AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-01 03:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

General cleanup/tidying

Browse Source
This commit is contained in:
Marcus Hill
2023-02-09 11:32:40 +00:00
parent 9e549adb7e
commit b36719eb99
22 changed files with 1222 additions and 1244 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/v1/contacts/create.php
View File

@@ -7,7 +7,7 @@ require_once('../require_post_method.php');
require_once('contact_model.php'); require_once('contact_model.php');
// Default // Default
$insert_id = FALSE; $insert_id = false;
if (!empty($name) && !empty($email) && !empty($client_id)) { if (!empty($name) && !empty($email) && !empty($client_id)) {

2
api/v1/contacts/delete.php
View File

@@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']); $contact_id = intval($_POST['contact_id']);
// Default // Default
$delete_count = FALSE; $delete_count = false;
if (!empty($contact_id)) { if (!empty($contact_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));

2
api/v1/contacts/update.php
View File

@@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']); $contact_id = intval($_POST['contact_id']);
// Default // Default
$update_count = FALSE; $update_count = false;
if (!empty($contact_id)) { if (!empty($contact_id)) {

2
api/v1/validate_api_key.php
View File

@@ -7,7 +7,7 @@
*/ */
// Includes // Includes
require_once( __DIR__ . '../../../functions.php'); require_once(__DIR__ . '../../../functions.php');
require_once(__DIR__ . "../../../config.php"); require_once(__DIR__ . "../../../config.php");
// JSON header // JSON header

2
base32static.php
View File

@@ -87,7 +87,7 @@ class Base32Static {
$eightBits = str_split($x, 8); $eightBits = str_split($x, 8);
for ($z = 0; $z < count($eightBits); $z++) { for ($z = 0; $z < count($eightBits); $z++) {
$binaryString .= ( ($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48 ) ? $y:""; $binaryString .= (($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48) ? $y:"";
} }
} }

2
client_contact_details.php
View File

@@ -29,7 +29,7 @@ if (isset($_GET['contact_id'])) {
if ($contact_id == $primary_contact) { if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>"; $primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else { } else {
$primary_contact_display = FALSE; $primary_contact_display = false;
} }
$contact_location_id = $row['contact_location_id']; $contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']); $location_name = htmlentities($row['location_name']);

2
client_contacts.php
View File

@@ -133,7 +133,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
if ($contact_id == $primary_contact) { if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>"; $primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else { } else {
$primary_contact_display = FALSE; $primary_contact_display = false;
} }
$contact_location_id = $row['contact_location_id']; $contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']); $location_name = htmlentities($row['location_name']);

279
client_invoices.php
View File

@@ -1,167 +1,168 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb'])); $sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
}else{ } else {
$sb = "invoice_number"; $sb = "invoice_number";
} }
// Reverse default sort // Reverse default sort
if (!isset($_GET['o'])) { if (!isset($_GET['o'])) {
$o = "DESC"; $o = "DESC";
$disp = "ASC"; $disp = "ASC";
} }
//Rebuild URL //Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o))); $url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices $sql = mysqli_query(
LEFT JOIN categories ON invoice_category_id = category_id $mysqli,
WHERE invoice_client_id = $client_id "SELECT SQL_CALC_FOUND_ROWS * FROM invoices
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%') LEFT JOIN categories ON invoice_category_id = category_id
ORDER BY $sb $o LIMIT $record_from, $record_to"); WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
?> ?>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-file"></i> Invoices</h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addInvoiceModal"><i class="fas fa-fw fa-plus"></i> New Invoice</button>
</div>
</div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-4">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
<div class="input-group-append">
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div> </div>
</div>
</div> </div>
<div class="card-body">
<form autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="row">
<div class="col-md-8"> <div class="col-md-4">
<div class="float-right"> <div class="input-group mb-3 mb-md-0">
<a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Invoices">
</div> <div class="input-group-append">
</div> <button class="btn btn-dark"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div> <div class="col-md-8">
</form> <div class="float-right">
<hr> <a href="post.php?export_client_invoices_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
<div class="table-responsive"> </div>
<table class="table table-striped table-borderless table-hover"> </div>
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
$invoice_prefix = htmlentities($row['invoice_prefix']);
$invoice_number = htmlentities($row['invoice_number']);
$invoice_scope = htmlentities($row['invoice_scope']);
if (empty($invoice_scope)) {
$invoice_scope_display = "-";
}else{
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time() ) {
$overdue_color = "text-danger font-weight-bold";
}else{
$overdue_color = "";
}
//Set Badge color based off of invoice status
if ($invoice_status == "Sent") {
$invoice_badge_color = "warning";
}elseif ($invoice_status == "Viewed") {
$invoice_badge_color = "info";
}elseif ($invoice_status == "Partial") {
$invoice_badge_color = "primary";
}elseif ($invoice_status == "Paid") {
$invoice_badge_color = "success";
}elseif ($invoice_status == "Cancelled") {
$invoice_badge_color = "danger";
}else{
$invoice_badge_color = "secondary";
}
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
<?php echo $invoice_status; ?>
</span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
</div> </div>
</div> </form>
</td> <hr>
</tr> <div class="table-responsive">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_number&o=<?php echo $disp; ?>">Number</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_scope&o=<?php echo $disp; ?>">Scope</a></th>
<th class="text-right"><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_amount&o=<?php echo $disp; ?>">Amount</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_date&o=<?php echo $disp; ?>">Date</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_due&o=<?php echo $disp; ?>">Due</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=category_name&o=<?php echo $disp; ?>">Category</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=invoice_status&o=<?php echo $disp; ?>">Status</a></th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
<?php while ($row = mysqli_fetch_array($sql)) {
$invoice_id = $row['invoice_id'];
include("invoice_copy_modal.php"); $invoice_prefix = htmlentities($row['invoice_prefix']);
include("invoice_edit_modal.php"); $invoice_number = htmlentities($row['invoice_number']);
} $invoice_scope = htmlentities($row['invoice_scope']);
if (empty($invoice_scope)) {
$invoice_scope_display = "-";
} else {
$invoice_scope_display = $invoice_scope;
}
$invoice_status = htmlentities($row['invoice_status']);
$invoice_date = $row['invoice_date'];
$invoice_due = $row['invoice_due'];
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = htmlentities($row['invoice_currency_code']);
$invoice_created_at = $row['invoice_created_at'];
$category_id = $row['category_id'];
$category_name = htmlentities($row['category_name']);
?> if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) < time()) {
$overdue_color = "text-danger font-weight-bold";
} else {
$overdue_color = "";
}
</tbody> //Set Badge color based off of invoice status
</table> if ($invoice_status == "Sent") {
$invoice_badge_color = "warning";
} elseif ($invoice_status == "Viewed") {
$invoice_badge_color = "info";
} elseif ($invoice_status == "Partial") {
$invoice_badge_color = "primary";
} elseif ($invoice_status == "Paid") {
$invoice_badge_color = "success";
} elseif ($invoice_status == "Cancelled") {
$invoice_badge_color = "danger";
} else {
$invoice_badge_color = "secondary";
}
?>
<tr>
<td><a href="invoice.php?invoice_id=<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
<td><?php echo $invoice_date; ?></td>
<td><div class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></div></td>
<td><?php echo $category_name; ?></td>
<td>
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
<?php echo $invoice_status; ?>
</span>
</td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">Send</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editInvoiceModal<?php echo $invoice_id; ?>">Edit</a>
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#addInvoiceCopyModal<?php echo $invoice_id; ?>">Copy</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">Delete</a>
</div>
</div>
</td>
</tr>
<?php
require("invoice_copy_modal.php");
require("invoice_edit_modal.php");
}
?>
</tbody>
</table>
</div>
<?php require_once("pagination.php"); ?>
</div>
</div> </div>
<?php include("pagination.php"); ?>
</div>
</div>
<?php include("invoice_add_modal.php"); ?> <?php
require_once("invoice_add_modal.php");
<?php include("footer.php"); ?> require_once("footer.php");

