From 7759f54260a31fce05ae7faeba0de2be4827306a Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 28 Dec 2023 19:52:24 -0500 Subject: [PATCH 1/7] renamed settings alerts to notifications and reworked the notification UI to allow for future growth --- post/setting.php | 12 ++-- settings_alerts.php | 57 ------------------ settings_notifications.php | 115 +++++++++++++++++++++++++++++++++++++ settings_side_nav.php | 6 +- settings_ticket.php | 8 --- 5 files changed, 124 insertions(+), 74 deletions(-) delete mode 100644 settings_alerts.php create mode 100644 settings_notifications.php diff --git a/post/setting.php b/post/setting.php index ba463f46..ebcca87f 100644 --- a/post/setting.php +++ b/post/setting.php @@ -252,12 +252,11 @@ if (isset($_POST['edit_ticket_settings'])) { $config_ticket_prefix = sanitizeInput($_POST['config_ticket_prefix']); $config_ticket_next_number = intval($_POST['config_ticket_next_number']); $config_ticket_email_parse = intval($_POST['config_ticket_email_parse']); - $config_ticket_client_general_notifications = intval($_POST['config_ticket_client_general_notifications']); $config_ticket_autoclose = intval($_POST['config_ticket_autoclose']); $config_ticket_autoclose_hours = intval($_POST['config_ticket_autoclose_hours']); $config_ticket_new_ticket_notification_email = sanitizeInput($_POST['config_ticket_new_ticket_notification_email']); - mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name', config_ticket_email_parse = '$config_ticket_email_parse', config_ticket_client_general_notifications = $config_ticket_client_general_notifications , config_ticket_autoclose = $config_ticket_autoclose, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email' WHERE company_id = 1"); + mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name', config_ticket_email_parse = '$config_ticket_email_parse', config_ticket_autoclose = $config_ticket_autoclose, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified ticket settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); @@ -311,7 +310,7 @@ if (isset($_POST['edit_theme_settings'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } -if (isset($_POST['edit_alert_settings'])) { +if (isset($_POST['edit_notification_settings'])) { validateCSRFToken($_POST['csrf_token']); validateAdminRole(); @@ -320,13 +319,14 @@ if (isset($_POST['edit_alert_settings'])) { $config_cron_key = sanitizeInput($_POST['config_cron_key']); $config_enable_alert_domain_expire = intval($_POST['config_enable_alert_domain_expire']); $config_send_invoice_reminders = intval($_POST['config_send_invoice_reminders']); + $config_ticket_client_general_notifications = intval($_POST['config_ticket_client_general_notifications']); - mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire WHERE company_id = 1"); + mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire, config_ticket_client_general_notifications = $config_ticket_client_general_notifications WHERE company_id = 1"); //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified alert settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified notification settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); - $_SESSION['alert_message'] = "Alert Settings updated"; + $_SESSION['alert_message'] = "Notification Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); diff --git a/settings_alerts.php b/settings_alerts.php deleted file mode 100644 index 7386d694..00000000 --- a/settings_alerts.php +++ /dev/null @@ -1,57 +0,0 @@ - - -
-
-

Alerts

-
-
-
- - -
-
- value="1" id="enableCronSwitch"> - -
-
- -
- -
-
- -
- -
- Generate -
-
-
- -
-
- value="1" id="alertDomainExpireSwitch"> - -
-
- -
-
- value="1" id="sendInvoiceRemindersSwitch"> - -
-
- -
- - - -
-
-
- - + +
+
+

Notifications

+
+
+
+ + + + + + + + +
+
+ value="1" id="enableCronSwitch"> + +
+
+ +
+ +
+
+ +
+ +
+ Generate +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NotificationApp NotifyTech Email NotifyClient Email NotifyCreate Ticket
+
Domain Expiration Notice
+ + (This setting triggers a notification when a domain is approaching its expiration date, specifically at 1, 7, 14, 30, 90, and 120 days prior to expiry.) + + 		+
+ value="1"> + +
+
+
Invoice Reminders
+ + (This will automatically dispatch a reminder email for the invoice to the primary contact's email every 30 days following the invoice's due date.) + + 		+ + +
+ value="1" id="sendInvoiceRemindersSwitch"> + +
+
+
Send clients general notification emails
+ (Should clients receive automatic emails when tickets are raised/closed?) + 		+
+ value="1" id="ticketNotificationSwitch"> + +
+
+ +
+ + + +
+
+
+ +
  • - " - href="settings_alerts.php"> + " + href="settings_notifications.php"> -

