AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Started Adding Detailed Assets more alert and audit logging work

This commit is contained in:
johnnyq 2022-01-01 15:26:31 -05:00
parent ff0ce6077a
commit a70105e731
5 changed files with 599 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
client_assets.php
View File

@ -41,7 +41,7 @@ $url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS *, AES_DECRYPT(login_password, '$config_aes_key') AS login_password FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));

253
client_assets_network.php Normal file
View File

@ -0,0 +1,253 @@
<?php
//Paging
if(isset($_GET['p'])){
$p = intval($_GET['p']);
$record_from = (($p)-1)*$_SESSION['records_per_page'];
$record_to = $_SESSION['records_per_page'];
}else{
$record_from = 0;
$record_to = $_SESSION['records_per_page'];
$p = 1;
}
if(isset($_GET['q'])){
$q = mysqli_real_escape_string($mysqli,$_GET['q']);
}else{
$q = "";
}
if(!empty($_GET['sb'])){
$sb = mysqli_real_escape_string($mysqli,$_GET['sb']);
}else{
$sb = "asset_name";
}
if(isset($_GET['o'])){
if($_GET['o'] == 'ASC'){
$o = "ASC";
$disp = "DESC";
}else{
$o = "DESC";
$disp = "ASC";
}
}else{
$o = "ASC";
$disp = "DESC";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS *, AES_DECRYPT(login_password, '$config_aes_key') AS login_password FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id
AND (asset_type = 'Printer' OR asset_type = 'Camera' OR asset_type = 'Phone' OR asset_type = 'Switch' OR asset_type = 'Access Point' OR asset_type = 'Firewall/Router')
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-desktop"></i> Assets</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetModal"><i class="fas fa-fw fa-plus"></i> New Asset</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="tab" value="<?php echo $_GET['tab']; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if(isset($q)){echo stripslashes($q);} ?>" placeholder="Search <?php echo ucwords($_GET['tab']); ?>">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_<?php echo $_GET['tab']; ?>_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<a href="#" class="btn btn-default"><i class="fa fa-fw fa-upload"></i> Import</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table border table-hover">
<thead class="thead-light <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_make&o=<?php echo $disp; ?>">Make/Model</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_serial&o=<?php echo $disp; ?>">Serial Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_install_date&o=<?php echo $disp; ?>">Install Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=location_name&o=<?php echo $disp; ?>">Location</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while($row = mysqli_fetch_array($sql)){
$asset_id = $row['asset_id'];
$asset_type = $row['asset_type'];
$asset_name = $row['asset_name'];
$asset_make = $row['asset_make'];
$asset_model = $row['asset_model'];
$asset_serial = $row['asset_serial'];
if(empty($asset_serial)){
$asset_serial_display = "-";
}else{
$asset_serial_display = $asset_serial;
}
$asset_os = $row['asset_os'];
if(empty($asset_os)){
$asset_os_display = "-";
}else{
$asset_os_display = $asset_os;
}
$asset_ip = $row['asset_ip'];
if(empty($asset_ip)){
$asset_ip_display = "-";
}else{
$asset_ip_display = "$asset_ip<button class='btn btn-sm' data-clipboard-text='$asset_ip'><i class='far fa-copy text-secondary'></i></button>";
}
$asset_mac = $row['asset_mac'];
$asset_purchase_date = $row['asset_purchase_date'];
$asset_warranty_expire = $row['asset_warranty_expire'];
$asset_install_date = $row['asset_install_date'];
if(empty($asset_install_date)){
$asset_install_date_display = "-";
}else{
$asset_install_date_display = $asset_install_date;
}
$asset_notes = $row['asset_notes'];
$asset_created_at = $row['asset_created_at'];
$asset_vendor_id = $row['asset_vendor_id'];
$asset_location_id = $row['asset_location_id'];
$asset_contact_id = $row['asset_contact_id'];
$asset_network_id = $row['asset_network_id'];
if($asset_type == 'Printer'){
$device_icon = "print";
}elseif($asset_type == 'Camera'){
$device_icon = "video";
}elseif($asset_type == 'Switch' or $asset_type == 'Firewall/Router'){
$device_icon = "network-wired";
}elseif($asset_type == 'Access Point'){
$device_icon = "wifi";
}elseif($asset_type == 'Phone'){
$device_icon = "phone";
}elseif($asset_type == 'Mobile Phone'){
$device_icon = "mobile-alt";
}elseif($asset_type == 'Tablet'){
$device_icon = "tablet-alt";
}elseif($asset_type == 'TV'){
$device_icon = "tv";
}elseif($asset_type == 'Virtual Machine'){
$device_icon = "cloud";
}else{
$device_icon = "tag";
}
$contact_name = $row['contact_name'];
if(empty($contact_name)){
$contact_name = "-";
}
$location_name = $row['location_name'];
if(empty($location_name)){
$location_name = "-";
}
$login_id = $row['login_id'];
$login_username = $row['login_username'];
$login_password = $row['login_password'];
?>
<tr>
<th>
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i>
<a class="text-secondary" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
<?php
if($login_id > 0){
?>
<button type="button" class="btn btn-link btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key text-dark"></i></button>
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
<div class="modal-dialog modal-sm">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i><?php echo $asset_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-user"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
</div>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
}
?>
</th>
<td><?php echo $asset_type; ?></td>
<td><?php echo "$asset_make $asset_model"; ?></td>
<td><?php echo $asset_serial_display; ?></td>
<td><?php echo $asset_install_date_display; ?></td>
<td><?php echo $location_name; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
<?php
include("edit_asset_modal.php");
}
?>
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("add_asset_modal.php"); ?>