586
client_side_nav.php
View File

@@ -1,335 +1,335 @@
<!-- Main Sidebar Container --> <!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-<?php echo $config_theme; ?> d-print-none"> <aside class="main-sidebar sidebar-dark-<?php echo $config_theme; ?> d-print-none">
<!-- Sidebar -->
<div class="sidebar">
<!-- Sidebar Menu --> <!-- Sidebar -->
<nav class="mt-3"> <div class="sidebar">
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false"> <!-- Sidebar Menu -->
<nav class="mt-3">
<li class="nav-item">
<a href="clients.php" class="nav-link">
<i class="nav-icon fas fa-arrow-left"></i>
<p class="h4">Back | <small><strong><?php echo $client_name; ?></strong></small></p>
</a>
</li>
<li class="nav-item mt-3"> <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<a href="client_overview.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_overview.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-tachometer-alt"></i>
<p>Overview</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_contacts.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_contacts.php" || basename($_SERVER["PHP_SELF"]) == "client_contact_details.php") { echo "active"; } ?>"> <a href="clients.php" class="nav-link">
<i class="nav-icon fas fa-users"></i> <i class="nav-icon fas fa-arrow-left"></i>
<p> <p class="h4">Back | <small><strong><?php echo $client_name; ?></strong></small></p>
Contacts </a>
<?php </li>
if ($num_contacts > 0) { ?>
<span class="right badge badge-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item mt-3">
<a href="client_locations.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_locations.php") { echo "active"; } ?>"> <a href="client_overview.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_overview.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-map-marker-alt"></i> <i class="nav-icon fas fa-tachometer-alt"></i>
<p> <p>Overview</p>
Locations </a>
<?php </li>
if ($num_locations > 0) { ?>
<span class="right badge badge-light"><?php echo $num_locations; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ASSETS</li> <li class="nav-item">
<a href="client_contacts.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_contacts.php" || basename($_SERVER["PHP_SELF"]) == "client_contact_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-users"></i>
<p>
Contacts
<?php
if ($num_contacts > 0) { ?>
<span class="right badge badge-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_assets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_assets.php") { echo "active"; } ?>"> <a href="client_locations.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_locations.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-desktop"></i> <i class="nav-icon fas fa-map-marker-alt"></i>
<p> <p>
Assets Locations
<?php <?php
if ($num_assets > 0) { ?> if ($num_locations > 0) { ?>
<span class="right badge badge-light"><?php echo $num_assets; ?></span> <span class="right badge badge-light"><?php echo $num_locations; ?></span>
<?php } ?> <?php } ?>
</p> </p>
</a> </a>
</li> </li>
<li class="nav-item"> <li class="nav-header mt-3">ASSETS</li>
<a href="client_software.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-cube"></i>
<p>
Licenses
<?php
if ($num_software > 0) { ?>
<span class="right badge badge-light"><?php echo $num_software; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_logins.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logins.php") { echo "active"; } ?>"> <a href="client_assets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_assets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-key"></i> <i class="nav-icon fas fa-desktop"></i>
<p> <p>
Passwords Assets
<?php <?php
if ($num_logins > 0) { ?> if ($num_assets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_logins; ?></span> <span class="right badge badge-light"><?php echo $num_assets; ?></span>
<?php } ?> <?php } ?>
</p> </p>
</a> </a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a href="client_networks.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_networks.php") { echo "active"; } ?>"> <a href="client_software.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-network-wired"></i> <i class="nav-icon fas fa-cube"></i>
<p> <p>
Networks Licenses
<?php <?php
if ($num_networks > 0) { ?> if ($num_software > 0) { ?>
<span class="right badge badge-light"><?php echo $num_networks; ?></span> <span class="right badge badge-light"><?php echo $num_software; ?></span>
<?php } ?> <?php } ?>
</p> </p>
</a> </a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a href="client_certificates.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_certificates.php") { echo "active"; } ?>"> <a href="client_logins.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logins.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-lock"></i> <i class="nav-icon fas fa-key"></i>
<p> <p>
Certificates Passwords
<?php
if ($num_logins > 0) { ?>
<span class="right badge badge-light"><?php echo $num_logins; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php <li class="nav-item">
if ($num_certificates > 0) { ?> <a href="client_networks.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_networks.php") { echo "active"; } ?>">
<span class="right badge badge-light"><?php echo $num_certificates; ?></span> <i class="nav-icon fas fa-network-wired"></i>
<?php } ?> <p>
Networks
<?php
if ($num_networks > 0) { ?>
<span class="right badge badge-light"><?php echo $num_networks; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php if ($num_certs_expiring > 0) { ?> <li class="nav-item">
<span class="right fa fa-fw fa-circle text-warning"></span> <a href="client_certificates.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_certificates.php") { echo "active"; } ?>">
<?php } ?> <i class="nav-icon fas fa-lock"></i>
</p> <p>
</a> Certificates
</li>
<li class="nav-item"> <?php
<a href="client_domains.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_domains.php") { echo "active"; } ?>"> if ($num_certificates > 0) { ?>
<i class="nav-icon fas fa-globe"></i> <span class="right badge badge-light"><?php echo $num_certificates; ?></span>
<p> <?php } ?>
Domains
<?php
if ($num_domains > 0) { ?>
<span class="right badge badge-light"><?php echo $num_domains; ?></span>
<?php } ?>
<?php if ($num_domains_expiring > 0) { ?> <?php if ($num_certs_expiring > 0) { ?>
<span class="right fa fa-fw fa-circle text-warning"></span> <span class="right fa fa-fw fa-circle text-warning"></span>
<?php } ?> <?php } ?>
</p>
</a>
</li>
</p> <li class="nav-item">
</a> <a href="client_domains.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_domains.php") { echo "active"; } ?>">
</li> <i class="nav-icon fas fa-globe"></i>
<p>
Domains
<li class="nav-header mt-3">SUPPORT</li> <?php
if ($num_domains > 0) { ?>
<span class="right badge badge-light"><?php echo $num_domains; ?></span>
<?php } ?>
<?php if ($config_module_enable_ticketing == 1) { ?> <?php if ($num_domains_expiring > 0) { ?>
<li class="nav-item"> <span class="right fa fa-fw fa-circle text-warning"></span>
<a href="client_tickets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_tickets.php" || basename($_SERVER["PHP_SELF"]) == "client_scheduled_tickets.php" ) { echo "active"; } ?>"> <?php } ?>
<i class="nav-icon fas fa-life-ring"></i>
<p>
Tickets
<?php
if ($num_active_tickets > 0) { ?>
<span class="right badge badge-light"><?php echo $num_active_tickets; ?></span>
<?php } ?>
<?php if ($num_active_tickets > 0) { ?> </p>
<span class="right fa fa-fw fa-circle text-danger"></span> </a>
<?php } ?> </li>
</p> <li class="nav-header mt-3">SUPPORT</li>
</a>
</li>
<?php } ?>
<li class="nav-item"> <?php if ($config_module_enable_ticketing == 1) { ?>
<a href="client_services.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_services.php") { echo "active"; } ?>"> <li class="nav-item">
<i class="nav-icon fas fa-stream"></i> <a href="client_tickets.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_tickets.php" || basename($_SERVER["PHP_SELF"]) == "client_scheduled_tickets.php") { echo "active"; } ?>">
<p> <i class="nav-icon fas fa-life-ring"></i>
Services <p>
