mirror of https://github.com/itflow-org/itflow
Updated rack post to use new logAction function, new role check function tidy and added more details to logging
This commit is contained in:
johnnyq
parent
cf22f01df4
commit
b408a31cde
|
|
@ -568,10 +568,10 @@ if(isset($_POST['export_client_quotes_csv'])){
|
|||
|
||||
$_SESSION['alert_message'] = "Exported <strong>$num_rows</strong> quote(s)";
|
||||
|
||||
exit;
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
exit;
|
||||
|
||||
}
|
||||
|
||||
if (isset($_POST['update_quote_item_order'])) {
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
|
||||
if (isset($_POST['add_rack'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$client_id = intval($_POST['client_id']);
|
||||
$name = sanitizeInput($_POST['name']);
|
||||
|
|
@ -41,8 +41,8 @@ if (isset($_POST['add_rack'])) {
|
|||
}
|
||||
}
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack', log_action = 'Create', log_description = '$session_name created rack $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
// Logging
|
||||
logAction("Rack", "Create", "$session_name created rack $name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Rack <strong>$name</strong> created";
|
||||
|
||||
|
|
@ -52,7 +52,7 @@ if (isset($_POST['add_rack'])) {
|
|||
|
||||
if (isset($_POST['edit_rack'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$rack_id = intval($_POST['rack_id']);
|
||||
$client_id = intval($_POST['client_id']);
|
||||
|
|
@ -86,8 +86,8 @@ if (isset($_POST['edit_rack'])) {
|
|||
}
|
||||
}
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack', log_action = 'Edit', log_description = '$session_name edited rack $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
// Logging
|
||||
logAction("Rack", "Edit", "$session_name edited rack $name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Rack <strong>$name</strong> edited";
|
||||
|
||||
|
|
@ -97,7 +97,7 @@ if (isset($_POST['edit_rack'])) {
|
|||
|
||||
if (isset($_GET['archive_rack'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$rack_id = intval($_GET['archive_rack']);
|
||||
|
||||
|
|
@ -105,15 +105,15 @@ if (isset($_GET['archive_rack'])) {
|
|||
$sql = mysqli_query($mysqli,"SELECT rack_name, rack_client_id FROM racks WHERE rack_id = $rack_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$rack_name = sanitizeInput($row['rack_name']);
|
||||
$client_id = intval($row['asset_client_id']);
|
||||
$client_id = intval($row['rack_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE racks SET rack_archived_at = NOW() WHERE rack_id = $rack_id");
|
||||
|
||||
//logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack', log_action = 'Archive', log_description = '$session_name archived rack $rack_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
// Logging
|
||||
logAction("Rack", "Archive", "$session_name archived rack $rack_name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Asset <strong>$rack_name</strong> archived";
|
||||
$_SESSION['alert_message'] = "Rack <strong>$rack_name</strong> archived";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
|
@ -121,7 +121,7 @@ if (isset($_GET['archive_rack'])) {
|
|||
|
||||
if (isset($_GET['unarchive_rack'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$rack_id = intval($_GET['unarchive_rack']);
|
||||
|
||||
|
|
@ -133,8 +133,8 @@ if (isset($_GET['unarchive_rack'])) {
|
|||
|
||||
mysqli_query($mysqli,"UPDATE racks SET rack_archived_at = NULL WHERE rack_id = $rack_id");
|
||||
|
||||
//logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Unarchive', log_description = '$session_name restored rack $rack_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $asset_id");
|
||||
// Logging
|
||||
logAction("Rack", "Unarchive", "$session_name unarchived rack $rack_name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Rack <strong>$rack_name</strong> Unarchived";
|
||||
|
||||
|
|
@ -144,7 +144,7 @@ if (isset($_GET['unarchive_rack'])) {
|
|||
|
||||
if (isset($_GET['delete_rack'])) {
|
||||
|
||||
validateAdminRole();
|
||||
enforceUserPermission('module_support', 3);
|
||||
|
||||
$rack_id = intval($_GET['delete_rack']);
|
||||
|
||||
|
|
@ -162,8 +162,8 @@ if (isset($_GET['delete_rack'])) {
|
|||
unlink("uploads/clients/$client_id/$rack_photo");
|
||||
}
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack', log_action = 'Delete', log_description = '$session_name deleted rack $rack_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
// Logging
|
||||
