Merge pull request #610 from wrongecho/minor-fixes

Minor changes/fixes
2023-02-08 14:54:15 -05:00 · 2023-02-08 14:54:15 -05:00 · 9e549adb7e
parent b1e2f15148 78aca0f615
commit 9e549adb7e
10 changed files with 1977 additions and 1982 deletions
--- a/functions.php
+++ b/functions.php
@ -390,7 +390,7 @@ function getDomainRecords($name) {
        return $records;
    }

-    $domain = escapeshellarg($name);
+    $domain = escapeshellarg(str_replace('www.', '', $name));
    $records['a'] = substr(trim(strip_tags(shell_exec("dig +short $domain"))), 0, 254);
    $records['ns'] = substr(trim(strip_tags(shell_exec("dig +short NS $domain"))), 0, 254);
    $records['mx'] = substr(trim(strip_tags(shell_exec("dig +short MX $domain"))), 0, 254);
--- a/guest_ajax.php
+++ b/guest_ajax.php
@ -68,7 +68,7 @@ if (isset($_GET['stripe_create_pi'])) {
    }

    $config_stripe_secret = $row['config_stripe_secret'];
-    $pi_description = "ITFlow: $client_name payment of $invoice_currency_code $balance_to_pay for $client_name";
+    $pi_description = "ITFlow: $client_name payment of $invoice_currency_code $balance_to_pay for $invoice_prefix$invoice_number";

    // Create a PaymentIntent with amount, currency and client details
    try {
--- a/guest_header.php
+++ b/guest_header.php
@ -6,7 +6,9 @@ require_once("functions.php");
 session_start();

 $ip = trim(strip_tags(mysqli_real_escape_string($mysqli, getIP())));
-$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
+$ua = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
+$os = strip_tags(mysqli_real_escape_string($mysqli, getOS($ua)));
+$browser = strip_tags(mysqli_real_escape_string($mysqli, getWebBrowser($ua)));

 ?>

--- a/guest_pay_invoice_stripe.php
+++ b/guest_pay_invoice_stripe.php
@ -13,9 +13,6 @@ $config_stripe_publishable = htmlentities($stripe_vars['config_stripe_publishabl
 $config_stripe_secret = htmlentities($stripe_vars['config_stripe_secret']);
 $config_stripe_account = intval($stripe_vars['config_stripe_account']);

-$os = trim(strip_tags(mysqli_real_escape_string($mysqli, getOS($user_agent))));
-$browser = trim(strip_tags(mysqli_real_escape_string($mysqli, getWebBrowser($user_agent))));
-
 // Check Stripe is configured
 if ($config_stripe_enable == 0 || $config_stripe_account == 0 || empty($config_stripe_publishable) || empty($config_stripe_secret)) {
    echo "<br><h2>Stripe payments not enabled/configured</h2>";
@ -223,7 +220,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
    $client_name = htmlentities($row['client_name']);
    $contact_name = $row['contact_name'];
    $contact_email = $row['contact_email'];
-    $company_name = htmlentities($row['company_name']);
+    $company_name = mysqli_real_escape_string($mysqli, htmlentities($row['company_name']));
    $company_phone = htmlentities($row['company_phone']);
    $company_locale = htmlentities($row['company_locale']);

@ -250,6 +247,9 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
    mysqli_query($mysqli, "INSERT INTO payments SET payment_date = '$pi_date', payment_amount = '$pi_amount_paid', payment_currency_code = '$pi_currency', payment_account_id = $config_stripe_account, payment_method = 'Stripe', payment_reference = 'Stripe - $pi_id', payment_invoice_id = $invoice_id, company_id = $invoice_company_id");
    mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Paid', history_description = 'Payment added - $ip - $os - $browser', history_invoice_id = $invoice_id, company_id = $invoice_company_id");

+    // Notify
+    mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Invoice Paid', notification = 'Invoice $invoice_prefix$invoice_number has been paid - $ip - $os - $browser', notification_timestamp = NOW(), notification_client_id = $pi_client_id, company_id = $invoice_company_id");
+
    // Logging
    $extended_log_desc = '';
    if (!$pi_livemode) {
--- a/guest_view_invoice.php
+++ b/guest_view_invoice.php
--- a/guest_view_quote.php
+++ b/guest_view_quote.php
--- a/invoice.php
+++ b/invoice.php
@ -6,482 +6,488 @@ if (isset($_GET['invoice_id'])) {

    $invoice_id = intval($_GET['invoice_id']);

-    $sql = mysqli_query($mysqli, "SELECT * FROM invoices 
-    LEFT JOIN clients ON invoice_client_id = client_id
-    LEFT JOIN locations ON primary_location = location_id
-    LEFT JOIN contacts ON primary_contact = contact_id
-    LEFT JOIN companies ON invoices.company_id = companies.company_id
-    WHERE invoice_id = $invoice_id"
+    $sql = mysqli_query(
+        $mysqli,
+        "SELECT * FROM invoices
+        LEFT JOIN clients ON invoice_client_id = client_id
+        LEFT JOIN locations ON primary_location = location_id
+        LEFT JOIN contacts ON primary_contact = contact_id
+        LEFT JOIN companies ON invoices.company_id = companies.company_id
+        WHERE invoice_id = $invoice_id"
    );

    if (mysqli_num_rows($sql) == 0) {
-        echo "<center><h1 class='text-secondary mt-5'>Nothing to see here</h1></center>";
-    } else {
+        echo '<h1 class="text-secondary mt-5" style="text-align: center">Nothing to see here</h1>';
+        require_once("footer.php");
+        exit();
+    }