<?php Tickets
if ($num_services > 0) { ?>
<span class="right badge badge-light"><?php echo $num_services; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <?php
<a href="client_vendors.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_vendors.php") { echo "active"; } ?>"> if ($num_active_tickets > 0) { ?>
<i class="nav-icon fas fa-building"></i> <span class="right badge badge-light"><?php echo $num_active_tickets; ?></span>
<p> <?php } ?>
Vendors
<?php
if ($num_vendors > 0) { ?>
<span class="right badge badge-light"><?php echo $num_vendors; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <?php if ($num_active_tickets > 0) { ?>
<a href="client_events.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_events.php") { echo "active"; } ?>"> <span class="right fa fa-fw fa-circle text-danger"></span>
<i class="nav-icon fas fa-calendar"></i> <?php } ?>
<p>
Events
<?php
if ($num_events > 0) { ?>
<span class="right badge badge-light"><?php echo $num_events; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> </p>
<a href="client_files.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_files.php") { echo "active"; } ?>"> </a>
<i class="nav-icon fas fa-paperclip"></i> </li>
<p> <?php } ?>
Files
<?php
if ($num_files > 0) { ?>
<span class="right badge badge-light"><?php echo $num_files; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_documents.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_documents.php" || basename($_SERVER["PHP_SELF"]) == "client_document_details.php") { echo "active"; } ?>"> <a href="client_services.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_services.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file-alt"></i> <i class="nav-icon fas fa-stream"></i>
<p> <p>
Documents Services
<?php <?php
if ($num_documents > 0) { ?> if ($num_services > 0) { ?>
<span class="right badge badge-light"><?php echo $num_documents; ?></span> <span class="right badge badge-light"><?php echo $num_services; ?></span>
<?php } ?> <?php } ?>
</p> </p>
</a> </a>
</li> </li>
<?php if ($session_user_role == 1 || $session_user_role > 2 && $config_module_enable_accounting == 1) { ?> <li class="nav-item">
<a href="client_vendors.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_vendors.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-building"></i>
<p>
Vendors
<?php
if ($num_vendors > 0) { ?>
<span class="right badge badge-light"><?php echo $num_vendors; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-header mt-3">ACCOUNTING</li> <li class="nav-item">
<a href="client_events.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_events.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-calendar"></i>
<p>
Events
<?php
if ($num_events > 0) { ?>
<span class="right badge badge-light"><?php echo $num_events; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_invoices.php") { echo "active"; } ?>"> <a href="client_files.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_files.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i> <i class="nav-icon fas fa-paperclip"></i>
<p> <p>
Invoices Files
<?php
<?php if ($num_files > 0) { ?>
if ($num_invoices > 0) { ?> <span class="right badge badge-light"><?php echo $num_files; ?></span>
<span class="right badge badge-light"><?php echo $num_invoices; ?></span> <?php } ?>
<?php } ?> </p>
</a>
</li>
<?php if ($num_invoices_open > 0) { ?> <li class="nav-item">
<span class="right fa fa-fw fa-circle text-danger"></span> <a href="client_documents.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_documents.php" || basename($_SERVER["PHP_SELF"]) == "client_document_details.php") { echo "active"; } ?>">
<?php } ?> <i class="nav-icon fas fa-file-alt"></i>
<p>
Documents
<?php
if ($num_documents > 0) { ?>
<span class="right badge badge-light"><?php echo $num_documents; ?></span>
<?php } ?>
</p>
</a>
</li>
</p> <?php if ($session_user_role == 1 || $session_user_role > 2 && $config_module_enable_accounting == 1) { ?>
</a>
</li>
<li class="nav-item"> <li class="nav-header mt-3">ACCOUNTING</li>
<a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>
Recurring
<?php
if ($num_recurring > 0) { ?>
<span class="right badge badge-light"><?php echo $num_recurring; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_quotes.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_quotes.php") { echo "active"; } ?>"> <a href="client_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-file"></i> <i class="nav-icon fas fa-file"></i>
<p> <p>
Quotes Invoices
<?php
if ($num_quotes > 0) { ?>
<span class="right badge badge-light"><?php echo $num_quotes; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <?php
<a href="client_payments.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_payments.php") { echo "active"; } ?>"> if ($num_invoices > 0) { ?>
<i class="nav-icon fas fa-credit-card"></i> <span class="right badge badge-light"><?php echo $num_invoices; ?></span>
<p> <?php } ?>
Payments
<?php
if ($num_payments > 0) { ?>
<span class="right badge badge-light"><?php echo $num_payments; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <?php if ($num_invoices_open > 0) { ?>
<a href="client_trips.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_trips.php") { echo "active"; } ?>"> <span class="right fa fa-fw fa-circle text-danger"></span>
<i class="nav-icon fas fa-route"></i> <?php } ?>
<p>
Trips
<?php
if ($num_trips > 0) { ?>
<span class="right badge badge-light"><?php echo $num_trips; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php } ?> </p>
</a>
</li>
<li class="nav-header mt-3">MORE</li> <li class="nav-item">
<a href="client_recurring_invoices.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_recurring_invoices.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-sync-alt"></i>
<p>
Recurring
<?php
if ($num_recurring > 0) { ?>
<span class="right badge badge-light"><?php echo $num_recurring; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item"> <li class="nav-item">
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>"> <a href="client_quotes.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_quotes.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-share"></i> <i class="nav-icon fas fa-file"></i>
<p> <p>
Shared Links Quotes
<?php <?php
if ($num_shared_links > 0) { ?> if ($num_quotes > 0) { ?>
<span class="right badge badge-light"><?php echo $num_shared_links; ?></span> <span class="right badge badge-light"><?php echo $num_quotes; ?></span>
<?php } ?> <?php } ?>
</p> </p>
</a> </a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a href="client_logs.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logs.php") { echo "active"; } ?>"> <a href="client_payments.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_payments.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-eye"></i> <i class="nav-icon fas fa-credit-card"></i>
<p>Audit Logs</p> <p>
</a> Payments
</li> <?php
if ($num_payments > 0) { ?>
<span class="right badge badge-light"><?php echo $num_payments; ?></span>
<?php } ?>
</p>
</a>
</li>
</ul> <li class="nav-item">
</nav> <a href="client_trips.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_trips.php") { echo "active"; } ?>">
<!-- /.sidebar-menu --> <i class="nav-icon fas fa-route"></i>
</div> <p>
<!-- /.sidebar --> Trips
<?php
if ($num_trips > 0) { ?>
<span class="right badge badge-light"><?php echo $num_trips; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php } ?>
<li class="nav-header mt-3">MORE</li>
<li class="nav-item">
<a href="client_shared_items.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_shared_items.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-share"></i>
<p>
Shared Links
<?php
if ($num_shared_links > 0) { ?>
<span class="right badge badge-light"><?php echo $num_shared_links; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="client_logs.php?client_id=<?php echo $client_id; ?>" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "client_logs.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-eye"></i>
<p>Audit Logs</p>
</a>
</li>
</ul>
</nav>
<!-- /.sidebar-menu -->
</div>
<!-- /.sidebar -->
</aside> </aside>