263
client_assets_workstations.php Normal file
View File

@ -0,0 +1,263 @@
<?php
//Paging
if(isset($_GET['p'])){
$p = intval($_GET['p']);
$record_from = (($p)-1)*$_SESSION['records_per_page'];
$record_to = $_SESSION['records_per_page'];
}else{
$record_from = 0;
$record_to = $_SESSION['records_per_page'];
$p = 1;
}
if(isset($_GET['q'])){
$q = mysqli_real_escape_string($mysqli,$_GET['q']);
}else{
$q = "";
}
if(!empty($_GET['sb'])){
$sb = mysqli_real_escape_string($mysqli,$_GET['sb']);
}else{
$sb = "asset_name";
}
if(isset($_GET['o'])){
if($_GET['o'] == 'ASC'){
$o = "ASC";
$disp = "DESC";
}else{
$o = "DESC";
$disp = "ASC";
}
}else{
$o = "ASC";
$disp = "DESC";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS *, AES_DECRYPT(login_password, '$config_aes_key') AS login_password FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id
AND (asset_type = 'Laptop' OR asset_type = 'Desktop')
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-desktop"></i> Assets</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetModal"><i class="fas fa-fw fa-plus"></i> New Asset</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="tab" value="<?php echo $_GET['tab']; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if(isset($q)){echo stripslashes($q);} ?>" placeholder="Search <?php echo ucwords($_GET['tab']); ?>">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_<?php echo $_GET['tab']; ?>_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<a href="#" class="btn btn-default"><i class="fa fa-fw fa-upload"></i> Import</a>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table border table-hover">
<thead class="thead-light <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_make&o=<?php echo $disp; ?>">Make/Model</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_serial&o=<?php echo $disp; ?>">Serial Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_os&o=<?php echo $disp; ?>">Operating System</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_install_date&o=<?php echo $disp; ?>">Install Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=contact_name&o=<?php echo $disp; ?>">Contact</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=location_name&o=<?php echo $disp; ?>">Location</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while($row = mysqli_fetch_array($sql)){
$asset_id = $row['asset_id'];
$asset_type = $row['asset_type'];
$asset_name = $row['asset_name'];
$asset_make = $row['asset_make'];
$asset_model = $row['asset_model'];
$asset_serial = $row['asset_serial'];
if(empty($asset_serial)){
$asset_serial_display = "-";
}else{
$asset_serial_display = $asset_serial;
}
$asset_os = $row['asset_os'];
if(empty($asset_os)){
$asset_os_display = "-";
}else{
$asset_os_display = $asset_os;
}
$asset_ip = $row['asset_ip'];
if(empty($asset_ip)){
$asset_ip_display = "-";
}else{
$asset_ip_display = "$asset_ip<button class='btn btn-sm' data-clipboard-text='$asset_ip'><i class='far fa-copy text-secondary'></i></button>";
}
$asset_mac = $row['asset_mac'];
$asset_purchase_date = $row['asset_purchase_date'];
$asset_warranty_expire = $row['asset_warranty_expire'];
$asset_install_date = $row['asset_install_date'];
if(empty($asset_install_date)){
