AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated User Settings Page and added logging to most functions

This commit is contained in:
johnny@pittpc.com 2019-09-06 03:03:16 -04:00
parent d259d1b3dc
commit ca427ab763
5 changed files with 431 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
check_login.php
View File

@ -16,6 +16,7 @@
$sql = mysqli_query($mysqli,"SELECT * FROM users, companies, user_companies WHERE users.user_id = user_companies.user_id AND companies.company_id = user_companies.company_id AND users.user_id = $session_user_id");
$row = mysqli_fetch_array($sql);
$session_name = $row['name'];
$session_email = $row['email'];
$session_avatar = $row['avatar'];
$session_company_id = $row['company_id'];
$session_company_name = $row['company_name'];

8
login.php
View File

@ -40,7 +40,7 @@ if(isset($_POST['login'])){
if(empty($token)){
$_SESSION['logged'] = TRUE;
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login Successful', log_description = '$name successfully logged in from $ip using $os | $browser on a $device', log_created_at = NOW(), user_id = $user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Success', log_description = '$ip - $os - $browser - $device', log_created_at = NOW(), user_id = $user_id");
header("Location: dashboard.php");
}else{
@ -48,11 +48,11 @@ if(isset($_POST['login'])){
if(TokenAuth6238::verify($token,$current_code)){
$_SESSION['logged'] = TRUE;
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login Successful', log_description = '$name successfully logged in with 2FA from $ip using $os | $browser on a $device', log_created_at = NOW(), user_id = $user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login 2FA', log_action = 'Success', log_description = '$ip - $os - $browser - $device', log_created_at = NOW(), user_id = $user_id");
//header("Location: $config_start_page");
header("Location: dashboard.php");
}else{
mysqli_query($mysqli,"INSERT INTO logs SET log_type = '2FA Login Failed', log_description = '$name failed 2FA from $ip using $os | $browser on a $device', log_created_at = NOW(), user_id = $user_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = '2FA Failed', log_description = '$ip - $os - $browser - $device', log_created_at = NOW(), user_id = $user_id");
$response = "
<div class='alert alert-danger'>
@ -64,7 +64,7 @@ if(isset($_POST['login'])){
}
}else{
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login Failed', log_description = '$email failed to login from $ip using $os | $browser on a $device', log_created_at = NOW()");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = '$email - $ip - $os - $browser - $device', log_created_at = NOW()");
$response = "
<div class='alert alert-danger'>

5
logs.php
View File

@ -40,7 +40,7 @@
}
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logs
WHERE log_type LIKE '%$q%' OR log_description = '%$q%'
WHERE log_type LIKE '%$q%' OR log_action LIKE '%$q%' OR log_description LIKE '%$q%'
ORDER BY $sb $o LIMIT $record_from, $record_to");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
@ -68,6 +68,7 @@
<thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
<tr>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_type&o=<?php echo $disp; ?>">Type</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_action&o=<?php echo $disp; ?>">Action</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_description&o=<?php echo $disp; ?>">Description</a></th>
<th><a class="text-dark" href="?<?php echo $url_query_strings_sb; ?>&sb=log_created_at&o=<?php echo $disp; ?>">Timestamp</a></th>
</tr>
@ -78,6 +79,7 @@
while($row = mysqli_fetch_array($sql)){
$log_id = $row['log_id'];
$log_type = $row['log_type'];
$log_action = $row['log_action'];
$log_description = $row['log_description'];
$log_created_at = $row['log_created_at'];
@ -85,6 +87,7 @@
<tr>
<td><?php echo $log_type; ?></td>
<td><?php echo $log_action; ?></td>
<td><?php echo $log_description; ?></td>
<td><?php echo $log_created_at; ?></td>
</tr>

328
post.php
View File

@ -42,6 +42,9 @@ if(isset($_POST['add_user'])){
}
}
}
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Created', log_description = '$name', log_created_at = NOW()");
$_SESSION['alert_message'] = "User <strong>$name</strong> created!";
@ -75,6 +78,9 @@ if(isset($_POST['edit_user'])){
mysqli_query($mysqli,"UPDATE users SET name = '$name', email = '$email', password = '$password', avatar = '$path', updated_at = NOW() WHERE user_id = $user_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modified', log_description = '$name', log_created_at = NOW()");
$_SESSION['alert_message'] = "User <strong>$name</strong> updated";
header("Location: users.php");
@ -98,6 +104,9 @@ if(isset($_POST['add_company'])){
mysqli_query($mysqli,"INSERT INTO settings SET company_id = $company_id, config_company_name = '$name', config_invoice_prefix = 'INV-', config_invoice_next_number = 1, config_invoice_overdue_reminders = '1,3,7', config_quote_prefix = 'QUO-', config_quote_next_number = 1, config_api_key = '$config_api_key', config_recurring_auto_send_invoice = 1, config_default_net_terms = 7, config_send_invoice_reminders = 0, config_enable_cron = 0, config_ticket_next_number = 1, config_base_url = '$config_base_url'");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Created', log_description = '$name', log_created_at = NOW()");
$_SESSION['alert_message'] = "Company <strong>$name</strong> created!";
header("Location: companies.php");
@ -110,6 +119,9 @@ if(isset($_POST['edit_company'])){
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_updated_at = NOW() WHERE company_id = $company_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Modified', log_description = '$name', log_created_at = NOW()");