    Alerts

    +

    Notifications
    • diff --git a/settings_ticket.php b/settings_ticket.php index 5f35f289..ad699b67 100644 --- a/settings_ticket.php +++ b/settings_ticket.php @@ -10,7 +10,6 @@ require_once "inc_all_settings.php";
    -
    @@ -40,13 +39,6 @@ require_once "inc_all_settings.php";
    -
    -
    - value="1" id="ticketNotificationSwitch"> - -
    -
    -
    value="1" id="ticketAutoCloseSwitch"> From bcd0eb69a151e245ec38c2fe8af78b8e1ece663a Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 28 Dec 2023 20:03:08 -0500 Subject: [PATCH 2/7] Send Telemetry if is greater than 0 --- cron.php | 2 +- post/setting.php | 259 +------------------------------------ settings_notifications.php | 2 - settings_telemetry.php | 8 -- 4 files changed, 2 insertions(+), 269 deletions(-) diff --git a/cron.php b/cron.php index 32133597..662aec14 100644 --- a/cron.php +++ b/cron.php @@ -720,7 +720,7 @@ while ($row = mysqli_fetch_array($sql_recurring_expenses)) { // TELEMETRY -if ($config_telemetry == 1) { +if ($config_telemetry > 0) { $current_version = exec("git rev-parse HEAD"); diff --git a/post/setting.php b/post/setting.php index ebcca87f..d1296cef 100644 --- a/post/setting.php +++ b/post/setting.php @@ -461,263 +461,6 @@ if (isset($_GET['send_failed_mail'])) { } -if (isset($_POST['send_telemetry_data'])) { - - validateAdminRole(); - - $comments = sanitizeInput($_POST['comments']); - - $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); - $row = mysqli_fetch_array($sql); - - $company_name = sanitizeInput($row['company_name']); - $city = sanitizeInput($row['company_city']); - $state = sanitizeInput($row['company_state']); - $country = sanitizeInput($row['company_country']); - $currency = sanitizeInput($row['company_currency']); - $current_version = exec("git rev-parse HEAD"); - - // Client Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('client_id') AS num FROM clients")); - $client_count = $row['num']; - - // Ticket Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM tickets")); - $ticket_count = $row['num']; - - // Calendar Event Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events")); - $calendar_event_count = $row['num']; - - // Quote Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes")); - $quote_count = $row['num']; - - // Invoice Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices")); - $invoice_count = $row['num']; - - // Revenue Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('revenue_id') AS num FROM revenues")); - $revenue_count = $row['num']; - - // Recurring Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring")); - $recurring_count = $row['num']; - - // Account Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('account_id') AS num FROM accounts")); - $account_count = $row['num']; - - // Tax Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tax_id') AS num FROM taxes")); - $tax_count = $row['num']; - - // Product Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('product_id') AS num FROM products")); - $product_count = $row['num']; - - // Payment Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0")); - $payment_count = $row['num']; - - // Company Vendor Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0")); - $company_vendor_count = $row['num']; - - // Expense Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0")); - $expense_count = $row['num']; - - // Trip Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips")); - $trip_count = $row['num']; - - // Transfer Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('transfer_id') AS num FROM transfers")); - $transfer_count = $row['num']; - - // Contact Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts")); - $contact_count = $row['num']; - - // Location Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations")); - $location_count = $row['num']; - - // Asset Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets")); - $asset_count = $row['num']; - - // Software Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0")); - $software_count = $row['num']; - - // Software Template Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1")); - $software_template_count = $row['num']; - - // Password Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins")); - $password_count = $row['num']; - - // Network Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks")); - $network_count = $row['num']; - - // Certificate Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates")); - $certificate_count = $row['num']; - - // Domain Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains")); - $domain_count = $row['num']; - - // Service Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services")); - $service_count = $row['num']; - - // Client Vendor Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0")); - $client_vendor_count = $row['num']; - - // Vendor Template Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1")); - $vendor_template_count = $row['num']; - - // File Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files")); - $file_count = $row['num']; - - // Document Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0")); - $document_count = $row['num']; - - // Document Template Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1")); - $document_template_count = $row['num']; - - // Shared Item Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items")); - $shared_item_count = $row['num']; - - // Company Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies")); - $company_count = $row['num']; - - // User Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('user_id') AS