AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More UI work and santitizeInput migrations

This commit is contained in:
johnnyq 2023-02-20 22:02:39 -05:00
parent cf08042a41
commit 95f190c89d
21 changed files with 223 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
account_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank"></i> New Account</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>New Account</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -52,8 +52,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_account" class="btn btn-primary text-bold"><i class="fa fa-fw fa-check"></i> Create</button>
<button type="submit" name="add_account" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
account_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank"></i> Editing account: <strong><?php echo $account_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Editing account: <strong><?php echo $account_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -28,8 +28,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_account" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_account" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

12
accounts.php
View File

@ -24,9 +24,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-piggy-bank"></i> Accounts</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Accounts</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAccountModal"><i class="fas fa-fw fa-plus"></i> New Account</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAccountModal"><i class="fas fa-plus mr-2"></i>New Account</button>
</div>
</div>
<div class="card-body">
@ -84,10 +84,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAccountModal<?php echo $account_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAccountModal<?php echo $account_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($balance == 0) { //Cannot Archive an Account until it reaches 0 Balance ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="post.php?archive_account=<?php echo $account_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?archive_account=<?php echo $account_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<?php } ?>
</div>
</div>

16
ajax.php
View File

@ -155,7 +155,7 @@ if (isset($_GET['network_get_json_details'])) {
if (isset($_POST['client_set_notes'])) {
$client_id = intval($_POST['client_id']);
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
$notes = sanitizeInput($_POST['notes']);
// Update notes
mysqli_query($mysqli, "UPDATE clients SET client_notes = '$notes' WHERE client_id = '$client_id'");
@ -167,7 +167,7 @@ if (isset($_POST['client_set_notes'])) {
if (isset($_POST['contact_set_notes'])) {
$contact_id = intval($_POST['contact_id']);
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
$notes = sanitizeInput($_POST['notes']);
// Update notes
mysqli_query($mysqli, "UPDATE contacts SET contact_notes = '$notes' WHERE contact_id = $contact_id");
@ -228,28 +228,28 @@ if (isset($_GET['share_generate_link'])) {
$item_encrypted_credential = ''; // Default empty
$client_id = intval($_GET['client_id']);
$item_type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['type'])));
$item_type = sanitizeInput($_GET['type']);
$item_id = intval($_GET['id']);
$item_note = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['note'])));
$item_note = sanitizeInput($_GET['note']);
$item_view_limit = intval($_GET['views']);
$item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['expires'])));
$item_expires = sanitizeInput($_GET['expires']);
$item_key = randomString(156);
if ($item_type == "Document") {
$row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = '$item_id' AND document_client_id = '$client_id' LIMIT 1"));
$item_name = strip_tags(mysqli_real_escape_string($mysqli, $row['document_name']));
$item_name = sanitizeInput($row['document_name']);
}
if ($item_type == "File") {
$row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = '$item_id' AND file_client_id = '$client_id' LIMIT 1"));
$item_name = strip_tags(mysqli_real_escape_string($mysqli, $row['file_name']));
$item_name = sanitizeInput($row['file_name']);
}
if ($item_type == "Login") {
$login = mysqli_query($mysqli, "SELECT login_name, login_username, login_password FROM logins WHERE login_id = '$item_id' AND login_client_id = '$client_id' LIMIT 1");
$row = mysqli_fetch_array($login);
$item_name = strip_tags(mysqli_real_escape_string($mysqli, $row['login_name']));
$item_name = sanitizeInput($row['login_name']);
// Decrypt & re-encrypt username/password for sharing
$login_encryption_key = randomString();

8
api_key_add_modal.php
View File

@ -5,7 +5,7 @@ $key = randomString(156);
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key"></i> New Key</h5>
<h5 class="modal-title"><i class="fa fa-key mr-2"></i>New Key</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -63,7 +63,7 @@ $key = randomString(156);
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']); ?>
<option value="<?php echo $client_id; ?>"><?php echo "$client_name (Client ID: $client_id)"; ?></option>
<?php } ?>
@ -73,8 +73,8 @@ $key = randomString(156);
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_api_key" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_api_key" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
calendar_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus"></i> New Calendar</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus mr-2"></i>New Calendar</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -32,8 +32,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_calendar" class="btn btn-primary">Save</button>
<button type="submit" name="add_calendar" class="btn btn-primary"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

16
calendar_event_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus"></i> New Event</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-calendar-plus mr-2"></i>New Event</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -12,13 +12,13 @@
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-event"><i class="fa fa-fw fa-calendar"></i> Event</a>
<a class="nav-link active" data-toggle="pill" href="#pills-event"><i class="fa fa-fw fa-calendar mr-2"></i>Event</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-more"><i class="fa fa-fw fa-info-circle"></i> More</a>
<a class="nav-link" data-toggle="pill" href="#pills-more"><i class="fa fa-fw fa-info-circle mr-2"></i>More</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-attendees"><i class="fa fa-fw fa-users"></i> Attendees</a>
<a class="nav-link" data-toggle="pill" href="#pills-attendees"><i class="fa fa-fw fa-users mr-2"></i>Attendees</a>
</li>
</ul>
@ -50,7 +50,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$calendar_id = $row['calendar_id'];
$calendar_id = intval($row['calendar_id']);
$calendar_name = htmlentities($row['calendar_name']);
$calendar_color = htmlentities($row['calendar_color']);
?>
@ -119,7 +119,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']);
$contact_email = htmlentities($row['contact_email']);
?>
@ -147,8 +147,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_event" class="btn btn-primary"><strong><i class="fa fa-check"></i> Create</strong></button>
<button type="submit" name="add_event" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

