AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added Adavnced Filter to customers and expenses, removed some text-mono, ui updates to ticket details, added quick links to reports under dashboard

Browse Source
This commit is contained in:
johnny@pittpc.com
2019-12-04 20:58:16 -05:00
parent 2cab7463d3
commit a28d1d6e57
11 changed files with 354 additions and 236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
post.php
View File

@@ -15,8 +15,8 @@ use PHPMailer\PHPMailer\Exception;
if(isset($_POST['add_user'])){
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$password = md5($_POST['password']);
$client_id = intval($_POST['client']);
@@ -53,8 +53,8 @@ if(isset($_POST['add_user'])){
if(isset($_POST['edit_user'])){
$user_id = intval($_POST['user_id']);
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$current_password_hash = $_POST['current_password_hash'];
$password = $_POST['password'];
if($current_password_hash == $password){
@@ -87,14 +87,14 @@ if(isset($_POST['edit_user'])){
if(isset($_POST['add_company'])){
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$address = strip_tags(mysqli_real_escape_string($mysqli,$_POST['address']));
$city = strip_tags(mysqli_real_escape_string($mysqli,$_POST['city']));
$state = strip_tags(mysqli_real_escape_string($mysqli,$_POST['state']));
$zip = strip_tags(mysqli_real_escape_string($mysqli,$_POST['zip']));
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$address = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['address'])));
$city = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['city'])));
$state = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['state'])));
$zip = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['zip'])));
$phone = strip_tags(mysqli_real_escape_string($mysqli,$_POST['phone']));
$phone = preg_replace("/[^0-9]/", '',$phone);
$site = strip_tags(mysqli_real_escape_string($mysqli,$_POST['site']));
$site = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['site'])));
mysqli_query($mysqli,"INSERT INTO companies SET company_name = '$name', company_created_at = NOW()");