AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

General cleanup/tidying

This commit is contained in:
Marcus Hill 2023-02-09 11:32:40 +00:00
parent 9e549adb7e
commit b36719eb99
22 changed files with 1222 additions and 1244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/v1/contacts/create.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
require_once('contact_model.php');
// Default
$insert_id = FALSE;
$insert_id = false;
if (!empty($name) && !empty($email) && !empty($client_id)) {

2
api/v1/contacts/delete.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$delete_count = FALSE;
$delete_count = false;
if (!empty($contact_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));

2
api/v1/contacts/update.php
View File

@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$update_count = FALSE;
$update_count = false;
if (!empty($contact_id)) {

2
api/v1/validate_api_key.php
View File

@ -7,7 +7,7 @@
*/
// Includes
require_once( __DIR__ . '../../../functions.php');
require_once(__DIR__ . '../../../functions.php');
require_once(__DIR__ . "../../../config.php");
// JSON header

2
base32static.php
View File

@ -87,7 +87,7 @@ class Base32Static {
$eightBits = str_split($x, 8);
for ($z = 0; $z < count($eightBits); $z++) {
$binaryString .= ( ($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48 ) ? $y:"";
$binaryString .= (($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48) ? $y:"";
}
}

2
client_contact_details.php
View File

@ -29,7 +29,7 @@ if (isset($_GET['contact_id'])) {
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);

2
client_contacts.php
View File

@ -133,7 +133,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);

279
client_invoices.php
View File

@ -1,167 +1,168 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{
$sb = "invoice_number";
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
} else {
$sb = "invoice_number";
}
// Reverse default sort
if (!isset($_GET['o'])) {
$o = "DESC";
$disp = "ASC";
$o = "DESC";
$disp = "ASC";
}
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button>
</div>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
if (empty($invoice_scope)) {
$invoice_scope_display = "-";
}else{
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
<div class="col-md-8">
<div class="float-right">
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
</div>
</div>
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time() ) {
$overdue_color = "text-danger font-weight-bold";
}else{
$overdue_color = "";
}
//Set Badge color based off of invoice status
if ($invoice_status == "Sent") {
$invoice_badge_color = "warning";
}elseif ($invoice_status == "Viewed") {
$invoice_badge_color = "info";
}elseif ($invoice_status == "Partial") {
$invoice_badge_color = "primary";
}elseif ($invoice_status == "Paid") {
$invoice_badge_color = "success";
}elseif ($invoice_status == "Cancelled") {
$invoice_badge_color = "danger";
}else{
$invoice_badge_color = "secondary";
}
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
<?php echo $invoice_status; ?>
</span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
</form>
<hr>
<div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
<?php
include("invoice_copy_modal.php");
include("invoice_edit_modal.php");
}
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
if (empty($invoice_scope)) {
$invoice_scope_display = "-";
} else {
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?>
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time()) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";
}
</tbody>
</table>
//Set Badge color based off of invoice status
if ($invoice_status == "Sent") {
$invoice_badge_color = "warning";
} elseif ($invoice_status == "Viewed") {
$invoice_badge_color = "info";
} elseif ($invoice_status == "Partial") {
$invoice_badge_color = "primary";
} elseif ($invoice_status == "Paid") {
$invoice_badge_color = "success";
} elseif ($invoice_status == "Cancelled") {
$invoice_badge_color = "danger";
} else {
$invoice_badge_color = "secondary";
}
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
<?php echo $invoice_status; ?>
</span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
<?php
require("invoice_copy_modal.php");
require("invoice_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("invoice_add_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("invoice_add_modal.php");
require_once("footer.php");

