AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-01 03:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

broken link updates

Browse Source
This commit is contained in:
johnnyq
2025-07-30 20:59:20 -04:00
parent 8e87c25de1
commit 905908bcf1
38 changed files with 103 additions and 287 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3845
user/database_updates.php
View File

File diff suppressed because it is too large Load Diff

10
user/post/asset.php
View File

@@ -27,10 +27,10 @@ if (isset($_POST['add_asset'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
@@ -100,13 +100,13 @@ if (isset($_POST['edit_asset'])) {
// Set directory in which the uploaded file will be moved
$file_tmp_path = $_FILES['file']['tmp_name'];
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
//Delete old file
unlink("uploads/clients/$client_id/$existing_file_name");
unlink("../uploads/clients/$client_id/$existing_file_name");
mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id");
}

2
user/post/category.php
View File

@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_category'])) {
require_once 'post/user/category_model.php';
require_once 'category_model.php';
mysqli_query($mysqli,"INSERT INTO categories SET category_name = '$name', category_type = '$type', category_color = '$color'");

4
user/post/certificate.php
View File

@@ -10,7 +10,7 @@ if (isset($_POST['add_certificate'])) {
enforceUserPermission('module_support', 2);
require_once 'post/user/certificate_model.php';
require_once 'certificate_model.php';
// Parse public key data for a manually provided public key
if (!empty($public_key) && (empty($expire) && empty($issued_by))) {
@@ -45,7 +45,7 @@ if (isset($_POST['edit_certificate'])) {
enforceUserPermission('module_support', 2);
require_once 'post/user/certificate_model.php';
require_once 'certificate_model.php';
$certificate_id = intval($_POST['certificate_id']);
// Parse public key data for a manually provided public key

6
user/post/client.php
View File

@@ -520,9 +520,9 @@ if (isset($_POST["import_clients_csv"])) {
$client_id = mysqli_insert_id($mysqli);
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
file_put_contents("uploads/clients/$client_id/index.php", "");
if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
file_put_contents("../uploads/clients/$client_id/index.php", "");
}
// Create Referral if it doesn't exist

18
user/post/contact.php
View File

@@ -10,7 +10,7 @@ if (isset($_POST['add_contact'])) {
enforceUserPermission('module_client', 2);
require_once 'post/user/contact_model.php';
require_once 'contact_model.php';
// Create User Account
$user_id = 0;
@@ -54,10 +54,10 @@ if (isset($_POST['add_contact'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
@@ -81,7 +81,7 @@ if (isset($_POST['edit_contact'])) {
enforceUserPermission('module_client', 2);
require_once 'post/user/contact_model.php';
require_once 'contact_model.php';
$contact_id = intval($_POST['contact_id']);
$send_email = intval($_POST['send_email'] ?? 0);
@@ -92,8 +92,8 @@ if (isset($_POST['edit_contact'])) {
$existing_file_name = sanitizeInput($row['contact_photo']);
$contact_user_id = intval($row['contact_user_id']);
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
// Update Existing User
@@ -130,13 +130,13 @@ if (isset($_POST['edit_contact'])) {
// Set directory in which the uploaded file will be moved
$file_tmp_path = $_FILES['file']['tmp_name'];
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
//Delete old file
unlink("uploads/clients/$client_id/$existing_file_name");
unlink("../uploads/clients/$client_id/$existing_file_name");
mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");

4
user/post/credential.php
View File

@@ -10,7 +10,7 @@ if (isset($_POST['add_credential'])) {
enforceUserPermission('module_credential', 2);
require_once 'post/user/credential_model.php';
require_once 'credential_model.php';
mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_asset_id = $asset_id, credential_client_id = $client_id");
@@ -37,7 +37,7 @@ if (isset($_POST['edit_credential'])) {
enforceUserPermission('module_credential', 2);
require_once 'post/user/credential_model.php';
require_once 'credential_model.php';
$credential_id = intval($_POST['credential_id']);

