diff --git a/post/admin/admin_settings_company.php b/post/admin/admin_settings_company.php
index 4b235bcb..839c16ec 100644
--- a/post/admin/admin_settings_company.php
+++ b/post/admin/admin_settings_company.php
@@ -19,21 +19,23 @@ if (isset($_POST['edit_company'])) {
$existing_file_name = sanitizeInput($row['company_logo']);
// Company logo
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'png'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'png'))) {
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/settings/";
- $dest_path = $upload_file_dir . $new_file_name;
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/settings/";
+ $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ move_uploaded_file($file_tmp_path, $dest_path);
- // Delete old file
- unlink("uploads/settings/$existing_file_name");
+ // Delete old file
+ unlink("uploads/settings/$existing_file_name");
- // Set Logo
- mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = 1");
+ // Set Logo
+ mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = 1");
+ }
}
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
diff --git a/post/admin/admin_user.php b/post/admin/admin_user.php
index 390ff1ea..49a5173f 100644
--- a/post/admin/admin_user.php
+++ b/post/admin/admin_user.php
@@ -31,18 +31,20 @@ if (isset($_POST['add_user'])) {
// Check for and process image/photo
$extended_alert_description = '';
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/users/$user_id/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/users/$user_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
- // Set Avatar
- mysqli_query($mysqli, "UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
- $extended_alert_description = '. File successfully uploaded.';
+ // Set Avatar
+ mysqli_query($mysqli, "UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
+ $extended_alert_description = '. File successfully uploaded.';
+ }
}
// Create Settings
@@ -129,22 +131,24 @@ if (isset($_POST['edit_user'])) {
// Check for and process image/photo
$extended_alert_description = '';
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {\
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/users/$user_id/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/users/$user_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
- // Delete old file
- unlink("uploads/users/$user_id/$existing_file_name");
+ // Delete old file
+ unlink("uploads/users/$user_id/$existing_file_name");
- // Set Avatar
- mysqli_query($mysqli, "UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
- $extended_alert_description = '. File successfully uploaded.';
-
+ // Set Avatar
+ mysqli_query($mysqli, "UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
+ $extended_alert_description = '. File successfully uploaded.';
+
+ }
}
mysqli_query($mysqli, "UPDATE users SET user_name = '$name', user_email = '$email' WHERE user_id = $user_id");
diff --git a/post/user/asset.php b/post/user/asset.php
index 10fa966c..bdb88883 100644
--- a/post/user/asset.php
+++ b/post/user/asset.php
@@ -19,19 +19,21 @@ if (isset($_POST['add_asset'])) {
$asset_id = mysqli_insert_id($mysqli);
// Add Photo
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- if (!file_exists("uploads/clients/$client_id")) {
- mkdir("uploads/clients/$client_id");
+ // directory in which the uploaded file will be moved
+ if (!file_exists("uploads/clients/$client_id")) {
+ mkdir("uploads/clients/$client_id");
+ }
+ $upload_file_dir = "uploads/clients/$client_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
+
+ mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id");
}
- $upload_file_dir = "uploads/clients/$client_id/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
-
- mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id");
}
// Add Primary Interface
diff --git a/post/user/contact.php b/post/user/contact.php
index 1769786b..9a9a28ee 100644
--- a/post/user/contact.php
+++ b/post/user/contact.php
@@ -46,20 +46,22 @@ if (isset($_POST['add_contact'])) {
}
// Check for and process image/photo
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- if (!file_exists("uploads/clients/$client_id")) {
- mkdir("uploads/clients/$client_id");
+ // directory in which the uploaded file will be moved
+ if (!file_exists("uploads/clients/$client_id")) {
+ mkdir("uploads/clients/$client_id");
+ }
+ $upload_file_dir = "uploads/clients/$client_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
+
+ mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
+
}
- $upload_file_dir = "uploads/clients/$client_id/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
-
- mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
-
}
// Logging
@@ -67,7 +69,7 @@ if (isset($_POST['add_contact'])) {
customAction('contact_create', $contact_id);
- $_SESSION['alert_message'] = "Contact $name created";
+ //$_SESSION['alert_message'] = "Contact $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -121,20 +123,22 @@ if (isset($_POST['edit_contact'])) {
mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id");
// Upload Photo
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- // Set directory in which the uploaded file will be moved
