mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 02:44:53 +00:00
Merge pull request #631 from wrongecho/532-remove-add-company
Remove ability to add new companies
This commit is contained in:
Johnny
GitHub
90
post.php
90
post.php
@@ -468,96 +468,6 @@ if(isset($_GET['delete_api_key'])){
|
||||
|
||||
}
|
||||
|
||||
if(isset($_POST['add_company'])){
|
||||
|
||||
require_once('models/company.php');
|
||||
|
||||
validateAdminRole();
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website', company_locale = '$locale', company_currency = '$currency_code'");
|
||||
|
||||
$company_id = mysqli_insert_id($mysqli);
|
||||
$current_database_version = CURRENT_DATABASE_VERSION;
|
||||
|
||||
mkdir("uploads/clients/$company_id");
|
||||
mkdir("uploads/expenses/$company_id");
|
||||
mkdir("uploads/settings/$company_id");
|
||||
mkdir("uploads/tmp/$company_id");
|
||||
|
||||
//Check to see if a file is attached
|
||||
if($_FILES['file']['tmp_name'] != ''){
|
||||
|
||||
// get details of the uploaded file
|
||||
$file_error = 0;
|
||||
$file_tmp_path = $_FILES['file']['tmp_name'];
|
||||
$file_name = $_FILES['file']['name'];
|
||||
$file_size = $_FILES['file']['size'];
|
||||
$file_type = $_FILES['file']['type'];
|
||||
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
|
||||
|
||||
// sanitize file-name
|
||||
$new_file_name = md5(time() . $file_name) . '.' . $file_extension;
|
||||
|
||||
// check if file has one of the following extensions
|
||||
$allowed_file_extensions = array('jpg', 'gif', 'png');
|
||||
|
||||
if(in_array($file_extension,$allowed_file_extensions) === false){
|
||||
$file_error = 1;
|
||||
}
|
||||
|
||||
//Check File Size
|
||||
if($file_size > 2097152){
|
||||
$file_error = 1;
|
||||
}
|
||||
|
||||
if($file_error == 0){
|
||||
// directory in which the uploaded file will be moved
|
||||
$upload_file_dir = "uploads/settings/$company_id/";
|
||||
$dest_path = $upload_file_dir . $new_file_name;
|
||||
|
||||
move_uploaded_file($file_tmp_path, $dest_path);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = $company_id");
|
||||
|
||||
$_SESSION['alert_message'] = 'File successfully uploaded.';
|
||||
}else{
|
||||
|
||||
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
|
||||
}
|
||||
}
|
||||
|
||||
//Set User Company Permissions
|
||||
mysqli_query($mysqli,"INSERT INTO user_companies SET user_id = $session_user_id, company_id = $company_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO settings SET company_id = $company_id, config_current_database_version = '$current_database_version', config_invoice_prefix = 'INV-', config_invoice_next_number = 1, config_recurring_prefix = 'REC-', config_recurring_next_number = 1, config_invoice_overdue_reminders = '1,3,7', config_quote_prefix = 'QUO-', config_quote_next_number = 1, config_recurring_auto_send_invoice = 1, config_default_net_terms = 7, config_send_invoice_reminders = 1, config_enable_cron = 0, config_ticket_next_number = 1");
|
||||
|
||||
//Create Some Data
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO accounts SET account_name = 'Cash', opening_balance = 0, account_currency_code = '$currency_code', company_id = $company_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Office Supplies', category_type = 'Expense', category_color = 'blue', company_id = $company_id");
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Travel', category_type = 'Expense', category_color = 'red', company_id = $company_id");
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Advertising', category_type = 'Expense', category_color = 'green', company_id = $company_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Service', category_type = 'Income', category_color = 'blue', company_id = $company_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Friend', category_type = 'Referral', category_color = 'blue', company_id = $company_id");
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Search Engine', category_type = 'Referral', category_color = 'red', company_id = $company_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Cash', category_type = 'Payment Method', category_color = 'blue', company_id = $company_id");
|
||||
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Check', category_type = 'Payment Method', category_color = 'red', company_id = $company_id");
|
||||
|
||||
mysqli_query($mysqli,"INSERT INTO calendars SET calendar_name = 'Default', calendar_color = 'blue', company_id = $company_id");
|
||||
|
||||
//Logging
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Create', log_description = '$session_name created company $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Company <strong>$name</strong> created";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if(isset($_POST['edit_company'])){
|
||||
|
||||
require_once('models/company.php');
|
||||
|
||||
Reference in New Issue
Block a user