num FROM users")); - $user_count = $row['num']; - - // Category Expense Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'")); - $category_expense_count = $row['num']; - - // Category Income Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'")); - $category_income_count = $row['num']; - - // Category Referral Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'")); - $category_referral_count = $row['num']; - - // Category Payment Method Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'")); - $category_payment_method_count = $row['num']; - - // Tag Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tag_id') AS num FROM tags")); - $tag_count = $row['num']; - - // API Key Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('api_key_id') AS num FROM api_keys")); - $api_key_count = $row['num']; - - // Log Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('log_id') AS num FROM logs")); - $log_count = $row['num']; - - $postdata = http_build_query( - array( - 'installation_id' => "$installation_id", - 'version' => "$current_version", - 'company_name' => "$company_name", - 'city' => "$city", - 'state' => "$state", - 'country' => "$country", - 'currency' => "$currency", - 'comments' => "$comments", - 'client_count' => $client_count, - 'ticket_count' => $ticket_count, - 'calendar_event_count' => $calendar_event_count, - 'quote_count' => $quote_count, - 'invoice_count' => $invoice_count, - 'revenue_count' => $revenue_count, - 'recurring_count' => $recurring_count, - 'account_count' => $account_count, - 'tax_count' => $tax_count, - 'product_count' => $product_count, - 'payment_count' => $payment_count, - 'company_vendor_count' => $company_vendor_count, - 'expense_count' => $expense_count, - 'trip_count' => $trip_count, - 'transfer_count' => $transfer_count, - 'contact_count' => $contact_count, - 'location_count' => $location_count, - 'asset_count' => $asset_count, - 'software_count' => $software_count, - 'software_template_count' => $software_template_count, - 'password_count' => $password_count, - 'network_count' => $network_count, - 'certificate_count' => $certificate_count, - 'domain_count' => $domain_count, - 'service_count' => $service_count, - 'client_vendor_count' => $client_vendor_count, - 'vendor_template_count' => $vendor_template_count, - 'file_count' => $file_count, - 'document_count' => $document_count, - 'document_template_count' => $document_template_count, - 'shared_item_count' => $shared_item_count, - 'company_count' => $company_count, - 'user_count' => $user_count, - 'category_expense_count' => $category_expense_count, - 'category_income_count' => $category_income_count, - 'category_referral_count' => $category_referral_count, - 'category_payment_method_count' => $category_payment_method_count, - 'tag_count' => $tag_count, - 'api_key_count' => $api_key_count, - 'log_count' => $log_count, - 'config_theme' => "$config_theme", - 'config_enable_cron' => $config_enable_cron, - 'config_ticket_email_parse' => $config_ticket_email_parse, - 'config_module_enable_itdoc' => $config_module_enable_itdoc, - 'config_module_enable_ticketing' => $config_module_enable_ticketing, - 'config_module_enable_accounting' => $config_module_enable_accounting, - 'collection_method' => 2 - ) - ); - - $opts = array('http' => - array( - 'method' => 'POST', - 'header' => 'Content-type: application/x-www-form-urlencoded', - 'content' => $postdata - ) - ); - - $context = stream_context_create($opts); - - $result = file_get_contents('https://telemetry.itflow.org', false, $context); - - // Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Telemetry', log_action = 'Sent', log_description = '$session_name manually sent telemetry results to the ITFlow Developers', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); - - $_SESSION['alert_message'] = "Telemetry data sent to the ITFlow developers"; - - header("Location: " . $_SERVER["HTTP_REFERER"]); - -} - if (isset($_GET['download_database'])) { validateCSRFToken($_GET['csrf_token']); @@ -846,7 +589,7 @@ if (isset($_GET['update'])) { // Send Telemetry if enabled during update - if ($config_telemetry == 1) { + if ($config_telemetry > 0) { $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); $row = mysqli_fetch_array($sql); diff --git a/settings_notifications.php b/settings_notifications.php index 5a0555f5..d110703f 100644 --- a/settings_notifications.php +++ b/settings_notifications.php @@ -16,8 +16,6 @@ require_once "inc_all_settings.php"; - -
    value="1" id="enableCronSwitch"> diff --git a/settings_telemetry.php b/settings_telemetry.php index 8c50f216..a27aca3f 100644 --- a/settings_telemetry.php +++ b/settings_telemetry.php @@ -29,16 +29,8 @@ require_once "inc_all_settings.php"; We respect your privacy. Click here for additional details regarding the information we gather.
    -
    - - -
    -
    - 0) { ?> - - From 456545fb62e704b7e63b802532c3c019a3ef2f91 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 28 Dec 2023 20:23:28 -0500 Subject: [PATCH 3/7] Settings Formating --- settings_backup.php | 44 ++++++------- settings_integrations.php | 70 ++++++++++----------- settings_modules.php | 84 ++++++++++++------------- settings_online_payment.php | 120 ++++++++++++++++++------------------ settings_security.php | 72 +++++++++++----------- 5 files changed, 195 insertions(+), 195 deletions(-) diff --git a/settings_backup.php b/settings_backup.php index 89434e7b..7c42002b 100644 --- a/settings_backup.php +++ b/settings_backup.php @@ -2,35 +2,35 @@ require_once "inc_all_settings.php"; ?> -
    -
    -

