diff --git a/CHANGELOG.md b/CHANGELOG.md index 10370d33..d8af4496 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,37 @@ This file documents all notable changes made to ITFlow. -## [25.11] Changelog +## [25.11.1] Maint Release + +### Fixes +- Fix broken edit Payment Method. +- Fix unable to delete Vendor Template. +- Fix Mail Queue link in flash alert for testing email and sending a quote. +- Add Show Category Type select if not defined. +- Add Show Product Type select if not defined. +- Fix add ticket watcher. +- Fix if Client isn't assigned to a ticket dont show client view. +- Fix missing session client id check when paying an invoice from client portal. +- Update Composer Webklex-IMAP library dependency symfony/http-foundation from 7.3.3 to 7.3.7 to fix security related issues. +- Add back delete Payment provider the database will handle cascade deletes to saved cards, recurring payments and client payment provider reference. +- Don't show Client Tickets Breadcrumb if no client is assigned to a ticket. +- Don't Show Contact or Assignment Tab in edit ticket if no Client is Assigned. +- Don't Show add contact, asset, vendor, watcher if not client is assigned to a ticket. +- Don't Show Public Comment & Email if contact email doesn't exist. +- Fixed IMAP Test whicn now uses RAW TCP Connection instead of the depracated php-imap extension. +- Fix Broken Link in Ticket Updates via Client Portal to agent. + +### Added / Changed +- [Feature] Added Asset Tags. +- [Feature] Added Quick Add Links to most side bar navs example quickly add a client from sidebar. +- Migrate ticket template add to ajax modal. +- Add TOTP secret to Client Export PDF in Credential section. +- Add UserID on hover in users listing. +- Merge ticket now redirects to the new ticket details page. +- [Feature] Add Pay via saved card under invoice Listings. +- Ticket Related Side Items UI Cleanup to use btn-tool class. + +## [25.11] Stable ### Deprecation Notice: - **Outdated CRON Scripts**: The following scripts are removed. diff --git a/admin/contract_templates.php b/admin/contract_template.php similarity index 100% rename from admin/contract_templates.php rename to admin/contract_template.php diff --git a/admin/database_updates.php b/admin/database_updates.php index f1e138af..ee595709 100644 --- a/admin/database_updates.php +++ b/admin/database_updates.php @@ -4059,9 +4059,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { `contract_template_created_at` DATETIME DEFAULT CURRENT_TIMESTAMP, `contract_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP, - `contract_template_archived_at` DATETIME NULL DEFAULT NULL, - - `company_id` INT(11) NOT NULL + `contract_template_archived_at` DATETIME NULL DEFAULT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;"); @@ -4115,10 +4113,31 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.7'"); } - // if (CURRENT_DATABASE_VERSION == '2.3.7') { - // // Insert queries here required to update to DB version 2.3.8 + if (CURRENT_DATABASE_VERSION == '2.3.7') { + + mysqli_query($mysqli, " + CREATE TABLE `asset_tags` ( + `asset_tag_asset_id` INT(11) NOT NULL, + `asset_tag_tag_id` INT(11) NOT NULL, + PRIMARY KEY (`asset_tag_asset_id`, `asset_tag_tag_id`), + CONSTRAINT `fk_asset` + FOREIGN KEY (`asset_tag_asset_id`) + REFERENCES `assets`(`asset_id`) + ON DELETE CASCADE, + CONSTRAINT `fk_tag` + FOREIGN KEY (`asset_tag_tag_id`) + REFERENCES `tags`(`tag_id`) + ON DELETE CASCADE + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; + "); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.8'"); + } + + // if (CURRENT_DATABASE_VERSION == '2.3.8') { + // // Insert queries here required to update to DB version 2.3.9 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.8'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.9'"); // } } else { diff --git a/admin/includes/side_nav.php b/admin/includes/side_nav.php index 230f9fdd..e6c00510 100644 --- a/admin/includes/side_nav.php +++ b/admin/includes/side_nav.php @@ -18,25 +18,37 @@
  • "> -

