mirror of https://github.com/itflow-org/itflow
Merge pull request #1029 from itflow-org/portal-updates
Portal - allow editing client contacts
This commit is contained in:
wrongecho
GitHub
commit
91fb4b663a
|
|
@ -0,0 +1,124 @@
|
|||
<?php
|
||||
/*
|
||||
* Client Portal
|
||||
* Contact management for PTC / technical contacts
|
||||
*/
|
||||
|
||||
header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com");
|
||||
|
||||
require_once "inc_portal.php";
|
||||
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
// Check for a contact ID
|
||||
if (!isset($_GET['id']) && !intval($_GET['id'])) {
|
||||
header("Location: contacts.php");
|
||||
exit();
|
||||
}
|
||||
|
||||
$contact_id = intval($_GET['id']);
|
||||
|
||||
$sql_contact = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_primary, contact_technical, contact_billing, contact_auth_method FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $session_client_id AND contacts.contact_archived_at IS NULL LIMIT 1");
|
||||
|
||||
$row = mysqli_fetch_array($sql_contact);
|
||||
|
||||
if ($row) {
|
||||
$contact_id = intval($row['contact_id']);
|
||||
$contact_name = nullable_htmlentities($row['contact_name']);
|
||||
$contact_email = nullable_htmlentities($row['contact_email']);
|
||||
$contact_primary = intval($row['contact_primary']);
|
||||
$contact_technical = intval($row['contact_technical']);
|
||||
$contact_billing = intval($row['contact_billing']);
|
||||
$contact_auth_method = nullable_htmlentities($row['contact_auth_method']);
|
||||
} else {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<ol class="breadcrumb d-print-none">
|
||||
<li class="breadcrumb-item">
|
||||
<a href="index.php">Home</a>
|
||||
</li>
|
||||
<li class="breadcrumb-item">
|
||||
<a href="contacts.php">Contacts</a>
|
||||
</li>
|
||||
<li class="breadcrumb-item active">Edit Contact</li>
|
||||
</ol>
|
||||
|
||||
<div class="col-md-6">
|
||||
<form action="portal_post.php" method="post">
|
||||
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
|
||||
<!-- Prevent undefined checkbox errors on submit -->
|
||||
<input type="hidden" name="contact_billing" value="0">
|
||||
<input type="hidden" name="contact_technical" value="0">
|
||||
|
||||
<div class="form-group">
|
||||
<label>Name <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="contact_name" value="<?php echo nullable_htmlentities($contact_name) ?>" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Email <strong class="text-danger">*</strong></label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
|
||||
</div>
|
||||
<input type="text" class="form-control" name="contact_email" value="<?php echo nullable_htmlentities($contact_email) ?>" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<label>Roles:</label>
|
||||
<div class="form-row">
|
||||
<div class="col-md-4">
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="contactBillingCheckbox" name="contact_billing" value="1" <?php if ($contact_billing == 1) { echo "checked"; } ?>>
|
||||
<label class="custom-control-label" for="contactBillingCheckbox">Billing</label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-md-4">
|
||||
<div class="form-group">
|
||||
<div class="custom-control custom-checkbox">
|
||||
<input type="checkbox" class="custom-control-input" id="contactTechnicalCheckbox" name="contact_technical" value="1" <?php if ($contact_technical == 1) { echo "checked"; } ?>>
|
||||
<label class="custom-control-label" for="contactTechnicalCheckbox">Technical</label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Portal authentication</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user-circle"></i></span>
|
||||
</div>
|
||||
<select class="form-control select2 authMethod" name="contact_auth_method">
|
||||
<option value="">- No portal access -</option>
|
||||
<option value="local" <?php if ($contact_auth_method == "local") { echo "selected"; } ?>>Local (Email and password)</option>
|
||||
<?php if (!empty($config_azure_client_id)) { ?>
|
||||
<option value="azure" <?php if ($contact_auth_method == "azure") { echo "selected"; } ?>>Azure (Microsoft 365)</option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php if ($contact_primary) { echo "<i>Cannot edit the primary contact</i>"; } else { ?>
|
||||
<button class="btn btn-primary" name="edit_contact">Save</button>
|
||||
<?php } ?>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
|
||||
<?php
|
||||
require_once "portal_footer.php";
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