-        $row = mysqli_fetch_array($sql);
-        $invoice_id = $row['invoice_id'];
-        $invoice_prefix = htmlentities($row['invoice_prefix']);
-        $invoice_number = htmlentities($row['invoice_number']);
-        $invoice_scope = htmlentities($row['invoice_scope']);
-        $invoice_status = htmlentities($row['invoice_status']);
-        $invoice_date = $row['invoice_date'];
-        $invoice_due = $row['invoice_due'];
-        $invoice_amount = floatval($row['invoice_amount']);
-        $invoice_currency_code = htmlentities($row['invoice_currency_code']);
-        $invoice_note = htmlentities($row['invoice_note']);
-        $invoice_url_key = htmlentities($row['invoice_url_key']);
-        $invoice_created_at = $row['invoice_created_at'];
-        $category_id = $row['invoice_category_id'];
-        $client_id = $row['client_id'];
-        $client_name = htmlentities($row['client_name']);
-        $location_address = htmlentities($row['location_address']);
-        $location_city = htmlentities($row['location_city']);
-        $location_state = htmlentities($row['location_state']);
-        $location_zip = htmlentities($row['location_zip']);
-        $contact_email = htmlentities($row['contact_email']);
-        $contact_phone = formatPhoneNumber($row['contact_phone']);
-        $contact_extension = htmlentities($row['contact_extension']);
-        $contact_mobile = formatPhoneNumber($row['contact_mobile']);
-        $client_website = htmlentities($row['client_website']);
-        $client_currency_code = htmlentities($row['client_currency_code']);
-        $client_net_terms = htmlentities($row['client_net_terms']);
-        if ($client_net_terms == 0) {
-            $client_net_terms = $config_default_net_terms;
+    $row = mysqli_fetch_array($sql);
+    $invoice_id = $row['invoice_id'];
+    $invoice_prefix = htmlentities($row['invoice_prefix']);
+    $invoice_number = htmlentities($row['invoice_number']);
+    $invoice_scope = htmlentities($row['invoice_scope']);
+    $invoice_status = htmlentities($row['invoice_status']);
+    $invoice_date = $row['invoice_date'];
+    $invoice_due = $row['invoice_due'];
+    $invoice_amount = floatval($row['invoice_amount']);
+    $invoice_currency_code = htmlentities($row['invoice_currency_code']);
+    $invoice_note = htmlentities($row['invoice_note']);
+    $invoice_url_key = htmlentities($row['invoice_url_key']);
+    $invoice_created_at = $row['invoice_created_at'];
+    $category_id = $row['invoice_category_id'];
+    $client_id = $row['client_id'];
+    $client_name = htmlentities($row['client_name']);
+    $location_address = htmlentities($row['location_address']);
+    $location_city = htmlentities($row['location_city']);
+    $location_state = htmlentities($row['location_state']);
+    $location_zip = htmlentities($row['location_zip']);
+    $contact_email = htmlentities($row['contact_email']);
+    $contact_phone = formatPhoneNumber($row['contact_phone']);
+    $contact_extension = htmlentities($row['contact_extension']);
+    $contact_mobile = formatPhoneNumber($row['contact_mobile']);
+    $client_website = htmlentities($row['client_website']);
+    $client_currency_code = htmlentities($row['client_currency_code']);
+    $client_net_terms = htmlentities($row['client_net_terms']);
+    if ($client_net_terms == 0) {
+        $client_net_terms = $config_default_net_terms;
+    }
+    $company_id = $row['company_id'];
+    $company_name = htmlentities($row['company_name']);
+    $company_country = htmlentities($row['company_country']);
+    $company_address = htmlentities($row['company_address']);
+    $company_city = htmlentities($row['company_city']);
+    $company_state = htmlentities($row['company_state']);
+    $company_zip = htmlentities($row['company_zip']);
+    $company_phone = formatPhoneNumber($row['company_phone']);
+    $company_email = htmlentities($row['company_email']);
+    $company_website = htmlentities($row['company_website']);
+    $company_logo = htmlentities($row['company_logo']);
+    if (!empty($company_logo)) {
+        $company_logo_base64 = base64_encode(file_get_contents("uploads/settings/$company_id/$company_logo"));
+    }
+    $sql_history = mysqli_query($mysqli, "SELECT * FROM history WHERE history_invoice_id = $invoice_id ORDER BY history_id DESC");
+
+    $sql_payments = mysqli_query($mysqli, "SELECT * FROM payments, accounts WHERE payment_account_id = account_id AND payment_invoice_id = $invoice_id ORDER BY payments.payment_id DESC");
+
+    //Add up all the payments for the invoice and get the total amount paid to the invoice
+    $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
+    $row = mysqli_fetch_array($sql_amount_paid);
+    $amount_paid = $row['amount_paid'];
+
+    $balance = $invoice_amount - $amount_paid;
+
+    //check to see if overdue
+    if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled") {
+        $unixtime_invoice_due = strtotime($invoice_due) + 86400;
+        if ($unixtime_invoice_due < time()) {
+            $invoice_overdue = "Overdue";
        }
-        $company_id = $row['company_id'];
-        $company_name = htmlentities($row['company_name']);
-        $company_country = htmlentities($row['company_country']);
-        $company_address = htmlentities($row['company_address']);
-        $company_city = htmlentities($row['company_city']);
-        $company_state = htmlentities($row['company_state']);
-        $company_zip = htmlentities($row['company_zip']);
-        $company_phone = formatPhoneNumber($row['company_phone']);
-        $company_email = htmlentities($row['company_email']);
-        $company_website = htmlentities($row['company_website']);
-        $company_logo = htmlentities($row['company_logo']);
-        if (!empty($company_logo)) {
-            $company_logo_base64 = base64_encode(file_get_contents("uploads/settings/$company_id/$company_logo"));
+    }
+
+    //Set Badge color based off of invoice status
+    $invoice_badge_color = getInvoiceBadgeColor($invoice_status);
+
+    //Product autocomplete
+    $products_sql = mysqli_query($mysqli, "SELECT product_name AS label, product_description AS description, product_price AS price FROM products WHERE company_id = $session_company_id");
+
+    if (mysqli_num_rows($products_sql) > 0) {
+        while ($row = mysqli_fetch_array($products_sql)) {
+            $products[] = $row;
        }
-        $sql_history = mysqli_query($mysqli, "SELECT * FROM history WHERE history_invoice_id = $invoice_id ORDER BY history_id DESC");
+        $json_products = json_encode($products);
+    }

-        $sql_payments = mysqli_query($mysqli, "SELECT * FROM payments, accounts WHERE payment_account_id = account_id AND payment_invoice_id = $invoice_id ORDER BY payments.payment_id DESC");
+    ?>

-        //Add up all the payments for the invoice and get the total amount paid to the invoice
-        $sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
-        $row = mysqli_fetch_array($sql_amount_paid);
-        $amount_paid = $row['amount_paid'];
+    <ol class="breadcrumb d-print-none">
+        <li class="breadcrumb-item">
+            <a href="invoices.php">Invoices</a>
+        </li>
+        <li class="breadcrumb-item">
+            <a href="client_invoices.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
+        </li>
+        <li class="breadcrumb-item active"><?php echo "$invoice_prefix$invoice_number"; ?></li>
+        <?php if (isset($invoice_overdue)) { ?>
+            <span class="p-2 ml-2 badge badge-danger"><?php echo $invoice_overdue; ?></span>
+        <?php } ?>
+    </ol>

-        $balance = $invoice_amount - $amount_paid;
+    <div class="card">

-        //check to see if overdue
-        if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled") {
-            $unixtime_invoice_due = strtotime($invoice_due) + 86400;
-            if ($unixtime_invoice_due < time()) {
-                $invoice_overdue = "Overdue";
-            }
-        }
+        <div class="card-header d-print-none">

-        //Set Badge color based off of invoice status
-        $invoice_badge_color = getInvoiceBadgeColor($invoice_status);
+            <div class="row">