$_SESSION['alert_message'] = "Company <strong>$name</strong> updated!";
header("Location: companies.php");
@ -123,6 +135,11 @@ if(isset($_GET['delete_company'])){
mysqli_query($mysqli,"DELETE FROM settings WHERE company_id = $company_id");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company Deleted', log_description = '$company_id', log_created_at = NOW()");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Deleted', log_description = '$name', log_created_at = NOW()");
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Company deleted!";
@ -164,6 +181,9 @@ if(isset($_POST['edit_general_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_invoice_logo = '$path', config_api_key = '$config_api_key', config_base_url = '$config_base_url' WHERE company_id = $session_company_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'General', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -183,6 +203,9 @@ if(isset($_POST['edit_company_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_company_name = '$config_company_name', config_company_address = '$config_company_address', config_company_city = '$config_company_city', config_company_state = '$config_company_state', config_company_zip = '$config_company_zip', config_company_phone = '$config_company_phone', config_company_site = '$config_company_site' WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Company', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Company Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -200,6 +223,9 @@ if(isset($_POST['edit_mail_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password', config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name' WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Mail', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Mail Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -214,6 +240,9 @@ if(isset($_POST['edit_invoice_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_invoice_footer = '$config_invoice_footer' WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Invoice', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -228,6 +257,9 @@ if(isset($_POST['edit_quote_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer' WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Quote', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -241,6 +273,9 @@ if(isset($_POST['edit_ticket_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Ticket', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Ticket Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -260,6 +295,9 @@ if(isset($_POST['edit_default_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_default_expense_account = $config_default_expense_account, config_default_payment_account = $config_default_payment_account, config_default_payment_method = '$config_default_payment_method', config_default_expense_payment_method = '$config_default_expense_payment_method', config_default_transfer_from_account = $config_default_transfer_from_account, config_default_transfer_to_account = $config_default_transfer_to_account, config_default_calendar = $config_default_calendar, config_default_net_terms = $config_default_net_terms WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Defaults', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Default Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -273,6 +311,9 @@ if(isset($_POST['edit_alert_settings'])){
mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_invoice_overdue_reminders = '$config_invoice_overdue_reminders', config_enable_cron = $config_enable_cron WHERE company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modified', log_description = 'Alerts', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Alert Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -285,6 +326,9 @@ if(isset($_POST['enable_2fa'])){
mysqli_query($mysqli,"UPDATE users SET token = '$token' WHERE user_id = $session_user_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User Settings', log_action = 'Modified', log_description = '2FA Enabled', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Two Factor Authentication Enabled and Token Updated, don't lose your code you will need this additionally to login";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -295,6 +339,9 @@ if(isset($_POST['disable_2fa'])){
mysqli_query($mysqli,"UPDATE users SET token = '' WHERE user_id = $session_user_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User Settings', log_action = 'Modified', log_description = '2FA Disabled', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Two Factor Authentication Disabled you can now login without TOTP Code";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -374,6 +421,9 @@ if(isset($_GET['download_database'])){
exec('rm ' . $backup_file_name);
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Downloaded', log_description = 'Database', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
}
if(isset($_POST['add_client'])){
@ -398,6 +448,9 @@ if(isset($_POST['add_client'])){
//Should be created when files are uploaded
mkdir("uploads/clients/$session_company_id/$client_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Client added";
header("Location: clients.php");
@ -422,6 +475,9 @@ if(isset($_POST['edit_client'])){
mysqli_query($mysqli,"UPDATE clients SET client_name = '$name', client_type = '$type', client_address = '$address', client_city = '$city', client_state = '$state', client_zip = '$zip', client_phone = '$phone', client_email = '$email', client_website = '$website', client_net_terms = $net_terms, client_hours = '$hours', client_updated_at = NOW() WHERE client_id = $client_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Client $name updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -433,6 +489,9 @@ if(isset($_GET['delete_client'])){