    Download Database

    -
    -
    -

    Download     -
    +
    +
    +

    Download Database

    +
    +

    Download     +
    +
    -
    -
    -

    Backup Master Encryption Key

    -
    +
    +
    +

    Backup Master Encryption Key

    +
    +
    -
    -
    - -
    -
    -
    - -
    - + + +
    +
    +
    +
    +
    - -
    +
    +
    +
    -
    -
    -

    Integration Settings

    -
    -
    -
    - - -

    Client Portal SSO via Microsoft Azure AD

    -
    - -
    -
    - -
    - -
    -
    - -
    - -
    -
    - -
    - -
    -
    - -
    - - - -
    -
    +
    +
    +

    Integration Settings

    +
    +
    + + +

    Client Portal SSO via Microsoft Azure AD

    +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + + + +
    +
    +
    -
    -
    -

    Modules

    -
    -
    -
    - - -
    -
    - value="1" id="customSwitch1"> - -
    -
    - -
    -
    - value="1" id="customSwitch2"> - -
    -
    - -
    -
    - value="1" id="customSwitch3"> - -
    -
    - -
    -
    - value="1" id="customSwitch4"> - -
    -
    - -
    - - - -
    -
    +
    +
    +

    Modules

    +
    +
    + + +
    +
    + value="1" id="customSwitch1"> + +
    +
    + +
    +
    + value="1" id="customSwitch2"> + +
    +
    + +
    +
    + value="1" id="customSwitch3"> + +
    +
    + +
    +
    + value="1" id="customSwitch4"> + +
    +
    + +
    + + + +
    +
    +
    -
    -
    -

    Online Payment

    -
    -
    -
    - - +
    +
    +

    Online Payment

    +
    +
    + + + + +
    +
    + value="1" id="enableStripeSwitch"> + +
    +
    + +
    -
    - value="1" id="enableStripeSwitch"> - + +
    +
    + +
    +
    - - -
    - -
    -
    - -
    - +
    + +
    +
    +
    +
    +
    -
    - -
    -
    - -
    - +
    + +
    +
    +
    -
    - -
    - -
    -
    - -
    - -
    -
    -
    - -
    - value="1" id="clientPaysFeesSwitch"> - + + + +
    +
    +
    + +
    + value="1" id="clientPaysFeesSwitch"> + +
    - + -
    +
    - + - -
    +
    +
    -
    -
    -

    Security

    -
    -
    -
    - - -
    - - -
    - -
    -
    - value="1" id="customSwitch1"> - -
    -
    - -
    - -
    -
    - -
    - -
    -
    - -
    - - - -
    -
    +
    +
    +

    Security

    +
    +
    + + +
    + + +
    + +
    +
    + value="1" id="customSwitch1"> + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + + + +
    +
    +
    Date: Thu, 28 Dec 2023 20:45:28 -0500 Subject: [PATCH 4/7] User Profile UI Spruce up / Cleanup --- dashboard.php | 12 +++++++++++- user_profile.php | 30 ++++++++++++++---------------- 2 files changed, 25 insertions(+), 17 deletions(-) diff --git a/dashboard.php b/dashboard.php index 7adfbedd..38957989 100644 --- a/dashboard.php +++ b/dashboard.php @@ -573,6 +573,16 @@ $sql_tickets = mysqli_fetch_assoc(mysqli_query( )); $active_tickets = $sql_tickets['active_tickets']; +// Your Ticket count +$sql_your_tickets = mysqli_fetch_assoc(mysqli_query( + $mysqli, + "SELECT COUNT('ticket_id') AS your_tickets + FROM tickets + WHERE ticket_status != 'Closed' + AND ticket_assigned_to = $session_user_id" +)); +$your_tickets = $sql_your_tickets['your_tickets']; + // Expiring domains (but not ones that have already expired) $sql_domains_expiring = mysqli_fetch_assoc(mysqli_query( $mysqli, @@ -693,7 +703,7 @@ $sql_your_tickets = mysqli_query(
    - +
    diff --git a/user_profile.php b/user_profile.php index 9352cd2c..46a21994 100644 --- a/user_profile.php +++ b/user_profile.php @@ -15,7 +15,7 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs ?>
    -
    +