-        //Product autocomplete
-        $products_sql = mysqli_query($mysqli, "SELECT product_name AS label, product_description AS description, product_price AS price FROM products WHERE company_id = $session_company_id");
-
-        if (mysqli_num_rows($products_sql) > 0) {
-            while ($row = mysqli_fetch_array($products_sql)) {
-                $products[] = $row;
-            }
-            $json_products = json_encode($products);
-        }
-
-        ?>
-
-        <ol class="breadcrumb d-print-none">
-            <li class="breadcrumb-item">
-                <a href="invoices.php">Invoices</a>
-            </li>
-            <li class="breadcrumb-item">
-                <a href="client_invoices.php?client_id=<?php echo $client_id; ?>"><?php echo $client_name; ?></a>
-            </li>
-            <li class="breadcrumb-item active"><?php echo "$invoice_prefix$invoice_number"; ?></li>
-            <?php if (isset($invoice_overdue)) { ?>
-                <span class="p-2 ml-2 badge badge-danger"><?php echo $invoice_overdue; ?></span>
-            <?php } ?>
-        </ol>
-
-        <div class="card">
-
-            <div class="card-header d-print-none">
-
-                <div class="row">
-
-                    <div class="col-md-4">
-                        <?php if ($invoice_status == 'Draft') { ?>
-                            <button class="btn btn-success btn-sm dropdown-toggle" type="button" data-toggle="dropdown">
-                                <i class="fas fa-fw fa-paper-plane"></i> Send
-                            </button>
-                            <div class="dropdown-menu">
-                                <?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
-                                    <a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send Email</a>
-                                    <div class="dropdown-divider"></div>
-                                <?php } ?>
-                                <a class="dropdown-item" href="post.php?mark_invoice_sent=<?php echo $invoice_id; ?>">Mark Sent</a>
-                            </div>
-                        <?php } ?>
-
-                        <?php if ($invoice_status !== 'Paid' && $invoice_status !== 'Cancelled' && $invoice_status !== 'Draft') { ?>
-                            <a class="btn btn-success btn-sm" href="#" data-toggle="modal" data-target="#addPaymentModal"><i class="fa fa-fw fa-credit-card"></i> Add Payment</a>
-                        <?php } ?>
-                    </div>
-
-                    <div class="col-md-8">
-
-                        <div class="dropdown dropleft text-center">
-                            <button class="btn btn-primary btn-sm float-right" type="button" data-toggle="dropdown">
-                                <i class="fas fa-fw fa-ellipsis-v"></i>
-                            </button>
-                            <div class="dropdown-menu">
-                                <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
-                                <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
-                                <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceRecurringModal<?php echo $invoice_id; ?>">Recurring</a>
+                <div class="col-md-4">
+                    <?php if ($invoice_status == 'Draft') { ?>
+                        <button class="btn btn-success btn-sm dropdown-toggle" type="button" data-toggle="dropdown">
+                            <i class="fas fa-fw fa-paper-plane"></i> Send
+                        </button>
+                        <div class="dropdown-menu">
+                            <?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
+                                <a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send Email</a>
                                <div class="dropdown-divider"></div>
-                                <a class="dropdown-item" href="#" onclick="window.print();">Print</a>
-                                <a class="dropdown-item" href="#" onclick="pdfMake.createPdf(docDefinition).download('<?php echo "$invoice_date-$company_name-$client_name-Invoice-$invoice_prefix$invoice_number.pdf"; ?>');">Download PDF</a>
-                                <?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
-                                    <a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send Email</a>
-                                <?php } ?>
-                                <a class="dropdown-item" target="_blank" href="guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"; ?>">Guest URL</a>
-                                <?php if ($invoice_status !== 'Cancelled' && $invoice_status !== 'Paid') { ?>
-                                    <div class="dropdown-divider"></div>
-                                    <a class="dropdown-item text-danger" href="post.php?cancel_invoice=<?php echo $invoice_id; ?>">Cancel</a>
-                                <?php } ?>
-                            </div>
+                            <?php } ?>
+                            <a class="dropdown-item" href="post.php?mark_invoice_sent=<?php echo $invoice_id; ?>">Mark Sent</a>
                        </div>
+                    <?php } ?>

+                    <?php if ($invoice_status !== 'Paid' && $invoice_status !== 'Cancelled' && $invoice_status !== 'Draft') { ?>
+                        <a class="btn btn-success btn-sm" href="#" data-toggle="modal" data-target="#addPaymentModal"><i class="fa fa-fw fa-credit-card"></i> Add Payment</a>
+                    <?php } ?>
+                </div>
+
+                <div class="col-md-8">
+
+                    <div class="dropdown dropleft text-center">
+                        <button class="btn btn-primary btn-sm float-right" type="button" data-toggle="dropdown">
+                            <i class="fas fa-fw fa-ellipsis-v"></i>
+                        </button>
+                        <div class="dropdown-menu">
+                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
+                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
+                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceRecurringModal<?php echo $invoice_id; ?>">Recurring</a>
+                            <div class="dropdown-divider"></div>
+                            <a class="dropdown-item" href="#" onclick="window.print();">Print</a>
+                            <a class="dropdown-item" href="#" onclick="pdfMake.createPdf(docDefinition).download('<?php echo "$invoice_date-$company_name-$client_name-Invoice-$invoice_prefix$invoice_number.pdf"; ?>');">Download PDF</a>
+                            <?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
+                                <a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send Email</a>
+                            <?php } ?>
+                            <a class="dropdown-item" target="_blank" href="guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"; ?>">Guest URL</a>
+                            <?php if ($invoice_status !== 'Cancelled' && $invoice_status !== 'Paid') { ?>
+                                <div class="dropdown-divider"></div>
+                                <a class="dropdown-item text-danger" href="post.php?cancel_invoice=<?php echo $invoice_id; ?>">Cancel</a>
+                            <?php } ?>
+                        </div>
                    </div>