6
functions.php
View File

@@ -405,7 +405,7 @@ function getDomainRecords($name) {
function getSSL($name) { function getSSL($name) {
$certificate = array(); $certificate = array();
$certificate['success'] = FALSE; $certificate['success'] = false;
// Only run if we think the domain is valid // Only run if we think the domain is valid
if (!filter_var($name, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) { if (!filter_var($name, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
@@ -417,7 +417,7 @@ function getSSL($name) {
// Get SSL/TSL certificate (using verify peer false to allow for self-signed certs) for domain on default port // Get SSL/TSL certificate (using verify peer false to allow for self-signed certs) for domain on default port
$socket = "ssl://$name:443"; $socket = "ssl://$name:443";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,))); $get = stream_context_create(array("ssl" => array("capture_peer_cert" => true, "verify_peer" => false,)));
$read = stream_socket_client($socket, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $get); $read = stream_socket_client($socket, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $get);
// If the socket connected // If the socket connected
@@ -427,7 +427,7 @@ function getSSL($name) {
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export); openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
if ($cert_public_key_obj) { if ($cert_public_key_obj) {
$certificate['success'] = TRUE; $certificate['success'] = true;
$certificate['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']); $certificate['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$certificate['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']); $certificate['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$certificate['public_key'] = $export; $certificate['public_key'] = $export;

1092
guest_view_invoice.php
View File

File diff suppressed because it is too large Load Diff

2
guest_view_item.php
View File

@@ -1,7 +1,7 @@
<?php <?php
header('Expires: Sun, 01 Jan 2014 00:00:00 GMT'); header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE); header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache'); header('Pragma: no-cache');
require_once("guest_header.php"); ?> require_once("guest_header.php"); ?>

2
invoices.php
View File

@@ -293,7 +293,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$now = time(); $now = time();
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) { if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
$overdue_color = "text-danger font-weight-bold"; $overdue_color = "text-danger font-weight-bold";
} else { } else {
$overdue_color = ""; $overdue_color = "";

8
login.php
View File

@@ -47,11 +47,11 @@ $config_mail_from_email = $row['config_mail_from_email'];
$config_mail_from_name = $row['config_mail_from_name']; $config_mail_from_name = $row['config_mail_from_name'];
// HTTP-Only cookies // HTTP-Only cookies
ini_set("session.cookie_httponly", True); ini_set("session.cookie_httponly", true);
// Tell client to only send cookie(s) over HTTPS // Tell client to only send cookie(s) over HTTPS
if ($config_https_only) { if ($config_https_only) {
ini_set("session.cookie_secure", True); ini_set("session.cookie_secure", true);
} }
// Handle POST login request // Handle POST login request
@@ -108,7 +108,7 @@ if (isset($_POST['login'])) {
// Determine whether 2FA was used (for logs) // Determine whether 2FA was used (for logs)
$extended_log = ''; // Default value $extended_log = ''; // Default value
if ($current_code !== 0 ) { if ($current_code !== 0) {
$extended_log = 'with 2FA'; $extended_log = 'with 2FA';
} }
@@ -120,7 +120,7 @@ if (isset($_POST['login'])) {
$_SESSION['user_name'] = $user_name; $_SESSION['user_name'] = $user_name;
$_SESSION['user_role'] = $row['user_role']; $_SESSION['user_role'] = $row['user_role'];
$_SESSION['csrf_token'] = randomString(156); $_SESSION['csrf_token'] = randomString(156);
$_SESSION['logged'] = TRUE; $_SESSION['logged'] = true;
// Setup encryption session key // Setup encryption session key
if (isset($row['user_specific_encryption_ciphertext']) && $row['user_role'] > 1) { if (isset($row['user_specific_encryption_ciphertext']) && $row['user_role'] > 1) {