- $file_tmp_path = $_FILES['file']['tmp_name'];
- $upload_file_dir = "uploads/clients/$client_id/";
- $dest_path = $upload_file_dir . $new_file_name;
+ // Set directory in which the uploaded file will be moved
+ $file_tmp_path = $_FILES['file']['tmp_name'];
+ $upload_file_dir = "uploads/clients/$client_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ move_uploaded_file($file_tmp_path, $dest_path);
- //Delete old file
- unlink("uploads/clients/$client_id/$existing_file_name");
+ //Delete old file
+ unlink("uploads/clients/$client_id/$existing_file_name");
- mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
-
+ mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
+
+ }
}
// Tags
diff --git a/post/user/expense.php b/post/user/expense.php
index fd6e8c88..9144bbd7 100644
--- a/post/user/expense.php
+++ b/post/user/expense.php
@@ -15,17 +15,20 @@ if (isset($_POST['add_expense'])) {
// Check for and process attachment
$extended_alert_description = '';
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf'))) {
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/expenses/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
- $extended_alert_description = '. File successfully uploaded.';
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/expenses/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
+
+ mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
+ $extended_alert_description = '. File successfully uploaded.';
+ }
}
//Logging
@@ -51,20 +54,22 @@ if (isset($_POST['edit_expense'])) {
// Check for and process attachment
$extended_alert_description = '';
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/expenses/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/expenses/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
- //Delete old file
- unlink("uploads/expenses/$existing_file_name");
+ //Delete old file
+ unlink("uploads/expenses/$existing_file_name");
- mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
- $extended_alert_description = '. File successfully uploaded.';
+ mysqli_query($mysqli,"UPDATE expenses SET expense_receipt = '$new_file_name' WHERE expense_id = $expense_id");
+ $extended_alert_description = '. File successfully uploaded.';
+ }
}
mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = $amount, expense_account_id = $account, expense_vendor_id = $vendor, expense_client_id = $client, expense_category_id = $category, expense_description = '$description', expense_reference = '$reference' WHERE expense_id = $expense_id");
diff --git a/post/user/location.php b/post/user/location.php
index 0bf4ab3d..21c4a185 100644
--- a/post/user/location.php
+++ b/post/user/location.php
@@ -33,18 +33,20 @@ if(isset($_POST['add_location'])){
mysqli_query($mysqli,"UPDATE locations SET location_primary = 1 WHERE location_id = $location_id");
}
- if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- $file_tmp_path = $_FILES['file']['tmp_name'];
+ $file_tmp_path = $_FILES['file']['tmp_name'];
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/clients/$client_id/";
- $dest_path = $upload_file_dir . $new_file_name;
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/clients/$client_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ move_uploaded_file($file_tmp_path, $dest_path);
- mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");
+ mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");
+ }
}
// Logging
diff --git a/post/user/profile.php b/post/user/profile.php
index a97d7f39..b1665741 100644
--- a/post/user/profile.php
+++ b/post/user/profile.php
@@ -49,24 +49,26 @@ if (isset($_POST['edit_your_user_details'])) {
}
// Photo
- if ($new_file_name = checkFileUpload($_FILES['avatar'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
+ if (isset($_FILES['file']['tmp_name'])) {
+ if ($new_file_name = checkFileUpload($_FILES['avatar'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) {
- $file_tmp_path = $_FILES['avatar']['tmp_name'];
+ $file_tmp_path = $_FILES['avatar']['tmp_name'];
- // directory in which the uploaded file will be moved
- $upload_file_dir = "uploads/users/$session_user_id/";
- $dest_path = $upload_file_dir . $new_file_name;
- move_uploaded_file($file_tmp_path, $dest_path);
+ // directory in which the uploaded file will be moved
+ $upload_file_dir = "uploads/users/$session_user_id/";
+ $dest_path = $upload_file_dir . $new_file_name;
+ move_uploaded_file($file_tmp_path, $dest_path);
- // Delete old file
- unlink("uploads/users/$session_user_id/$existing_file_name");
+ // Delete old file
+ unlink("uploads/users/$session_user_id/$existing_file_name");
- // Set Avatar
- mysqli_query($mysqli,"UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $session_user_id");
+ // Set Avatar
+ mysqli_query($mysqli,"UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $session_user_id");
- // Extended Logging
- $extended_log_description .= ", avatar updated";
+ // Extended Logging
+ $extended_log_description .= ", avatar updated";
+ }
}
mysqli_query($mysqli,"UPDATE users SET user_name = '$name', user_email = '$email' WHERE user_id = $session_user_id");