                </div>

            </div>

-            <div class="card-body">
-
-                <div class="row mb-4">
-                    <div class="col-sm-2">
-                        <img class="img-fluid" src="<?php echo "uploads/settings/$company_id/$company_logo"; ?>" alt="Company logo">
-                    </div>
-                    <div class="col-sm-10">
-                        <div class="ribbon-wrapper">
-                            <div class="ribbon bg-<?php echo $invoice_badge_color; ?>">
-                                <?php echo $invoice_status; ?>
-                            </div>
-                        </div>
-                        <h3 class="text-right mt-5"><strong>Invoice</strong><br><small class="text-secondary"><?php echo "$invoice_prefix$invoice_number"; ?></small></h3>
-                    </div>
-
-                </div>
-                <div class="row mb-4">
-                    <div class="col-sm">
-                        <ul class="list-unstyled">
-                            <li><h4><strong><?php echo $company_name; ?></strong></h4></li>
-                            <li><?php echo $company_address; ?></li>
-                            <li><?php echo "$company_city $company_state $company_zip"; ?></li>
-                            <li><?php echo $company_phone; ?></li>
-                            <li><?php echo $company_email; ?></li>
-                            <li><?php echo $company_website; ?></li>
-                        </ul>
-                    </div>
-                    <div class="col-sm">
-                        <ul class="list-unstyled text-right">
-                            <li><h4><strong><?php echo $client_name; ?></strong></h4></li>
-                            <li><?php echo $location_address; ?></li>
-                            <li><?php echo "$location_city $location_state $location_zip"; ?></li>
-                            <li><?php echo "$contact_phone $contact_extension"; ?></li>
-                            <li><?php echo $contact_mobile; ?></li>
-                            <li><?php echo $contact_email; ?></li>
-                        </ul>
-                    </div>
-                </div>
-                <div class="row mb-4">
-                    <div class="col-sm-8">
-                    </div>
-                    <div class="col-sm-4">
-                        <table class="table">
-                            <tr>
-                                <td>Date</td>
-                                <td class="text-right"><?php echo $invoice_date; ?></td>
-                            </tr>
-                            <tr>
-                                <td>Due</td>
-                                <td class="text-right"><?php echo $invoice_due; ?></td>
-                            </tr>
-                        </table>
-                    </div>
-                </div>
-
-                <?php $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_invoice_id = $invoice_id ORDER BY item_id ASC"); ?>
-
-                <div class="row mb-4">
-                    <div class="col-md-12">
-                        <div class="card">
-                            <div class="table-responsive">
-                                <table class="table">
-                                    <thead>
-                                    <tr>
-                                        <th class="d-print-none"></th>
-                                        <th>Item</th>
-                                        <th>Description</th>
-                                        <th class="text-center">Qty</th>
-                                        <th class="text-right">Price</th>
-                                        <th class="text-right">Tax</th>
-                                        <th class="text-right">Total</th>
-                                    </tr>
-                                    </thead>
-                                    <tbody>
-                                    <?php
-
-                                    $total_tax = 0;
-                                    $sub_total = 0;
-
-                                    while ($row = mysqli_fetch_array($sql_invoice_items)) {
-                                        $item_id = $row['item_id'];
-                                        $item_name = htmlentities($row['item_name']);
-                                        $item_description = htmlentities($row['item_description']);
-                                        $item_quantity = floatval($row['item_quantity']);
-                                        $item_price = floatval($row['item_price']);
-                                        $item_tax = floatval($row['item_tax']);
-                                        $item_total = floatval($row['item_total']);
-                                        $item_created_at = $row['item_created_at'];
-                                        $tax_id = $row['item_tax_id'];
-                                        $total_tax = $item_tax + $total_tax;
-                                        $sub_total = $item_price * $item_quantity + $sub_total;
-
-                                        ?>
-
-                                        <tr>
-                                            <td class="text-center d-print-none">
-                                                <a class="text-secondary" href="#" data-toggle="modal" data-target="#editItemModal<?php echo $item_id; ?>"><i class="fa fa-fw fa-edit"></i></a>
-                                                <a class="text-danger" href="post.php?delete_invoice_item=<?php echo $item_id; ?>"><i class="fa fa-fw fa-trash-alt"></i></a>
-                                            </td>
-                                            <td><?php echo $item_name; ?></td>
-                                            <td><div style="white-space:pre-line"><?php echo $item_description; ?></div></td>
-                                            <td class="text-center"><?php echo $item_quantity; ?></td>
-                                            <td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_price, $invoice_currency_code); ?></td>
-                                            <td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_tax, $invoice_currency_code); ?></td>
-                                            <td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_total, $invoice_currency_code); ?></td>
-                                        </tr>
-
-                                        <?php
-
-                                        include("item_edit_modal.php");
-
-                                    }
-
-                                    ?>
-
-                                    <tr class="d-print-none">
-                                        <form action="post.php" method="post" autocomplete="off">
-                                            <input type="hidden" name="invoice_id" value="<?php echo $invoice_id; ?>">
-                                            <td></td>
-                                            <td><input type="text" class="form-control" id="name" name="name" placeholder="Item" required></td>
-                                            <td><textarea class="form-control" rows="2" id="desc" name="description" placeholder="Description"></textarea></td>
-                                            <td><input type="number" step="0.01" min="0" class="form-control" style="text-align: center;" id="qty" name="qty" placeholder="QTY"></td>
-                                            <td><input type="number" step="0.01" class="form-control" style="text-align: right;" id="price" name="price" placeholder="Price (<?php echo $invoice_currency_code; ?>)"></td>
-                                            <td>
-                                                <select class="form-control select2" name="tax_id" required>
-                                                    <option value="0">None</option>
-                                                    <?php
-
-                                                    $taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE company_id = $session_company_id ORDER BY tax_name ASC");
-                                                    while ($row = mysqli_fetch_array($taxes_sql)) {
-                                                        $tax_id = $row['tax_id'];
-                                                        $tax_name = htmlentities($row['tax_name']);
-                                                        $tax_percent = htmlentities($row['tax_percent']);
-                                                        ?>
-                                                        <option value="<?php echo $tax_id; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
-
-                                                        <?php
-                                                    }
-                                                    ?>
-                                                </select>
-                                            </td>
-                                            <td>
-                                                <button class="btn btn-link text-success" type="submit" name="add_invoice_item">
-                                                    <i class="fa fa-fw fa-check"></i>
-                                                </button>
-                                            </td>
-                                        </form>
-                                    </tr>
-                                    </tbody>
-                                </table>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-
-                <div class="row mb-4">
-                    <div class="col-sm-7">
-                        <div class="card">
-                            <div class="card-header">
-                                Notes
-                                <div class="card-tools d-print-none">
-                                    <a href="#" class="btn btn-tool" data-toggle="modal" data-target="#invoiceNoteModal">
-                                        <i class="fas fa-edit"></i>
-                                    </a>
-                                </div>
-                            </div>
-                            <div class="card-body">
-                                <div style="white-space:pre-line"><?php echo $invoice_note; ?></div>
-                            </div>
-                        </div>
-                    </div>
-                    <div class="col-sm-3 offset-sm-2">
-                        <table class="table table-borderless">
-                            <tbody>
-                            <tr class="border-bottom">
-                                <td>Subtotal</td>
-                                <td class="text-right"><?php echo numfmt_format_currency($currency_format, $sub_total, $invoice_currency_code); ?></td>
-                            </tr>
-                            <?php if ($total_tax > 0) { ?>
-                                <tr class="border-bottom">
-                                    <td>Tax</td>
-                                    <td class="text-right"><?php echo numfmt_format_currency($currency_format, $total_tax, $invoice_currency_code); ?></td>
-                                </tr>
-                            <?php } ?>
-                            <?php if ($amount_paid > 0) { ?>
-                                <tr class="border-bottom">
-                                    <td><div class="text-success">Paid</div></td>
-                                    <td class="text-right text-success"><?php echo numfmt_format_currency($currency_format, $amount_paid, $invoice_currency_code); ?></td>
-                                </tr>
-                            <?php } ?>
-                            <tr class="border-bottom">
-                                <td><strong>Balance</strong></td>
-                                <td class="text-right"><strong><?php echo numfmt_format_currency($currency_format, $balance, $invoice_currency_code); ?></strong></td>
-                            </tr>
-                            </tbody>
-                        </table>
-                    </div>
-                </div>
-
-                <hr class="d-none d-print-block mt-5">
-
-                <center class="d-none d-print-block" style="white-space:pre-line"><?php echo htmlentities($config_invoice_footer); ?></center>
-            </div>
        </div>

-        <div class="row d-print-none mb-3">
-            <div class="col-sm">
-                <div class="card">
-                    <div class="card-header">
-                        <i class="fa fa-fw fa-history"></i> History
-                        <div class="card-tools">
-                            <button type="button" class="btn btn-tool" data-card-widget="collapse">
-                                <i class="fas fa-minus"></i>
-                            </button>
-                            <button type="button" class="btn btn-tool" data-card-widget="remove">
-                                <i class="fas fa-times"></i>
-                            </button>
+        <div class="card-body">
+
+            <div class="row mb-4">
+                <div class="col-sm-2">
+                    <img class="img-fluid" src="<?php echo "uploads/settings/$company_id/$company_logo"; ?>" alt="Company logo">
+                </div>
+                <div class="col-sm-10">
+                    <div class="ribbon-wrapper">
+                        <div class="ribbon bg-<?php echo $invoice_badge_color; ?>">
+                            <?php echo $invoice_status; ?>
                        </div>
                    </div>
-                    <div class="card-body">
-                        <table class="table">
-                            <thead>
-                            <tr>
-                                <th>Date</th>
-                                <th>Status</th>
-                                <th>Description</th>
-                            </tr>
-                            </thead>
-                            <tbody>
-                            <?php
+                    <h3 class="text-right mt-5"><strong>Invoice</strong><br><small class="text-secondary"><?php echo "$invoice_prefix$invoice_number"; ?></small></h3>
+                </div>

-                            while ($row = mysqli_fetch_array($sql_history)) {
-                                $history_created_at = $row['history_created_at'];
-                                $history_status = htmlentities($row['history_status']);
-                                $history_description = htmlentities($row['history_description']);
-
-                                ?>
-                                <tr>
-                                    <td><?php echo $history_created_at; ?></td>
-                                    <td><?php echo $history_status; ?></td>
-                                    <td><?php echo $history_description; ?></td>
-                                </tr>
-                                <?php
-                            }
-                            ?>
-
-                            </tbody>
-                        </table>
-                    </div>
+            </div>
+            <div class="row mb-4">
+                <div class="col-sm">
+                    <ul class="list-unstyled">
+                        <li><h4><strong><?php echo $company_name; ?></strong></h4></li>
+                        <li><?php echo $company_address; ?></li>
+                        <li><?php echo "$company_city $company_state $company_zip"; ?></li>
+                        <li><?php echo $company_phone; ?></li>
+                        <li><?php echo $company_email; ?></li>
+                        <li><?php echo $company_website; ?></li>
+                    </ul>
+                </div>
+                <div class="col-sm">
+                    <ul class="list-unstyled text-right">
+                        <li><h4><strong><?php echo $client_name; ?></strong></h4></li>
+                        <li><?php echo $location_address; ?></li>
+                        <li><?php echo "$location_city $location_state $location_zip"; ?></li>
+                        <li><?php echo "$contact_phone $contact_extension"; ?></li>
+                        <li><?php echo $contact_mobile; ?></li>
+                        <li><?php echo $contact_email; ?></li>
+                    </ul>
                </div>
            </div>
-            <div class="col-sm d-print-none">
-                <div class="card">
-                    <div class="card-header">
-                        <i class="fa fa-fw fa-credit-card"></i> Payments
-                        <div class="card-tools">
-                            <button type="button" class="btn btn-tool" data-card-widget="collapse">
-                                <i class="fas fa-minus"></i>
-                            </button>
-                            <button type="button" class="btn btn-tool" data-card-widget="remove">
-                                <i class="fas fa-times"></i>
-                            </button>
-                        </div>
-                    </div>
-                    <div class="card-body">
+            <div class="row mb-4">
+                <div class="col-sm-8">
+                </div>
+                <div class="col-sm-4">
+                    <table class="table">
+                        <tr>
+                            <td>Date</td>
+                            <td class="text-right"><?php echo $invoice_date; ?></td>
+                        </tr>
+                        <tr>
+                            <td>Due</td>
+                            <td class="text-right"><?php echo $invoice_due; ?></td>
+                        </tr>
+                    </table>
+                </div>
+            </div>
+
+            <?php $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_invoice_id = $invoice_id ORDER BY item_id ASC"); ?>
+
+            <div class="row mb-4">
+                <div class="col-md-12">
+                    <div class="card">
                        <div class="table-responsive">
                            <table class="table">
                                <thead>
                                <tr>
-                                    <th>Date</th>
-                                    <th class="text-right">Amount</th>
-                                    <th>Reference</th>
-                                    <th>Account</th>
-                                    <th class="text-center">Action</th>
+                                    <th class="d-print-none"></th>
+                                    <th>Item</th>
+                                    <th>Description</th>
+                                    <th class="text-center">Qty</th>
+                                    <th class="text-right">Price</th>
+                                    <th class="text-right">Tax</th>
+                                    <th class="text-right">Total</th>
                                </tr>
                                </thead>
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_payments)) {
-                                    $payment_id = $row['payment_id'];
-                                    $payment_date = $row['payment_date'];
-                                    $payment_amount = floatval($row['payment_amount']);
-                                    $payment_currency_code = htmlentities($row['payment_currency_code']);
-                                    $payment_reference = htmlentities($row['payment_reference']);
-                                    $account_name = htmlentities($row['account_name']);
+                                $total_tax = 0;
+                                $sub_total = 0;
+
+                                while ($row = mysqli_fetch_array($sql_invoice_items)) {
+                                    $item_id = $row['item_id'];
+                                    $item_name = htmlentities($row['item_name']);
+                                    $item_description = htmlentities($row['item_description']);
+                                    $item_quantity = floatval($row['item_quantity']);
+                                    $item_price = floatval($row['item_price']);
+                                    $item_tax = floatval($row['item_tax']);
+                                    $item_total = floatval($row['item_total']);
+                                    $item_created_at = $row['item_created_at'];
+                                    $tax_id = $row['item_tax_id'];
+                                    $total_tax = $item_tax + $total_tax;
+                                    $sub_total = $item_price * $item_quantity + $sub_total;