mysqli_query($mysqli,"DELETE FROM clients WHERE client_id = $client_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Deleted', log_description = '$client_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Client deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -446,6 +505,9 @@ if(isset($_POST['add_calendar'])){
mysqli_query($mysqli,"INSERT INTO calendars SET calendar_name = '$name', calendar_color = '$color', calendar_created_at = NOW(), company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Calendar created, now lets add some events!";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -461,6 +523,9 @@ if(isset($_POST['add_event'])){
mysqli_query($mysqli,"INSERT INTO events SET event_title = '$title', event_start = '$start', event_end = '$end', event_created_at = NOW(), calendar_id = $calendar_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar Event', log_action = 'Created', log_description = '$title', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Event added to the calendar";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -477,6 +542,9 @@ if(isset($_POST['edit_event'])){
mysqli_query($mysqli,"UPDATE events SET event_title = '$title', event_start = '$start', event_end = '$end', event_updated_at = NOW(), calendar_id = $calendar_id WHERE event_id = $event_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Modified', log_description = '$title', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Event modified on the calendar";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -488,6 +556,9 @@ if(isset($_GET['delete_event'])){
mysqli_query($mysqli,"DELETE FROM events WHERE event_id = $event_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar', log_action = 'Deleted', log_description = '$event_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Event deleted on the calendar";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -507,6 +578,9 @@ if(isset($_POST['add_ticket'])){
mysqli_query($mysqli,"INSERT INTO tickets SET ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_status = 'Open', ticket_created_at = NOW(), ticket_created_by = $session_user_id, client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Created', log_description = '$subject', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Ticket created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -521,6 +595,9 @@ if(isset($_POST['edit_ticket'])){
mysqli_query($mysqli,"UPDATE tickets SET ticket_subject = '$subject', ticket_details = '$details' ticket_updated_at = NOW() WHERE ticket_id = $ticket_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modified', log_description = '$subject', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Ticket updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -532,6 +609,9 @@ if(isset($_GET['delete_ticket'])){
mysqli_query($mysqli,"DELETE FROM tickets WHERE ticket_id = $ticket_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Deleted', log_description = '$ticket_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Ticket deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -545,6 +625,9 @@ if(isset($_POST['add_ticket_update'])){
mysqli_query($mysqli,"INSERT INTO ticket_updates SET ticket_update = '$ticket_update', ticket_update_created_at = NOW(), user_id = $session_user_id, ticket_id = $ticket_id, company_id = $session_company_id") or die(mysqli_error($mysqli));
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket Update', log_action = 'Created', log_description = '$ticket_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Posted an update";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -557,6 +640,9 @@ if(isset($_POST['close_ticket'])){
mysqli_query($mysqli,"UPDATE tickets SET ticket_status = 'Closed', ticket_updated_at = NOW(), ticket_closed_at = NOW(), ticket_closed_by = $session_user_id WHERE ticket_id = $ticket_id AND company_id = $session_company_id") or die(mysqli_error($mysqli));
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modified', log_description = '$ticket_id Closed', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Ticket Closed, this cannot not be reopened but you may start another one";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -583,6 +669,9 @@ if(isset($_POST['add_vendor'])){
$vendor_id = mysqli_insert_id($mysqli);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Vendor added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -607,6 +696,9 @@ if(isset($_POST['edit_vendor'])){
mysqli_query($mysqli,"UPDATE vendors SET vendor_name = '$name', vendor_description = '$description', vendor_address = '$address', vendor_city = '$city', vendor_state = '$state', vendor_zip = '$zip', vendor_contact_name = '$contact_name', vendor_phone = '$phone', vendor_email = '$email', vendor_website = '$website', vendor_account_number = '$account_number', vendor_updated_at = NOW() WHERE vendor_id = $vendor_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Vendor modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -618,6 +710,9 @@ if(isset($_GET['delete_vendor'])){
mysqli_query($mysqli,"DELETE FROM vendors WHERE vendor_id = $vendor_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Vendor', log_action = 'Deleted', log_description = '$vendor_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Vendor deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -632,6 +727,9 @@ if(isset($_POST['add_product'])){