$asset_install_date_display = "-";
}else{
$asset_install_date_display = $asset_install_date;
}
$asset_notes = $row['asset_notes'];
$asset_created_at = $row['asset_created_at'];
$asset_vendor_id = $row['asset_vendor_id'];
$asset_location_id = $row['asset_location_id'];
$asset_contact_id = $row['asset_contact_id'];
$asset_network_id = $row['asset_network_id'];
if($asset_type == 'Laptop'){
$device_icon = "laptop";
}elseif($asset_type == 'Desktop'){
$device_icon = "desktop";
}elseif($asset_type == 'Server'){
$device_icon = "server";
}elseif($asset_type == 'Printer'){
$device_icon = "print";
}elseif($asset_type == 'Camera'){
$device_icon = "video";
}elseif($asset_type == 'Switch' or $asset_type == 'Firewall/Router'){
$device_icon = "network-wired";
}elseif($asset_type == 'Access Point'){
$device_icon = "wifi";
}elseif($asset_type == 'Phone'){
$device_icon = "phone";
}elseif($asset_type == 'Mobile Phone'){
$device_icon = "mobile-alt";
}elseif($asset_type == 'Tablet'){
$device_icon = "tablet-alt";
}elseif($asset_type == 'TV'){
$device_icon = "tv";
}elseif($asset_type == 'Virtual Machine'){
$device_icon = "cloud";
}else{
$device_icon = "tag";
}
$contact_name = $row['contact_name'];
if(empty($contact_name)){
$contact_name = "-";
}
$location_name = $row['location_name'];
if(empty($location_name)){
$location_name = "-";
}
$login_id = $row['login_id'];
$login_username = $row['login_username'];
$login_password = $row['login_password'];
?>
<tr>
<th>
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i>
<a class="text-secondary" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
<?php
if($login_id > 0){
?>
<button type="button" class="btn btn-link btn-sm" data-toggle="modal" data-target="#viewPasswordModal<?php echo $login_id; ?>"><i class="fas fa-key text-dark"></i></button>
<div class="modal" id="viewPasswordModal<?php echo $login_id; ?>" tabindex="-1">
<div class="modal-dialog modal-sm">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i><?php echo $asset_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-user"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_username; ?>" readonly>
</div>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-lock"></i></span>
</div>
<input type="text" class="form-control" value="<?php echo $login_password; ?>" readonly>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
}
?>
</th>
<td><?php echo $asset_type; ?></td>
<td><?php echo "$asset_make $asset_model"; ?></td>
<td><?php echo $asset_serial_display; ?></td>
<td><?php echo $asset_os_display; ?></td>
<td><?php echo $asset_install_date_display; ?></td>
<td><?php echo $contact_name; ?></td>
<td><?php echo $location_name; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">Edit</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
<?php
include("edit_asset_modal.php");
}
?>
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("add_asset_modal.php"); ?>

3
client_routes.php
View File

@ -10,6 +10,9 @@ if(isset($_GET['tab'])){
elseif($_GET['tab'] == "assets"){
include("client_assets.php");
}
elseif($_GET['tab'] == "workstations"){
include("client_assets_workstations.php");
}
elseif($_GET['tab'] == "tickets"){
include("client_tickets.php");
}