                                    ?>
+
                                    <tr>
-                                        <td><?php echo $payment_date; ?></td>
-                                        <td class="text-right"><?php echo numfmt_format_currency($currency_format, $payment_amount, $payment_currency_code); ?></td>
-                                        <td><?php echo $payment_reference; ?></td>
-                                        <td><?php echo $account_name; ?></td>
-                                        <td class="text-center"><a class="btn btn-danger btn-sm" href="post.php?delete_payment=<?php echo $payment_id; ?>"><i class="fa fa-trash"></i></a></td>
+                                        <td class="text-center d-print-none">
+                                            <?php if ($invoice_status !== "Paid" && $invoice_status !== "Cancelled") { ?>
+                                                <a class="text-secondary" href="#" data-toggle="modal" data-target="#editItemModal<?php echo $item_id; ?>"><i class="fa fa-fw fa-edit"></i></a>
+                                                <a class="text-danger" href="post.php?delete_invoice_item=<?php echo $item_id; ?>"><i class="fa fa-fw fa-trash-alt"></i></a>
+                                            <?php } ?>
+                                        </td>
+                                        <td><?php echo $item_name; ?></td>
+                                        <td><div style="white-space:pre-line"><?php echo $item_description; ?></div></td>
+                                        <td class="text-center"><?php echo $item_quantity; ?></td>
+                                        <td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_price, $invoice_currency_code); ?></td>
+                                        <td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_tax, $invoice_currency_code); ?></td>
+                                        <td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_total, $invoice_currency_code); ?></td>
                                    </tr>
+
                                    <?php
+
+                                    if ($invoice_status !== "Paid" && $invoice_status !== "Cancelled") {
+                                        require("item_edit_modal.php");
+                                    }
+
                                }
+
                                ?>
+
+                                <tr class="d-print-none" <?php if ($invoice_status == "Paid" || $invoice_status == "Cancelled") { echo "hidden"; } ?>>
+                                    <form action="post.php" method="post" autocomplete="off">
+                                        <input type="hidden" name="invoice_id" value="<?php echo $invoice_id; ?>">
+                                        <td></td>
+                                        <td><input type="text" class="form-control" id="name" name="name" placeholder="Item" required></td>
+                                        <td><textarea class="form-control" rows="2" id="desc" name="description" placeholder="Description"></textarea></td>
+                                        <td><input type="number" step="0.01" min="0" class="form-control" style="text-align: center;" id="qty" name="qty" placeholder="QTY"></td>
+                                        <td><input type="number" step="0.01" class="form-control" style="text-align: right;" id="price" name="price" placeholder="Price (<?php echo $invoice_currency_code; ?>)"></td>
+                                        <td>
+                                            <select class="form-control select2" name="tax_id" required>
+                                                <option value="0">None</option>
+                                                <?php
+
+                                                $taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE company_id = $session_company_id ORDER BY tax_name ASC");
+                                                while ($row = mysqli_fetch_array($taxes_sql)) {
+                                                    $tax_id = $row['tax_id'];
+                                                    $tax_name = htmlentities($row['tax_name']);
+                                                    $tax_percent = htmlentities($row['tax_percent']);
+                                                    ?>
+                                                    <option value="<?php echo $tax_id; ?>"><?php echo "$tax_name $tax_percent%"; ?></option>
+
+                                                    <?php
+                                                }
+                                                ?>
+                                            </select>
+                                        </td>
+                                        <td>
+                                            <button class="btn btn-link text-success" type="submit" name="add_invoice_item">
+                                                <i class="fa fa-fw fa-check"></i>
+                                            </button>
+                                        </td>
+                                    </form>
+                                </tr>
                                </tbody>
                            </table>
                        </div>
                    </div>
                </div>
            </div>
+
+            <div class="row mb-4">
+                <div class="col-sm-7">
+                    <div class="card">
+                        <div class="card-header">
+                            Notes
+                            <div class="card-tools d-print-none">
+                                <a href="#" class="btn btn-tool" data-toggle="modal" data-target="#invoiceNoteModal">
+                                    <i class="fas fa-edit"></i>
+                                </a>
+                            </div>
+                        </div>
+                        <div class="card-body">
+                            <div style="white-space:pre-line"><?php echo $invoice_note; ?></div>
+                        </div>
+                    </div>
+                </div>
+                <div class="col-sm-3 offset-sm-2">
+                    <table class="table table-borderless">
+                        <tbody>
+                        <tr class="border-bottom">
+                            <td>Subtotal</td>
+                            <td class="text-right"><?php echo numfmt_format_currency($currency_format, $sub_total, $invoice_currency_code); ?></td>
+                        </tr>
+                        <?php if ($total_tax > 0) { ?>
+                            <tr class="border-bottom">
+                                <td>Tax</td>
+                                <td class="text-right"><?php echo numfmt_format_currency($currency_format, $total_tax, $invoice_currency_code); ?></td>
+                            </tr>
+                        <?php } ?>
+                        <?php if ($amount_paid > 0) { ?>
+                            <tr class="border-bottom">
+                                <td><div class="text-success">Paid</div></td>
+                                <td class="text-right text-success"><?php echo numfmt_format_currency($currency_format, $amount_paid, $invoice_currency_code); ?></td>
+                            </tr>
+                        <?php } ?>
+                        <tr class="border-bottom">
+                            <td><strong>Balance</strong></td>
+                            <td class="text-right"><strong><?php echo numfmt_format_currency($currency_format, $balance, $invoice_currency_code); ?></strong></td>
+                        </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+
+            <hr class="d-none d-print-block mt-5">
+
+            <center class="d-none d-print-block" style="white-space:pre-line"><?php echo htmlentities($config_invoice_footer); ?></center>
        </div>
+    </div>

-        <?php
-        include_once("invoice_payment_add_modal.php");
-        include_once("invoice_copy_modal.php");
-        include_once("invoice_recurring_add_modal.php");
-        include_once("invoice_edit_modal.php");
-        include_once("invoice_note_modal.php");
-        include_once("category_quick_add_modal.php");
+    <div class="row d-print-none mb-3">
+        <div class="col-sm">
+            <div class="card">
+                <div class="card-header">
+                    <i class="fa fa-fw fa-history"></i> History
+                    <div class="card-tools">
+                        <button type="button" class="btn btn-tool" data-card-widget="collapse">
+                            <i class="fas fa-minus"></i>
+                        </button>
+                        <button type="button" class="btn btn-tool" data-card-widget="remove">
+                            <i class="fas fa-times"></i>
+                        </button>
+                    </div>
+                </div>
+                <div class="card-body">
+                    <table class="table">
+                        <thead>
+                        <tr>
+                            <th>Date</th>
+                            <th>Status</th>
+                            <th>Description</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        <?php