18
calendar_event_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar"></i> <?php echo $event_title; ?></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-calendar mr-2"></i><?php echo $event_title; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -15,13 +15,13 @@
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-event<?php echo $event_id; ?>"><i class="fa fa-fw fa-calendar"></i> Event</a>
<a class="nav-link active" data-toggle="pill" href="#pills-event<?php echo $event_id; ?>"><i class="fa fa-fw fa-calendar mr-2"></i>Event</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-more<?php echo $event_id; ?>"><i class="fa fa-fw fa-info-circle"></i> More</a>
<a class="nav-link" data-toggle="pill" href="#pills-more<?php echo $event_id; ?>"><i class="fa fa-fw fa-info-circle mr-2"></i>More</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-attendees<?php echo $event_id; ?>"><i class="fa fa-fw fa-users"></i> Attendees</a>
<a class="nav-link" data-toggle="pill" href="#pills-attendees<?php echo $event_id; ?>"><i class="fa fa-fw fa-users mr-2"></i>Attendees</a>
</li>
</ul>
@ -52,7 +52,7 @@
$sql_calendars_select = mysqli_query($mysqli, "SELECT * FROM calendars WHERE company_id = $session_company_id ORDER BY calendar_name ASC");
while ($row = mysqli_fetch_array($sql_calendars_select)) {
$calendar_id_select = $row['calendar_id'];
$calendar_id_select = intval($row['calendar_id']);
$calendar_name_select = htmlentities($row['calendar_name']);
$calendar_color_select = htmlentities($row['calendar_color']);
?>
@ -118,7 +118,7 @@
$sql_clients = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON primary_contact = contact_id WHERE clients.company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql_clients)) {
$client_id_select = $row['client_id'];
$client_id_select = intval($row['client_id']);
$client_name_select = htmlentities($row['client_name']);
$contact_email_select = htmlentities($row['contact_email']);
?>
@ -145,9 +145,9 @@
</div>
<div class="modal-footer bg-white">
<a href="post.php?delete_event=<?php echo $event_id; ?>" class="btn btn-danger mr-auto"><i class="fa fa-trash"></i> Delete</a>
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_event" class="btn btn-primary"><strong><i class="fa fa-check"></i> Update</button>
<a class="btn text-danger mr-auto" href="post.php?delete_event=<?php echo $event_id; ?>"><i class="fa fa-calendar-times mr-2"></i>Delete</a>
<button type="submit" name="edit_event" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
client_add_modal.php
View File

@ -274,7 +274,7 @@
$sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id'];
$tag_id_select = intval($row['tag_id']);
$tag_name_select = htmlentities($row['tag_name']);
$tag_color_select = htmlentities($row['tag_color']);
$tag_icon_select = htmlentities($row['tag_icon']);
@ -300,8 +300,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_client" class="btn btn-primary text-bold" onclick="promptPrimaryContact()"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_client" class="btn btn-primary text-bold" onclick="promptPrimaryContact()"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

12
client_edit_modal.php
View File

@ -140,7 +140,7 @@
$sql_tags_select = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_type = 1 AND company_id = $session_company_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_tags_select)) {
$tag_id_select = $row['tag_id'];
$tag_id_select = intval($row['tag_id']);
$tag_name_select = htmlentities($row['tag_name']);
$tag_color_select = htmlentities($row['tag_color']);
$tag_icon_select = htmlentities($row['tag_icon']);
@ -150,9 +150,9 @@
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="tagCheckbox<?php echo "$tag_id_select$client_id"; ?>" name="tags[]" value="<?php echo $tag_id_select; ?>" <?php if (in_array($tag_id_select, $client_tag_id_array)) { echo "checked"; } ?>>
<label for="tagCheckbox<?php echo "$tag_id_select$client_id"; ?>" class="custom-control-label">
<span class="badge bg-<?php echo $tag_color_select; ?>">
<?php echo "<i class='fa fw fa-$tag_icon_select'></i>"; ?> <?php echo $tag_name_select; ?>
</span>
<span class="badge bg-<?php echo $tag_color_select; ?>">
<?php echo "<i class='fa fw fa-$tag_icon_select'></i>"; ?> <?php echo $tag_name_select; ?>
</span>
</label>
</div>
</li>
@ -166,8 +166,8 @@
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_client" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_client" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