124
post.php
View File

@ -1097,7 +1097,6 @@ if(isset($_GET['delete_client'])){
$client_name = $row['client_name'];
//Delete Client Data
mysqli_query($mysqli,"DELETE FROM assets WHERE asset_client_id = $client_id");
mysqli_query($mysqli,"DELETE FROM certificates WHERE certificate_client_id = $client_id");
mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_client_id = $client_id");
@ -1161,7 +1160,6 @@ if(isset($_GET['delete_client'])){
removeDirectory('uploads/clients/$client_id');
//Finally Remove the Client
mysqli_query($mysqli,"DELETE FROM clients WHERE client_id = $client_id AND company_id = $session_company_id");
//Logging
@ -1282,6 +1280,7 @@ if(isset($_POST['edit_event'])){
$sql = mysqli_query($mysqli,"SELECT * FROM clients JOIN companies ON clients.company_id = companies.company_id JOIN contacts ON primary_contact = contact_id WHERE client_id = $client AND companies.company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$client_name = $row['client_name'];
$contact_name = $row['contact_name'];
$contact_email = $row['contact_email'];
$company_name = $row['company_name'];
@ -1301,7 +1300,7 @@ if(isset($_POST['edit_event'])){
//Mail Server Settings
//$mail->SMTPDebug = 2; // Enable verbose debug output
$mail->SMTPDebug = 2; // Enable verbose debug output
$mail->isSMTP(); // Set mailer to use SMTP
$mail->Host = $config_smtp_host; // Specify main and backup SMTP servers
$mail->SMTPAuth = true; // Enable SMTP authentication
@ -1326,12 +1325,12 @@ if(isset($_POST['edit_event'])){
echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
}
//Logging of email sent
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar Event', log_action = 'Emailed', log_description = 'Emailed $client_name to email $client_email - $title', log_created_at = NOW(), log_client_id = $client, company_id = $session_company_id, log_user_id = $session_user_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Email', log_description = '$session_name Emailed modified event $title to $client_name email $client_email', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Modified', log_description = '$title', log_created_at = NOW(), log_client_id = $client, company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Modify', log_description = '$session_name modified event $title in calendar', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Event modified on the calendar";
@ -1342,12 +1341,18 @@ if(isset($_POST['edit_event'])){
if(isset($_GET['delete_event'])){
$event_id = intval($_GET['delete_event']);
//Get Event Title
$sql = mysqli_query($mysqli,"SELECT * FROM events WHERE event_id = $event_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$event_title = $row['event_title'];
mysqli_query($mysqli,"DELETE FROM events WHERE event_id = $event_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Deleted', log_description = '$event_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Delete', log_description = '$session_name deleted calendar event titled $event_title', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Event deleted on the calendar";
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Event <strong>$event_title</strong> deleted on the calendar";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1378,12 +1383,11 @@ if(isset($_POST['add_vendor'])){
$vendor_id = mysqli_insert_id($mysqli);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Create', log_description = '$session_name created vendor $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor added";
$_SESSION['alert_message'] = "Vendor <strong>$name</strong> created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_POST['edit_vendor'])){
@ -1409,38 +1413,50 @@ if(isset($_POST['edit_vendor'])){
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Vendor modified";
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Modify', log_description = '$session_name modified vendor $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor <strong>$name</strong> modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['archive_vendor'])){
$vendor_id = intval($_GET['archive_vendor']);
//Get Vendor Name
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_id = $vendor_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$vendor_name = $row['vendor_name'];
mysqli_query($mysqli,"UPDATE vendors SET vendor_archived_at = NOW() WHERE vendor_id = $vendor_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Archived', log_description = '$vendor_id', log_created_at = NOW()");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Archive', log_description = '$session_name archived vendor $vendor_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor Archived!";
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Vendor <strong>$vendor_name archived";
header("Location: vendors.php");
}
if(isset($_GET['delete_vendor'])){
$vendor_id = intval($_GET['delete_vendor']);
//Get Vendor Name
$sql = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_id = $vendor_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$vendor_name = $row['vendor_name'];
mysqli_query($mysqli,"DELETE FROM vendors WHERE vendor_id = $vendor_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Deleted', log_description = '$vendor_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Delete', log_description = '$session_name deleted vendor $vendor_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Vendor deleted";
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Vendor <strong>$vendor_name</strong> deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['export_client_vendors_csv'])){
@ -1480,8 +1496,11 @@ if(isset($_GET['export_client_vendors_csv'])){