2
user/post/document.php
View File

@@ -564,7 +564,7 @@ if (isset($_GET['export_document'])) {
$client_id = intval($row['document_client_id']);
// Include the TCPDF class
require_once('plugins/TCPDF/tcpdf.php');
require_once('../plugins/TCPDF/tcpdf.php');
$pdf = new TCPDF();

4
user/post/event.php
View File

@@ -43,7 +43,7 @@ if (isset($_POST['edit_calendar'])) {
if (isset($_POST['add_event'])) {
require_once 'post/user/event_model.php';
require_once 'event_model.php';
mysqli_query($mysqli,"INSERT INTO calendar_events SET event_title = '$title', event_location = '$location', event_description = '$description', event_start = '$start', event_end = '$end', event_repeat = '$repeat', event_calendar_id = $calendar_id, event_client_id = $client");
@@ -117,7 +117,7 @@ if (isset($_POST['add_event'])) {
if (isset($_POST['edit_event'])) {
require_once 'post/user/event_model.php';
require_once 'event_model.php';
$event_id = intval($_POST['event_id']);

14
user/post/expense.php
View File

@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_expense'])) {
require_once 'post/user/expense_model.php';
require_once 'expense_model.php';
mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$date', expense_amount = $amount, expense_currency_code = '$session_company_currency', expense_account_id = $account, expense_vendor_id = $vendor, expense_client_id = $client, expense_category_id = $category, expense_description = '$description', expense_reference = '$reference'");
@@ -24,7 +24,7 @@ if (isset($_POST['add_expense'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
$upload_file_dir = "uploads/expenses/";
$upload_file_dir = "../uploads/expenses/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
@@ -44,7 +44,7 @@ if (isset($_POST['add_expense'])) {
if (isset($_POST['edit_expense'])) {
require_once 'post/user/expense_model.php';
require_once 'expense_model.php';
$expense_id = intval($_POST['expense_id']);
@@ -62,12 +62,12 @@ if (isset($_POST['edit_expense'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
$upload_file_dir = "uploads/expenses/";
$upload_file_dir = "../uploads/expenses/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
//Delete old file
unlink("uploads/expenses/$existing_file_name");
unlink("../uploads/expenses/$existing_file_name");
mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
$extended_alert_description = '. File successfully uploaded.';
@@ -94,7 +94,7 @@ if (isset($_GET['delete_expense'])) {
$expense_description = sanitizeInput($row['expense_description']);
$client_id = intval($row['expense_client_id']);
unlink("uploads/expenses/$expense_receipt");
unlink("../uploads/expenses/$expense_receipt");
mysqli_query($mysqli,"DELETE FROM expenses WHERE expense_id = $expense_id");
@@ -243,7 +243,7 @@ if (isset($_POST['bulk_delete_expenses'])) {
$expense_receipt = sanitizeInput($row['expense_receipt']);
$client_id = intval($row['expense_client_id']);
unlink("uploads/expenses/$expense_receipt");
unlink("../uploads/expenses/$expense_receipt");
mysqli_query($mysqli, "DELETE FROM expenses WHERE expense_id = $expense_id");