586
client_side_nav.php
View File

@ -1,335 +1,335 @@
<!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-<?php echo $config_theme; ?> d-print-none">
<!-- Sidebar -->
<div class="sidebar">
<!-- Sidebar Menu -->
<nav class="mt-3">
<!-- Sidebar -->
<div class="sidebar">
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<li class="nav-item">
<a href="clients.php" class="nav-link">
<i class="nav-icon fas fa-arrow-left"></i>
<p class="h4">Back | <small><strong><?php echo $client_name; ?></strong></small></p>
</a>
</li>
<!-- Sidebar Menu -->
<nav class="mt-3">
<li class="nav-item mt-3">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_overview.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Overview</p>
</a>
</li>
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<li class="nav-item">
<a href="client_contacts.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_contacts.php" || basename($_SERVER["PHP_SELF"]) == "client_contact_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>
Contacts
<?php
if ($num_contacts > 0) { ?>
<span class="right badge badge-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="clients.php" class="nav-link">
<i class="nav-icon fas fa-arrow-left"></i>
<p class="h4">Back | <small><strong><?php echo $client_name; ?></strong></small></p>
</a>
</li>
<li class="nav-item">
<a href="client_locations.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_locations.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-map-marker-alt"></i>
<p>
Locations
<?php
if ($num_locations > 0) { ?>
<span class="right badge badge-light"><?php echo $num_locations; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item mt-3">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_overview.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Overview</p>
</a>
</li>
<li class="nav-header mt-3">ASSETS</li>
<li class="nav-item">
<a href="client_contacts.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_contacts.php" || basename($_SERVER["PHP_SELF"]) == "client_contact_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>
Contacts
<?php
if ($num_contacts > 0) { ?>
<span class="right badge badge-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_assets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_assets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-desktop"></i>
<p>
Assets
<?php
if ($num_assets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_assets; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_locations.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_locations.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-map-marker-alt"></i>
<p>
Locations
<?php
if ($num_locations > 0) { ?>
<span class="right badge badge-light"><?php echo $num_locations; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_software.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-cube"></i>
<p>
Licenses
<?php
if ($num_software > 0) { ?>
<span class="right badge badge-light"><?php echo $num_software; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ASSETS</li>
<li class="nav-item">
<a href="client_logins.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logins.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-key"></i>
<p>
Passwords
<?php
if ($num_logins > 0) { ?>
<span class="right badge badge-light"><?php echo $num_logins; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_assets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_assets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-desktop"></i>
<p>
Assets
<?php
if ($num_assets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_assets; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_networks.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_networks.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-network-wired"></i>
<p>
Networks
<?php
if ($num_networks > 0) { ?>
<span class="right badge badge-light"><?php echo $num_networks; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_software.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-cube"></i>
<p>
Licenses
<?php
if ($num_software > 0) { ?>
<span class="right badge badge-light"><?php echo $num_software; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_certificates.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_certificates.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-lock"></i>
<p>
Certificates
<li class="nav-item">
<a href="client_logins.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logins.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-key"></i>
<p>
Passwords
<?php
if ($num_logins > 0) { ?>
<span class="right badge badge-light"><?php echo $num_logins; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php
if ($num_certificates > 0) { ?>
<span class="right badge badge-light"><?php echo $num_certificates; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_networks.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_networks.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-network-wired"></i>
<p>
Networks
<?php
if ($num_networks > 0) { ?>
<span class="right badge badge-light"><?php echo $num_networks; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_certs_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_certificates.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_certificates.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-lock"></i>
<p>
Certificates
<li class="nav-item">
<a href="client_domains.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_domains.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-globe"></i>
<p>
Domains
<?php
if ($num_domains > 0) { ?>
<span class="right badge badge-light"><?php echo $num_domains; ?></span>
<?php } ?>
<?php
if ($num_certificates > 0) { ?>
<span class="right badge badge-light"><?php echo $num_certificates; ?></span>
<?php } ?>
<?php if ($num_domains_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
<?php if ($num_certs_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_domains.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_domains.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-globe"></i>
<p>
Domains
<li class="nav-header mt-3">SUPPORT</li>
<?php
if ($num_domains > 0) { ?>
<span class="right badge badge-light"><?php echo $num_domains; ?></span>
<?php } ?>
<?php if ($config_module_enable_ticketing == 1) { ?>
<li class="nav-item">
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_tickets.php" || basename($_SERVER["PHP_SELF"]) == "client_scheduled_tickets.php" ) { echo "active"; } ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>
Tickets
<?php
if ($num_active_tickets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_active_tickets; ?></span>
<?php } ?>
<?php if ($num_domains_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?>
<?php if ($num_active_tickets > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<?php } ?>
<li class="nav-header mt-3">SUPPORT</li>
<li class="nav-item">
<a href="client_services.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_services.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-stream"></i>
<p>
Services
<?php
if ($num_services > 0) { ?>