142
pagination.php
View File

@@ -11,89 +11,89 @@ $total_found_rows = $num_rows[0];
$total_pages = ceil($total_found_rows / $_SESSION['records_per_page']); $total_pages = ceil($total_found_rows / $_SESSION['records_per_page']);
if ($total_found_rows > 10) { if ($total_found_rows > 10) {
$i=0; $i=0;
?> ?>
<hr> <hr>
<div class="row"> <div class="row">
<div class="col mb-3"> <div class="col mb-3">
<form action="post.php" method="post"> <form action="post.php" method="post">
<select onchange="this.form.submit()" class="input-form select2" name="change_records_per_page"> <select onchange="this.form.submit()" class="input-form select2" name="change_records_per_page">
<option <?php if ($_SESSION['records_per_page'] == 5) { echo "selected"; } ?> >5</option> <option <?php if ($_SESSION['records_per_page'] == 5) { echo "selected"; } ?> >5</option>
<option <?php if ($_SESSION['records_per_page'] == 10) { echo "selected"; } ?> >10</option> <option <?php if ($_SESSION['records_per_page'] == 10) { echo "selected"; } ?> >10</option>
<option <?php if ($_SESSION['records_per_page'] == 20) { echo "selected"; } ?> >20</option> <option <?php if ($_SESSION['records_per_page'] == 20) { echo "selected"; } ?> >20</option>
<option <?php if ($_SESSION['records_per_page'] == 50) { echo "selected"; } ?> >50</option> <option <?php if ($_SESSION['records_per_page'] == 50) { echo "selected"; } ?> >50</option>
<option <?php if ($_SESSION['records_per_page'] == 100) { echo "selected"; } ?> >100</option> <option <?php if ($_SESSION['records_per_page'] == 100) { echo "selected"; } ?> >100</option>
<option <?php if ($_SESSION['records_per_page'] == 500) { echo "selected"; } ?> >500</option> <option <?php if ($_SESSION['records_per_page'] == 500) { echo "selected"; } ?> >500</option>
</select> </select>
</form> </form>
</div> </div>
<div class="col mb-3"> <div class="col mb-3">
<p class="text-center mt-2"><?php echo $total_found_rows; ?></p> <p class="text-center mt-2"><?php echo $total_found_rows; ?></p>
</div> </div>
<div class="col mb-3"> <div class="col mb-3">
<ul class="pagination justify-content-end"> <ul class="pagination justify-content-end">
<?php <?php
if ($total_pages <= 100) {
$pages_split = 10;
}
if (($total_pages <= 1000) && ($total_pages > 100)) {
$pages_split = 100;
}
if (($total_pages <= 10000) && ($total_pages > 1000)) {
$pages_split = 1000;
}
if ($p > 1) {
$prev_class = "";
}else{
$prev_class = "disabled";
}
if ($p <> $total_pages) {
$next_class = "";
}else{
$next_class = "disabled";
}
$url_query_strings = http_build_query(array_merge($_GET,array('p' => $i)));
$prev_page = $p - 1;
$next_page = $p + 1;
if ($p > 1) {
echo "<li class='page-item $prev_class'><a class='page-link' href='?$url_query_strings&p=$prev_page'>Prev</a></li>";
}
while ($i < $total_pages) {
$i++;
if (($i == 1) || (($p <= 3) && ($i <= 6)) || (($i > $total_pages - 6) && ($p > $total_pages - 3 )) || (is_int($i / $pages_split)) || (($p > 3) && ($i >= $p - 2) && ($i <= $p + 3)) || ($i == $total_pages)) {
if ($p == $i ) {
$page_class = "active";
}else{
$page_class = "";
}
echo "<li class='page-item $page_class'><a class='page-link' href='?$url_query_strings&p=$i'>$i</a></li>";
}
}
if ($p <> $total_pages) { if ($total_pages <= 100) {
echo "<li class='page-item $next_class'><a class='page-link' href='?$url_query_strings&p=$next_page'>Next</a></li>"; $pages_split = 10;
} }
if (($total_pages <= 1000) && ($total_pages > 100)) {
$pages_split = 100;
}
if (($total_pages <= 10000) && ($total_pages > 1000)) {
$pages_split = 1000;
}
if ($p > 1) {
$prev_class = "";
} else {
$prev_class = "disabled";
}
if ($p <> $total_pages) {
$next_class = "";
} else {
$next_class = "disabled";
}
$url_query_strings = http_build_query(array_merge($_GET,array('p' => $i)));
$prev_page = $p - 1;
$next_page = $p + 1;
?> if ($p > 1) {
echo "<li class='page-item $prev_class'><a class='page-link' href='?$url_query_strings&p=$prev_page'>Prev</a></li>";
}
</ul> while ($i < $total_pages) {
</div> $i++;
</div> if (($i == 1) || (($p <= 3) && ($i <= 6)) || (($i > $total_pages - 6) && ($p > $total_pages - 3)) || (is_int($i / $pages_split)) || (($p > 3) && ($i >= $p - 2) && ($i <= $p + 3)) || ($i == $total_pages)) {
if ($p == $i) {
$page_class = "active";
} else {
$page_class = "";
}
echo "<li class='page-item $page_class'><a class='page-link' href='?$url_query_strings&p=$i'>$i</a></li>";
}
}
<?php if ($p <> $total_pages) {
echo "<li class='page-item $next_class'><a class='page-link' href='?$url_query_strings&p=$next_page'>Next</a></li>";
}
?>
</ul>
</div>
</div>
<?php
} }
if ($total_found_rows == 0) { if ($total_found_rows == 0) {
echo "<center class='my-3'><i class='far fa-fw fa-6x fa-meh-rolling-eyes text-secondary'></i><h3 class='text-secondary mt-3'>No Results</h3></center>"; echo "<center class='my-3'><i class='far fa-fw fa-6x fa-meh-rolling-eyes text-secondary'></i><h3 class='text-secondary mt-3'>No Results</h3></center>";
} }
?> ?>

4
portal/inc_portal.php
View File

@@ -11,10 +11,10 @@ require_once('portal_functions.php');
if (!isset($_SESSION)) { if (!isset($_SESSION)) {
// HTTP Only cookies // HTTP Only cookies
ini_set("session.cookie_httponly", True); ini_set("session.cookie_httponly", true);
if ($config_https_only) { if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS // Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True); ini_set("session.cookie_secure", true);
} }
session_start(); session_start();
} }