-    }
+                        while ($row = mysqli_fetch_array($sql_history)) {
+                            $history_created_at = $row['history_created_at'];
+                            $history_status = htmlentities($row['history_status']);
+                            $history_description = htmlentities($row['history_description']);
+
+                            ?>
+                            <tr>
+                                <td><?php echo $history_created_at; ?></td>
+                                <td><?php echo $history_status; ?></td>
+                                <td><?php echo $history_description; ?></td>
+                            </tr>
+                            <?php
+                        }
+                        ?>
+
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+        </div>
+        <div class="col-sm d-print-none">
+            <div class="card">
+                <div class="card-header">
+                    <i class="fa fa-fw fa-credit-card"></i> Payments
+                    <div class="card-tools">
+                        <button type="button" class="btn btn-tool" data-card-widget="collapse">
+                            <i class="fas fa-minus"></i>
+                        </button>
+                        <button type="button" class="btn btn-tool" data-card-widget="remove">
+                            <i class="fas fa-times"></i>
+                        </button>
+                    </div>
+                </div>
+                <div class="card-body">
+                    <div class="table-responsive">
+                        <table class="table">
+                            <thead>
+                            <tr>
+                                <th>Date</th>
+                                <th class="text-right">Amount</th>
+                                <th>Reference</th>
+                                <th>Account</th>
+                                <th class="text-center">Action</th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            <?php
+
+                            while ($row = mysqli_fetch_array($sql_payments)) {
+                                $payment_id = $row['payment_id'];
+                                $payment_date = $row['payment_date'];
+                                $payment_amount = floatval($row['payment_amount']);
+                                $payment_currency_code = htmlentities($row['payment_currency_code']);
+                                $payment_reference = htmlentities($row['payment_reference']);
+                                $account_name = htmlentities($row['account_name']);
+
+                                ?>
+                                <tr>
+                                    <td><?php echo $payment_date; ?></td>
+                                    <td class="text-right"><?php echo numfmt_format_currency($currency_format, $payment_amount, $payment_currency_code); ?></td>
+                                    <td><?php echo $payment_reference; ?></td>
+                                    <td><?php echo $account_name; ?></td>
+                                    <td class="text-center"><a class="btn btn-danger btn-sm" href="post.php?delete_payment=<?php echo $payment_id; ?>"><i class="fa fa-trash"></i></a></td>
+                                </tr>
+                                <?php
+                            }
+                            ?>
+                            </tbody>
+                        </table>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <?php
+    include_once("invoice_payment_add_modal.php");
+    include_once("invoice_copy_modal.php");
+    include_once("invoice_recurring_add_modal.php");
+    include_once("invoice_edit_modal.php");
+    include_once("invoice_note_modal.php");
+    include_once("category_quick_add_modal.php");
 }

-include("footer.php");
+require_once("footer.php");

 ?>

--- a/post.php
+++ b/post.php
@ -2948,7 +2948,7 @@ if(isset($_GET['dismiss_all_notifications'])){

    $_SESSION['alert_message'] = "$num_notifications Notifications Dismissed";

-    header("Location: notifications.php");
+    header("Location: " . $_SERVER["HTTP_REFERER"]);

 }

@ -5165,7 +5165,7 @@ if(isset($_GET['export_client_locations_csv'])){

    //Locations
    $sql = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL AND company_id = $session_company_id ORDER BY location_name ASC");
-    
+
    $num_rows = mysqli_num_rows($sql);

    if($num_rows > 0) {
@ -5961,7 +5961,7 @@ if(isset($_GET['export_client_software_csv'])){
    $client_name = $row['client_name'];

    $sql = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
-    
+
    $num_rows = mysqli_num_rows($sql);

    if($num_rows > 0) {
@ -6352,7 +6352,7 @@ if(isset($_GET['export_client_networks_csv'])){
    $client_name = $row['client_name'];

    $sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_client_id = $client_id ORDER BY network_name ASC");
-    
+
    $num_rows = mysqli_num_rows($sql);

    if($num_rows > 0) {
@ -6418,7 +6418,7 @@ if(isset($_POST['add_certificate'])){

    mysqli_query($mysqli,"INSERT INTO certificates SET certificate_name = '$name', certificate_domain = '$domain', certificate_issued_by = '$issued_by', certificate_expire = '$expire', certificate_public_key = '$public_key', certificate_domain_id = $domain_id, certificate_client_id = $client_id, company_id = $session_company_id");

-    $certificate_id = mysqli_insert_id($mysqli); 
+    $certificate_id = mysqli_insert_id($mysqli);

    //Logging
    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Create', log_description = '$session_name created certificate $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $certificate_id, company_id = $session_company_id");
@ -6504,7 +6504,7 @@ if(isset($_GET['export_client_certificates_csv'])){
    $client_name = $row['client_name'];

    $sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_client_id = $client_id ORDER BY certificate_name ASC");
-    
+
    $num_rows = mysqli_num_rows($sql);

    if($num_rows > 0) {
@ -6739,7 +6739,7 @@ if(isset($_POST['add_ticket'])){
    mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = $session_company_id");

    mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id, ticket_created_by = $session_user_id, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_client_id = $client_id, company_id = $session_company_id");
-    
+
    $ticket_id = mysqli_insert_id($mysqli);

    // E-mail client
@ -7364,7 +7364,7 @@ if(isset($_GET['delete_scheduled_ticket'])){
    $row = mysqli_fetch_array($sql);
    $scheduled_ticket_subject = strip_tags(mysqli_real_escape_string($mysqli, $row['scheduled_ticket_subject']));
    $scheduled_ticket_frequency = strip_tags(mysqli_real_escape_string($mysqli, $row['scheduled_ticket_frequency']));
-    
+
    $client_id = $row['scheduled_ticket_client_id'];

    // Delete
--- a/quote.php
+++ b/quote.php
@ -5,14 +5,22 @@ if (isset($_GET['quote_id'])) {

    $quote_id = intval($_GET['quote_id']);

-    $sql = mysqli_query($mysqli,"SELECT * FROM quotes 
-    LEFT JOIN clients ON quote_client_id = client_id
-    LEFT JOIN locations ON primary_location = location_id
-    LEFT JOIN contacts ON primary_contact = contact_id
-    LEFT JOIN companies ON quotes.company_id = companies.company_id
-    WHERE quote_id = $quote_id"
+    $sql = mysqli_query(
+        $mysqli,
+        "SELECT * FROM quotes
+        LEFT JOIN clients ON quote_client_id = client_id
+        LEFT JOIN locations ON primary_location = location_id
+        LEFT JOIN contacts ON primary_contact = contact_id
+        LEFT JOIN companies ON quotes.company_id = companies.company_id
+        WHERE quote_id = $quote_id"
    );

