AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-11 00:04:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Client related modal and post move client_id get after post

Browse Source
This commit is contained in:
johnnyq
2026-03-07 11:48:56 -05:00
parent 60b6c245ef
commit c8273b2052
9 changed files with 13 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
agent/modals/contact/contact_edit.php
View File

@@ -55,7 +55,7 @@ ob_start();
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off"> <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>"> <input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">

1
agent/modals/location/location_edit.php
View File

@@ -49,7 +49,6 @@ ob_start();
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off"> <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="location_id" value="<?php echo $location_id; ?>"> <input type="hidden" name="location_id" value="<?php echo $location_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body">

2
agent/modals/network/network_edit.php
View File

@@ -31,7 +31,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="network_id" value="<?= $network_id ?>"> <input type="hidden" name="network_id" value="<?= $network_id ?>">
<input type="hidden" name="client_id" value="<?= $client_id ?>">
<div class="modal-body"> <div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">

2
agent/post/asset.php
View File

@@ -14,6 +14,8 @@ if (isset($_POST['add_asset'])) {
require_once 'asset_model.php'; require_once 'asset_model.php';
$client_id = intval($_POST['client_id']);
enforceClientAccess(); enforceClientAccess();
$alert_extended = ""; $alert_extended = "";

1
agent/post/asset_model.php
View File

@@ -46,4 +46,3 @@ if (empty($install_date)) {
} }
$notes = sanitizeInput($_POST['notes']); $notes = sanitizeInput($_POST['notes']);
$favorite = intval($_POST['favorite'] ?? 0); $favorite = intval($_POST['favorite'] ?? 0);
$client_id = intval($_POST['client_id']);

11
agent/post/contact.php
View File

@@ -14,6 +14,8 @@ if (isset($_POST['add_contact'])) {
require_once 'contact_model.php'; require_once 'contact_model.php';
$client_id = intval($_POST['client_id']);
enforceClientAccess($client_id); enforceClientAccess($client_id);
// Create User Account // Create User Account
@@ -88,16 +90,17 @@ if (isset($_POST['edit_contact'])) {
require_once 'contact_model.php'; require_once 'contact_model.php';
enforceClientAccess();
$contact_id = intval($_POST['contact_id']); $contact_id = intval($_POST['contact_id']);
$send_email = intval($_POST['send_email'] ?? 0); $send_email = intval($_POST['send_email'] ?? 0);
// Get Exisiting Contact Photo and contact_user_id // Get Contact Info
$sql = mysqli_query($mysqli,"SELECT contact_photo, contact_user_id FROM contacts WHERE contact_id = $contact_id"); $sql = mysqli_query($mysqli,"SELECT contact_photo, contact_user_id, contact_client_id FROM contacts WHERE contact_id = $contact_id");
$row = mysqli_fetch_assoc($sql); $row = mysqli_fetch_assoc($sql);
$existing_file_name = sanitizeInput($row['contact_photo']); $existing_file_name = sanitizeInput($row['contact_photo']);
$contact_user_id = intval($row['contact_user_id']); $contact_user_id = intval($row['contact_user_id']);
$client_id = intval($row['contact_client_id']);
enforceClientAccess();
if (!file_exists("../uploads/clients/$client_id")) { if (!file_exists("../uploads/clients/$client_id")) {
mkdir("../uploads/clients/$client_id"); mkdir("../uploads/clients/$client_id");

2
agent/post/contact_model.php
View File

@@ -1,7 +1,6 @@
<?php <?php
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
$client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']); $name = sanitizeInput($_POST['name']);
$title = sanitizeInput($_POST['title']); $title = sanitizeInput($_POST['title']);
$department = sanitizeInput($_POST['department']); $department = sanitizeInput($_POST['department']);
@@ -19,4 +18,3 @@ $contact_technical = intval($_POST['contact_technical'] ?? 0);
$location_id = intval($_POST['location'] ?? 0); $location_id = intval($_POST['location'] ?? 0);
$pin = sanitizeInput($_POST['pin']); $pin = sanitizeInput($_POST['pin']);
$auth_method = sanitizeInput($_POST['auth_method']); $auth_method = sanitizeInput($_POST['auth_method']);

2
agent/post/location.php
View File

@@ -14,6 +14,8 @@ if(isset($_POST['add_location'])){
require_once 'location_model.php'; require_once 'location_model.php';
$client_id = intval($_POST['client_id']);
enforceClientAccess(); enforceClientAccess();
if(!file_exists("../uploads/clients/$client_id")) { if(!file_exists("../uploads/clients/$client_id")) {

1
agent/post/location_model.php
View File

@@ -1,7 +1,6 @@
<?php <?php
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
$client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']); $name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']); $description = sanitizeInput($_POST['description']);
$country = sanitizeInput($_POST['country']); $country = sanitizeInput($_POST['country']);