9
portal/invoices.php
View File

@@ -18,9 +18,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
<div class="col-md-1 text-center"> <div class="col-md-1 text-center">
<?php if (!empty($session_contact_photo)) { ?> <?php if (!empty($session_contact_photo)) { ?>
<img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive"> <img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<?php } else { ?> <?php } else { ?>
<span class="fa-stack fa-2x rounded-left"> <span class="fa-stack fa-2x rounded-left">
<i class="fa fa-circle fa-stack-2x text-secondary"></i> <i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span> <span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
@@ -73,7 +71,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
} }
$now = time(); $now = time();
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) { if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) {
$overdue_color = "text-danger font-weight-bold"; $overdue_color = "text-danger font-weight-bold";
} else { } else {
$overdue_color = ""; $overdue_color = "";
@@ -107,9 +105,8 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
</td> </td>
</tr> </tr>
<?php <?php } ?>
}
?>
</tbody> </tbody>
</table> </table>

2
portal/login.php
View File

@@ -46,7 +46,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
if ($row['contact_auth_method'] == 'local') { if ($row['contact_auth_method'] == 'local') {
if (password_verify($password, $row['contact_password_hash'])) { if (password_verify($password, $row['contact_password_hash'])) {
$_SESSION['client_logged_in'] = TRUE; $_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id']; $_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id']; $_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id']; $_SESSION['company_id'] = $row['company_id'];

2
portal/login_microsoft.php
View File

@@ -95,7 +95,7 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
if ($row['contact_auth_method'] == 'azure') { if ($row['contact_auth_method'] == 'azure') {
$_SESSION['client_logged_in'] = TRUE; $_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id']; $_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id']; $_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id']; $_SESSION['company_id'] = $row['company_id'];

46
post.php
View File

@@ -284,7 +284,7 @@ if(isset($_POST['edit_profile'])){
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']))); $email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$new_password = trim($_POST['new_password']); $new_password = trim($_POST['new_password']);
$existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name']))); $existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
$logout = FALSE; $logout = false;
$extended_log_description = ''; $extended_log_description = '';
// Email notification when password or email is changed // Email notification when password or email is changed
@@ -367,7 +367,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli,"UPDATE users SET user_password = '$new_password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' WHERE user_id = $user_id"); mysqli_query($mysqli,"UPDATE users SET user_password = '$new_password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' WHERE user_id = $user_id");
$extended_log_description .= ", password changed"; $extended_log_description .= ", password changed";
$logout = TRUE; $logout = true;
} }
// Enable extension access, only if it isn't already setup (user doesn't have cookie) // Enable extension access, only if it isn't already setup (user doesn't have cookie)
@@ -377,7 +377,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli, "UPDATE users SET user_extension_key = '$extension_key' WHERE user_id = $user_id"); mysqli_query($mysqli, "UPDATE users SET user_extension_key = '$extension_key' WHERE user_id = $user_id");
$extended_log_description .= ", extension access enabled"; $extended_log_description .= ", extension access enabled";
$logout = TRUE; $logout = true;
} }
} }
@@ -4788,19 +4788,19 @@ if(isset($_POST["import_client_contacts_csv"])){
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"]; $file_name = $_FILES["file"]["tmp_name"];
$error = FALSE; $error = false;
//Check file is CSV //Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name']))); $file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv'); $allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){ if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file extension"; $_SESSION['alert_message'] = "Bad file extension";
} }
//Check file isn't empty //Check file isn't empty
elseif($_FILES["file"]["size"] < 1){ elseif($_FILES["file"]["size"] < 1){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)"; $_SESSION['alert_message'] = "Bad file size (empty?)";
} }
@@ -4808,7 +4808,7 @@ if(isset($_POST["import_client_contacts_csv"])){
$f = fopen($file_name, "r"); $f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ","); $f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) { if(!$error & count($f_columns) != 8) {
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad column count."; $_SESSION['alert_message'] = "Bad column count.";
} }
@@ -4818,7 +4818,7 @@ if(isset($_POST["import_client_contacts_csv"])){
fgetcsv($file, 1000, ","); // Skip first line fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0; $row_count = 0;
$duplicate_count = 0; $duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){ while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0; $duplicate_detect = 0;
if(isset($column[0])){ if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0]))); $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@@ -5209,19 +5209,19 @@ if(isset($_POST["import_client_locations_csv"])){
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"]; $file_name = $_FILES["file"]["tmp_name"];
$error = FALSE; $error = false;
//Check file is CSV //Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name']))); $file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv'); $allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){ if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file extension"; $_SESSION['alert_message'] = "Bad file extension";
} }
//Check file isn't empty //Check file isn't empty
elseif($_FILES["file"]["size"] < 1){ elseif($_FILES["file"]["size"] < 1){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)"; $_SESSION['alert_message'] = "Bad file size (empty?)";
} }
@@ -5229,7 +5229,7 @@ if(isset($_POST["import_client_locations_csv"])){
$f = fopen($file_name, "r"); $f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ","); $f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 7) { if(!$error & count($f_columns) != 7) {
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad column count."; $_SESSION['alert_message'] = "Bad column count.";
} }
@@ -5239,7 +5239,7 @@ if(isset($_POST["import_client_locations_csv"])){
fgetcsv($file, 1000, ","); // Skip first line fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0; $row_count = 0;
$duplicate_count = 0; $duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){ while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0; $duplicate_detect = 0;
if(isset($column[0])){ if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0]))); $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@@ -5519,19 +5519,19 @@ if(isset($_POST["import_client_assets_csv"])){
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"]; $file_name = $_FILES["file"]["tmp_name"];
$error = FALSE; $error = false;
//Check file is CSV //Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name']))); $file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv'); $allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){ if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file extension"; $_SESSION['alert_message'] = "Bad file extension";
} }
//Check file isn't empty //Check file isn't empty
elseif($_FILES["file"]["size"] < 1){ elseif($_FILES["file"]["size"] < 1){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)"; $_SESSION['alert_message'] = "Bad file size (empty?)";
} }
@@ -5539,7 +5539,7 @@ if(isset($_POST["import_client_assets_csv"])){
$f = fopen($file_name, "r"); $f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ","); $f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) { if(!$error & count($f_columns) != 8) {
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad column count."; $_SESSION['alert_message'] = "Bad column count.";
} }
@@ -5549,7 +5549,7 @@ if(isset($_POST["import_client_assets_csv"])){
fgetcsv($file, 1000, ","); // Skip first line fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0; $row_count = 0;
$duplicate_count = 0; $duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){ while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0; $duplicate_detect = 0;
if(isset($column[0])){ if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0]))); $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@@ -6163,19 +6163,19 @@ if(isset($_POST["import_client_logins_csv"])){
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"]; $file_name = $_FILES["file"]["tmp_name"];
$error = FALSE; $error = false;
//Check file is CSV //Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name']))); $file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv'); $allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){ if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file extension"; $_SESSION['alert_message'] = "Bad file extension";
} }
//Check file isn't empty //Check file isn't empty
elseif($_FILES["file"]["size"] < 1){ elseif($_FILES["file"]["size"] < 1){
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)"; $_SESSION['alert_message'] = "Bad file size (empty?)";
} }
@@ -6183,7 +6183,7 @@ if(isset($_POST["import_client_logins_csv"])){
$f = fopen($file_name, "r"); $f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ","); $f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 4) { if(!$error & count($f_columns) != 4) {
$error = TRUE; $error = true;
$_SESSION['alert_message'] = "Bad column count."; $_SESSION['alert_message'] = "Bad column count.";
} }
@@ -6193,7 +6193,7 @@ if(isset($_POST["import_client_logins_csv"])){
fgetcsv($file, 1000, ","); // Skip first line fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0; $row_count = 0;
$duplicate_count = 0; $duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){ while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0; $duplicate_detect = 0;
if(isset($column[0])){ if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0]))); $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));