14
user/post/file.php
View File

@@ -17,7 +17,7 @@ if (isset($_POST['upload_files'])) {
$description = sanitizeInput($_POST['description']);
$contact_id = intval($_POST['contact'] ?? 0);
$asset_id = intval($_POST['asset'] ?? 0);
$client_dir = "uploads/clients/$client_id";
$client_dir = "../uploads/clients/$client_id";
// Create client directory if it doesn't exist
if (!is_dir($client_dir)) {
@@ -295,13 +295,13 @@ if (isset($_POST['delete_file'])) {
$file_has_thumbnail = intval($row['file_has_thumbnail']);
$file_has_preview = intval($row['file_has_preview']);
unlink("uploads/clients/$client_id/$file_reference_name");
unlink("../uploads/clients/$client_id/$file_reference_name");
if ($file_has_thumbnail == 1) {
unlink("uploads/clients/$client_id/thumbnail_$file_reference_name");
unlink("../uploads/clients/$client_id/thumbnail_$file_reference_name");
}
if ($file_has_preview == 1) {
unlink("uploads/clients/$client_id/preview_$file_reference_name");
unlink("../uploads/clients/$client_id/preview_$file_reference_name");
}
mysqli_query($mysqli,"DELETE FROM files WHERE file_id = $file_id");
@@ -339,13 +339,13 @@ if (isset($_POST['bulk_delete_files'])) {
$file_has_thumbnail = intval($row['file_has_thumbnail']);
$file_has_preview = intval($row['file_has_preview']);
unlink("uploads/clients/$client_id/$file_reference_name");
unlink("../uploads/clients/$client_id/$file_reference_name");
if ($file_has_thumbnail == 1) {
unlink("uploads/clients/$client_id/thumbnail_$file_reference_name");
unlink("../uploads/clients/$client_id/thumbnail_$file_reference_name");
}
if ($file_has_preview == 1) {
unlink("uploads/clients/$client_id/preview_$file_reference_name");
unlink("../uploads/clients/$client_id/preview_$file_reference_name");
}
mysqli_query($mysqli,"DELETE FROM files WHERE file_id = $file_id");

12
user/post/invoice.php
View File

@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_invoice'])) {
require_once 'post/user/invoice_model.php';
require_once 'invoice_model.php';
$client_id = intval($_POST['client']);
@@ -43,7 +43,7 @@ if (isset($_POST['add_invoice'])) {
if (isset($_POST['edit_invoice'])) {
require_once 'post/user/invoice_model.php';
require_once 'invoice_model.php';
$invoice_id = intval($_POST['invoice_id']);
$due = sanitizeInput($_POST['due']);
@@ -1133,7 +1133,7 @@ if (isset($_GET['add_payment_stripe'])) {
}
// Initialize Stripe
require_once __DIR__ . '/../../plugins/stripe-php/init.php';
require_once __DIR__ . '/../plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($config_stripe_secret);
$balance_to_pay = round($invoice_amount, 2);
@@ -2124,7 +2124,7 @@ if (isset($_GET['export_invoice_pdf'])) {
//Set Badge color based off of invoice status
$invoice_badge_color = getInvoiceBadgeColor($invoice_status);
require_once("plugins/TCPDF/tcpdf.php");
require_once("../plugins/TCPDF/tcpdf.php");
// Start TCPDF
$pdf = new TCPDF('P', 'mm', 'A4', true, 'UTF-8', false);
@@ -2138,8 +2138,8 @@ if (isset($_GET['export_invoice_pdf'])) {
$html = '<table width="100%" cellspacing="0" cellpadding="3">
<tr>
<td width="40%">';
if (!empty($company_logo) && file_exists("uploads/settings/$company_logo")) {
$html .= '<img src="uploads/settings/' . $company_logo . '" width="120">';
if (!empty($company_logo) && file_exists("../uploads/settings/$company_logo")) {
$html .= '<img src="../uploads/settings/' . $company_logo . '" width="120">';
}
$html .= '</td>
<td width="60%" align="right">

18
user/post/location.php
View File

@@ -10,11 +10,11 @@ if(isset($_POST['add_location'])){
enforceUserPermission('module_client', 2);
require_once 'post/user/location_model.php';
require_once 'location_model.php';
if(!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if(!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id");
@@ -41,7 +41,7 @@ if(isset($_POST['add_location'])){
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
@@ -64,7 +64,7 @@ if(isset($_POST['edit_location'])){
enforceUserPermission('module_client', 2);
require_once 'post/user/location_model.php';
require_once 'location_model.php';
$location_id = intval($_POST['location_id']);
@@ -75,8 +75,8 @@ if(isset($_POST['edit_location'])){
$existing_file_name = sanitizeInput($row['location_photo']);
if(!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if(!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id");
@@ -104,13 +104,13 @@ if(isset($_POST['edit_location'])){
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
//Delete old file
unlink("uploads/clients/$client_id/$existing_file_name");
unlink("../uploads/clients/$client_id/$existing_file_name");
mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");