/*
|
||||
* Client Portal
|
||||
* Docs for PTC / technical contacts
|
||||
* Contact management for PTC / technical contacts
|
||||
*/
|
||||
|
||||
header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com");
|
||||
|
|
@ -54,7 +54,7 @@ $contacts_sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_
|
|||
?>
|
||||
|
||||
<tr>
|
||||
<td><a href="contact.php?id=<?php echo $contact_id?>" disabled="disabled"><?php echo $contact_name ?></a></td>
|
||||
<td><a href="contact_edit.php?id=<?php echo $contact_id?>"><?php echo $contact_name ?></a></td>
|
||||
<td><?php echo $contact_email; ?></td>
|
||||
<td><?php echo $contact_roles_display ?></td>
|
||||
</tr>
|
||||
|
|
|
|||
|
|
@ -27,16 +27,31 @@ if (!isset($_GET['id']) && !intval($_GET['id'])) {
|
|||
}
|
||||
|
||||
$document_id = intval($_GET['id']);
|
||||
$sql_document = mysqli_query($mysqli, "SELECT document_id, document_name, document_content FROM documents WHERE document_id = $document_id AND document_client_id = $session_client_id AND document_template = 0 LIMIT 1");
|
||||
$sql_document = mysqli_query($mysqli, "SELECT document_id, document_name, document_content FROM documents WHERE document_id = $document_id AND document_client_id = $session_client_id AND document_template = 0 AND document_archived_at IS NULL LIMIT 1");
|
||||
|
||||
$row = mysqli_fetch_array($sql_document);
|
||||
|
||||
$document_id = intval($row['document_id']);
|
||||
$document_name = nullable_htmlentities($row['document_name']);
|
||||
$document_content = $purifier->purify($row['document_content']);
|
||||
if ($row) {
|
||||
$document_id = intval($row['document_id']);
|
||||
$document_name = nullable_htmlentities($row['document_name']);
|
||||
$document_content = $purifier->purify($row['document_content']);
|
||||
} else {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<ol class="breadcrumb d-print-none">
|
||||
<li class="breadcrumb-item">
|
||||
<a href="index.php">Home</a>
|
||||
</li>
|
||||
<li class="breadcrumb-item">
|
||||
<a href="documents.php">Documents</a>
|
||||
</li>
|
||||
<li class="breadcrumb-item active">Document</li>
|
||||
</ol>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-body prettyContent">
|
||||
<h3><?php echo $document_name; ?></h3>
|
||||
|
|
|
|||
|
|
@ -112,3 +112,22 @@ header("X-Frame-Options: DENY"); // Legacy
|
|||
<hr>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
//Alert Feedback
|
||||
if (!empty($_SESSION['alert_message'])) {
|
||||
if (!isset($_SESSION['alert_type'])) {
|
||||
$_SESSION['alert_type'] = "info";
|
||||
}
|
||||
?>
|
||||
<div class="alert alert-<?php echo $_SESSION['alert_type']; ?>" id="alert">
|
||||
<?php echo nullable_htmlentities($_SESSION['alert_message']); ?>
|
||||
<button class='close' data-dismiss='alert'>×</button>
|
||||
</div>
|
||||
<?php
|
||||
|
||||
unset($_SESSION['alert_type']);
|
||||
unset($_SESSION['alert_message']);
|
||||
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -287,3 +287,21 @@ if (isset($_POST['edit_profile'])) {
|
|||
}
|
||||
header('Location: index.php');
|
||||
}
|
||||
|
||||
if (isset($_POST['edit_contact'])) {
|
||||
$contact_id = intval($_POST['contact_id']);
|
||||
$contact_name = sanitizeInput($_POST['contact_name']);
|
||||
$contact_email = sanitizeInput($_POST['contact_email']);
|
||||
$contact_technical = intval($_POST['contact_technical']);
|
||||
$contact_billing = intval($_POST['contact_billing']);
|
||||
$contact_auth_method = sanitizeInput($_POST['contact_auth_method']);
|
||||
|
||||
mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$contact_name', contact_email = '$contact_email', contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$contact_auth_method' WHERE contact_id = $contact_id AND contact_client_id = $session_client_id AND contact_archived_at IS NULL AND contact_primary = 0");
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Client $session_contact_name modified contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $session_client_id, log_entity_id = $contact_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Contact updated";
|
||||
header('Location: contacts.php');
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ require_once 'inc_portal.php';
|
|||
<li class="breadcrumb-item active">New Ticket</li>
|
||||
</ol>
|
||||
|
||||
<h2>Raise a new ticket</h2>
|
||||
<h3>Raise a new ticket</h3>
|
||||
|
||||
<div class="col-md-8">
|
||||
<form action="portal_post.php" method="post">
|
||||
|
|
|
|||
Loading…
Reference in New Issue