255
rfc6238.php
View File

@@ -1,170 +1,151 @@
<?php <?php
// http://www.faqs.org/rfcs/rfc6238.html // http://www.faqs.org/rfcs/rfc6238.html
require_once(dirname(__FILE__).'/base32static.php'); require_once(dirname(__FILE__).'/base32static.php');
class TokenAuth6238 { class TokenAuth6238 {
/** /**
* verify * verify
* *
* @param string $secretkey Secret clue (base 32). * @param string $secretkey Secret clue (base 32).
* @return bool True if success, false if failure * @return bool True if success, false if failure
*/ */
public static function verify($secretkey, $code, $rangein30s = 3) { public static function verify($secretkey, $code, $rangein30s = 3) {
$key = base32static::decode($secretkey); $key = base32static::decode($secretkey);
$unixtimestamp = time()/30; $unixtimestamp = time()/30;
for($i=-($rangein30s); $i<=$rangein30s; $i++) { for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i); $checktime = (int)($unixtimestamp+$i);
$thiskey = self::oath_hotp($key, $checktime); $thiskey = self::oath_hotp($key, $checktime);
if ((int)$code == self::oath_truncate($thiskey,6)) { if ((int)$code == self::oath_truncate($thiskey,6)) {
return true; return true;
} }
} }
return false; return false;
} }
public static function getTokenCode($secretkey) { public static function getTokenCode($secretkey) {
$result = ""; $result = "";
$key = base32static::decode($secretkey); $key = base32static::decode($secretkey);
$unixtimestamp = time()/30; $unixtimestamp = time()/30;
$checktime = (int)($unixtimestamp); $checktime = (int)($unixtimestamp);
$thiskey = self::oath_hotp($key, $checktime); $thiskey = self::oath_hotp($key, $checktime);
$result = $result . self::oath_truncate($thiskey,6); $result = $result . self::oath_truncate($thiskey,6);
$result = "000000" . $result; $result = "000000" . $result;
return substr($result, -6); return substr($result, -6);
} }
public static function getTokenCodeDebug($secretkey,$rangein30s = 3) { public static function getTokenCodeDebug($secretkey,$rangein30s = 3) {
$result = ""; $result = "";
print "<br/>SecretKey: $secretkey <br/>"; print "<br/>SecretKey: $secretkey <br/>";
$key = base32static::decode($secretkey); $key = base32static::decode($secretkey);
print "Key(base 32 decode): $key <br/>"; print "Key(base 32 decode): $key <br/>";
$unixtimestamp = time()/30; $unixtimestamp = time()/30;
print "UnixTimeStamp (time()/30): $unixtimestamp <br/>"; print "UnixTimeStamp (time()/30): $unixtimestamp <br/>";
for($i=-($rangein30s); $i<=$rangein30s; $i++) { for($i=-($rangein30s); $i<=$rangein30s; $i++) {
$checktime = (int)($unixtimestamp+$i); $checktime = (int)($unixtimestamp+$i);
print "Calculating oath_hotp from (int)(unixtimestamp +- 30sec offset): $checktime basing on secret key<br/>"; print "Calculating oath_hotp from (int)(unixtimestamp +- 30sec offset): $checktime basing on secret key<br/>";
$thiskey = self::oath_hotp($key, $checktime, true); $thiskey = self::oath_hotp($key, $checktime, true);
print "======================================================<br/>"; print "======================================================<br/>";
print "CheckTime: $checktime oath_hotp:".$thiskey."<br/>"; print "CheckTime: $checktime oath_hotp:".$thiskey."<br/>";
$result = $result." # ".self::oath_truncate($thiskey,6,true); $result = $result." # ".self::oath_truncate($thiskey,6,true);
} }
return $result; return $result;
} }
public static function getBarCodeUrl($username, $domain, $secretkey, $issuer) { public static function getBarCodeUrl($username, $domain, $secretkey, $issuer) {
$url = "http://chart.apis.google.com/chart"; $url = "http://chart.apis.google.com/chart";
$url = $url."?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/"; $url = $url."?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/";
$url = $url.$username . "@" . $domain . "%3Fsecret%3D" . $secretkey . '%26issuer%3D' . rawurlencode($issuer); $url = $url.$username . "@" . $domain . "%3Fsecret%3D" . $secretkey . '%26issuer%3D' . rawurlencode($issuer);
return $url; return $url;
}
public static function generateRandomClue($length = 16) {
$b32 = "234567QWERTYUIOPASDFGHJKLZXCVBNM";
$s = "";
for ($i = 0; $i < $length; $i++)
$s .= $b32[rand(0,31)];
return $s;
} }
private static function hotp_tobytestream($key) { private static function oath_hotp ($key, $counter, $debug=false) {
$result = array(); $result = "";
$last = strlen($key); $orgcounter = $counter;
for ($i = 0; $i < $last; $i = $i + 2) { $cur_counter = array(0,0,0,0,0,0,0,0);
$x = $key[$i] + $key[$i + 1];
$x = strtoupper($x);
$x = hexdec($x);
$result = $result.chr($x);
}
return $result; if ($debug) {
} print "Packing counter $counter (".dechex($counter).")into binary string - pay attention to hex representation of key and binary representation<br/>";
private static function oath_hotp ($key, $counter, $debug=false) { }
$result = "";
$orgcounter = $counter;
$cur_counter = array(0,0,0,0,0,0,0,0);
if ($debug) { for($i=7;$i>=0;$i--) { // C for unsigned char, * for repeating to the end of the input data
print "Packing counter $counter (".dechex($counter).")into binary string - pay attention to hex representation of key and binary representation<br/>"; $cur_counter[$i] = pack ('C*', $counter);
}
for($i=7;$i>=0;$i--) { // C for unsigned char, * for repeating to the end of the input data if ($debug) {
$cur_counter[$i] = pack ('C*', $counter); print $cur_counter[$i]."(".dechex(ord($cur_counter[$i])).")"." from $counter <br/>";
}
$counter = $counter >> 8;
}
if ($debug) {
foreach ($cur_counter as $char) {
print ord($char) . " ";
}
print "<br/>";
}
$binary = implode($cur_counter);
// Pad to 8 characters
str_pad($binary, 8, chr(0), STR_PAD_LEFT);
if ($debug) { if ($debug) {
print $cur_counter[$i]."(".dechex(ord($cur_counter[$i])).")"." from $counter <br/>"; print "Prior to HMAC calculation pad with zero on the left until 8 characters.<br/>";
print "Calculate sha1 HMAC(Hash-based Message Authentication Code https://en.wikipedia.org/wiki/HMAC).<br/>";
print "hash_hmac ('sha1', $binary, $key)<br/>";
}
$result = hash_hmac ('sha1', $binary, $key);
if ($debug) {
print "Result: $result <br/>";
}
return $result;
}
private static function oath_truncate($hash, $length = 6, $debug=false) {
$result="";
// Convert to dec
if ($debug) {
print "converting hex hash into characters<br/>";
} }
$counter = $counter >> 8; $hashcharacters = str_split($hash,2);
}
if ($debug) { if ($debug) {
foreach ($cur_counter as $char) { print_r($hashcharacters);
print ord($char) . " "; print "<br/>and convert to decimals:<br/>";
}
for ($j=0; $j<count($hashcharacters); $j++) {
$hmac_result[]=hexdec($hashcharacters[$j]);
} }
print "<br/>"; if ($debug) {
} print_r($hmac_result);
}
// http://php.net/manual/ru/function.hash-hmac.php
// adopted from brent at thebrent dot net 21-May-2009 08:17 comment
$offset = $hmac_result[19] & 0xf;
$binary = implode($cur_counter); if ($debug) {
// Pad to 8 characters print "Calculating offset as 19th element of hmac:".$hmac_result[19]."<br/>";
str_pad($binary, 8, chr(0), STR_PAD_LEFT); print "offset:".$offset;
}
if ($debug) { $result = (
print "Prior to HMAC calculation pad with zero on the left until 8 characters.<br/>"; (($hmac_result[$offset+0] & 0x7f) << 24) |
print "Calculate sha1 HMAC(Hash-based Message Authentication Code https://en.wikipedia.org/wiki/HMAC).<br/>"; (($hmac_result[$offset+1] & 0xff) << 16) |
print "hash_hmac ('sha1', $binary, $key)<br/>"; (($hmac_result[$offset+2] & 0xff) << 8) |
} ($hmac_result[$offset+3] & 0xff)
$result = hash_hmac ('sha1', $binary, $key); ) % pow(10,$length);
return $result;
}
if ($debug) { }
print "Result: $result <br/>";
}
return $result;
}
private static function oath_truncate($hash, $length = 6, $debug=false) {
$result="";
// Convert to dec
if ($debug) {
print "converting hex hash into characters<br/>";
}
$hashcharacters = str_split($hash,2);
if ($debug) {
print_r($hashcharacters);
print "<br/>and convert to decimals:<br/>";
}
for ($j=0; $j<count($hashcharacters); $j++) {
$hmac_result[]=hexdec($hashcharacters[$j]);
}
if ($debug) {
print_r($hmac_result);
}
// http://php.net/manual/ru/function.hash-hmac.php
// adopted from brent at thebrent dot net 21-May-2009 08:17 comment
$offset = $hmac_result[19] & 0xf;
if ($debug) {
print "Calculating offset as 19th element of hmac:".$hmac_result[19]."<br/>";
print "offset:".$offset;
}
$result = (
(($hmac_result[$offset+0] & 0x7f) << 24 ) |
(($hmac_result[$offset+1] & 0xff) << 16 ) |
(($hmac_result[$offset+2] & 0xff) << 8 ) |
($hmac_result[$offset+3] & 0xff)
) % pow(10,$length);
return $result;
}
}