<span class="right badge badge-light"><?php echo $num_services; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($config_module_enable_ticketing == 1) { ?>
<li class="nav-item">
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_tickets.php" || basename($_SERVER["PHP_SELF"]) == "client_scheduled_tickets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>
Tickets
<li class="nav-item">
<a href="client_vendors.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>
Vendors
<?php
if ($num_vendors > 0) { ?>
<span class="right badge badge-light"><?php echo $num_vendors; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php
if ($num_active_tickets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_active_tickets; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_events.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>
Events
<?php
if ($num_events > 0) { ?>
<span class="right badge badge-light"><?php echo $num_events; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_active_tickets > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
<li class="nav-item">
<a href="client_files.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_files.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-paperclip"></i>
<p>
Files
<?php
if ($num_files > 0) { ?>
<span class="right badge badge-light"><?php echo $num_files; ?></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<?php } ?>
<li class="nav-item">
<a href="client_documents.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_documents.php" || basename($_SERVER["PHP_SELF"]) == "client_document_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-alt"></i>
<p>
Documents
<?php
if ($num_documents > 0) { ?>
<span class="right badge badge-light"><?php echo $num_documents; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_services.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_services.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-stream"></i>
<p>
Services
<?php
if ($num_services > 0) { ?>
<span class="right badge badge-light"><?php echo $num_services; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($session_user_role == 1 || $session_user_role > 2 && $config_module_enable_accounting == 1) { ?>
<li class="nav-item">
<a href="client_vendors.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>
Vendors
<?php
if ($num_vendors > 0) { ?>
<span class="right badge badge-light"><?php echo $num_vendors; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ACCOUNTING</li>
<li class="nav-item">
<a href="client_events.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>
Events
<?php
if ($num_events > 0) { ?>
<span class="right badge badge-light"><?php echo $num_events; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Invoices
<?php
if ($num_invoices > 0) { ?>
<span class="right badge badge-light"><?php echo $num_invoices; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_files.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_files.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-paperclip"></i>
<p>
Files
<?php
if ($num_files > 0) { ?>
<span class="right badge badge-light"><?php echo $num_files; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_invoices_open > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
<li class="nav-item">
<a href="client_documents.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_documents.php" || basename($_SERVER["PHP_SELF"]) == "client_document_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-alt"></i>
<p>
Documents
<?php
if ($num_documents > 0) { ?>
<span class="right badge badge-light"><?php echo $num_documents; ?></span>
<?php } ?>
</p>
</a>
</li>
</p>
</a>
</li>
<?php if ($session_user_role == 1 || $session_user_role > 2 && $config_module_enable_accounting == 1) { ?>
<li class="nav-item">
<a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>
Recurring
<?php
if ($num_recurring > 0) { ?>
<span class="right badge badge-light"><?php echo $num_recurring; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ACCOUNTING</li>
<li class="nav-item">
<a href="client_quotes.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_quotes.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Quotes
<?php
if ($num_quotes > 0) { ?>
<span class="right badge badge-light"><?php echo $num_quotes; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Invoices
<li class="nav-item">
<a href="client_payments.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>
Payments
<?php
if ($num_payments > 0) { ?>
<span class="right badge badge-light"><?php echo $num_payments; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php
if ($num_invoices > 0) { ?>
<span class="right badge badge-light"><?php echo $num_invoices; ?></span>
<?php } ?>
<li class="nav-item">
<a href="client_trips.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_trips.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-route"></i>
<p>
Trips
<?php
if ($num_trips > 0) { ?>
<span class="right badge badge-light"><?php echo $num_trips; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_invoices_open > 0) { ?>
<span class="right fa fa-fw fa-circle text-danger"></span>
<?php } ?>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">MORE</li>
<li class="nav-item">
<a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>
Recurring
<?php
if ($num_recurring > 0) { ?>
<span class="right badge badge-light"><?php echo $num_recurring; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-share"></i>
<p>
Shared Links
<?php
if ($num_shared_links > 0) { ?>
<span class="right badge badge-light"><?php echo $num_shared_links; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_quotes.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_quotes.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i>
<p>
Quotes
<?php
if ($num_quotes > 0) { ?>
<span class="right badge badge-light"><?php echo $num_quotes; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_logs.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logs.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-eye"></i>
<p>Audit Logs</p>
</a>
</li>
<li class="nav-item">
<a href="client_payments.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-credit-card"></i>
<p>
Payments
<?php
if ($num_payments > 0) { ?>
<span class="right badge badge-light"><?php echo $num_payments; ?></span>
<?php } ?>
</p>
</a>
</li>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
<li class="nav-item">
<a href="client_trips.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_trips.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-route"></i>
<p>
Trips
<?php
if ($num_trips > 0) { ?>
<span class="right badge badge-light"><?php echo $num_trips; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php } ?>
<li class="nav-header mt-3">MORE</li>
<li class="nav-item">
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-share"></i>
<p>
Shared Links
<?php
if ($num_shared_links > 0) { ?>
<span class="right badge badge-light"><?php echo $num_shared_links; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_logs.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logs.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-eye"></i>
<p>Audit Logs</p>
</a>
</li>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
</aside>