    Users

    +

    + Users + +

  • "> -

    Roles

    +

    + + Roles +

  • "> -

    Modules

    +

    + Modules + +

  • "> -

    API Keys

    +

    + + API Keys +

  • TAGS & CATEGORIES
    • @@ -44,26 +56,38 @@
  • -

    Tags

    +

    + + Tags +

  • -

    Categories

    +

    + + Categories +

  • -

    Taxes

    +

    + + Taxes +

  • -

    Payment Methods

    +

    + + Payment Methods +

  • @@ -96,54 +120,80 @@
  • -

    Ticket Statuses

    +

    + + Ticket Statuses +

  • -

    Custom Links

    +

    + + Custom Links +

  • TEMPLATES
    • +
  • -

    Project Templates

    +

    + + Project Templates +

  • -

    Ticket Templates

    +

    + + Ticket Templates +

  • -

    Vendor Templates

    +

    + + Vendor Templates +

  • -

    License Templates

    +

    + + License Templates +

  • -

    Document Templates

    +

    + + Document Templates +

    • diff --git a/admin/modals/category/category_add.php b/admin/modals/category/category_add.php index 52d9769d..8fa6ac74 100644 --- a/admin/modals/category/category_add.php +++ b/admin/modals/category/category_add.php @@ -2,7 +2,9 @@ require_once '../../../includes/modal_header.php'; -$category = nullable_htmlentities($_GET['category']); +$category = nullable_htmlentities($_GET['category'] ?? ''); + +$category_types_array = ['Expense', 'Income', 'Referral', 'Ticket']; ?> @@ -13,10 +15,30 @@ $category = nullable_htmlentities($_GET['category']);
    -
    + + + + +
    + +
    +
    + +
    + +
    +
    + + +
    @@ -39,7 +61,7 @@ $category = nullable_htmlentities($_GET['category']);
    - +
    diff --git a/admin/modals/contract_template/contract_template_add.php b/admin/modals/contract_template/contract_template_add.php index be330d95..ad4c5596 100644 --- a/admin/modals/contract_template/contract_template_add.php +++ b/admin/modals/contract_template/contract_template_add.php @@ -1,15 +1,18 @@
    New Contract Template
    +
    • @@ -25,37 +28,62 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', ' Details
    +
    -
    -
    - +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - - + +
    +
    + +
    + +
    @@ -64,33 +92,63 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    @@ -99,29 +157,49 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    @@ -129,8 +207,12 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    - - + +
    diff --git a/admin/modals/contract_template/contract_template_edit.php b/admin/modals/contract_template/contract_template_edit.php new file mode 100644 index 00000000..2ce93048 --- /dev/null +++ b/admin/modals/contract_template/contract_template_edit.php @@ -0,0 +1,265 @@ + + +
    +
    Edit Contract Template
    + +
    + + + + +
    + + +
    +
    + + +
    +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    +
    + + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    +
    + + +
    +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    +
    + + +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + + +
    +
    + + diff --git a/admin/modals/payment_method/payment_method_edit.php b/admin/modals/payment_method/payment_method_edit.php index d6c70386..c063640a 100644 --- a/admin/modals/payment_method/payment_method_edit.php +++ b/admin/modals/payment_method/payment_method_edit.php @@ -22,7 +22,7 @@ ob_start();
    - +
    diff --git a/admin/modals/tag/tag_add.php b/admin/modals/tag/tag_add.php index 9bd6d489..a878cb58 100644 --- a/admin/modals/tag/tag_add.php +++ b/admin/modals/tag/tag_add.php @@ -15,6 +15,8 @@ if (isset($_GET['type'])) { $type_display = "Contact"; } elseif ($type === 4) { $type_display = "Credential"; + } elseif ($type === 5) { + $type_display = "Asset"; } } ob_start(); @@ -58,6 +60,7 @@ ob_start(); +
    @@ -86,7 +89,7 @@ ob_start();
    - +
    diff --git a/admin/modals/tag/tag_edit.php b/admin/modals/tag/tag_edit.php index 8aa3c2ae..312244b4 100644 --- a/admin/modals/tag/tag_edit.php +++ b/admin/modals/tag/tag_edit.php @@ -12,11 +12,24 @@ $tag_type = intval($row['tag_type']); $tag_color = nullable_htmlentities($row['tag_color']); $tag_icon = nullable_htmlentities($row['tag_icon']); -// Generate the HTML form content using output buffering. +if ($tag_type == 1) { + $tag_type_display = "Client"; +} elseif ( $tag_type == 2) { + $tag_type_display = "Location"; +} elseif ( $tag_type == 3) { + $tag_type_display = "Contact"; +} elseif ( $tag_type == 4) { + $tag_type_display = "Credential"; + } elseif ( $tag_type == 5) { + $tag_type_display = "Asset"; +} else { + $tag_type_display = "Unknown"; +} + ob_start(); ?>
    -
    Editing tag:
    +
    Tag:
    @@ -35,22 +48,6 @@ ob_start();
    -
    - -
    -
    - -
    - -
    -
    -
    @@ -73,7 +70,7 @@ ob_start();
    - +
    diff --git a/admin/modals/ticket_template/ticket_template_add.php b/admin/modals/ticket_template/ticket_template_add.php index 1c1c837a..cfccd8d1 100644 --- a/admin/modals/ticket_template/ticket_template_add.php +++ b/admin/modals/ticket_template/ticket_template_add.php @@ -1,75 +1,79 @@ - -
    +
    +
    + +
    +
    +
    +
    - +
    - +
    -
    -
    +
    +
    + +
    + +
    +
    diff --git a/agent/contact_details.php b/agent/contact_details.php index 503f319c..1ff6e2af 100644 --- a/agent/contact_details.php +++ b/agent/contact_details.php @@ -64,7 +64,14 @@ if (isset($_GET['contact_id'])) { } // Related Assets Query - 1 to 1 relationship - $sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 WHERE asset_contact_id = $contact_id ORDER BY asset_name DESC"); + $sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets + LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 + LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id + LEFT JOIN tags ON tag_id = asset_tag_tag_id + WHERE asset_contact_id = $contact_id + GROUP BY asset_id + ORDER BY asset_name ASC" + ); $asset_count = mysqli_num_rows($sql_related_assets); // Linked Software Licenses @@ -90,7 +97,7 @@ if (isset($_GET['contact_id'])) { LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id WHERE credential_contact_id = $contact_id GROUP BY credentials.credential_id - ORDER BY credential_name DESC + ORDER BY credential_name ASC "); $credential_count = mysqli_num_rows($sql_related_credentials); @@ -401,6 +408,28 @@ if (isset($_GET['contact_id'])) { $asset_created_at = nullable_htmlentities($row['asset_created_at']); $device_icon = getAssetIcon($asset_type); + // Tags + $asset_tag_name_display_array = array(); + $asset_tag_id_array = array(); + $sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC"); + while ($row = mysqli_fetch_array($sql_asset_tags)) { + + $asset_tag_id = intval($row['tag_id']); + $asset_tag_name = nullable_htmlentities($row['tag_name']); + $asset_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($asset_tag_color)) { + $asset_tag_color = "dark"; + } + $asset_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($asset_tag_icon)) { + $asset_tag_icon = "tag"; + } + + $asset_tag_id_array[] = $asset_tag_id; + $asset_tag_name_display_array[] = "$asset_tag_name"; + } + $asset_tags_display = implode('', $asset_tag_name_display_array); + ?> @@ -413,6 +442,12 @@ if (isset($_GET['contact_id'])) {
    + +
    + +
    + diff --git a/agent/dashboard.php b/agent/dashboard.php index 546164f1..9a8da89c 100644 --- a/agent/dashboard.php +++ b/agent/dashboard.php @@ -729,13 +729,22 @@ if ($user_config_dashboard_technical_enable == 1) { $client_name = nullable_htmlentities($row['client_name']); $contact_id = intval($row['ticket_contact_id']); $contact_name = nullable_htmlentities($row['contact_name']); + if ($client_id) { + $has_client = "&client_id=$client_id"; + } else { + $has_client = ""; + } $ticket_priority_color = $ticket_priority == "High" ? "danger" : ($ticket_priority == "Medium" ? "warning" : "info"); $contact_display = empty($contact_name) ? "-" : "$contact_name"; ?> - - + + "> + + + "> diff --git a/agent/includes/client_overview_side_nav.php b/agent/includes/client_overview_side_nav.php index bdd81b8f..429ac5de 100644 --- a/agent/includes/client_overview_side_nav.php +++ b/agent/includes/client_overview_side_nav.php @@ -53,6 +53,7 @@ $num_software = $row['num'];

    Contacts + 0) { ?> @@ -65,6 +66,7 @@ $num_software = $row['num'];

    Locations + 0) { ?> @@ -77,6 +79,7 @@ $num_software = $row['num'];

    Assets + 0) { ?> @@ -89,6 +92,7 @@ $num_software = $row['num'];

    Licenses + 0) { ?> @@ -101,6 +105,7 @@ $num_software = $row['num'];

    Credentials + 0) { ?> @@ -113,6 +118,7 @@ $num_software = $row['num'];

    Networks + 0) { ?> @@ -125,6 +131,7 @@ $num_software = $row['num'];

    Certificates + 0) { ?> @@ -137,6 +144,7 @@ $num_software = $row['num'];

    Domains + 0) { ?> @@ -149,6 +157,7 @@ $num_software = $row['num'];

    Services + 0) { ?> diff --git a/agent/includes/client_side_nav.php b/agent/includes/client_side_nav.php index 1090ebe3..d7c479d5 100644 --- a/agent/includes/client_side_nav.php +++ b/agent/includes/client_side_nav.php @@ -30,6 +30,7 @@

