||||
$software_count = mysqli_num_rows($sql_related_software);
|
$software_count = mysqli_num_rows($sql_related_software);
|
||||||
|
|
||||||
// Related Tickets Query
|
// Related Tickets Query
|
||||||
$sql_related_tickets = mysqli_query($mysqli,"SELECT * FROM tickets WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
|
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN users on ticket_assigned_to = user_id WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
|
||||||
$ticket_count = mysqli_num_rows($sql_related_tickets);
|
$ticket_count = mysqli_num_rows($sql_related_tickets);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
@@ -86,7 +91,7 @@ if (isset($_GET['contact_id'])) {
|
|||||||
<div><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
|
<div><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
<?php if (!empty($contact_phone)) { ?>
|
<?php if (!empty($contact_phone)) { ?>
|
||||||
<div class="mb-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo "$contact_phone $contact_phone_extention"; ?></div>
|
<div class="mb-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo "$contact_phone $contact_extension"; ?></div>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
<?php if (!empty($contact_mobile)) { ?>
|
<?php if (!empty($contact_mobile)) { ?>
|
||||||
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
|
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
|
||||||
@@ -519,25 +524,13 @@ if (isset($_GET['contact_id'])) {
|
|||||||
} else {
|
} else {
|
||||||
$ticket_assigned_to_display = htmlentities($row['user_name']);
|
$ticket_assigned_to_display = htmlentities($row['user_name']);
|
||||||
}
|
}
|
||||||
$contact_id = $row['contact_id'];
|
|
||||||
$contact_name = htmlentities($row['contact_name']);
|
|
||||||
if (empty($contact_name)) {
|
|
||||||
$contact_display = "-";
|
|
||||||
} else {
|
|
||||||
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
|
|
||||||
}
|
|
||||||
$contact_title = htmlentities($row['contact_title']);
|
|
||||||
$contact_email = htmlentities($row['contact_email']);
|
|
||||||
$contact_phone = formatPhoneNumber($row['contact_phone']);
|
|
||||||
$contact_extension = htmlentities($row['contact_extension']);
|
|
||||||
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<tr>
|
<tr>
|
||||||
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
|
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
|
||||||
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
|
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
|
||||||
<td><?php echo $contact_display; ?></td>
|
<td><?php echo $contact_ticket_display; ?></td>
|
||||||
<td><?php echo $ticket_priority_display; ?></td>
|
<td><?php echo $ticket_priority_display; ?></td>
|
||||||
<td><?php echo $ticket_status_display; ?></td>
|
<td><?php echo $ticket_status_display; ?></td>
|
||||||
<td><?php echo $ticket_assigned_to_display; ?></td>
|
<td><?php echo $ticket_assigned_to_display; ?></td>
|
||||||
|
|||||||
@@ -60,7 +60,7 @@
|
|||||||
$folder_name = htmlentities($row['folder_name']);
|
$folder_name = htmlentities($row['folder_name']);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<option <?php if ($_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
|
<option <?php if (isset($_GET['folder_id']) && $_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|||||||
@@ -33,7 +33,7 @@
|
|||||||
$folder_name = htmlentities($row['folder_name']);
|
$folder_name = htmlentities($row['folder_name']);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<option <?php if ($_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
|
<option <?php if (isset($_GET['folder_id']) && $_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|||||||
@@ -1,19 +1,8 @@
|
|||||||
<?php include("inc_all.php");
|
<?php include("inc_all.php");
|
||||||
|
|
||||||
// Quick fix to prevent non-admins (i.e. techs) seeing financials - redirect to client list
|
// Enforce accountant / admin role for the financial dashboard
|
||||||
// To be removed when we have a proper technical dashboard for techs
|
if ($_SESSION['user_role'] != 3 && $_SESSION['user_role'] != 1) {
|
||||||
if ($_SESSION['user_role'] != 3) { ?>
|
exit('<script type="text/javascript">window.location.href = \'dashboard_technical.php\';</script>');
|
||||||
<script type="text/javascript">
|
|
||||||
window.location.href = 'dashboard_technical.php';
|
|
||||||
</script>
|
|
||||||
<?php
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
function roundUpToNearestMultiple($n, $increment = 1000)
|
|
||||||
{
|
|
||||||
return (int) ($increment * ceil($n / $increment));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_GET['year'])) {
|
if (isset($_GET['year'])) {
|
||||||
|
|||||||
@@ -535,4 +535,7 @@ function sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function roundUpToNearestMultiple($n, $increment = 1000)
|
||||||
|
{
|
||||||
|
return (int) ($increment * ceil($n / $increment));
|
||||||
|
}
|
||||||
|
|||||||
@@ -9,3 +9,7 @@ include("reports_side_nav.php");
|
|||||||
include("inc_wrapper.php");
|
include("inc_wrapper.php");
|
||||||
include("inc_alert_feedback.php");
|
include("inc_alert_feedback.php");
|
||||||
|
|
||||||
|
// Set variable default values
|
||||||
|
$largest_income_month = 0;
|
||||||
|
$largest_invoice_month = 0;
|
||||||
|
$recurring_total = 0;
|
||||||
|
|||||||
2
post.php
2
post.php
@@ -3023,7 +3023,6 @@ if(isset($_POST['add_quote'])){
|
|||||||
$client = intval($_POST['client']);
|
$client = intval($_POST['client']);
|
||||||
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
|
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
|
||||||
$category = intval($_POST['category']);
|
$category = intval($_POST['category']);
|
||||||
$currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code'])));
|
|
||||||
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
|
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
|
||||||
|
|
||||||
//Get the last Quote Number and add 1 for the new Quote number
|
//Get the last Quote Number and add 1 for the new Quote number
|
||||||
@@ -3412,7 +3411,6 @@ if(isset($_POST['add_recurring'])){
|
|||||||
$frequency = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['frequency'])));
|
$frequency = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['frequency'])));
|
||||||
$start_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['start_date'])));
|
$start_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['start_date'])));
|
||||||
$category = intval($_POST['category']);
|
$category = intval($_POST['category']);
|
||||||
$currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code'])));
|
|
||||||
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
|
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
|
||||||
|
|
||||||
//Get the last Recurring Number and add 1 for the new Recurring number
|
//Get the last Recurring Number and add 1 for the new Recurring number
|
||||||
|
|||||||
@@ -1,10 +1,4 @@
|
|||||||
<?php include("inc_all_reports.php"); ?>
|
<?php include("inc_all_reports.php");
|
||||||
<?php
|
|
||||||
|
|
||||||
function roundUpToNearestMultiple($n, $increment = 1000)
|
|
||||||
{
|
|
||||||
return (int) ($increment * ceil($n / $increment));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($_GET['year'])) {
|
if (isset($_GET['year'])) {
|
||||||
$year = intval($_GET['year']);
|
$year = intval($_GET['year']);
|
||||||
|
|||||||
@@ -1,11 +1,6 @@
|
|||||||
<?php include("inc_all_reports.php"); ?>
|
<?php include("inc_all_reports.php"); ?>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function roundUpToNearestMultiple($n, $increment = 1000)
|
|
||||||
{
|
|
||||||
return (int) ($increment * ceil($n / $increment));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($_GET['year'])) {
|
if (isset($_GET['year'])) {
|
||||||
$year = intval($_GET['year']);
|
$year = intval($_GET['year']);
|
||||||
} else {
|
} else {
|
||||||
@@ -178,6 +173,7 @@ var myLineChart = new Chart(ctx, {
|
|||||||
pointBorderWidth: 2,
|
pointBorderWidth: 2,
|
||||||
data: [
|
data: [
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
for ($month = 1; $month<=12; $month++) {
|
for ($month = 1; $month<=12; $month++) {
|
||||||
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
|
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
|
||||||
$row = mysqli_fetch_array($sql_payments);
|
$row = mysqli_fetch_array($sql_payments);
|
||||||
|
|||||||
@@ -1,5 +1,4 @@
|
|||||||
<?php include("inc_all_reports.php"); ?>
|
<?php include("inc_all_reports.php");
|
||||||
<?php
|
|
||||||
|
|
||||||
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id");
|
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id");
|
||||||
|
|
||||||
@@ -23,6 +22,7 @@ $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $s
|
|||||||
</thead>
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
while ($row = mysqli_fetch_array($sql_clients)) {
|
while ($row = mysqli_fetch_array($sql_clients)) {
|
||||||
$client_id = $row['client_id'];
|
$client_id = $row['client_id'];
|
||||||
$client_name = htmlentities($row['client_name']);
|
$client_name = htmlentities($row['client_name']);
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM tags
|
|||||||
|
|
||||||
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||||
|
|
||||||
if ($num_row > 0) {
|
if ($num_rows > 0) {
|
||||||
//Colors Used
|
//Colors Used
|
||||||
$sql_colors_used = mysqli_query($mysqli, "SELECT tag_color FROM tags
|
$sql_colors_used = mysqli_query($mysqli, "SELECT tag_color FROM tags
|
||||||
WHERE tag_archived_at IS NULL
|
WHERE tag_archived_at IS NULL
|
||||||
|
|||||||
Reference in New Issue
Block a user