6
functions.php
View File

@ -405,7 +405,7 @@ function getDomainRecords($name) {
function getSSL($name) {
$certificate = array();
$certificate['success'] = FALSE;
$certificate['success'] = false;
// Only run if we think the domain is valid
if (!filter_var($name, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
@ -417,7 +417,7 @@ function getSSL($name) {
// Get SSL/TSL certificate (using verify peer false to allow for self-signed certs) for domain on default port
$socket = "ssl://$name:443";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => true, "verify_peer" => false,)));
$read = stream_socket_client($socket, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $get);
// If the socket connected
@ -427,7 +427,7 @@ function getSSL($name) {
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
if ($cert_public_key_obj) {
$certificate['success'] = TRUE;
$certificate['success'] = true;
$certificate['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$certificate['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$certificate['public_key'] = $export;

1092
guest_view_invoice.php
View File

File diff suppressed because it is too large Load Diff

2
guest_view_item.php
View File

@ -1,7 +1,7 @@
<?php
header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
require_once("guest_header.php"); ?>

2
invoices.php
View File

@ -293,7 +293,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$now = time();
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";

8
login.php
View File

@ -47,11 +47,11 @@ $config_mail_from_email = $row['config_mail_from_email'];
$config_mail_from_name = $row['config_mail_from_name'];
// HTTP-Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
// Tell client to only send cookie(s) over HTTPS
if ($config_https_only) {
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
// Handle POST login request
@ -108,7 +108,7 @@ if (isset($_POST['login'])) {
// Determine whether 2FA was used (for logs)
$extended_log = ''; // Default value
if ($current_code !== 0 ) {
if ($current_code !== 0) {
$extended_log = 'with 2FA';
}
@ -120,7 +120,7 @@ if (isset($_POST['login'])) {
$_SESSION['user_name'] = $user_name;
$_SESSION['user_role'] = $row['user_role'];
$_SESSION['csrf_token'] = randomString(156);
$_SESSION['logged'] = TRUE;
$_SESSION['logged'] = true;
// Setup encryption session key
if (isset($row['user_specific_encryption_ciphertext']) && $row['user_role'] > 1) {

