mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 02:44:53 +00:00
broken link updates
This commit is contained in:
johnnyq
@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
if (isset($_POST['add_category'])) {
|
||||
|
||||
require_once 'post/admin/admin_category_model.php';
|
||||
require_once 'category_model.php';
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = '$name', category_type = '$type', category_color = '$color'");
|
||||
|
||||
@@ -25,7 +25,7 @@ if (isset($_POST['add_category'])) {
|
||||
|
||||
if (isset($_POST['edit_category'])) {
|
||||
|
||||
require_once 'post/admin/admin_category_model.php';
|
||||
require_once 'category_model.php';
|
||||
|
||||
$category_id = intval($_POST['category_id']);
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
if(isset($_POST['create_custom_field'])){
|
||||
|
||||
require_once 'post/admin/admin_custom_field_model.php';
|
||||
require_once 'custom_field_model.php';
|
||||
|
||||
$table = sanitizeInput($_POST['table']);
|
||||
|
||||
@@ -27,7 +27,7 @@ if(isset($_POST['create_custom_field'])){
|
||||
|
||||
if(isset($_POST['edit_custom_field'])){
|
||||
|
||||
require_once 'post/admin/admin_custom_field_model.php';
|
||||
require_once 'custom_field_model.php';
|
||||
|
||||
$custom_field_id = intval($_POST['custom_field_id']);
|
||||
|
||||
|
||||
@@ -28,13 +28,13 @@ if (isset($_POST['edit_company'])) {
|
||||
$file_tmp_path = $_FILES['file']['tmp_name'];
|
||||
|
||||
// directory in which the uploaded file will be moved
|
||||
$upload_file_dir = "uploads/settings/";
|
||||
$upload_file_dir = "../uploads/settings/";
|
||||
$dest_path = $upload_file_dir . $new_file_name;
|
||||
|
||||
move_uploaded_file($file_tmp_path, $dest_path);
|
||||
|
||||
// Delete old file
|
||||
unlink("uploads/settings/$existing_file_name");
|
||||
unlink("../uploads/settings/$existing_file_name");
|
||||
|
||||
// Set Logo
|
||||
mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = 1");
|
||||
@@ -59,7 +59,7 @@ if (isset($_GET['remove_company_logo'])) {
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$company_logo = $row['company_logo']; // FileSystem Operation Logo is already sanitized
|
||||
|
||||
unlink("uploads/settings/$company_logo");
|
||||
unlink("../uploads/settings/$company_logo");
|
||||
|
||||
mysqli_query($mysqli,"UPDATE companies SET company_logo = NULL WHERE company_id = 1");
|
||||
|
||||
|
||||
@@ -16,7 +16,7 @@ if (isset($_GET['stripe_remove_pm'])) {
|
||||
|
||||
try {
|
||||
// Initialize stripe
|
||||
require_once 'plugins/stripe-php/init.php';
|
||||
require_once '../plugins/stripe-php/init.php';
|
||||
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
||||
|
||||
// Detach PM
|
||||
|
||||
@@ -30,12 +30,12 @@ if (isset($_POST['edit_favicon_settings'])) {
|
||||
$file_tmp_path = $_FILES['file']['tmp_name'];
|
||||
|
||||
// Delete old file
|
||||
if(file_exists("uploads/favicon.ico")) {
|
||||
unlink("uploads/favicon.ico");
|
||||
if(file_exists("../uploads/favicon.ico")) {
|
||||
unlink("../uploads/favicon.ico");
|
||||
}
|
||||
|
||||
// directory in which the uploaded file will be moved
|
||||
$upload_file_dir = "uploads/";
|
||||
$upload_file_dir = "../uploads/";
|
||||
//Force File Name
|
||||
$new_file_name = "favicon.ico";
|
||||
$dest_path = $upload_file_dir . $new_file_name;
|
||||
|
||||
@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
if (isset($_POST['add_tag'])) {
|
||||
|
||||
require_once 'post/admin/admin_tag_model.php';
|
||||
require_once 'tag_model.php';
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon'");
|
||||
|
||||
@@ -25,7 +25,7 @@ if (isset($_POST['add_tag'])) {
|
||||
|
||||
if (isset($_POST['edit_tag'])) {
|
||||
|
||||
require_once 'post/admin/admin_tag_model.php';
|
||||
require_once 'post/tag_model.php';
|
||||
|
||||
$tag_id = intval($_POST['tag_id']);
|
||||
|
||||
|
||||
@@ -5,8 +5,8 @@
|
||||
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
// Import shared code from user-side tickets/tasks as we reuse functions
|
||||
require_once 'post/user/ticket.php';
|
||||
require_once 'post/user/task.php';
|
||||
require_once '../user/post/ticket.php';
|
||||
require_once '../user/post/task.php';
|
||||
|
||||
if (isset($_POST['add_ticket_template'])) {
|
||||
|
||||
|
||||
@@ -288,7 +288,7 @@ if (isset($_GET['update_db'])) {
|
||||
//validateAdminRole(); // Old function
|
||||
|
||||
// Get the current version
|
||||
require_once ('includes/database_version.php');
|
||||
require_once ('../includes/database_version.php');
|
||||
|
||||
// Perform upgrades, if required
|
||||
require_once ('database_updates.php');
|
||||
|
||||
@@ -27,8 +27,8 @@ if (isset($_POST['add_user'])) {
|
||||
}
|
||||
}
|
||||
|
||||
if (!file_exists("uploads/users/$user_id/")) {
|
||||
mkdir("uploads/users/$user_id");
|
||||
if (!file_exists("../uploads/users/$user_id/")) {
|
||||
mkdir("../uploads/users/$user_id");
|
||||
}
|
||||
|
||||
// Check for and process image/photo
|
||||
@@ -103,7 +103,7 @@ if (isset($_POST['edit_user'])) {
|
||||
|
||||
validateCSRFToken($_POST['csrf_token']);
|
||||
|
||||
require_once 'post/admin/admin_user_model.php';
|
||||
require_once 'user_model.php';
|
||||
|
||||
$user_id = intval($_POST['user_id']);
|
||||
$new_password = trim($_POST['new_password']);
|
||||
@@ -127,8 +127,8 @@ if (isset($_POST['edit_user'])) {
|
||||
$two_fa = $_POST['2fa'];
|
||||
}
|
||||
|
||||
if (!file_exists("uploads/users/$user_id/")) {
|
||||
mkdir("uploads/users/$user_id");
|
||||
if (!file_exists("../uploads/users/$user_id/")) {
|
||||
mkdir("../uploads/users/$user_id");
|
||||
}
|
||||
|
||||
// Check for and process image/photo
|
||||
@@ -139,7 +139,7 @@ if (isset($_POST['edit_user'])) {
|
||||
$file_tmp_path = $_FILES['file']['tmp_name'];
|
||||
|
||||
// directory in which the uploaded file will be moved
|
||||
$upload_file_dir = "uploads/users/$user_id/";
|
||||
$upload_file_dir = "../uploads/users/$user_id/";
|
||||
$dest_path = $upload_file_dir . $new_file_name;
|
||||
move_uploaded_file($file_tmp_path, $dest_path);
|
||||
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
|
||||
|
||||
// Import shared code from user-side vendor management as we reuse functions
|
||||
require_once 'post/user/vendor.php';
|
||||
require_once '../user/post/vendor.php';
|
||||
|
||||
if (isset($_POST['add_vendor_template'])) {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user