14
clients.php
View File

@ -201,7 +201,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$contact_email = htmlentities($row['contact_email']);
$client_website = htmlentities($row['client_website']);
$client_currency_code = htmlentities($row['client_currency_code']);
$client_net_terms = htmlentities($row['client_net_terms']);
$client_net_terms = intval($row['client_net_terms']);
$client_referral = htmlentities($row['client_referral']);
$client_notes = htmlentities($row['client_notes']);
$client_created_at = date('Y-m-d', strtotime($row['client_created_at']));
@ -331,11 +331,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editClientModal<?php echo $client_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editClientModal<?php echo $client_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?archive_client=<?php echo $client_id; ?>">Archive</a>
<a class="dropdown-item text-danger" href="post.php?archive_client=<?php echo $client_id; ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="#" data-toggle="modal" data-target="#deleteClientModal<?php echo $client_id; ?>">Delete</a>
<a class="dropdown-item text-danger text-bold" href="#" data-toggle="modal" data-target="#deleteClientModal<?php echo $client_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>

16
cron.php
View File

@ -82,6 +82,9 @@ while ($row = mysqli_fetch_array($sql_companies)) {
// Clean-up old dismissed notifications
mysqli_query($mysqli, "DELETE FROM notifications WHERE notification_dismissed_at < CURDATE() - INTERVAL 90 DAY");
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron cleaned up old data', company_id = $company_id");
/*
@ -158,6 +161,8 @@ while ($row = mysqli_fetch_array($sql_companies)) {
}
}
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron created notifications for domain expiring', company_id = $company_id");
// CERTIFICATES EXPIRING
@ -187,6 +192,8 @@ while ($row = mysqli_fetch_array($sql_companies)) {
}
}
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron created notifications for certificates expiring', company_id = $company_id");
// Asset Warranties Expiring
@ -215,6 +222,8 @@ while ($row = mysqli_fetch_array($sql_companies)) {
}
}
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron created notifications for asset warranties expiring', company_id = $company_id");
// Scheduled tickets
@ -328,7 +337,8 @@ while ($row = mysqli_fetch_array($sql_companies)) {
}
}
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron created sent out scheduled tickets', company_id = $company_id");
// PAST DUE INVOICE Notifications
//$invoiceAlertArray = [$config_invoice_overdue_reminders];
@ -397,6 +407,8 @@ while ($row = mysqli_fetch_array($sql_companies)) {
}
}
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron created notifications for past due invoices and sent out notifications to the primary contacts email', company_id = $company_id");
//Send Recurring Invoices that match todays date and are active
@ -515,6 +527,8 @@ while ($row = mysqli_fetch_array($sql_companies)) {
} //End if Autosend is on
} //End Recurring Invoices Loop
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron created invoices from recurring invoices and sent emails out', company_id = $company_id");
// TELEMETRY

3
post.php
View File

@ -4137,7 +4137,7 @@ if(isset($_GET['email_invoice'])){
);
$row = mysqli_fetch_array($sql);
$invoice_id = $row['invoice_id'];
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = $row['invoice_prefix'];
$invoice_number = $row['invoice_number'];
$invoice_status = $row['invoice_status'];
@ -4148,7 +4148,6 @@ if(isset($_GET['email_invoice'])){
$invoice_currency_code = $row['invoice_currency_code'];
$client_id = $row['client_id'];
$client_name = $row['client_name'];
$client_name = $row['client_name'];
$contact_name = $row['contact_name'];
$contact_email = $row['contact_email'];
$contact_phone = formatPhoneNumber($row['contact_phone']);