    Contacts + 0) { ?> @@ -43,6 +44,7 @@

    Locations + 0) { ?> @@ -59,6 +61,7 @@

    Tickets + 0) { ?> @@ -73,6 +76,7 @@

    Recurring Tickets + @@ -87,6 +91,7 @@

    Projects + @@ -101,6 +106,7 @@

    Vendors + 0) { ?> @@ -132,6 +138,7 @@

    Assets + 0) { ?> @@ -145,6 +152,7 @@

    Licenses + 0) { ?> @@ -159,6 +167,7 @@

    Credentials + 0) { ?> @@ -173,6 +182,7 @@

    Networks + 0) { ?> @@ -186,6 +196,7 @@

    Racks + 0) { ?> @@ -199,7 +210,7 @@

    Certificates - + 0) { ?> @@ -213,7 +224,7 @@

    Domains - + 0) { ?> @@ -227,6 +238,7 @@

    Services + 0) { ?> @@ -240,6 +252,7 @@

    Documents + 0) { ?> @@ -256,6 +269,7 @@

    Files + 0) { ?> @@ -277,6 +291,7 @@

    Invoices + 0) { ?> @@ -290,6 +305,7 @@

    Recurring Invoices + @@ -303,6 +319,7 @@

    Quotes + 0) { ?> @@ -333,6 +350,7 @@

    Trips + 0) { ?> diff --git a/agent/includes/inc_all_client.php b/agent/includes/inc_all_client.php index 55e6e3c2..21321c24 100644 --- a/agent/includes/inc_all_client.php +++ b/agent/includes/inc_all_client.php @@ -29,8 +29,8 @@ if (isset($_GET['client_id'])) { $sql = mysqli_query( $mysqli, "SELECT * FROM clients - LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 - LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 + LEFT JOIN locations ON client_id = location_client_id AND location_primary = 1 + LEFT JOIN contacts ON client_id = contact_client_id AND contact_primary = 1 WHERE client_id = $client_id" ); diff --git a/agent/includes/side_nav.php b/agent/includes/side_nav.php index dcc56be7..10f97da8 100644 --- a/agent/includes/side_nav.php +++ b/agent/includes/side_nav.php @@ -23,10 +23,11 @@ ">

    - Clients - - - + Clients + + + +

    @@ -40,6 +41,7 @@

    Tickets + @@ -51,6 +53,7 @@

    Recurring Tickets + @@ -62,6 +65,7 @@

    Projects + @@ -84,6 +88,7 @@

    Quotes + @@ -95,6 +100,7 @@

    Invoices + @@ -106,6 +112,7 @@

    Recurring Invoices + @@ -116,12 +123,14 @@ ">

    Revenues

    +
  • ">

    Products

    +
    • @@ -137,12 +146,14 @@ ">

    Vendors

    +
  • ">

    Expenses

    +
  • @@ -150,6 +161,7 @@

    Recurring Expenses + @@ -160,18 +172,21 @@ ">

    Accounts

    +
  • ">

    Transfers

    +
  • ">

    Trips

    +
    • diff --git a/agent/invoice.php b/agent/invoice.php index 039da741..710c04d6 100644 --- a/agent/invoice.php +++ b/agent/invoice.php @@ -18,8 +18,8 @@ if (isset($_GET['invoice_id'])) { $mysqli, "SELECT * FROM invoices LEFT JOIN clients ON invoice_client_id = client_id - LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 - LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 + LEFT JOIN contacts ON client_id = contact_client_id AND contact_primary = 1 + LEFT JOIN locations ON client_id = location_client_id AND location_primary = 1 WHERE invoice_id = $invoice_id $access_permission_query LIMIT 1" diff --git a/agent/invoices.php b/agent/invoices.php index b547b47d..9cc3cf7c 100644 --- a/agent/invoices.php +++ b/agent/invoices.php @@ -344,8 +344,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $recurring_invoice_display = "-"; } - - $now = time(); if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now) { @@ -356,6 +354,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $invoice_badge_color = getInvoiceBadgeColor($invoice_status); + // Saved Payment Methods + $sql_saved_payment_methods = mysqli_query($mysqli, " + SELECT * FROM client_saved_payment_methods + LEFT JOIN payment_providers + ON client_saved_payment_methods.saved_payment_provider_id = payment_providers.payment_provider_id + WHERE saved_payment_client_id = $client_id + AND payment_provider_active = 1; + "); + ?> @@ -395,10 +402,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Add Payment
    - - - Pay via saved card - + 0 && ($invoice_status === 'Sent' || $invoice_status === 'Viewed')) { ?> + Pay with Saved Card
    diff --git a/agent/modals/asset/asset_add.php b/agent/modals/asset/asset_add.php index 0b6ebccf..cda60a46 100644 --- a/agent/modals/asset/asset_add.php +++ b/agent/modals/asset/asset_add.php @@ -27,6 +27,8 @@ if ($os_sql && mysqli_num_rows($os_sql) > 0) { $json_os = json_encode($os_arr); } +$sql_tags_select = mysqli_query($mysqli, "SELECT tag_id, tag_name FROM tags WHERE tag_type = 5 ORDER BY tag_name ASC"); + ob_start(); ?> @@ -465,6 +467,33 @@ ob_start();
    +
    + +
    +
    + +
    + +
    + +
    +
    +
    + +
    diff --git a/agent/modals/asset/asset_bulk_assign_tags.php b/agent/modals/asset/asset_bulk_assign_tags.php new file mode 100644 index 00000000..e5bd8341 --- /dev/null +++ b/agent/modals/asset/asset_bulk_assign_tags.php @@ -0,0 +1,61 @@ + + +
    +
    Assign Tags for Assets
    + +
    +
    + + + +
    + + +
    + + +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    + + +
    +
    + +$asset_tag_name"; +} +$asset_tags_display = implode('', $asset_tag_name_display_array); + // Network Interfaces $sql_related_interfaces = mysqli_query($mysqli, " SELECT @@ -262,8 +284,13 @@ ob_start();
    + +
    + +
    + -
    +
    diff --git a/agent/modals/asset/asset_edit.php b/agent/modals/asset/asset_edit.php index 49d7cfc8..b154981d 100644 --- a/agent/modals/asset/asset_edit.php +++ b/agent/modals/asset/asset_edit.php @@ -50,7 +50,14 @@ $sql_asset_history = mysqli_query($mysqli, "SELECT * FROM asset_history DESC LIMIT 10" ); -// Generate the HTML form content using output buffering. +// Tags +$asset_tag_id_array = array(); +$sql_asset_tags = mysqli_query($mysqli, "SELECT asset_tag_tag_id FROM asset_tags WHERE asset_tag_asset_id = $asset_id"); +while ($row = mysqli_fetch_array($sql_asset_tags)) { + $asset_tag_tag_id = intval($row['asset_tag_tag_id']); + $asset_tag_id_array[] = $asset_tag_tag_id; +} + ob_start(); ?> @@ -462,6 +469,33 @@ ob_start();
    +
    + +
    +
    + +
    + +
    + +
    +
    +
    +