142
pagination.php
View File

@ -11,89 +11,89 @@ $total_found_rows = $num_rows[0];
$total_pages = ceil($total_found_rows / $_SESSION['records_per_page']);
if ($total_found_rows > 10) {
$i=0;
$i=0;
?>
?>
<hr>
<hr>
<div class="row">
<div class="col mb-3">
<form action="post.php" method="post">
<select onchange="this.form.submit()" class="input-form select2" name="change_records_per_page">
<option <?php if ($_SESSION['records_per_page'] == 5) { echo "selected"; } ?> >5</option>
<option <?php if ($_SESSION['records_per_page'] == 10) { echo "selected"; } ?> >10</option>
<option <?php if ($_SESSION['records_per_page'] == 20) { echo "selected"; } ?> >20</option>
<option <?php if ($_SESSION['records_per_page'] == 50) { echo "selected"; } ?> >50</option>
<option <?php if ($_SESSION['records_per_page'] == 100) { echo "selected"; } ?> >100</option>
<option <?php if ($_SESSION['records_per_page'] == 500) { echo "selected"; } ?> >500</option>
</select>
</form>
</div>
<div class="col mb-3">
<p class="text-center mt-2"><?php echo $total_found_rows; ?></p>
</div>
<div class="col mb-3">
<div class="row">
<div class="col mb-3">
<form action="post.php" method="post">
<select onchange="this.form.submit()" class="input-form select2" name="change_records_per_page">
<option <?php if ($_SESSION['records_per_page'] == 5) { echo "selected"; } ?> >5</option>
<option <?php if ($_SESSION['records_per_page'] == 10) { echo "selected"; } ?> >10</option>
<option <?php if ($_SESSION['records_per_page'] == 20) { echo "selected"; } ?> >20</option>
<option <?php if ($_SESSION['records_per_page'] == 50) { echo "selected"; } ?> >50</option>
<option <?php if ($_SESSION['records_per_page'] == 100) { echo "selected"; } ?> >100</option>
<option <?php if ($_SESSION['records_per_page'] == 500) { echo "selected"; } ?> >500</option>
</select>
</form>
</div>
<div class="col mb-3">
<p class="text-center mt-2"><?php echo $total_found_rows; ?></p>
</div>
<div class="col mb-3">
<ul class="pagination justify-content-end">
<ul class="pagination justify-content-end">
<?php
if ($total_pages <= 100) {
$pages_split = 10;
}
if (($total_pages <= 1000) && ($total_pages > 100)) {
$pages_split = 100;
}
if (($total_pages <= 10000) && ($total_pages > 1000)) {
$pages_split = 1000;
}
if ($p > 1) {
$prev_class = "";
}else{
$prev_class = "disabled";
}
if ($p <> $total_pages) {
$next_class = "";
}else{
$next_class = "disabled";
}
$url_query_strings = http_build_query(array_merge($_GET,array('p' => $i)));
$prev_page = $p - 1;
$next_page = $p + 1;
if ($p > 1) {
echo "<li class='page-item $prev_class'><a class='page-link' href='?$url_query_strings&p=$prev_page'>Prev</a></li>";
}
while ($i < $total_pages) {
$i++;
if (($i == 1) || (($p <= 3) && ($i <= 6)) || (($i > $total_pages - 6) && ($p > $total_pages - 3 )) || (is_int($i / $pages_split)) || (($p > 3) && ($i >= $p - 2) && ($i <= $p + 3)) || ($i == $total_pages)) {
if ($p == $i ) {
$page_class = "active";
}else{
$page_class = "";
}
echo "<li class='page-item $page_class'><a class='page-link' href='?$url_query_strings&p=$i'>$i</a></li>";
}
}
<?php
if ($p <> $total_pages) {
echo "<li class='page-item $next_class'><a class='page-link' href='?$url_query_strings&p=$next_page'>Next</a></li>";
}
if ($total_pages <= 100) {
$pages_split = 10;
}
if (($total_pages <= 1000) && ($total_pages > 100)) {
$pages_split = 100;
}
if (($total_pages <= 10000) && ($total_pages > 1000)) {
$pages_split = 1000;
}
if ($p > 1) {
$prev_class = "";
} else {
$prev_class = "disabled";
}
if ($p <> $total_pages) {
$next_class = "";
} else {
$next_class = "disabled";
}
$url_query_strings = http_build_query(array_merge($_GET,array('p' => $i)));
$prev_page = $p - 1;
$next_page = $p + 1;
?>
if ($p > 1) {
echo "<li class='page-item $prev_class'><a class='page-link' href='?$url_query_strings&p=$prev_page'>Prev</a></li>";
}
</ul>
</div>
</div>
while ($i < $total_pages) {
$i++;
if (($i == 1) || (($p <= 3) && ($i <= 6)) || (($i > $total_pages - 6) && ($p > $total_pages - 3)) || (is_int($i / $pages_split)) || (($p > 3) && ($i >= $p - 2) && ($i <= $p + 3)) || ($i == $total_pages)) {
if ($p == $i) {
$page_class = "active";
} else {
$page_class = "";
}
echo "<li class='page-item $page_class'><a class='page-link' href='?$url_query_strings&p=$i'>$i</a></li>";
}
}
<?php
if ($p <> $total_pages) {
echo "<li class='page-item $next_class'><a class='page-link' href='?$url_query_strings&p=$next_page'>Next</a></li>";
}
?>
</ul>
</div>
</div>
<?php
}
if ($total_found_rows == 0) {
echo "<center class='my-3'><i class='far fa-fw fa-6x fa-meh-rolling-eyes text-secondary'></i><h3 class='text-secondary mt-3'>No Results</h3></center>";
echo "<center class='my-3'><i class='far fa-fw fa-6x fa-meh-rolling-eyes text-secondary'></i><h3 class='text-secondary mt-3'>No Results</h3></center>";
}
?>

4
portal/inc_portal.php
View File

@ -11,10 +11,10 @@ require_once('portal_functions.php');
if (!isset($_SESSION)) {
// HTTP Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
session_start();
}

9
portal/invoices.php
View File

@ -18,9 +18,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
<div class="col-md-1 text-center">
<?php if (!empty($session_contact_photo)) { ?>
<img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<?php } else { ?>
<span class="fa-stack fa-2x rounded-left">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
@ -73,7 +71,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
}
$now = time();
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";
@ -107,9 +105,8 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
</td>
</tr>
<?php
}
?>
<?php } ?>
</tbody>
</table>