4
user/post/network.php
View File

@@ -10,7 +10,7 @@ if (isset($_POST['add_network'])) {
enforceUserPermission('module_support', 2);
require_once 'post/user/network_model.php';
require_once 'network_model.php';
mysqli_query($mysqli,"INSERT INTO networks SET network_name = '$name', network_description = '$description', network_vlan = $vlan, network = '$network', network_subnet = '$subnet', network_gateway = '$gateway', network_primary_dns = '$primary_dns', network_secondary_dns = '$secondary_dns', network_dhcp_range = '$dhcp_range', network_notes = '$notes', network_location_id = $location_id, network_client_id = $client_id");
@@ -30,7 +30,7 @@ if (isset($_POST['edit_network'])) {
enforceUserPermission('module_support', 2);
$network_id = intval($_POST['network_id']);
require_once 'post/user/network_model.php';
require_once 'network_model.php';
mysqli_query($mysqli,"UPDATE networks SET network_name = '$name', network_description = '$description', network_vlan = $vlan, network = '$network', network_subnet = '$subnet', network_gateway = '$gateway', network_primary_dns = '$primary_dns', network_secondary_dns = '$secondary_dns', network_dhcp_range = '$dhcp_range', network_notes = '$notes', network_location_id = $location_id WHERE network_id = $network_id");

4
user/post/product.php
View File

@@ -11,7 +11,7 @@ if (isset($_POST['add_product'])) {
enforceUserPermission('module_sales', 2);
require_once 'post/user/product_model.php';
require_once 'product_model.php';
mysqli_query($mysqli,"INSERT INTO products SET product_name = '$name', product_description = '$description', product_price = '$price', product_currency_code = '$session_company_currency', product_tax_id = $tax, product_category_id = $category");
@@ -30,7 +30,7 @@ if (isset($_POST['edit_product'])) {
enforceUserPermission('module_sales', 2);
require_once 'post/user/product_model.php';
require_once 'product_model.php';
$product_id = intval($_POST['product_id']);

2
user/post/profile.php
View File

@@ -197,7 +197,7 @@ if (isset($_POST['enable_mfa'])) {
validateCSRFToken($_POST['csrf_token']);
require_once "plugins/totp/totp.php";
require_once "../plugins/totp/totp.php";
// Grab the code from the user
$verify_code = trim($_POST['verify_code']);

10
user/post/quote.php
View File

@@ -10,7 +10,7 @@ if (isset($_POST['add_quote'])) {
enforceUserPermission('module_sales', 2);
require_once 'post/user/quote_model.php';
require_once 'quote_model.php';
$client_id = intval($_POST['client']);
@@ -252,7 +252,7 @@ if (isset($_POST['edit_quote'])) {
enforceUserPermission('module_sales', 2);
require_once 'post/user/quote_model.php';
require_once 'quote_model.php';
$quote_id = intval($_POST['quote_id']);
@@ -683,7 +683,7 @@ if (isset($_GET['export_quote_pdf'])) {
$quote_badge_color = "secondary";
}
require_once("plugins/TCPDF/tcpdf.php");
require_once("../plugins/TCPDF/tcpdf.php");
// Start TCPDF
$pdf = new TCPDF('P', 'mm', 'A4', true, 'UTF-8', false);
@@ -697,8 +697,8 @@ if (isset($_GET['export_quote_pdf'])) {
$html = '<table width="100%" cellspacing="0" cellpadding="3">
<tr>
<td width="40%">';
if (!empty($company_logo) && file_exists("uploads/settings/$company_logo")) {
$html .= '<img src="uploads/settings/' . $company_logo . '" width="120">';
if (!empty($company_logo) && file_exists("../uploads/settings/$company_logo")) {
$html .= '<img src="../uploads/settings/' . $company_logo . '" width="120">';
}
$html .= '</td>
<td width="60%" align="right">