    Asset ID:

    diff --git a/agent/modals/contact/contact_details.php b/agent/modals/contact/contact_details.php index 59e4ff11..a6121544 100644 --- a/agent/modals/contact/contact_details.php +++ b/agent/modals/contact/contact_details.php @@ -51,7 +51,14 @@ $auth_method = nullable_htmlentities($row['user_auth_method']); $contact_client_id = intval($row['contact_client_id']); // Related Assets Query - 1 to 1 relationship -$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 WHERE asset_contact_id = $contact_id ORDER BY asset_name DESC"); +$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets + LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 + LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id + LEFT JOIN tags ON tag_id = asset_tag_tag_id + WHERE asset_contact_id = $contact_id + GROUP BY asset_id + ORDER BY asset_name ASC" +); $asset_count = mysqli_num_rows($sql_related_assets); // Linked Software Licenses @@ -77,7 +84,7 @@ $sql_related_credentials = mysqli_query($mysqli, " LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id WHERE credential_contact_id = $contact_id GROUP BY credentials.credential_id - ORDER BY credential_name DESC + ORDER BY credential_name ASC "); $credential_count = mysqli_num_rows($sql_related_credentials); @@ -376,6 +383,27 @@ ob_start(); $asset_notes = nullable_htmlentities($row['asset_notes']); $asset_created_at = nullable_htmlentities($row['asset_created_at']); $device_icon = getAssetIcon($asset_type); + // Tags + $asset_tag_name_display_array = array(); + $asset_tag_id_array = array(); + $sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC"); + while ($row = mysqli_fetch_array($sql_asset_tags)) { + + $asset_tag_id = intval($row['tag_id']); + $asset_tag_name = nullable_htmlentities($row['tag_name']); + $asset_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($asset_tag_color)) { + $asset_tag_color = "dark"; + } + $asset_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($asset_tag_icon)) { + $asset_tag_icon = "tag"; + } + + $asset_tag_id_array[] = $asset_tag_id; + $asset_tag_name_display_array[] = "$asset_tag_name"; + } + $asset_tags_display = implode('', $asset_tag_name_display_array); ?> @@ -389,6 +417,12 @@ ob_start();
    + +
    + +
    + diff --git a/agent/modals/product/product_add.php b/agent/modals/product/product_add.php index 51af4f00..c628516c 100644 --- a/agent/modals/product/product_add.php +++ b/agent/modals/product/product_add.php @@ -9,9 +9,12 @@ if ($type == 'product') { $type_icon = "fa-wrench"; } +$product_types_array = ['product', 'service']; + ob_start(); ?> +
    New
    -
    @@ -33,6 +35,27 @@ ob_start();
    + + + + +
    + +
    +
    + +
    + +
    +
    + + +
    diff --git a/agent/modals/ticket/ticket_add_watcher.php b/agent/modals/ticket/ticket_add_watcher.php index 0fec509d..29b32491 100644 --- a/agent/modals/ticket/ticket_add_watcher.php +++ b/agent/modals/ticket/ticket_add_watcher.php @@ -3,6 +3,7 @@ require_once '../../../includes/modal_header.php'; $ticket_id = intval($_GET['ticket_id']); +$client_id = intval(getFieldById('tickets', $ticket_id, 'ticket_client_id')); ob_start(); diff --git a/agent/modals/ticket/ticket_edit.php b/agent/modals/ticket/ticket_edit.php index cd2e5482..d2d34b30 100644 --- a/agent/modals/ticket/ticket_edit.php +++ b/agent/modals/ticket/ticket_edit.php @@ -38,33 +38,35 @@ while ($row = mysqli_fetch_array($sql_additional_assets)) { ob_start(); ?>
    -
    Editing ticket: -
    +
    Ticket: -
    - +
    - + -
    - + +
    > -
    +
    @@ -182,7 +184,9 @@ ob_start();
    -
    + + +
    @@ -236,7 +240,7 @@ ob_start();
    -
    +
    @@ -372,7 +376,7 @@ ob_start(); while ($row = mysqli_fetch_array($sql_projects)) { $project_id_select = intval($row['project_id']); $project_name_select = nullable_htmlentities($row['project_name']); ?> - + @@ -380,13 +384,14 @@ ob_start();
    +
    - +
    diff --git a/agent/post/asset.php b/agent/post/asset.php index b22c8de5..8c1d22a6 100644 --- a/agent/post/asset.php +++ b/agent/post/asset.php @@ -20,6 +20,14 @@ if (isset($_POST['add_asset'])) { $asset_id = mysqli_insert_id($mysqli); + // Add Tags + if (isset($_POST['tags'])) { + foreach($_POST['tags'] as $tag) { + $tag = intval($tag); + mysqli_query($mysqli, "INSERT INTO asset_tags SET asset_tag_asset_id = $asset_id, asset_tag_tag_id = $tag"); + } + } + // Add Photo if (isset($_FILES['file']['tmp_name'])) { if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) { @@ -108,6 +116,18 @@ if (isset($_POST['edit_asset'])) { mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id"); } + // Tags + // Delete existing tags + mysqli_query($mysqli, "DELETE FROM asset_tags WHERE asset_tag_asset_id = $asset_id"); + + // Add new tags + if (isset($_POST['tags'])) { + foreach($_POST['tags'] as $tag) { + $tag = intval($tag); + mysqli_query($mysqli, "INSERT INTO asset_tags SET asset_tag_asset_id = $asset_id, asset_tag_tag_id = $tag"); + } + } + logAction("Asset", "Edit", "$session_name edited asset $name", $client_id, $asset_id); flash_alert("Asset $name edited"); @@ -188,6 +208,50 @@ if (isset($_GET['delete_asset'])) { } +if (isset($_POST['bulk_assign_asset_tags'])) { + + enforceUserPermission('module_client', 2); + + if (isset($_POST['asset_ids'])) { + + $count = count($_POST['asset_ids']); + + foreach($_POST['asset_ids'] as $asset_id) { + $asset_id = intval($asset_id); + + $sql = mysqli_query($mysqli,"SELECT asset_name, asset_client_id FROM assets WHERE asset_id = $asset_id"); + $row = mysqli_fetch_array($sql); + $asset_name = sanitizeInput($row['asset_name']); + $client_id = intval($row['asset_client_id']); + + if($_POST['remove_tags']) { + mysqli_query($mysqli, "DELETE FROM asset_tags WHERE asset_tag_asset_id = $asset_id"); + } + + if (isset($_POST['tags'])) { + foreach($_POST['tags'] as $tag) { + $tag = intval($tag); + + $sql = mysqli_query($mysqli,"SELECT * FROM asset_tags WHERE asset_tag_asset_id = $asset_id AND asset_tag_tag_id = $tag"); + if (mysqli_num_rows($sql) == 0) { + mysqli_query($mysqli, "INSERT INTO asset_tags SET asset_tag_asset_id = $asset_id, asset_tag_tag_id = $tag"); + } + } + } + + logAction("Asset", "Edit", "$session_name added tags to asset $asset_name", $client_id, $asset_id); + + } + + logAction("Asset", "Bulk Edit", "$session_name added tags for $asset_count assets", $client_id); + + flash_alert("Assigned tags for $count assets"); + } + + redirect(); + +} + if (isset($_POST['bulk_assign_asset_location'])) { validateCSRFToken($_POST['csrf_token']); diff --git a/agent/post/client.php b/agent/post/client.php index 9bf10c10..e9de29c3 100644 --- a/agent/post/client.php +++ b/agent/post/client.php @@ -1390,22 +1390,25 @@ if (isset($_POST["export_client_pdf"])) { Description Username Password + TOTP URI "; while ($row = mysqli_fetch_array($sql_credentials)) { $credential_name = nullable_htmlentities($row["credential_name"]); - $credential_description = nullable_htmlentities($row["credential_description"]); + $credential_description = getFallback(nullable_htmlentities($row["credential_description"])); $credential_username = nullable_htmlentities(decryptCredentialEntry($row["credential_username"])); $credential_password = nullable_htmlentities(decryptCredentialEntry($row["credential_password"])); - $credential_uri = nullable_htmlentities($row["credential_uri"]); + $credential_totp_secret = getFallback(nullable_htmlentities($row['credential_otp_secret'])); + $credential_uri = getFallback(nullable_htmlentities($row["credential_uri"])); $html .= " $credential_name $credential_description $credential_username $credential_password + $credential_totp_secret $credential_uri "; } diff --git a/agent/post/quote.php b/agent/post/quote.php index 0b9e2a4c..6a8695a0 100644 --- a/agent/post/quote.php +++ b/agent/post/quote.php @@ -497,7 +497,7 @@ if (isset($_GET['email_quote'])) { logAction("Quote", "Email", "$session_name emailed quote $quote_prefix$quote_number to $contact_email", $client_id, $quote_id); - flash_alert("Quote has been queued successfully! See Mail Queue"); + flash_alert("Quote sent!"); //Don't change the status to sent if the status is anything but draft if ($quote_status == 'Draft') { diff --git a/agent/post/ticket.php b/agent/post/ticket.php index 422f7113..4f17790d 100644 --- a/agent/post/ticket.php +++ b/agent/post/ticket.php @@ -1814,14 +1814,19 @@ if (isset($_POST['merge_ticket'])) { // NEW PARENT ticket details // Get merge into ticket id (as it may differ from the number) - $sql = mysqli_query($mysqli, "SELECT ticket_id FROM tickets WHERE ticket_number = $merge_into_ticket_number"); + $sql = mysqli_query($mysqli, "SELECT ticket_id, ticket_client_id FROM tickets WHERE ticket_number = $merge_into_ticket_number"); if (mysqli_num_rows($sql) == 0) { flash_alert("Cannot merge into that ticket.", 'error'); redirect(); } $merge_row = mysqli_fetch_array($sql); $merge_into_ticket_id = intval($merge_row['ticket_id']); - + $client_id = intval($merge_row['ticket_client_id']); + if ($client_id) { + $has_client = "&client_id=$client_id"; + } else { + $has_client = ""; + } // Sanity check if ($ticket_number == $merge_into_ticket_number) { flash_alert("Cannot merge into the same ticket.", 'error'); @@ -1853,7 +1858,7 @@ if (isset($_POST['merge_ticket'])) { flash_alert("Ticket merged into $ticket_prefix$merge_into_ticket_number"); - redirect(); + redirect("ticket.php?ticket_id=$merge_into_ticket_id$has_client"); } diff --git a/agent/ticket.php b/agent/ticket.php index 6b8ce285..7564ddf9 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -39,7 +39,6 @@ if (isset($_GET['ticket_id'])) { LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id LEFT JOIN categories ON ticket_category = category_id WHERE ticket_id = $ticket_id - $access_permission_query LIMIT 1" ); @@ -358,9 +357,11 @@ if (isset($_GET['ticket_id'])) {
  • All Tickets
    • +
  • Tickets
    • +
    • @@ -415,18 +416,13 @@ if (isset($_GET['ticket_id'])) {
    - - Edit - Summarize Merge - +
    @@ -564,9 +560,14 @@ if (isset($_GET['ticket_id'])) {
    -

    +

    Ticket Details -
    + + +
    + +
    +
    @@ -599,9 +600,11 @@ if (isset($_GET['ticket_id'])) { + + @@ -807,16 +810,17 @@ if (isset($_GET['ticket_id'])) {
    -
    +
    ">
    - -
    Ticket Details
    -     +
    Ticket Details
    +
    - +
    -
    +
    @@ -912,12 +916,12 @@ if (isset($_GET['ticket_id'])) { 0)) { ?>
    -
    -
    Tasks
    +
    +
    Tasks
    + = 2) { ?>
    - = 2) { ?>
    -
    @@ -934,8 +938,8 @@ if (isset($_GET['ticket_id'])) {
    -
    +
    @@ -964,7 +968,7 @@ if (isset($_GET['ticket_id'])) { $task_completion_estimate = intval($row['task_completion_estimate']); $task_completed_at = nullable_htmlentities($row['task_completed_at']); ?> - + @@ -1022,16 +1026,16 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Contact
    +
    +
    Contact
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1073,23 +1077,19 @@ if (isset($_GET['ticket_id'])) { - - - - 0) { ?>
    -
    -
    Watchers
    +
    +
    Watchers
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1117,15 +1117,15 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Assets
    +
    +
    Assets
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1165,15 +1165,15 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Vendor
    +
    +
    Vendor
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1220,15 +1220,15 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Project
    +
    +
    Project
    + = 2) { ?>
    - = 2) { ?> - - +
    +
    diff --git a/agent/ticket_list.php b/agent/ticket_list.php index 792660f2..fc0d39ab 100644 --- a/agent/ticket_list.php +++ b/agent/ticket_list.php @@ -108,6 +108,11 @@ $contact_id = intval($row['contact_id']); $contact_name = nullable_htmlentities($row['contact_name']); $contact_email = nullable_htmlentities($row['contact_email']); + if ($client_id) { + $has_client = "&client_id=$client_id"; + } else { + $has_client = ""; + } if ($ticket_priority == "High") { $ticket_priority_color = "danger"; @@ -197,14 +202,14 @@ - + "> - + "> 0) { ?>
    diff --git a/client/post.php b/client/post.php index ce0f4a38..054f1139 100644 --- a/client/post.php +++ b/client/post.php @@ -49,7 +49,7 @@ if (isset($_POST['add_ticket'])) { $details = removeEmoji($details); $email_subject = "ITFlow - New Ticket - $client_name: $subject"; - $email_body = "Hello,

    This is a notification that a new ticket has been raised in ITFlow.
    Client: $client_name
    Priority: $priority
    Link: https://$config_base_url/ticket.php?ticket_id=$ticket_id

    $subject
    $details"; + $email_body = "Hello,

    This is a notification that a new ticket has been raised in ITFlow.
    Client: $client_name
    Priority: $priority
    Link: https://$config_base_url/agent/ticket.php?ticket_id=$ticket_id&client_id=$session_client_id

    $subject
    $details"; // Queue Mail $data = [ @@ -113,7 +113,7 @@ if (isset($_POST['add_ticket_comment'])) { $tech_name = sanitizeInput($tech_details['user_name']); $subject = "$config_app_name Ticket updated - [$config_ticket_prefix$ticket_number] $ticket_subject"; - $body = "Hello $tech_name,

    A new reply has been added to the below ticket, check ITFlow for full details.

    Client: $client_name
    Ticket: $config_ticket_prefix$ticket_number
    Subject: $ticket_subject

    https://$config_base_url/ticket.php?ticket_id=$ticket_id"; + $body = "Hello $tech_name,

    A new reply has been added to the below ticket, check ITFlow for full details.