148
ticket.php
View File

@ -24,10 +24,11 @@ if (isset($_GET['ticket_id'])) {
} else {
$row = mysqli_fetch_array($sql);
$client_id = $row['client_id'];
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']);
$client_type = htmlentities($row['client_type']);
$client_website = htmlentities($row['client_website']);
$client_net_terms = htmlentities($row['client_net_terms']);
if ($client_net_terms == 0) {
$client_net_terms = $config_default_net_terms;
@ -39,22 +40,6 @@ if (isset($_GET['ticket_id'])) {
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = $row['ticket_details'];
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_feedback = htmlentities($row['ticket_feedback']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_date = date('Y-m-d', strtotime($ticket_created_at));
$ticket_updated_at = $row['ticket_updated_at'];
$ticket_closed_at = $row['ticket_closed_at'];
$ticket_created_by = $row['ticket_created_by'];
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
} elseif ($ticket_status == "Working") {
$ticket_status_display = "<span class='p-2 badge badge-success'>$ticket_status</span>";
} else {
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
}
//Set Ticket Bage Color based of priority
if ($ticket_priority == "High") {
$ticket_priority_display = "<span class='p-2 badge badge-danger'>$ticket_priority</span>";
@ -65,8 +50,36 @@ if (isset($_GET['ticket_id'])) {
} else {
$ticket_priority_display = "-";
}
$ticket_feedback = htmlentities($row['ticket_feedback']);
$ticket_status = htmlentities($row['ticket_status']);
if ($ticket_status == "Open") {
$ticket_status_display = "<span class='p-2 badge badge-primary'>$ticket_status</span>";
} elseif ($ticket_status == "Working") {
$ticket_status_display = "<span class='p-2 badge badge-success'>$ticket_status</span>";
} else {
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
}
$ticket_created_at = htmlentities($row['ticket_created_at']);
$ticket_date = date('Y-m-d', strtotime($ticket_created_at));
$ticket_updated_at = htmlentities($row['ticket_updated_at']);
$ticket_closed_at = htmlentities($row['ticket_closed_at']);
$ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) {
$ticket_assigned_to_display = "<span class='text-danger'>Not Assigned</span>";
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
$contact_id = $row['contact_id'];
//Ticket Created By
$ticket_created_by = intval($row['ticket_created_by']);
$ticket_created_by_sql = mysqli_query($mysqli, "SELECT user_name FROM users WHERE user_id = $ticket_created_by");
$row = mysqli_fetch_array($ticket_created_by_sql);
$ticket_created_by_display = htmlentities($row['user_name']);
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']);
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
@ -74,7 +87,22 @@ if (isset($_GET['ticket_id'])) {
$contact_extension = htmlentities($row['contact_extension']);
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
$asset_id = $row['asset_id'];
if ($contact_id) {
//Get Contact Ticket Stats
$ticket_related_open = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_related_open FROM tickets WHERE ticket_status != 'Closed' AND ticket_contact_id = $contact_id ");
$row = mysqli_fetch_array($ticket_related_open);
$ticket_related_open = intval($row['ticket_related_open']);
$ticket_related_closed = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_related_closed FROM tickets WHERE ticket_status = 'Closed' AND ticket_contact_id = $contact_id ");
$row = mysqli_fetch_array($ticket_related_closed);
$ticket_related_closed = intval($row['ticket_related_closed']);
$ticket_related_total = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_related_total FROM tickets WHERE ticket_contact_id = $contact_id ");
$row = mysqli_fetch_array($ticket_related_total);
$ticket_related_total = intval($row['ticket_related_total']);
}
$asset_id = intval($row['asset_id']);
$asset_ip = htmlentities($row['asset_ip']);
$asset_name = htmlentities($row['asset_name']);
$asset_type = htmlentities($row['asset_type']);
@ -82,9 +110,9 @@ if (isset($_GET['ticket_id'])) {
$asset_model = htmlentities($row['asset_model']);
$asset_serial = htmlentities($row['asset_serial']);
$asset_os = htmlentities($row['asset_os']);
$asset_warranty_expire = $row['asset_warranty_expire'];
$asset_warranty_expire = htmlentities($row['asset_warranty_expire']);
$vendor_id = $row['ticket_vendor_id'];
$vendor_id = intval($row['ticket_vendor_id']);
$vendor_name = htmlentities($row['vendor_name']);
$vendor_description = htmlentities($row['vendor_description']);
$vendor_account_number = htmlentities($row['vendor_account_number']);
@ -105,45 +133,10 @@ if (isset($_GET['ticket_id'])) {
$location_zip = htmlentities($row['location_zip']);
$location_phone = formatPhoneNumber($row['location_phone']);
$ticket_assigned_to = $row['ticket_assigned_to'];
if (empty($ticket_assigned_to)) {
$ticket_assigned_to_display = "<span class='text-danger'>Not Assigned</span>";
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
//Ticket Created By
$ticket_created_by = $row['ticket_created_by'];
$ticket_created_by_sql = mysqli_query($mysqli, "SELECT user_name FROM users WHERE user_id = $ticket_created_by");
$row = mysqli_fetch_array($ticket_created_by_sql);
$ticket_created_by_display = htmlentities($row['user_name']);
//Ticket Assigned To
if (empty($ticket_assigned_to)) {
$ticket_assigned_to_display = "<span class='text-danger'>Not Assigned</span>";
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
if ($contact_id) {
//Get Contact Ticket Stats
$ticket_related_open = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_related_open FROM tickets WHERE ticket_status != 'Closed' AND ticket_contact_id = $contact_id ");
$row = mysqli_fetch_array($ticket_related_open);
$ticket_related_open = $row['ticket_related_open'];
$ticket_related_closed = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_related_closed FROM tickets WHERE ticket_status = 'Closed' AND ticket_contact_id = $contact_id ");
$row = mysqli_fetch_array($ticket_related_closed);
$ticket_related_closed = $row['ticket_related_closed'];
$ticket_related_total = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_related_total FROM tickets WHERE ticket_contact_id = $contact_id ");
$row = mysqli_fetch_array($ticket_related_total);
$ticket_related_total = $row['ticket_related_total'];
}
//Get Total Ticket Time
$ticket_total_reply_time = mysqli_query($mysqli, "SELECT SEC_TO_TIME(SUM(TIME_TO_SEC(ticket_reply_time_worked))) AS ticket_total_reply_time FROM ticket_replies WHERE ticket_reply_archived_at IS NULL AND ticket_reply_ticket_id = $ticket_id");
$row = mysqli_fetch_array($ticket_total_reply_time);
$ticket_total_reply_time = $row['ticket_total_reply_time'];
$ticket_total_reply_time = htmlentities($row['ticket_total_reply_time']);
//Client Tags
$client_tag_name_display_array = array();
@ -151,7 +144,7 @@ if (isset($_GET['ticket_id'])) {
$sql_client_tags = mysqli_query($mysqli, "SELECT * FROM client_tags LEFT JOIN tags ON client_tags.tag_id = tags.tag_id WHERE client_tags.client_id = $client_id");
while ($row = mysqli_fetch_array($sql_client_tags)) {
$client_tag_id = $row['tag_id'];
$client_tag_id = intval($row['tag_id']);
$client_tag_name = htmlentities($row['tag_name']);
$client_tag_color = htmlentities($row['tag_color']);
$client_tag_icon = htmlentities($row['tag_icon']);
@ -189,11 +182,16 @@ if (isset($_GET['ticket_id'])) {
}
// Get technicians to assign the ticket to
$sql_assign_to_select = mysqli_query($mysqli, "SELECT users.user_id, user_name FROM users
LEFT JOIN user_companies ON users.user_id = user_companies.user_id
LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_companies.company_id = $session_company_id
AND user_role > 1 AND user_archived_at IS NULL ORDER BY user_name ASC");
$sql_assign_to_select = mysqli_query(
$mysqli,
"SELECT users.user_id, user_name FROM users
LEFT JOIN user_companies ON users.user_id = user_companies.user_id
LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_companies.company_id = $session_company_id
AND user_role > 1
AND user_archived_at IS NULL
ORDER BY user_name ASC"
);
?>
@ -303,21 +301,21 @@ if (isset($_GET['ticket_id'])) {
<?php
while ($row = mysqli_fetch_array($sql_ticket_replies)) {
$ticket_reply_id = $row['ticket_reply_id'];
$ticket_reply_id = intval($row['ticket_reply_id']);
$ticket_reply = $row['ticket_reply'];
$ticket_reply_type = htmlentities($row['ticket_reply_type']);
$ticket_reply_created_at = $row['ticket_reply_created_at'];
$ticket_reply_updated_at = $row['ticket_reply_updated_at'];
$ticket_reply_by = $row['ticket_reply_by'];
$ticket_reply_created_at = htmlentities($row['ticket_reply_created_at']);
$ticket_reply_updated_at = htmlentities($row['ticket_reply_updated_at']);
$ticket_reply_by = intval($row['ticket_reply_by']);
if ($ticket_reply_type == "Client") {
$ticket_reply_by_display = htmlentities($row['contact_name']);
$user_initials = initials($row['contact_name']);
$user_avatar = $row['contact_photo'];
$user_avatar = htmlentities($row['contact_photo']);
$avatar_link = "uploads/clients/$session_company_id/$client_id/$user_avatar";
} else {
$ticket_reply_by_display = htmlentities($row['user_name']);
$user_id = $row['user_id'];
$user_id = intval($row['user_id']);
$user_avatar = htmlentities($row['user_avatar']);
$user_initials = initials($row['user_name']);
$avatar_link = "uploads/users/$user_id/$user_avatar";
@ -475,7 +473,7 @@ if (isset($_GET['ticket_id'])) {
<?php }
if (!empty($asset_ip)) { ?>
<i class="fa fa-fw fa-network-wired text-secondary ml-1 mr-2 mb-2"></i><?php echo "$asset_ip"; ?>
<i class="fa fa-fw fa-network-wired text-secondary ml-1 mr-2 mb-2"></i><?php echo $asset_ip; ?>
<br>
<?php }
@ -512,13 +510,13 @@ if (isset($_GET['ticket_id'])) {
<?php
// Query is run from client_assets.php
while ($row = mysqli_fetch_array($sql_asset_tickets)) {
$service_ticket_id = $row['ticket_id'];
$service_ticket_id = intval($row['ticket_id']);
$service_ticket_prefix = htmlentities($row['ticket_prefix']);
$service_ticket_number = $row['ticket_number'];
$service_ticket_number = intval($row['ticket_number']);
$service_ticket_subject = htmlentities($row['ticket_subject']);
$service_ticket_status = htmlentities($row['ticket_status']);
$service_ticket_created_at = $row['ticket_created_at'];
$service_ticket_updated_at = $row['ticket_updated_at'];
$service_ticket_created_at = htmlentities($row['ticket_created_at']);
$service_ticket_updated_at = htmlentities($row['ticket_updated_at']);
?>
<p>
<i class="fas fa-fw fa-ticket-alt"></i>
@ -592,7 +590,7 @@ if (isset($_GET['ticket_id'])) {
<?php
while ($row = mysqli_fetch_array($sql_assign_to_select)) {
$user_id = $row['user_id'];
$user_id = intval($row['user_id']);
$user_name = htmlentities($row['user_name']); ?>
<option <?php if ($ticket_assigned_to == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php } ?>

