mirror of
https://github.com/itflow-org/itflow
synced 2026-03-21 21:15:38 +00:00
Update the remaining logic to take advantage of the moved contact_primary and contact_location fields
This commit is contained in:
johnnyq
@@ -50,6 +50,7 @@ $session_contact_initials = initials($session_contact_name);
|
||||
$session_contact_title = sanitizeInput($contact['contact_title']);
|
||||
$session_contact_email = sanitizeInput($contact['contact_email']);
|
||||
$session_contact_photo = sanitizeInput($contact['contact_photo']);
|
||||
$session_contact_primary = intval($client['contact_primary']);
|
||||
|
||||
$session_contact_is_technical_contact = false;
|
||||
$session_contact_is_billing_contact = false;
|
||||
@@ -60,11 +61,8 @@ if ($contact['contact_billing'] == 1) {
|
||||
$session_contact_is_billing_contact = true;
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Get client info
|
||||
$client_sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = $session_client_id");
|
||||
$client = mysqli_fetch_array($client_sql);
|
||||
|
||||
$session_client_name = $client['client_name'];
|
||||
$session_client_primary_contact_id = intval($client['primary_contact']);
|
||||
|
||||
@@ -8,7 +8,7 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
||||
|
||||
require_once("inc_portal.php");
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_technical_contact) {
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
||||
|
||||
require_once("inc_portal.php");
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_technical_contact) {
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
||||
|
||||
require_once("inc_portal.php");
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_billing_contact) {
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state)
|
||||
{
|
||||
|
||||
// Access the global variables
|
||||
global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_contact_is_technical_contact, $session_client_id;
|
||||
global $mysqli, $session_contact_id, $session_contact_primary, $session_contact_is_technical_contact, $session_client_id;
|
||||
|
||||
// Setup
|
||||
if ($expected_ticket_state == "Closed") {
|
||||
@@ -27,7 +27,7 @@ function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state)
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$ticket_id = $row['ticket_id'];
|
||||
|
||||
if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact)) {
|
||||
if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_primary == 1 || $session_contact_is_technical_contact)) {
|
||||
// Client is ticket owner, primary contact, or a technical contact
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -45,7 +45,7 @@ header("X-Frame-Options: DENY"); // Legacy
|
||||
<li class="nav-item">
|
||||
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "tickets.php" || basename($_SERVER['PHP_SELF']) == "ticket_add.php" || basename($_SERVER['PHP_SELF']) == "ticket.php") {echo "active";} ?>" href="tickets.php">Tickets</a>
|
||||
</li>
|
||||
<?php if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_billing_contact) { ?>
|
||||
<?php if ($session_contact_primary == 1 || $session_contact_is_billing_contact) { ?>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "invoices.php") {echo "active";} ?>" href="invoices.php">Invoices</a>
|
||||
</li>
|
||||
@@ -53,7 +53,7 @@ header("X-Frame-Options: DENY"); // Legacy
|
||||
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "quotes.php") {echo "active";} ?>" href="quotes.php">Quotes</a>
|
||||
</li>
|
||||
<?php } ?>
|
||||
<?php if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) { ?>
|
||||
<?php if ($session_contact_primary == 1 || $session_contact_is_technical_contact) { ?>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "documents.php") {echo "active";} ?>" href="documents.php">Documents</a>
|
||||
</li>
|
||||
|
||||
@@ -15,7 +15,7 @@ require_once('inc_portal.php');
|
||||
<p>Email: <?php echo $session_contact_email ?></p>
|
||||
<p>Client: <?php echo $session_client_name ?></p>
|
||||
<br>
|
||||
<p>Client Primary Contact: <?php if ($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
<p>Client Primary Contact: <?php if ($session_contact_primary == 1) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
<p>Client Technical Contact: <?php if ($session_contact_is_technical_contact) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
<p>Client Billing Contact: <?php if ($session_contact_is_billing_contact == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.g
|
||||
|
||||
require_once("inc_portal.php");
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_billing_contact) {
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -15,7 +15,7 @@ $purifier = new HTMLPurifier($purifier_config);
|
||||
if (isset($_GET['id']) && intval($_GET['id'])) {
|
||||
$ticket_id = intval($_GET['id']);
|
||||
|
||||
if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) {
|
||||
if ($session_contact_primary == 1 || $session_contact_is_technical_contact) {
|
||||
$ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id");
|
||||
} else {
|
||||
$ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id AND ticket_contact_id = $session_contact_id");
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
|
||||
require_once('inc_portal.php');
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_technical_contact) {
|
||||
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -119,7 +119,7 @@ $total_tickets = intval($row['total_tickets']);
|
||||
|
||||
<a href="?status=%" class="btn btn-secondary btn-block p-3 mb-3 text-left">All my tickets | <strong><?php echo $total_tickets ?></strong></a>
|
||||
<?php
|
||||
if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) {
|
||||
if ($session_contact_primary == 1 || $session_contact_is_technical_contact) {
|
||||
?>
|
||||
|
||||
<hr>
|
||||
|
||||
Reference in New Issue
Block a user