17
ticket.php
View File

@@ -1,4 +1,5 @@
<?php include("inc_all.php"); <?php
require_once("inc_all.php");
if (isset($_GET['ticket_id'])) { if (isset($_GET['ticket_id'])) {
$ticket_id = intval($_GET['ticket_id']); $ticket_id = intval($_GET['ticket_id']);
@@ -374,7 +375,7 @@ if (isset($_GET['ticket_id'])) {
<?php <?php
include("ticket_reply_edit_modal.php"); require("ticket_reply_edit_modal.php");
} }
@@ -490,7 +491,7 @@ if (isset($_GET['ticket_id'])) {
<br> <br>
<?php } <?php }
if ($ticket_asset_count > 0 ) { ?> if ($ticket_asset_count > 0) { ?>
<button class="btn btn-block btn-secondary" data-toggle="modal" data-target="#assetTicketsModal">Service History (<?php echo $ticket_asset_count; ?>)</button> <button class="btn btn-block btn-secondary" data-toggle="modal" data-target="#assetTicketsModal">Service History (<?php echo $ticket_asset_count; ?>)</button>
@@ -617,17 +618,15 @@ if (isset($_GET['ticket_id'])) {
</div> </div>
<?php <?php
include("ticket_edit_modal.php"); require("ticket_edit_modal.php");
include("ticket_merge_modal.php"); require("ticket_merge_modal.php");
include("ticket_invoice_add_modal.php"); require("ticket_invoice_add_modal.php");
} }
} }
?> require_once("footer.php");
<?php include_once("footer.php");
if ($ticket_status !== "Closed") { ?> if ($ticket_status !== "Closed") { ?>
<!-- Ticket Time Tracking JS --> <!-- Ticket Time Tracking JS -->