2
portal/login.php
View File

@ -46,7 +46,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
if ($row['contact_auth_method'] == 'local') {
if (password_verify($password, $row['contact_password_hash'])) {
$_SESSION['client_logged_in'] = TRUE;
$_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id'];

2
portal/login_microsoft.php
View File

@ -95,7 +95,7 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
$row = mysqli_fetch_array($sql);
if ($row['contact_auth_method'] == 'azure') {
$_SESSION['client_logged_in'] = TRUE;
$_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id'];

46
post.php
View File

@ -284,7 +284,7 @@ if(isset($_POST['edit_profile'])){
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$new_password = trim($_POST['new_password']);
$existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
$logout = FALSE;
$logout = false;
$extended_log_description = '';
// Email notification when password or email is changed
@ -367,7 +367,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli,"UPDATE users SET user_password = '$new_password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' WHERE user_id = $user_id");
$extended_log_description .= ", password changed";
$logout = TRUE;
$logout = true;
}
// Enable extension access, only if it isn't already setup (user doesn't have cookie)
@ -377,7 +377,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli, "UPDATE users SET user_extension_key = '$extension_key' WHERE user_id = $user_id");
$extended_log_description .= ", extension access enabled";
$logout = TRUE;
$logout = true;
}
}
@ -4788,19 +4788,19 @@ if(isset($_POST["import_client_contacts_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -4808,7 +4808,7 @@ if(isset($_POST["import_client_contacts_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -4818,7 +4818,7 @@ if(isset($_POST["import_client_contacts_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@ -5209,19 +5209,19 @@ if(isset($_POST["import_client_locations_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -5229,7 +5229,7 @@ if(isset($_POST["import_client_locations_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 7) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -5239,7 +5239,7 @@ if(isset($_POST["import_client_locations_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@ -5519,19 +5519,19 @@ if(isset($_POST["import_client_assets_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -5539,7 +5539,7 @@ if(isset($_POST["import_client_assets_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -5549,7 +5549,7 @@ if(isset($_POST["import_client_assets_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@ -6163,19 +6163,19 @@ if(isset($_POST["import_client_logins_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@ -6183,7 +6183,7 @@ if(isset($_POST["import_client_logins_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 4) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@ -6193,7 +6193,7 @@ if(isset($_POST["import_client_logins_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));

255
rfc6238.php
View File

@ -1,170 +1,151 @@
<?php
// http://www.faqs.org/rfcs/rfc6238.html
require_once(dirname(__FILE__).'/base32static.php');
class TokenAuth6238 {
// http://www.faqs.org/rfcs/rfc6238.html
require_once(dirname(__FILE__).'/base32static.php');
class TokenAuth6238 {
/**
* verify
*
* @param string $secretkey Secret clue (base 32).
* @return bool True if success, false if failure
*/
public static function verify($secretkey, $code, $rangein30s = 3) {
$key = base32static::decode($secretkey);
$unixtimestamp = time()/30;
/**
* verify
*
* @param string $secretkey Secret clue (base 32).
* @return bool True if success, false if failure
*/
public static function verify($secretkey, $code, $rangein30s = 3) {
$key = base32static::decode($secretkey);
$unixtimestamp = time()/30;
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
$thiskey = self::oath_hotp($key, $checktime);
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
$thiskey = self::oath_hotp($key, $checktime);
if ((int)$code == self::oath_truncate($thiskey,6)) {
return true;
}
if ((int)$code == self::oath_truncate($thiskey,6)) {
return true;
}
}
return false;
}
}
return false;
}
public static function getTokenCode($secretkey) {
$result = "";
$key = base32static::decode($secretkey);
$unixtimestamp = time()/30;
$result = "";
$key = base32static::decode($secretkey);
$unixtimestamp = time()/30;
$checktime = (int)($unixtimestamp);
$thiskey = self::oath_hotp($key, $checktime);
$result = $result . self::oath_truncate($thiskey,6);
$checktime = (int)($unixtimestamp);
$thiskey = self::oath_hotp($key, $checktime);
$result = $result . self::oath_truncate($thiskey,6);
$result = "000000" . $result;
return substr($result, -6);
$result = "000000" . $result;
return substr($result, -6);
}
public static function getTokenCodeDebug($secretkey,$rangein30s = 3) {
$result = "";
print "<br/>SecretKey: $secretkey <br/>";
$result = "";
print "<br/>SecretKey: $secretkey <br/>";
$key = base32static::decode($secretkey);
print "Key(base 32 decode): $key <br/>";
$key = base32static::decode($secretkey);
print "Key(base 32 decode): $key <br/>";
$unixtimestamp = time()/30;
print "UnixTimeStamp (time()/30): $unixtimestamp <br/>";
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
print "Calculating oath_hotp from (int)(unixtimestamp +- 30sec offset): $checktime basing on secret key<br/>";
$unixtimestamp = time()/30;
print "UnixTimeStamp (time()/30): $unixtimestamp <br/>";
for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i);
print "Calculating oath_hotp from (int)(unixtimestamp +- 30sec offset): $checktime basing on secret key<br/>";
$thiskey = self::oath_hotp($key, $checktime, true);
print "======================================================<br/>";
print "CheckTime: $checktime oath_hotp:".$thiskey."<br/>";
$result = $result." # ".self::oath_truncate($thiskey,6,true);
}
$thiskey = self::oath_hotp($key, $checktime, true);
print "======================================================<br/>";
print "CheckTime: $checktime oath_hotp:".$thiskey."<br/>";
$result = $result." # ".self::oath_truncate($thiskey,6,true);
}
return $result;
return $result;
}
public static function getBarCodeUrl($username, $domain, $secretkey, $issuer) {
$url = "http://chart.apis.google.com/chart";
$url = $url."?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/";
$url = $url.$username . "@" . $domain . "%3Fsecret%3D" . $secretkey . '%26issuer%3D' . rawurlencode($issuer);
$url = "http://chart.apis.google.com/chart";
$url = $url."?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/";
$url = $url.$username . "@" . $domain . "%3Fsecret%3D" . $secretkey . '%26issuer%3D' . rawurlencode($issuer);
return $url;
}
public static function generateRandomClue($length = 16) {
$b32 = "234567QWERTYUIOPASDFGHJKLZXCVBNM";
$s = "";
for ($i = 0; $i < $length; $i++)
$s .= $b32[rand(0,31)];
return $s;
return $url;
}
private static function hotp_tobytestream($key) {
$result = array();
$last = strlen($key);
for ($i = 0; $i < $last; $i = $i + 2) {
$x = $key[$i] + $key[$i + 1];
$x = strtoupper($x);
$x = hexdec($x);
$result = $result.chr($x);
}
private static function oath_hotp ($key, $counter, $debug=false) {
$result = "";
$orgcounter = $counter;
$cur_counter = array(0,0,0,0,0,0,0,0);
return $result;
}
private static function oath_hotp ($key, $counter, $debug=false) {
$result = "";
$orgcounter = $counter;
$cur_counter = array(0,0,0,0,0,0,0,0);
if ($debug) {
print "Packing counter $counter (".dechex($counter).")into binary string - pay attention to hex representation of key and binary representation<br/>";
}
if ($debug) {
print "Packing counter $counter (".dechex($counter).")into binary string - pay attention to hex representation of key and binary representation<br/>";
}
for($i=7;$i>=0;$i--) { // C for unsigned char, * for repeating to the end of the input data
$cur_counter[$i] = pack ('C*', $counter);
for($i=7;$i>=0;$i--) { // C for unsigned char, * for repeating to the end of the input data
$cur_counter[$i] = pack ('C*', $counter);
if ($debug) {
print $cur_counter[$i]."(".dechex(ord($cur_counter[$i])).")"." from $counter <br/>";
}
$counter = $counter >> 8;
}
if ($debug) {
foreach ($cur_counter as $char) {
print ord($char) . " ";
}
print "<br/>";
}
$binary = implode($cur_counter);
// Pad to 8 characters
str_pad($binary, 8, chr(0), STR_PAD_LEFT);
if ($debug) {
print $cur_counter[$i]."(".dechex(ord($cur_counter[$i])).")"." from $counter <br/>";
print "Prior to HMAC calculation pad with zero on the left until 8 characters.<br/>";
print "Calculate sha1 HMAC(Hash-based Message Authentication Code https://en.wikipedia.org/wiki/HMAC).<br/>";
print "hash_hmac ('sha1', $binary, $key)<br/>";
}
$result = hash_hmac ('sha1', $binary, $key);
if ($debug) {
print "Result: $result <br/>";
}
return $result;
}
private static function oath_truncate($hash, $length = 6, $debug=false) {
$result="";
// Convert to dec
if ($debug) {
print "converting hex hash into characters<br/>";
}
$counter = $counter >> 8;
}
$hashcharacters = str_split($hash,2);
if ($debug) {
foreach ($cur_counter as $char) {
print ord($char) . " ";
if ($debug) {
print_r($hashcharacters);
print "<br/>and convert to decimals:<br/>";
}
for ($j=0; $j<count($hashcharacters); $j++) {
$hmac_result[]=hexdec($hashcharacters[$j]);
}
print "<br/>";
}
if ($debug) {
print_r($hmac_result);
}
// http://php.net/manual/ru/function.hash-hmac.php
// adopted from brent at thebrent dot net 21-May-2009 08:17 comment
$offset = $hmac_result[19] & 0xf;
$binary = implode($cur_counter);
// Pad to 8 characters
str_pad($binary, 8, chr(0), STR_PAD_LEFT);
if ($debug) {
print "Calculating offset as 19th element of hmac:".$hmac_result[19]."<br/>";
print "offset:".$offset;
}
if ($debug) {
print "Prior to HMAC calculation pad with zero on the left until 8 characters.<br/>";
print "Calculate sha1 HMAC(Hash-based Message Authentication Code https://en.wikipedia.org/wiki/HMAC).<br/>";
print "hash_hmac ('sha1', $binary, $key)<br/>";
}
$result = hash_hmac ('sha1', $binary, $key);
$result = (
(($hmac_result[$offset+0] & 0x7f) << 24) |
(($hmac_result[$offset+1] & 0xff) << 16) |
(($hmac_result[$offset+2] & 0xff) << 8) |
($hmac_result[$offset+3] & 0xff)
) % pow(10,$length);
return $result;
}
if ($debug) {
print "Result: $result <br/>";
}
return $result;
}
private static function oath_truncate($hash, $length = 6, $debug=false) {
$result="";
// Convert to dec
if ($debug) {
print "converting hex hash into characters<br/>";
}
$hashcharacters = str_split($hash,2);
if ($debug) {
print_r($hashcharacters);
print "<br/>and convert to decimals:<br/>";
}
for ($j=0; $j<count($hashcharacters); $j++) {
$hmac_result[]=hexdec($hashcharacters[$j]);
}
if ($debug) {
print_r($hmac_result);
}
// http://php.net/manual/ru/function.hash-hmac.php
// adopted from brent at thebrent dot net 21-May-2009 08:17 comment
$offset = $hmac_result[19] & 0xf;
if ($debug) {
print "Calculating offset as 19th element of hmac:".$hmac_result[19]."<br/>";
print "offset:".$offset;
}
$result = (
(($hmac_result[$offset+0] & 0x7f) << 24 ) |
(($hmac_result[$offset+1] & 0xff) << 16 ) |
(($hmac_result[$offset+2] & 0xff) << 8 ) |
($hmac_result[$offset+3] & 0xff)
) % pow(10,$length);
return $result;
}
}
}