//output all remaining data on a file pointer
fpassthru($f);
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Export', log_description = '$session_name exported vendors to CSV', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
exit;
}
// Campaigns
@ -1498,14 +1517,12 @@ if(isset($_POST['add_campaign'])){
$campaign_id = mysqli_insert_id($mysqli);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Create', log_description = '$session_name created mail campaign $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Campaign created";
$_SESSION['alert_message'] = "Campaign <strong>$name</strong> created";
header("Location: campaign_details.php?campaign_id=$campaign_id");
}
if(isset($_POST['edit_campaign'])){
@ -1520,40 +1537,49 @@ if(isset($_POST['edit_campaign'])){
mysqli_query($mysqli,"UPDATE campaigns SET SET campaign_name = '$name', campaign_subject = '$subject', campaign_from_name = '$from_name', campaign_from_email = '$from_email', campaign_content = '$content', campaign_updated_at = NOW() WHERE campaign_id = $campaign_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Modify', log_description = '$session_name modified mail campaign $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Campaign modified";
$_SESSION['alert_message'] = "Campaign <strong>$name</strong> modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['archive_campaign'])){
$campaign_id = intval($_GET['archive_campaign']);
//Get Campaign Name
$sql = mysqli_query($mysqli,"SELECT * FROM campaigns WHERE campaign_id = $campaign_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$campaign_name = $row['campaign_name'];
mysqli_query($mysqli,"UPDATE campaigns SET campaign_archived_at = NOW() WHERE campaign_id = $campaign_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Archived', log_description = '$campaign_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Archive', log_description = '$session_name archived mail campaign $campaign_name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Campaign Archived!";
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Campaign <strong>$campaign_name</strong> archived";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['delete_campaign'])){
$campaign_id = intval($_GET['delete_campaign']);
//Get Campaign Name
$sql = mysqli_query($mysqli,"SELECT * FROM campaigns WHERE campaign_id = $campaign_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$campaign_name = $row['campaign_name'];
mysqli_query($mysqli,"DELETE FROM campaigns WHERE campaign_id = $campaign_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Deleted', log_description = '$campaign_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Campaign', log_action = 'Delete', log_description = '$session_name deleted mail campaign $campaign_name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Campaign deleted";
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Campaign <strong>$campaign_name</strong> deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['send_campaign'])){
@ -1619,7 +1645,6 @@ if(isset($_GET['send_campaign'])){
}
// Products
if(isset($_POST['add_product'])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
@ -1630,10 +1655,10 @@ if(isset($_POST['add_product'])){
mysqli_query($mysqli,"INSERT INTO products SET product_name = '$name', product_description = '$description', product_cost = '$cost', product_currency_code = '$config_default_currency', product_created_at = NOW(), product_tax_id = $tax, product_category_id = $category, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Create', log_description = '$session_name created product $name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Product added";
$_SESSION['alert_message'] = "Product <strong>$name</strong> created";
header("Location: products.php");
@ -1653,7 +1678,10 @@ if(isset($_POST['edit_product'])){
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Product modified";
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Modify', log_description = '$session_name modifyed product $name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Product <strong>$name</strong> modified";
header("Location: products.php");
@ -1662,12 +1690,18 @@ if(isset($_POST['edit_product'])){
if(isset($_GET['delete_product'])){
$product_id = intval($_GET['delete_product']);
//Get Product Name
$sql = mysqli_query($mysqli,"SELECT * FROM products WHERE product_id = $product_id AND company_id = $session_company_id");
$row = mysqli_fetch_array($sql);
$product_name = $row['product_name'];
mysqli_query($mysqli,"DELETE FROM products WHERE product_id = $product_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Deleted', log_description = '$product_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Delete', log_description = '$session_name deleted product $name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Product deleted";
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Product <strong>$product_name</strong> deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1685,8 +1719,8 @@ if(isset($_POST['add_trip'])){
mysqli_query($mysqli,"INSERT INTO trips SET trip_date = '$date', trip_source = '$source', trip_destination = '$destination', trip_miles = $miles, round_trip = $roundtrip, trip_purpose = '$purpose', trip_created_at = NOW(), trip_client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Created', log_description = '$date', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Create', log_description = '$session_name logged trip to $destination', log_created_at = NOW(), log_client_id = $client_id, company_id = $session_company_id, log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Trip added";