logAction("Rack", "Delete", "$session_name deleted rack $rack_name", $client_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "Rack <strong>$rack_name</strong> deleted";
|
||||
|
|
@ -174,7 +174,7 @@ if (isset($_GET['delete_rack'])) {
|
|||
|
||||
if (isset($_POST['add_rack_unit'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$client_id = intval($_POST['client_id']);
|
||||
$rack_id = intval($_POST['rack_id']);
|
||||
|
|
@ -183,6 +183,12 @@ if (isset($_POST['add_rack_unit'])) {
|
|||
$unit_end = intval($_POST['unit_end']);
|
||||
$asset = intval($_POST['asset']);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT rack_name, rack_client_id FROM racks WHERE rack_id = $rack_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$rack_name = sanitizeInput($row['rack_name']);
|
||||
$client_id = intval($row['rack_client_id']);
|
||||
|
||||
// **New Validation Check**
|
||||
if ($unit_start > $unit_end) {
|
||||
$_SESSION['alert_type'] = "error";
|
||||
|
|
@ -208,16 +214,16 @@ if (isset($_POST['add_rack_unit'])) {
|
|||
$unit_id = mysqli_insert_id($mysqli);
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Rack Unit', log_action = 'Create', log_description = '$session_name added units $unit_start to $unit_end to the rack', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
logAction("Rack", "Edit", "$session_name added device $name to units $unit_start - $unit_end in rack $rack_name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Device added to units $unit_start - $unit_end in rack.";
|
||||
$_SESSION['alert_message'] = "Device <strong>$name</strong> added to units $unit_start - $unit_end in rack.";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
}
|
||||
|
||||
if (isset($_POST['edit_rack_unit'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$unit_id = intval($_POST['unit_id']);
|
||||
$client_id = intval($_POST['client_id']);
|
||||
|
|
@ -227,12 +233,18 @@ if (isset($_POST['edit_rack_unit'])) {
|
|||
$unit_end = intval($_POST['unit_end']);
|
||||
$asset = intval($_POST['asset']);
|
||||
|
||||
// Get Name and Client ID for logging and alert message
|
||||
$sql = mysqli_query($mysqli,"SELECT rack_name, rack_client_id FROM racks WHERE rack_id = $rack_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$rack_name = sanitizeInput($row['rack_name']);
|
||||
$client_id = intval($row['rack_client_id']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE rack_units SET unit_device = '$name', unit_asset_id = $asset, unit_start_number = $unit_start, unit_end_number = $unit_end WHERE unit_id = $unit_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack Unit', log_action = 'Edit', log_description = '$session_name edited a unit on the rack', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
// Logging
|
||||
logAction("Rack", "Edit", "$session_name edited device $name in rack $rack_name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_message'] = "Device edited on the rack";
|
||||
$_SESSION['alert_message'] = "Device $name edited on the rack";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
|
@ -240,7 +252,7 @@ if (isset($_POST['edit_rack_unit'])) {
|
|||
|
||||
if (isset($_GET['remove_rack_unit'])) {
|
||||
|
||||
validateTechRole();
|
||||
enforceUserPermission('module_support', 2);
|
||||
|
||||
$unit_id = intval($_GET['remove_rack_unit']);
|
||||
|
||||
|
|
@ -248,16 +260,17 @@ if (isset($_GET['remove_rack_unit'])) {
|
|||
$sql = mysqli_query($mysqli,"SELECT rack_name, rack_id, rack_client_id FROM racks LEFT JOIN rack_units ON unit_rack_id = rack_id WHERE unit_id = $unit_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$rack_name = sanitizeInput($row['rack_name']);
|
||||
$unit_device = sanitizeInput($row['unit_device']);
|
||||
$client_id = intval($row['rack_client_id']);
|
||||
$rack_id = intval($row['rack_id']);
|
||||
|
||||
mysqli_query($mysqli,"DELETE FROM rack_units WHERE unit_id = $unit_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Rack Unit', log_action = 'Delete', log_description = '$session_name removed device from rack', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $rack_id");
|
||||
// Logging
|
||||
logAction("Rack", "Edit", "$session_name removed device $device_name from rack $rack_name", $client_id, $rack_id);
|
||||
|
||||
$_SESSION['alert_type'] = "error";
|
||||
$_SESSION['alert_message'] = "You removed device from the rack";
|
||||
$_SESSION['alert_message'] = "Device <strong>$device_name</strong> removed from rack";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue