From 85cdc42d0f15e36de5cab00d7f3c799a056e85ef Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 8 Dec 2021 22:15:20 -0500 Subject: [PATCH] DB Structure update, Hide Passwords under client logins until eyeball is clicked to reveal password, prevent the looking over your shoulder type attack, Added Install Date to Assets, reworked client assets listing to include Operating System and Install Date --- add_asset_modal.php | 10 ++++++++++ client_assets.php | 17 +++++++++++++++-- client_logins.php | 3 ++- db.sql | 3 ++- edit_asset_modal.php | 10 ++++++++++ js/app.js | 7 ++++++- post.php | 12 ++++++++++-- settings-user.php | 33 +++++++++++++++++++-------------- 8 files changed, 74 insertions(+), 21 deletions(-) diff --git a/add_asset_modal.php b/add_asset_modal.php index 52647a10..cca96b79 100644 --- a/add_asset_modal.php +++ b/add_asset_modal.php @@ -229,6 +229,16 @@ +
+ +
+
+ +
+ +
+
+
diff --git a/client_assets.php b/client_assets.php index 3bd66f49..f1e11ac9 100644 --- a/client_assets.php +++ b/client_assets.php @@ -87,8 +87,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); Name Type Make/Model - Primary IP Serial Number + Operating System + Install Date Contact Location Action @@ -110,6 +111,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $asset_serial_display = $asset_serial; } $asset_os = $row['asset_os']; + if(empty($asset_os)){ + $asset_os_display = "-"; + }else{ + $asset_os_display = $asset_os; + } $asset_ip = $row['asset_ip']; if(empty($asset_ip)){ $asset_ip_display = "-"; @@ -119,6 +125,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $asset_mac = $row['asset_mac']; $asset_purchase_date = $row['asset_purchase_date']; $asset_warranty_expire = $row['asset_warranty_expire']; + $asset_install_date = $row['asset_install_date']; + if(empty($asset_install_date)){ + $asset_install_date_display = "-"; + }else{ + $asset_install_date_display = $asset_install_date; + } $asset_notes = $row['asset_notes']; $asset_created_at = $row['asset_created_at']; $asset_vendor_id = $row['asset_vendor_id']; @@ -216,8 +228,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); - + + diff --git a/client_logins.php b/client_logins.php index 7d8cc108..44360219 100644 --- a/client_logins.php +++ b/client_logins.php @@ -135,7 +135,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); - + + diff --git a/db.sql b/db.sql index 8866a913..441811cc 100644 --- a/db.sql +++ b/db.sql @@ -73,6 +73,7 @@ CREATE TABLE `assets` ( `asset_mac` varchar(17) DEFAULT NULL, `asset_purchase_date` date DEFAULT NULL, `asset_warranty_expire` date DEFAULT NULL, + `asset_install_date` date DEFAULT NULL, `asset_reciept` varchar(200) DEFAULT NULL, `asset_notes` text DEFAULT NULL, `asset_created_at` datetime NOT NULL, @@ -1099,4 +1100,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2021-11-19 20:43:27 +-- Dump completed on 2021-12-08 22:12:04 diff --git a/edit_asset_modal.php b/edit_asset_modal.php index 35808a12..61fa7c1b 100644 --- a/edit_asset_modal.php +++ b/edit_asset_modal.php @@ -228,6 +228,16 @@
+
+ +
+
+ +
+ +
+
+
diff --git a/js/app.js b/js/app.js index d8e33f18..12ab8ae8 100644 --- a/js/app.js +++ b/js/app.js @@ -72,4 +72,9 @@ clipboard.on('success', function(e) { clipboard.on('error', function(e) { setTooltip(e.trigger, 'Failed!'); hideTooltip(e.trigger); -}); \ No newline at end of file +}); + +// Enable Popovers +$(function () { + $('[data-toggle="popover"]').popover() +}) diff --git a/post.php b/post.php index c1e3ff08..a95a3ee2 100644 --- a/post.php +++ b/post.php @@ -4009,9 +4009,13 @@ if(isset($_POST['add_asset'])){ if(empty($warranty_expire)){ $warranty_expire = "0000-00-00"; } + $install_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['install_date']))); + if(empty($install_date)){ + $install_date = "0000-00-00"; + } $notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['notes']))); - mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_notes = '$notes', asset_created_at = NOW(), asset_network_id = $network, asset_client_id = $client_id, company_id = $session_company_id"); + mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_created_at = NOW(), asset_network_id = $network, asset_client_id = $client_id, company_id = $session_company_id"); if(!empty($_POST['username'])) { $asset_id = mysqli_insert_id($mysqli); @@ -4056,11 +4060,15 @@ if(isset($_POST['edit_asset'])){ if(empty($warranty_expire)){ $warranty_expire = "0000-00-00"; } + $install_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['install_date']))); + if(empty($install_date)){ + $install_date = "0000-00-00"; + } $notes = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['notes']))); $username = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['username']))); $password = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['password']))); - mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_notes = '$notes', asset_updated_at = NOW(), asset_network_id = $network WHERE asset_id = $asset_id AND company_id = $session_company_id"); + mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_updated_at = NOW(), asset_network_id = $network WHERE asset_id = $asset_id AND company_id = $session_company_id"); //If login exists then update the login if($login_id > 0){ diff --git a/settings-user.php b/settings-user.php index 7e1a3cc9..b9df1426 100644 --- a/settings-user.php +++ b/settings-user.php @@ -29,7 +29,7 @@ $sql_recent_logs = mysqli_query($mysqli,"SELECT * FROM logs " class="img-circle img-fluid"> - +

@@ -72,11 +72,20 @@ $sql_recent_logs = mysqli_query($mysqli,"SELECT * FROM logs
- + +
+ + + + + + + +
',TokenAuth6238::getBarCodeUrl('','',$session_token,$config_company_name)); + print sprintf('',TokenAuth6238::getBarCodeUrl($session_name,' ',$session_token,$_SERVER['SERVER_NAME'])); echo "

$session_token

"; } ?> +
-
- - - - - -
-
- + +
+ +
-
- +