32
ticket_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring"></i> New Ticket</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>New Ticket</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -13,16 +13,16 @@
<?php if (isset($_GET['client_id'])) { ?>
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details"><i class="fa fa-fw fa-life-ring"></i> Details</a>
<a class="nav-link active" data-toggle="pill" href="#pills-details"><i class="fa fa-fw fa-life-ring mr-2"></i>Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-contacts"><i class="fa fa-fw fa-users"></i> Contacts</a>
<a class="nav-link" data-toggle="pill" href="#pills-contacts"><i class="fa fa-fw fa-users mr-2"></i>Contacts</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-assets"><i class="fa fa-fw fa-desktop"></i> Assets</a>
<a class="nav-link" data-toggle="pill" href="#pills-assets"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-vendors"><i class="fa fa-fw fa-building"></i> Vendors</a>
<a class="nav-link" data-toggle="pill" href="#pills-vendors"><i class="fa fa-fw fa-building mr-2"></i>Vendors</a>
</li>
</ul>
@ -62,7 +62,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE company_id = $session_company_id ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$client_id = $row['client_id'];
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']); ?>
<option value="<?php echo $client_id; ?>"><?php echo "$client_name"; ?></option>
@ -100,13 +100,13 @@
$sql = mysqli_query(
$mysqli,
"SELECT users.user_id, user_name FROM users
LEFT JOIN user_companies ON users.user_id = user_companies.user_id
LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_companies.company_id = $session_company_id
AND user_role > 1 AND user_archived_at IS NULL ORDER BY user_name ASC"
LEFT JOIN user_companies ON users.user_id = user_companies.user_id
LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_companies.company_id = $session_company_id
AND user_role > 1 AND user_archived_at IS NULL ORDER BY user_name ASC"
);
while ($row = mysqli_fetch_array($sql)) {
$user_id = $row['user_id'];
$user_id = intval($row['user_id']);
$user_name = htmlentities($row['user_name']); ?>
<option <?php if ($session_user_id == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php } ?>
@ -132,7 +132,7 @@
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id AND contact_archived_at IS NULL ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$contact_id = $row['contact_id'];
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']); ?>
<option value="<?php echo $contact_id; ?>" <?php if ($primary_contact == $contact_id) { echo "selected"; } ?>><?php echo "$contact_name"; ?></option>
@ -156,7 +156,7 @@
$sql_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id AND asset_archived_at IS NULL ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = $row['asset_id'];
$asset_id_select = intval($row['asset_id']);
$asset_name_select = htmlentities($row['asset_name']); ?>
<option value="<?php echo $asset_id_select; ?>"><?php echo $asset_name_select; ?></option>
@ -181,7 +181,7 @@
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = htmlentities($row['vendor_name']); ?>
<option value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
@ -198,8 +198,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_ticket" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
<button type="submit" name="add_ticket" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