17
ticket.php
View File

@ -1,4 +1,5 @@
<?php include("inc_all.php");
<?php
require_once("inc_all.php");
if (isset($_GET['ticket_id'])) {
$ticket_id = intval($_GET['ticket_id']);
@ -374,7 +375,7 @@ if (isset($_GET['ticket_id'])) {
<?php
include("ticket_reply_edit_modal.php");
require("ticket_reply_edit_modal.php");
}
@ -490,7 +491,7 @@ if (isset($_GET['ticket_id'])) {
<br>
<?php }
if ($ticket_asset_count > 0 ) { ?>
if ($ticket_asset_count > 0) { ?>
<button class="btn btn-block btn-secondary" data-toggle="modal" data-target="#assetTicketsModal">Service History (<?php echo $ticket_asset_count; ?>)</button>
@ -617,17 +618,15 @@ if (isset($_GET['ticket_id'])) {
</div>
<?php
include("ticket_edit_modal.php");
include("ticket_merge_modal.php");
include("ticket_invoice_add_modal.php");
require("ticket_edit_modal.php");
require("ticket_merge_modal.php");
require("ticket_invoice_add_modal.php");
}
}
?>
<?php include_once("footer.php");
require_once("footer.php");
if ($ticket_status !== "Closed") { ?>
<!-- Ticket Time Tracking JS -->