14
user/post/rack.php
View File

@@ -31,10 +31,10 @@ if (isset($_POST['add_rack'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
@@ -74,10 +74,10 @@ if (isset($_POST['edit_rack'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id");
}
$upload_file_dir = "uploads/clients/$client_id/";
$upload_file_dir = "../uploads/clients/$client_id/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
@@ -157,7 +157,7 @@ if (isset($_GET['delete_rack'])) {
// Delete Photo if exists
if ($rack_photo) {
unlink("uploads/clients/$client_id/$rack_photo");
unlink("../uploads/clients/$client_id/$rack_photo");
}
// Logging

2
user/post/tag.php
View File

@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_tag'])) {
require_once 'post/user/tag_model.php';
require_once 'tag_model.php';
mysqli_query($mysqli,"INSERT INTO tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon'");

4
user/post/ticket.php
View File

@@ -760,7 +760,7 @@ if (isset($_GET['delete_ticket'])) {
// Delete Ticket Attachements
mysqli_query($mysqli, "DELETE FROM ticket_attachments WHERE ticket_attachment_ticket_id = $ticket_id");
removeDirectory("uploads/tickets/$ticket_id");
removeDirectory("../uploads/tickets/$ticket_id");
// No Need to delete ticket assets as this is cascadely deleted via the database.
@@ -802,7 +802,7 @@ if (isset($_POST['bulk_delete_tickets'])) {
// Delete Ticket Attachements
mysqli_query($mysqli, "DELETE FROM ticket_attachments WHERE ticket_attachment_ticket_id = $ticket_id");
removeDirectory("uploads/tickets/$ticket_id");
removeDirectory("../uploads/tickets/$ticket_id");
// No Need to delete ticket assets as this is cascadely deleted via the database.

4
user/post/transfer.php
View File

@@ -10,7 +10,7 @@ if (isset($_POST['add_transfer'])) {
enforceUserPermission('module_financial', 2);
require_once 'post/user/transfer_model.php';
require_once 'transfer_model.php';
// Get Source Account Name for logging
$sql = mysqli_query($mysqli,"SELECT account_name, account_currency_code FROM accounts WHERE account_id = $account_from");
@@ -46,7 +46,7 @@ if (isset($_POST['edit_transfer'])) {
enforceUserPermission('module_financial', 2);
require_once 'post/user/transfer_model.php';
require_once 'transfer_model.php';
$transfer_id = intval($_POST['transfer_id']);

4
user/post/trip.php
View File

@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_trip'])) {
require_once 'post/user/trip_model.php';
require_once 'trip_model.php';
mysqli_query($mysqli,"INSERT INTO trips SET trip_date = '$date', trip_source = '$source', trip_destination = '$destination', trip_miles = $miles, round_trip = $roundtrip, trip_purpose = '$purpose', trip_user_id = $user_id, trip_client_id = $client_id");
@@ -26,7 +26,7 @@ if (isset($_POST['add_trip'])) {
if (isset($_POST['edit_trip'])) {
require_once 'post/user/trip_model.php';
require_once 'trip_model.php';
$trip_id = intval($_POST['trip_id']);

4
user/post/vendor.php
View File

@@ -49,7 +49,7 @@ if (isset($_POST['add_vendor_from_template'])) {
if (isset($_POST['add_vendor'])) {
require_once 'post/user/vendor_model.php';
require_once 'vendor_model.php';
$client_id = intval($_POST['client_id']); // Used if this vendor is under a contact otherwise its 0 for under company
@@ -67,7 +67,7 @@ if (isset($_POST['add_vendor'])) {
if (isset($_POST['edit_vendor'])) {
require_once 'post/user/vendor_model.php';
require_once 'vendor_model.php';
$vendor_id = intval($_POST['vendor_id']);
$vendor_template_id = intval($_POST['vendor_template_id']);