22
ticket_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring"></i> Editing ticket: <strong><?php echo "$ticket_prefix$ticket_number"; ?></strong> - <?php echo $client_name; ?></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>Editing ticket: <strong><?php echo "$ticket_prefix$ticket_number"; ?></strong> - <?php echo $client_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -15,16 +15,16 @@
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-life-ring"></i> Details</a>
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-life-ring mr-2"></i>Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-contacts<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-users"></i> Contacts</a>
<a class="nav-link" data-toggle="pill" href="#pills-contacts<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-users mr-2"></i>Contacts</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-assets<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-desktop"></i> Assets</a>
<a class="nav-link" data-toggle="pill" href="#pills-assets<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-vendors<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-building"></i> Vendors</a>
<a class="nav-link" data-toggle="pill" href="#pills-vendors<?php echo $ticket_id; ?>"><i class="fa fa-fw fa-building mr-2"></i>Vendors</a>
</li>
</ul>
@ -81,7 +81,7 @@
AND user_role > 1 AND user_archived_at IS NULL ORDER BY user_name ASC"
);
while ($row = mysqli_fetch_array($sql_assign_to_select)) {
$user_id = $row['user_id'];
$user_id = intval($row['user_id']);
$user_name = htmlentities($row['user_name']);
?>
<option <?php if ($ticket_assigned_to == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
@ -109,7 +109,7 @@
$sql_client_contacts_select = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
while ($row = mysqli_fetch_array($sql_client_contacts_select)) {
$contact_id_select = $row['contact_id'];
$contact_id_select = intval($row['contact_id']);
$contact_name_select = htmlentities($row['contact_name']);
?>
<option <?php if ($contact_id_select == $contact_id) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option>
@ -137,7 +137,7 @@
$sql_assets = mysqli_query($mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = $row['asset_id'];
$asset_id_select = intval($row['asset_id']);
$asset_name_select = htmlentities($row['asset_name']);
?>
<option <?php if (!empty($asset_id) && $asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo $asset_name_select; ?></option>
@ -165,7 +165,7 @@
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = $row['vendor_id'];
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = htmlentities($row['vendor_name']);
?>
<option <?php if (!empty($vendor_id) && $vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
@ -184,8 +184,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_ticket" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="edit_ticket" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>