    Client: $client_name
    Ticket: $config_ticket_prefix$ticket_number
    Subject: $ticket_subject

    https://$config_base_url/agent/ticket.php?ticket_id=$ticket_id&client_id=$session_client_id"; $data = [ [ @@ -440,7 +440,7 @@ if (isset($_GET['add_payment_by_provider'])) { $sql = mysqli_query($mysqli,"SELECT * FROM invoices LEFT JOIN clients ON invoice_client_id = client_id LEFT JOIN contacts ON client_id = contact_client_id AND contact_primary = 1 - WHERE invoice_id = $invoice_id" + WHERE invoice_id = $invoice_id AND client_id = $session_client_id" ); $row = mysqli_fetch_array($sql); $invoice_number = intval($row['invoice_number']); diff --git a/db.sql b/db.sql index 6a1fddf5..42af2911 100644 --- a/db.sql +++ b/db.sql @@ -275,6 +275,23 @@ CREATE TABLE `asset_notes` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; +-- +-- Table structure for table `asset_tags` +-- + +DROP TABLE IF EXISTS `asset_tags`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8mb4 */; +CREATE TABLE `asset_tags` ( + `asset_tag_asset_id` int(11) NOT NULL, + `asset_tag_tag_id` int(11) NOT NULL, + PRIMARY KEY (`asset_tag_asset_id`,`asset_tag_tag_id`), + KEY `fk_tag` (`asset_tag_tag_id`), + CONSTRAINT `fk_asset` FOREIGN KEY (`asset_tag_asset_id`) REFERENCES `assets` (`asset_id`) ON DELETE CASCADE, + CONSTRAINT `fk_tag` FOREIGN KEY (`asset_tag_tag_id`) REFERENCES `tags` (`tag_id`) ON DELETE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; +/*!40101 SET character_set_client = @saved_cs_client */; + -- -- Table structure for table `assets` -- @@ -800,7 +817,6 @@ CREATE TABLE `contract_templates` ( `contract_template_created_at` datetime DEFAULT current_timestamp(), `contract_template_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(), `contract_template_archived_at` datetime DEFAULT NULL, - `company_id` int(11) NOT NULL, PRIMARY KEY (`contract_template_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; @@ -2897,4 +2913,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2025-11-07 16:47:40 +-- Dump completed on 2025-11-11 19:57:21 diff --git a/includes/app_version.php b/includes/app_version.php index a541d656..b2a09f25 100644 --- a/includes/app_version.php +++ b/includes/app_version.php @@ -5,4 +5,4 @@ * Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month. */ -DEFINE("APP_VERSION", "25.11"); +DEFINE("APP_VERSION", "25.11.1"); diff --git a/includes/database_version.php b/includes/database_version.php index 550ddbd1..63110ccf 100644 --- a/includes/database_version.php +++ b/includes/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "2.3.7"); +DEFINE("LATEST_DATABASE_VERSION", "2.3.8"); diff --git a/plugins/composer.lock b/plugins/composer.lock index b4b5bb03..4eebb831 100644 --- a/plugins/composer.lock +++ b/plugins/composer.lock @@ -893,16 +893,16 @@ }, { "name": "symfony/http-foundation", - "version": "v7.3.3", + "version": "v7.3.7", "source": { "type": "git", "url": "https://github.com/symfony/http-foundation.git", - "reference": "7475561ec27020196c49bb7c4f178d33d7d3dc00" + "reference": "db488a62f98f7a81d5746f05eea63a74e55bb7c4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/http-foundation/zipball/7475561ec27020196c49bb7c4f178d33d7d3dc00", - "reference": "7475561ec27020196c49bb7c4f178d33d7d3dc00", + "url": "https://api.github.com/repos/symfony/http-foundation/zipball/db488a62f98f7a81d5746f05eea63a74e55bb7c4", + "reference": "db488a62f98f7a81d5746f05eea63a74e55bb7c4", "shasum": "" }, "require": { @@ -952,7 +952,7 @@ "description": "Defines an object-oriented layer for the HTTP specification", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/http-foundation/tree/v7.3.3" + "source": "https://github.com/symfony/http-foundation/tree/v7.3.7" }, "funding": [ { @@ -972,7 +972,7 @@ "type": "tidelift" } ], - "time": "2025-08-20T08:04:18+00:00" + "time": "2025-11-08T16:41:12+00:00" }, { "name": "symfony/polyfill-mbstring", diff --git a/plugins/vendor/composer/autoload_files.php b/plugins/vendor/composer/autoload_files.php index a7d2f8fe..d4d56411 100644 --- a/plugins/vendor/composer/autoload_files.php +++ b/plugins/vendor/composer/autoload_files.php @@ -8,11 +8,11 @@ $baseDir = dirname($vendorDir); return array( '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php', '662a729f963d39afe703c9d9b7ab4a8c' => $vendorDir . '/symfony/polyfill-php83/bootstrap.php', - '606a39d89246991a373564698c2d8383' => $vendorDir . '/symfony/polyfill-php85/bootstrap.php', '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php', + '606a39d89246991a373564698c2d8383' => $vendorDir . '/symfony/polyfill-php85/bootstrap.php', '2203a247e6fda86070a5e4e07aed533a' => $vendorDir . '/symfony/clock/Resources/now.php', - 'a1105708a18b76903365ca1c4aa61b02' => $vendorDir . '/symfony/translation/Resources/functions.php', '9d2b9fc6db0f153a0a149fefb182415e' => $vendorDir . '/symfony/polyfill-php84/bootstrap.php', + 'a1105708a18b76903365ca1c4aa61b02' => $vendorDir . '/symfony/translation/Resources/functions.php', '23f09fe3194f8c2f70923f90d6702129' => $vendorDir . '/illuminate/collections/functions.php', '60799491728b879e74601d83e38b2cad' => $vendorDir . '/illuminate/collections/helpers.php', 'f625ee536139dfb962a398b200bdb2bd' => $vendorDir . '/illuminate/support/functions.php', diff --git a/plugins/vendor/composer/autoload_psr4.php b/plugins/vendor/composer/autoload_psr4.php index 0d2eba16..e18e7538 100644 --- a/plugins/vendor/composer/autoload_psr4.php +++ b/plugins/vendor/composer/autoload_psr4.php @@ -19,7 +19,7 @@ return array( 'Psr\\SimpleCache\\' => array($vendorDir . '/psr/simple-cache/src'), 'Psr\\Container\\' => array($vendorDir . '/psr/container/src'), 'Psr\\Clock\\' => array($vendorDir . '/psr/clock/src'), - 'Illuminate\\Support\\' => array($vendorDir . '/illuminate/macroable', $vendorDir . '/illuminate/conditionable', $vendorDir . '/illuminate/collections', $vendorDir . '/illuminate/support'), + 'Illuminate\\Support\\' => array($vendorDir . '/illuminate/collections', $vendorDir . '/illuminate/conditionable', $vendorDir . '/illuminate/macroable', $vendorDir . '/illuminate/support'), 'Illuminate\\Pagination\\' => array($vendorDir . '/illuminate/pagination'), 'Illuminate\\Contracts\\' => array($vendorDir . '/illuminate/contracts'), 'Doctrine\\Inflector\\' => array($vendorDir . '/doctrine/inflector/src'), diff --git a/plugins/vendor/composer/autoload_static.php b/plugins/vendor/composer/autoload_static.php index 00e27ea8..0c517441 100644 --- a/plugins/vendor/composer/autoload_static.php +++ b/plugins/vendor/composer/autoload_static.php @@ -9,11 +9,11 @@ class ComposerStaticInit9b9826e5b5cc7806cd328c4112cca75e public static $files = array ( '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => __DIR__ . '/..' . '/symfony/polyfill-mbstring/bootstrap.php', '662a729f963d39afe703c9d9b7ab4a8c' => __DIR__ . '/..' . '/symfony/polyfill-php83/bootstrap.php', - '606a39d89246991a373564698c2d8383' => __DIR__ . '/..' . '/symfony/polyfill-php85/bootstrap.php', '6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php', + '606a39d89246991a373564698c2d8383' => __DIR__ . '/..' . '/symfony/polyfill-php85/bootstrap.php', '2203a247e6fda86070a5e4e07aed533a' => __DIR__ . '/..' . '/symfony/clock/Resources/now.php', - 'a1105708a18b76903365ca1c4aa61b02' => __DIR__ . '/..' . '/symfony/translation/Resources/functions.php', '9d2b9fc6db0f153a0a149fefb182415e' => __DIR__ . '/..' . '/symfony/polyfill-php84/bootstrap.php', + 'a1105708a18b76903365ca1c4aa61b02' => __DIR__ . '/..' . '/symfony/translation/Resources/functions.php', '23f09fe3194f8c2f70923f90d6702129' => __DIR__ . '/..' . '/illuminate/collections/functions.php', '60799491728b879e74601d83e38b2cad' => __DIR__ . '/..' . '/illuminate/collections/helpers.php', 'f625ee536139dfb962a398b200bdb2bd' => __DIR__ . '/..' . '/illuminate/support/functions.php', @@ -118,9 +118,9 @@ class ComposerStaticInit9b9826e5b5cc7806cd328c4112cca75e ), 'Illuminate\\Support\\' => array ( - 0 => __DIR__ . '/..' . '/illuminate/macroable', + 0 => __DIR__ . '/..' . '/illuminate/collections', 1 => __DIR__ . '/..' . '/illuminate/conditionable', - 2 => __DIR__ . '/..' . '/illuminate/collections', + 2 => __DIR__ . '/..' . '/illuminate/macroable', 3 => __DIR__ . '/..' . '/illuminate/support', ), 'Illuminate\\Pagination\\' => diff --git a/plugins/vendor/composer/installed.json b/plugins/vendor/composer/installed.json index a4d12430..756eb787 100644 --- a/plugins/vendor/composer/installed.json +++ b/plugins/vendor/composer/installed.json @@ -929,17 +929,17 @@ }, { "name": "symfony/http-foundation", - "version": "v7.3.3", - "version_normalized": "7.3.3.0", + "version": "v7.3.7", + "version_normalized": "7.3.7.0", "source": { "type": "git", "url": "https://github.com/symfony/http-foundation.git", - "reference": "7475561ec27020196c49bb7c4f178d33d7d3dc00" + "reference": "db488a62f98f7a81d5746f05eea63a74e55bb7c4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/http-foundation/zipball/7475561ec27020196c49bb7c4f178d33d7d3dc00", - "reference": "7475561ec27020196c49bb7c4f178d33d7d3dc00", + "url": "https://api.github.com/repos/symfony/http-foundation/zipball/db488a62f98f7a81d5746f05eea63a74e55bb7c4", + "reference": "db488a62f98f7a81d5746f05eea63a74e55bb7c4", "shasum": "" }, "require": { @@ -963,7 +963,7 @@ "symfony/mime": "^6.4|^7.0", "symfony/rate-limiter": "^6.4|^7.0" }, - "time": "2025-08-20T08:04:18+00:00", + "time": "2025-11-08T16:41:12+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -991,7 +991,7 @@ "description": "Defines an object-oriented layer for the HTTP specification", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/http-foundation/tree/v7.3.3" + "source": "https://github.com/symfony/http-foundation/tree/v7.3.7" }, "funding": [ { diff --git a/plugins/vendor/composer/installed.php b/plugins/vendor/composer/installed.php index b75cacc2..6fb07b07 100644 --- a/plugins/vendor/composer/installed.php +++ b/plugins/vendor/composer/installed.php @@ -5,7 +5,7 @@ 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), - 'reference' => '981fb9585d0c76e8b9c31812d58dfdd5b56d6454', + 'reference' => '612041635d962d37f2f400ba1974bec5456ccd1e', 'name' => '__root__', 'dev' => true, ), @@ -16,7 +16,7 @@ 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), - 'reference' => '981fb9585d0c76e8b9c31812d58dfdd5b56d6454', + 'reference' => '612041635d962d37f2f400ba1974bec5456ccd1e', 'dev_requirement' => false, ), 'carbonphp/carbon-doctrine-types' => array( @@ -158,12 +158,12 @@ 'dev_requirement' => false, ), 'symfony/http-foundation' => array( - 'pretty_version' => 'v7.3.3', - 'version' => '7.3.3.0', + 'pretty_version' => 'v7.3.7', + 'version' => '7.3.7.0', 'type' => 'library', 'install_path' => __DIR__ . '/../symfony/http-foundation', 'aliases' => array(), - 'reference' => '7475561ec27020196c49bb7c4f178d33d7d3dc00', + 'reference' => 'db488a62f98f7a81d5746f05eea63a74e55bb7c4', 'dev_requirement' => false, ), 'symfony/polyfill-mbstring' => array( diff --git a/plugins/vendor/symfony/http-foundation/BinaryFileResponse.php b/plugins/vendor/symfony/http-foundation/BinaryFileResponse.php index a7358183..6a6679e0 100644 --- a/plugins/vendor/symfony/http-foundation/BinaryFileResponse.php +++ b/plugins/vendor/symfony/http-foundation/BinaryFileResponse.php @@ -164,7 +164,7 @@ class BinaryFileResponse extends Response for ($i = 0, $filenameLength = mb_strlen($filename, $encoding); $i < $filenameLength; ++$i) { $char = mb_substr($filename, $i, 1, $encoding); - if ('%' === $char || \ord($char) < 32 || \ord($char) > 126) { + if ('%' === $char || \ord($char[0]) < 32 || \ord($char[0]) > 126) { $filenameFallback .= '_'; } else { $filenameFallback .= $char; diff --git a/plugins/vendor/symfony/http-foundation/Request.php b/plugins/vendor/symfony/http-foundation/Request.php index dba930a2..3a609783 100644 --- a/plugins/vendor/symfony/http-foundation/Request.php +++ b/plugins/vendor/symfony/http-foundation/Request.php @@ -300,10 +300,21 @@ class Request $server['PATH_INFO'] = ''; $server['REQUEST_METHOD'] = strtoupper($method); + if (($i = strcspn($uri, ':/?#')) && ':' === ($uri[$i] ?? null) && (strspn($uri, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-.') !== $i || strcspn($uri, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'))) { + throw new BadRequestException('Invalid URI: Scheme is malformed.'); + } if (false === $components = parse_url(\strlen($uri) !== strcspn($uri, '?#') ? $uri : $uri.'#')) { throw new BadRequestException('Invalid URI.'); } + $part = ($components['user'] ?? '').':'.($components['pass'] ?? ''); + + if (':' !== $part && \strlen($part) !== strcspn($part, '[]')) { + throw new BadRequestException('Invalid URI: Userinfo is malformed.'); + } + if (($part = $components['host'] ?? '') && !self::isHostValid($part)) { + throw new BadRequestException('Invalid URI: Host is malformed.'); + } if (false !== ($i = strpos($uri, '\\')) && $i < strcspn($uri, '?#')) { throw new BadRequestException('Invalid URI: A URI cannot contain a backslash.'); } @@ -1091,10 +1102,8 @@ class Request // host is lowercase as per RFC 952/2181 $host = strtolower(preg_replace('/:\d+$/', '', trim($host))); - // as the host can come from the user (HTTP_HOST and depending on the configuration, SERVER_NAME too can come from the user) - // check that it does not contain forbidden characters (see RFC 952 and RFC 2181) - // use preg_replace() instead of preg_match() to prevent DoS attacks with long host names - if ($host && '' !== preg_replace('/(?:^\[)?[a-zA-Z0-9-:\]_]+\.?/', '', $host)) { + // the host can come from the user (HTTP_HOST and depending on the configuration, SERVER_NAME too can come from the user) + if ($host && !self::isHostValid($host)) { if (!$this->isHostValid) { return ''; } @@ -1236,15 +1245,22 @@ class Request static::initializeFormats(); } + $exactFormat = null; + $canonicalFormat = null; + foreach (static::$formats as $format => $mimeTypes) { - if (\in_array($mimeType, (array) $mimeTypes, true)) { - return $format; + if (\in_array($mimeType, $mimeTypes, true)) { + $exactFormat = $format; } - if (null !== $canonicalMimeType && \in_array($canonicalMimeType, (array) $mimeTypes, true)) { - return $format; + if (null !== $canonicalMimeType && \in_array($canonicalMimeType, $mimeTypes, true)) { + $canonicalFormat = $format; } } + if ($format = $exactFormat ?? $canonicalFormat) { + return $format; + } + return null; } @@ -1259,7 +1275,7 @@ class Request static::initializeFormats(); } - static::$formats[$format] = \is_array($mimeTypes) ? $mimeTypes : [$mimeTypes]; + static::$formats[$format ?? ''] = (array) $mimeTypes; } /** @@ -1892,9 +1908,8 @@ class Request } $pathInfo = substr($requestUri, \strlen($baseUrl)); - if ('' === $pathInfo) { - // If substr() returns false then PATH_INFO is set to an empty string - return '/'; + if ('' === $pathInfo || '/' !== $pathInfo[0]) { + return '/'.$pathInfo; } return $pathInfo; @@ -2101,4 +2116,21 @@ class Request return $this->isIisRewrite; } + + /** + * See https://url.spec.whatwg.org/. + */ + private static function isHostValid(string $host): bool + { + if ('[' === $host[0]) { + return ']' === $host[-1] && filter_var(substr($host, 1, -1), \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6); + } + + if (preg_match('/\.[0-9]++\.?$/D', $host)) { + return null !== filter_var($host, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV4 | \FILTER_NULL_ON_FAILURE); + } + + // use preg_replace() instead of preg_match() to prevent DoS attacks with long host names + return '' === preg_replace('/[-a-zA-Z0-9_]++\.?/', '', $host); + } } diff --git a/plugins/vendor/symfony/http-foundation/ResponseHeaderBag.php b/plugins/vendor/symfony/http-foundation/ResponseHeaderBag.php index b2bdb500..4e089fe6 100644 --- a/plugins/vendor/symfony/http-foundation/ResponseHeaderBag.php +++ b/plugins/vendor/symfony/http-foundation/ResponseHeaderBag.php @@ -159,7 +159,7 @@ class ResponseHeaderBag extends HeaderBag public function setCookie(Cookie $cookie): void { - $this->cookies[$cookie->getDomain()][$cookie->getPath()][$cookie->getName()] = $cookie; + $this->cookies[$cookie->getDomain() ?? ''][$cookie->getPath()][$cookie->getName()] = $cookie; $this->headerNames['set-cookie'] = 'Set-Cookie'; } @@ -170,13 +170,13 @@ class ResponseHeaderBag extends HeaderBag { $path ??= '/'; - unset($this->cookies[$domain][$path][$name]); + unset($this->cookies[$domain ?? ''][$path][$name]); - if (empty($this->cookies[$domain][$path])) { - unset($this->cookies[$domain][$path]); + if (empty($this->cookies[$domain ?? ''][$path])) { + unset($this->cookies[$domain ?? ''][$path]); - if (empty($this->cookies[$domain])) { - unset($this->cookies[$domain]); + if (empty($this->cookies[$domain ?? ''])) { + unset($this->cookies[$domain ?? '']); } } diff --git a/plugins/vendor/symfony/http-foundation/ServerEvent.php b/plugins/vendor/symfony/http-foundation/ServerEvent.php index ea2b5c88..7597058b 100644 --- a/plugins/vendor/symfony/http-foundation/ServerEvent.php +++ b/plugins/vendor/symfony/http-foundation/ServerEvent.php @@ -132,14 +132,12 @@ class ServerEvent implements \IteratorAggregate } yield $head; - if ($this->data) { - if (is_iterable($this->data)) { - foreach ($this->data as $data) { - yield \sprintf('data: %s', $data)."\n"; - } - } else { - yield \sprintf('data: %s', $this->data)."\n"; + if (is_iterable($this->data)) { + foreach ($this->data as $data) { + yield \sprintf('data: %s', $data)."\n"; } + } elseif ('' !== $this->data) { + yield \sprintf('data: %s', $this->data)."\n"; } yield "\n"; diff --git a/plugins/vendor/symfony/http-foundation/Session/Storage/Handler/PdoSessionHandler.php b/plugins/vendor/symfony/http-foundation/Session/Storage/Handler/PdoSessionHandler.php index e2fb4f12..21765695 100644 --- a/plugins/vendor/symfony/http-foundation/Session/Storage/Handler/PdoSessionHandler.php +++ b/plugins/vendor/symfony/http-foundation/Session/Storage/Handler/PdoSessionHandler.php @@ -219,7 +219,7 @@ class PdoSessionHandler extends AbstractSessionHandler $table->addColumn($this->timeCol, Types::INTEGER)->setNotnull(true); break; case 'sqlsrv': - $table->addColumn($this->idCol, Types::TEXT)->setLength(128)->setNotnull(true); + $table->addColumn($this->idCol, Types::STRING)->setLength(128)->setNotnull(true); $table->addColumn($this->dataCol, Types::BLOB)->setNotnull(true); $table->addColumn($this->lifetimeCol, Types::INTEGER)->setUnsigned(true)->setNotnull(true); $table->addColumn($this->timeCol, Types::INTEGER)->setUnsigned(true)->setNotnull(true);