+    if (mysqli_num_rows($sql) == 0) {
+        echo '<h1 class="text-secondary mt-5" style="text-align: center">Nothing to see here</h1>';
+        require_once("footer.php");
+        exit();
+    }
+
    $row = mysqli_fetch_array($sql);
    $quote_id = $row['quote_id'];
    $quote_prefix = htmlentities($row['quote_prefix']);
@ -57,25 +65,25 @@ if (isset($_GET['quote_id'])) {
        $company_logo_base64 = base64_encode(file_get_contents("uploads/settings/$company_id/$company_logo"));
    }

-    $sql_history = mysqli_query($mysqli,"SELECT * FROM history WHERE history_quote_id = $quote_id ORDER BY history_id DESC");
+    $sql_history = mysqli_query($mysqli, "SELECT * FROM history WHERE history_quote_id = $quote_id ORDER BY history_id DESC");

    //Set Badge color based off of quote status
    if ($quote_status == "Sent") {
        $quote_badge_color = "warning text-white";
-    }elseif ($quote_status == "Viewed") {
+    } elseif ($quote_status == "Viewed") {
        $quote_badge_color = "primary";
-    }elseif ($quote_status == "Accepted") {
+    } elseif ($quote_status == "Accepted") {
        $quote_badge_color = "success";
-    }elseif ($quote_status == "Declined") {
+    } elseif ($quote_status == "Declined") {
        $quote_badge_color = "danger";
-    }elseif ($quote_status == "Invoiced") {
+    } elseif ($quote_status == "Invoiced") {
        $quote_badge_color = "info";
-    }else{
+    } else {
        $quote_badge_color = "secondary";
    }

    //Product autocomplete
-    $products_sql = mysqli_query($mysqli,"SELECT product_name AS label, product_description AS description, product_price AS price FROM products WHERE company_id = $session_company_id");
+    $products_sql = mysqli_query($mysqli, "SELECT product_name AS label, product_description AS description, product_price AS price FROM products WHERE company_id = $session_company_id");

    if (mysqli_num_rows($products_sql) > 0) {
        while ($row = mysqli_fetch_array($products_sql)) {
@ -194,7 +202,7 @@ if (isset($_GET['quote_id'])) {
                </div>
            </div>

-            <?php $sql_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); ?>
+            <?php $sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC"); ?>

            <div class="row mb-4">
                <div class="col-md-12">
@ -235,8 +243,10 @@ if (isset($_GET['quote_id'])) {

                                    <tr>
                                        <td class="text-center d-print-none">
-                                            <a class="text-secondary" href="#" data-toggle="modal" data-target="#editItemModal<?php echo $item_id; ?>"><i class="fa fa-fw fa-edit"></i></a>
-                                            <a class="text-danger" href="post.php?delete_quote_item=<?php echo $item_id; ?>"><i class="fa fa-fw fa-trash-alt"></i></a>
+                                            <?php if ($quote_status !== "Invoiced" && $quote_status !== "Accepted" && $quote_status !== "Declined") { ?>
+                                                <a class="text-secondary" href="#" data-toggle="modal" data-target="#editItemModal<?php echo $item_id; ?>"><i class="fa fa-fw fa-edit"></i></a>
+                                                <a class="text-danger" href="post.php?delete_quote_item=<?php echo $item_id; ?>"><i class="fa fa-fw fa-trash-alt"></i></a>
+                                            <?php } ?>
                                        </td>
                                        <td><?php echo $item_name; ?></td>
                                        <td><div style="white-space:pre-line"><?php echo $item_description; ?></div></td>
@ -248,13 +258,15 @@ if (isset($_GET['quote_id'])) {

                                    <?php

-                                    include("item_edit_modal.php");
+                                    if ($quote_status !== "Invoiced" && $quote_status !== "Accepted" && $quote_status !== "Declined") {
+                                        require("item_edit_modal.php");
+                                    }

                                }

                                ?>

-                                <tr class="d-print-none">
+                                <tr class="d-print-none" <?php if ($quote_status == "Invoiced" || $quote_status == "Accepted" || $quote_status == "Declined") { echo "hidden"; } ?>>
                                    <form action="post.php" method="post" autocomplete="off">
                                        <input type="hidden" name="quote_id" value="<?php echo $quote_id; ?>">
                                        <td></td>
@ -267,7 +279,7 @@ if (isset($_GET['quote_id'])) {
                                                <option value="0">None</option>
                                                <?php

-                                                $taxes_sql = mysqli_query($mysqli,"SELECT * FROM taxes WHERE company_id = $session_company_id ORDER BY tax_name ASC");
+                                                $taxes_sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE company_id = $session_company_id ORDER BY tax_name ASC");
                                                while ($row = mysqli_fetch_array($taxes_sql)) {
                                                    $tax_id = $row['tax_id'];
                                                    $tax_name = htmlentities($row['tax_name']);
@ -556,7 +568,7 @@ require_once("footer.php");
                        $total_tax = 0;
                        $sub_total = 0;

-                        $sql_invoice_items = mysqli_query($mysqli,"SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC");
+                        $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_id ASC");

                        while ($row = mysqli_fetch_array($sql_invoice_items)) {
                        $item_name = $row['item_name'];
--- a/setup.php
+++ b/setup.php
@ -992,7 +992,7 @@ if (isset($_POST['add_company_settings'])) {
    mysqli_query($mysqli,"INSERT INTO user_companies SET user_id = $user_id, company_id = $company_id");

    $latest_database_version = LATEST_DATABASE_VERSION;
-    mysqli_query($mysqli,"INSERT INTO settings SET company_id = $company_id, config_current_database_version = '$latest_database_version',  config_invoice_prefix = 'INV-', config_invoice_next_number = 1, config_recurring_prefix = 'REC-', config_recurring_next_number = 1, config_invoice_overdue_reminders = '1,3,7', config_quote_prefix = 'QUO-', config_quote_next_number = 1, config_recurring_auto_send_invoice = 1, config_default_net_terms = 30, config_send_invoice_reminders = 1, config_enable_cron = 0, config_ticket_next_number = 1");
+    mysqli_query($mysqli,"INSERT INTO settings SET company_id = $company_id, config_current_database_version = '$latest_database_version',  config_invoice_prefix = 'INV-', config_invoice_next_number = 1, config_recurring_prefix = 'REC-', config_recurring_next_number = 1, config_invoice_overdue_reminders = '1,3,7', config_quote_prefix = 'QUO-', config_quote_next_number = 1, config_recurring_auto_send_invoice = 1, config_default_net_terms = 30, config_send_invoice_reminders = 1, config_enable_cron = 0, config_ticket_next_number = 1, config_ticket_prefix = 'TCK-'");

    //Create Some Data