22
ticket_invoice_add_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file"></i> Invoice ticket</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-invoice-dollar mr-2"></i>Invoice ticket</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -25,14 +25,14 @@
$sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_status NOT LIKE 'Paid' AND invoice_client_id = $client_id AND company_id = $session_company_id ORDER BY invoice_number ASC");
while ($row = mysqli_fetch_array($sql_invoices)) {
$invoice_id = $row['invoice_id'];
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = $row['invoice_number'];
$invoice_number = intval($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
$invoice_satus = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = $row['invoice_amount'];
$invoice_date = htmlentities($row['invoice_date']);
$invoice_due = htmlentities($row['invoice_due']);
$invoice_amount = floatval($row['invoice_amount']);
?>
<option value="<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number $invoice_scope"; ?></option>
@ -66,7 +66,7 @@
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL AND company_id = $session_company_id ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_id = $row['category_id'];
$category_id = intval($row['category_id']);
$category_name = htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
@ -153,9 +153,9 @@
$taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE (tax_archived_at > '$item_created_at' OR tax_archived_at IS NULL) AND company_id = $session_company_id ORDER BY tax_name ASC");
while ($row = mysqli_fetch_array($taxes_sql)) {
$tax_id_select = $row['tax_id'];
$tax_id_select = intval($row['tax_id']);
$tax_name = htmlentities($row['tax_name']);
$tax_percent = $row['tax_percent'];
$tax_percent = floatval($row['tax_percent']);
?>
<option <?php if ($tax_id_select == $tax_id) { echo "selected"; } ?> value="<?php echo $tax_id_select; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
@ -169,8 +169,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="add_invoice_from_ticket" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create Invoice</button>
<button type="submit" name="add_invoice_from_ticket" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create Invoice</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

6
ticket_merge_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-md">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring"></i> Merge & Close <?php echo "$ticket_prefix$ticket_number"; ?> into another ticket</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>Merge & Close <?php echo "$ticket_prefix$ticket_number"; ?> into another ticket</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -50,8 +50,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" id="merge_ticket_btn" name="merge_ticket" class="btn btn-primary" disabled>Merge</button>
<button type="submit" id="merge_ticket_btn" name="merge_ticket" class="btn btn-primary text-bold" disabled><i class="fa fa-check mr-2"></i>Merge</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
<!-- Merge button starts disabled. Is enabled by the merge_into_number_get_details Javascript function-->
</div>
</form>

9
ticket_reply_edit_modal.php
View File

@ -2,7 +2,7 @@
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-edit"></i> Editing Ticket Reply</h5>
<h5 class="modal-title"><i class="fa fa-fw fa-edit mr-2"></i>Editing Ticket Reply</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
@ -18,9 +18,10 @@
</div>
<?php if (!empty($ticket_reply_time_worked)) { ?>
<b>Time worked</b>
<div class="col-3">
<div class="form-group">
<label>Time worked</label>
<input class="form-control timepicker" id="time_worked" name="time" type="time" step="1" value="<?php echo date_format($ticket_reply_time_worked, 'H:i:s') ?>"/>
</div>
</div>
@ -28,8 +29,8 @@
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_ticket_reply" class="btn btn-primary">Save</button>
<button type="submit" name="edit_ticket_reply" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>