    Your User Details

    @@ -147,12 +147,13 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs
    -
    +
    +
    -
    +

    Your Recent Sign ins

    - +
    - - - + + + + @@ -178,16 +180,14 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs ">See More... - -
    -
    +

    Your Recent Activity

    -
    $log_user_os
    $log_user_browser
    $log_ip"; ?>
    +
    - - + + + Date: Thu, 28 Dec 2023 22:14:45 -0500 Subject: [PATCH 5/7] When Archiving a contact remove Important, Billing and Technical Roles along with Blanking out Auth and Hashed Password --- post/contact.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/post/contact.php b/post/contact.php index 473a68d4..2a730981 100644 --- a/post/contact.php +++ b/post/contact.php @@ -203,6 +203,9 @@ if (isset($_GET['anonymize_contact'])) { mysqli_query($mysqli,"UPDATE contacts SET contact_password_hash = '' WHERE contact_id = $contact_id"); mysqli_query($mysqli,"UPDATE contacts SET contact_location_id = '0' WHERE contact_id = $contact_id"); + // Remove Billing, Technical, Important Roles + mysqli_query($mysqli,"UPDATE contacts SET contact_important = 0, contact_billing = 0, contact_technical = 0 WHERE contact_id = $contact_id"); + // Redact audit logs $log_sql = mysqli_query($mysqli, "SELECT * FROM logs WHERE log_client_id = $client_id"); while ($log = mysqli_fetch_array($log_sql)) { @@ -271,7 +274,7 @@ if (isset($_GET['archive_contact'])) { $contact_name = sanitizeInput($row['contact_name']); $client_id = intval($row['contact_client_id']); - mysqli_query($mysqli,"UPDATE contacts SET contact_archived_at = NOW() WHERE contact_id = $contact_id"); + mysqli_query($mysqli,"UPDATE contacts SET contact_important = 0, contact_billing = 0, contact_technical = 0, contact_auth_method = '', contact_password_hash = '', contact_archived_at = NOW() WHERE contact_id = $contact_id"); //logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Archive', log_description = '$session_name archived contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id"); From c4e4dc3a44290814c557a0a9eae347d596c230fb Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 28 Dec 2023 22:18:39 -0500 Subject: [PATCH 6/7] Do not allow archived client contacts client portal login access --- portal/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/portal/login.php b/portal/login.php index 9d012428..e018aba0 100644 --- a/portal/login.php +++ b/portal/login.php @@ -50,7 +50,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $_SESSION['login_message'] = 'Invalid e-mail'; } else { - $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' LIMIT 1"); + $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_archived_at IS NULL LIMIT 1"); $row = mysqli_fetch_array($sql); if ($row['contact_auth_method'] == 'local') { if (password_verify($password, $row['contact_password_hash'])) { From b2dc9a123cd60c60ce36f1b026fe67a40748c04c Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 28 Dec 2023 22:25:57 -0500 Subject: [PATCH 7/7] Do not allow archived client contacts to reset their passwords --- portal/login_reset.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/portal/login_reset.php b/portal/login_reset.php index 604afcbb..702c83dd 100644 --- a/portal/login_reset.php +++ b/portal/login_reset.php @@ -53,7 +53,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $email = sanitizeInput($_POST['email']); - $sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_client_id FROM contacts WHERE contact_email = '$email' AND contact_auth_method = 'local' LIMIT 1"); + $sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_client_id FROM contacts WHERE contact_email = '$email' AND contact_auth_method = 'local' AND contact_archived_at IS NULL LIMIT 1"); $row = mysqli_fetch_assoc($sql); $id = intval($row['contact_id']); @@ -110,7 +110,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $client = intval($_POST['client']); // Query user - $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_password_reset_token = '$token' AND contact_client_id = $client AND contact_auth_method = 'local' LIMIT 1"); + $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_password_reset_token = '$token' AND contact_client_id = $client AND contact_auth_method = 'local' AND contact_archived_at IS NULL LIMIT 1"); $contact_row = mysqli_fetch_array($sql); $contact_id = intval($contact_row['contact_id']); $name = sanitizeInput($contact_row['contact_name']);
    -
    - -