44
tickets.php
View File

@ -12,13 +12,13 @@ if (isset($_GET['p'])) {
}
if (isset($_GET['q'])) {
$q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
$q = sanitizeInput($_GET['q']);
} else {
$q = "";
}
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
$sb = sanitizeInput($_GET['sb']);
} else {
$sb = "ticket_number";
}
@ -59,8 +59,7 @@ if (isset($_GET['assigned']) & !empty($_GET['assigned'])) {
} else {
$ticket_assigned_filter = intval($_GET['assigned']);
}
}
else{
} else {
// Default - any
$ticket_assigned_filter = '';
}
@ -74,8 +73,8 @@ if (empty($_GET['canned_date'])) {
}
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
$dtf = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtf']));
$dtt = strip_tags(mysqli_real_escape_string($mysqli, $_GET['dtt']));
$dtf = sanitizeInput($_GET['dtf']);
$dtt = sanitizeInput($_GET['dtt']);
} elseif ($_GET['canned_date'] == "today") {
$dtf = date('Y-m-d');
$dtt = date('Y-m-d');
@ -132,22 +131,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
//Get Total tickets open
$sql_total_tickets_open = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS total_tickets_open FROM tickets WHERE ticket_status != 'Closed' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_tickets_open);
$total_tickets_open = $row['total_tickets_open'];
$total_tickets_open = intval($row['total_tickets_open']);
//Get Total tickets closed
$sql_total_tickets_closed = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS total_tickets_closed FROM tickets WHERE ticket_status = 'Closed' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_tickets_closed);
$total_tickets_closed = $row['total_tickets_closed'];
$total_tickets_closed = intval($row['total_tickets_closed']);
//Get Unassigned tickets
$sql_total_tickets_unassigned = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS total_tickets_unassigned FROM tickets WHERE ticket_assigned_to = '0' AND ticket_status != 'Closed' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_tickets_unassigned);
$total_tickets_unassigned = $row['total_tickets_unassigned'];
$total_tickets_unassigned = intval($row['total_tickets_unassigned']);
//Get Total tickets assigned to me
$sql_total_tickets_assigned = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS total_tickets_assigned FROM tickets WHERE ticket_assigned_to = $session_user_id AND ticket_status != 'Closed' AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql_total_tickets_assigned);
$user_active_assigned_tickets = $row['total_tickets_assigned'];
$user_active_assigned_tickets = intval($row['total_tickets_assigned']);
?>
<style>
@ -157,7 +156,7 @@ $user_active_assigned_tickets = $row['total_tickets_assigned'];
</style>
<div class="card card-dark elevation-3">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring"></i> Tickets
<h3 class="card-title mt-2"><i class="fa fa-fw fa-life-ring mr-2"></i>Tickets
<small class="ml-3">
<a href="?status=Open" class="text-white"><strong><?php echo $total_tickets_open; ?></strong> Open</a> |
<a href="?status=Closed" class="text-white"><strong><?php echo $total_tickets_closed; ?></strong> Closed</a>
@ -171,7 +170,7 @@ $user_active_assigned_tickets = $row['total_tickets_assigned'];
<div class='card-tools'>
<div class="float-left">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketModal">
<i class="fas fa-fw fa-plus"></i> New Ticket
<i class="fas fa-plus mr-2"></i>New Ticket
</button>
</div>
</div>
@ -182,7 +181,7 @@ $user_active_assigned_tickets = $row['total_tickets_assigned'];
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {
echo strip_tags(htmlentities($q));
echo stripslashes(htmlentities($q));
} ?>" placeholder="Search Tickets">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse"
@ -287,7 +286,7 @@ $user_active_assigned_tickets = $row['total_tickets_assigned'];
<?php
$sql_assign_to = mysqli_query($mysqli, "SELECT * FROM users WHERE user_archived_at IS NULL ORDER BY user_name ASC");
while ($row = mysqli_fetch_array($sql_assign_to)) {
$user_id = $row['user_id'];
$user_id = intval($row['user_id']);
$user_name = htmlentities($row['user_name']);
?>
<option <?php if ($ticket_assigned_filter == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
@ -339,29 +338,28 @@ $user_active_assigned_tickets = $row['total_tickets_assigned'];
<?php
while ($row = mysqli_fetch_array($sql)) {
$ticket_id = $row['ticket_id'];
$ticket_id = intval($row['ticket_id']);
$ticket_prefix = htmlentities($row['ticket_prefix']);
$ticket_number = htmlentities($row['ticket_number']);
$ticket_subject = htmlentities($row['ticket_subject']);
$ticket_details = htmlentities($row['ticket_details']);
$ticket_priority = htmlentities($row['ticket_priority']);
$ticket_status = htmlentities($row['ticket_status']);
$ticket_created_at = $row['ticket_created_at'];
$ticket_updated_at = $row['ticket_updated_at'];
$ticket_created_at = htmlentities($row['ticket_created_at']);
$ticket_updated_at = htmlentities($row['ticket_updated_at']);
if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>";
}
else{
} else {
$ticket_updated_at_display = "<p class='text-danger'>Never</p>";
}
} else {
$ticket_updated_at_display = $ticket_updated_at;
}
$ticket_closed_at = $row['ticket_closed_at'];
$client_id = $row['client_id'];
$ticket_closed_at = htmlentities($row['ticket_closed_at']);
$client_id = intval($row['client_id']);
$client_name = htmlentities($row['client_name']);
$contact_id = $row['contact_id'];
$contact_id = intval($row['contact_id']);
$contact_name = htmlentities($row['contact_name']);
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
@ -383,7 +381,7 @@ $user_active_assigned_tickets = $row['total_tickets_assigned'];
}else{
$ticket_priority_color = "info";
}
$ticket_assigned_to = $row['ticket_assigned_to'];
$ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) {
if ($ticket_status == "Closed") {
$ticket_assigned_to_display = "<p>Not Assigned</p>";

4
top_nav.php
View File

@ -46,10 +46,10 @@
<div class="dropdown-divider"></div>
<?php
while ($row = mysqli_fetch_array($sql_notifications)) {
$notification_id = $row['notification_id'];
$notification_id = intval($row['notification_id']);
$notification_type = htmlentities($row['notification_type']);
$notification = htmlentities($row['notification']);
$notification_timestamp = $row['notification_timestamp'];
$notification_timestamp = htmlentities($row['notification_timestamp']);
?>
<a href="post.php?dismiss_notification=<?php echo $notification_id; ?>" class="dropdown-item">