mysqli_query($mysqli,"INSERT INTO products SET product_name = '$name', product_description = '$description', product_cost = '$cost', product_created_at = NOW(), company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Product added";
header("Location: products.php");
@ -647,6 +745,9 @@ if(isset($_POST['edit_product'])){
mysqli_query($mysqli,"UPDATE products SET product_name = '$name', product_description = '$description', product_cost = '$cost', product_updated_at = NOW() WHERE product_id = $product_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Product modified";
header("Location: products.php");
@ -658,6 +759,9 @@ if(isset($_GET['delete_product'])){
mysqli_query($mysqli,"DELETE FROM products WHERE product_id = $product_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Product', log_action = 'Deleted', log_description = '$product_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Product deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -679,6 +783,9 @@ if(isset($_POST['add_trip'])){
mysqli_query($mysqli,"INSERT INTO trips SET trip_date = '$date', trip_starting_location = '$starting_location', trip_destination = '$destination', trip_miles = $miles, round_trip = $roundtrip, trip_purpose = '$purpose', trip_created_at = NOW(), client_id = $client_id, invoice_id = $invoice_id, location_id = $location_id, vendor_id = $vendor_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Created', log_description = '$date', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Trip added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -701,6 +808,9 @@ if(isset($_POST['edit_trip'])){
mysqli_query($mysqli,"UPDATE trips SET trip_date = '$date', trip_starting_location = '$starting_location', trip_destination = '$destination', trip_miles = $miles, trip_purpose = '$purpose', round_trip = $roundtrip, trip_updated_at = NOW(), client_id = $client_id, invoice_id = $invoice_id, location_id = $location_id, vendor_id = $vendor_id WHERE trip_id = $trip_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Modified', log_description = '$date', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Trip modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -712,6 +822,9 @@ if(isset($_GET['delete_trip'])){
mysqli_query($mysqli,"DELETE FROM trips WHERE trip_id = $trip_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Trip', log_action = 'Deleted', log_description = '$trip_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Trip deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -725,6 +838,9 @@ if(isset($_POST['add_account'])){
mysqli_query($mysqli,"INSERT INTO accounts SET account_name = '$name', opening_balance = '$opening_balance', account_created_at = NOW(), company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Account added";
header("Location: accounts.php");
@ -738,6 +854,9 @@ if(isset($_POST['edit_account'])){
mysqli_query($mysqli,"UPDATE accounts SET account_name = '$name', account_updated_at = NOW() WHERE account_id = $account_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Account modified";
header("Location: accounts.php");
@ -749,6 +868,9 @@ if(isset($_GET['delete_account'])){
mysqli_query($mysqli,"DELETE FROM accounts WHERE account_id = $account_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Account', log_action = 'Deleted', log_description = '$account_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Account deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -763,6 +885,9 @@ if(isset($_POST['add_category'])){
mysqli_query($mysqli,"INSERT INTO categories SET category_name = '$name', category_type = '$type', category_color = '$color', category_created_at = NOW(), company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Category added";
header("Location: categories.php");
@ -778,6 +903,9 @@ if(isset($_POST['edit_category'])){
mysqli_query($mysqli,"UPDATE categories SET category_name = '$name', category_type = '$type', category_color = '$color', category_updated_at = NOW() WHERE category_id = $category_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Category modified";
header("Location: categories.php");
@ -789,6 +917,9 @@ if(isset($_GET['delete_category'])){
mysqli_query($mysqli,"DELETE FROM categories WHERE category_id = $category_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Deleted', log_description = '$category_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Category deleted";
$_SESSION['alert_type'] = "danger";
@ -802,6 +933,9 @@ if(isset($_GET['alert_ack'])){
mysqli_query($mysqli,"UPDATE alerts SET alert_ack_date = CURDATE() WHERE alert_id = $alert_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Alerts', log_action = 'Modified', log_description = '$alert_id Acknowledged', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Alert Acknowledged";
header("Location: alerts.php");
@ -820,6 +954,9 @@ if(isset($_GET['ack_all_alerts'])){
mysqli_query($mysqli,"UPDATE alerts SET alert_ack_date = CURDATE() WHERE alert_id = $alert_id AND company_id = $session_company_id");
}
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Alerts', log_action = 'Modifed', log_description = 'Acknowledged all alerts', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Alerts Acknowledged";
@ -846,6 +983,9 @@ if(isset($_POST['add_expense'])){
mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$date', expense_amount = '$amount', account_id = $account, vendor_id = $vendor, category_id = $category, expense_description = '$description', expense_reference = '$reference', expense_receipt = '$path', expense_created_at = NOW(), company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Created', log_description = '$description', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Expense added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -876,6 +1016,9 @@ if(isset($_POST['edit_expense'])){
mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = '$amount', account_id = $account, vendor_id = $vendor, category_id = $category, expense_description = '$description', expense_reference = '$reference', expense_receipt = '$path', expense_updated_at = NOW() WHERE expense_id = $expense_id AND company_id = $session_company_id");
$_SESSION['alert_message'] = "Expense modified";
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Modified', log_description = '$description', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -892,6 +1035,9 @@ if(isset($_GET['delete_expense'])){
mysqli_query($mysqli,"DELETE FROM expenses WHERE expense_id = $expense_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Expense', log_action = 'Deleted', log_description = '$epense_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Expense deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -913,6 +1059,9 @@ if(isset($_POST['add_transfer'])){
mysqli_query($mysqli,"INSERT INTO transfers SET expense_id = $expense_id, revenue_id = $revenue_id, transfer_created_at = NOW(), company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Created', log_description = '$date - $amount', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Transfer added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -935,6 +1084,9 @@ if(isset($_POST['edit_transfer'])){
mysqli_query($mysqli,"UPDATE transfers SET transfer_date = '$date', transfer_amount = '$amount', transfer_account_from = $account_from, transfer_account_to = $account_to, transfer_updated_at = NOW() WHERE transfer_id = $transfer_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Modifed', log_description = '$date - $amount', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Transfer modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -956,6 +1108,9 @@ if(isset($_GET['delete_transfer'])){
mysqli_query($mysqli,"DELETE FROM transfers WHERE transfer_id = $transfer_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Transfer', log_action = 'Deleted', log_description = '$transfer_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Transfer deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -984,6 +1139,10 @@ if(isset($_POST['add_invoice'])){
$invoice_id = mysqli_insert_id($mysqli);
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Draft', history_description = 'INVOICE added!', history_created_at = NOW(), invoice_id = $invoice_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Created', log_description = '$invoice_number', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice added";
header("Location: invoice.php?invoice_id=$invoice_id");
@ -998,6 +1157,9 @@ if(isset($_POST['edit_invoice'])){
mysqli_query($mysqli,"UPDATE invoices SET invoice_date = '$date', invoice_due = '$due', invoice_updated_at = NOW(), category_id = $category WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Modified', log_description = '$invoice_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1045,6 +1207,9 @@ if(isset($_POST['add_invoice_copy'])){
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), invoice_id = $new_invoice_id, company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Created', log_description = 'Copied Invoice', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice copied";
header("Location: invoice.php?invoice_id=$new_invoice_id");
@ -1084,6 +1249,9 @@ if(isset($_POST['add_invoice_recurring'])){
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), recurring_id = $recurring_id, company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Created', log_description = 'From recurring invoice', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Created recurring Invoice from this Invoice";
header("Location: recurring.php?recurring_id=$recurring_id");
@ -1111,6 +1279,9 @@ if(isset($_POST['add_quote'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Draft', history_description = 'Quote created!', history_created_at = NOW(), quote_id = $quote_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Created', log_description = '$quote_number', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote added";
header("Location: quote.php?quote_id=$quote_id");
@ -1154,6 +1325,9 @@ if(isset($_POST['add_quote_copy'])){
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), quote_id = $new_quote_id, company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Created', log_description = 'Copied Quote', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote copied";
header("Location: quote.php?quote_id=$new_quote_id");
@ -1200,6 +1374,9 @@ if(isset($_POST['add_quote_to_invoice'])){
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = '$item_price', item_subtotal = '$item_subtotal', item_tax = '$item_tax', item_total = '$item_total', item_created_at = NOW(), invoice_id = $new_invoice_id, company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Created', log_description = 'Quote copied to Invoice', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quoted copied to Invoice";
header("Location: invoice.php?invoice_id=$new_invoice_id");
@ -1257,6 +1434,9 @@ if(isset($_POST['edit_quote'])){
mysqli_query($mysqli,"UPDATE quotes SET quote_date = '$date', category_id = $category, quote_updated_at = NOW() WHERE quote_id = $quote_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modified', log_description = '$quote_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote modified";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1282,6 +1462,9 @@ if(isset($_GET['delete_quote'])){
mysqli_query($mysqli,"DELETE FROM history WHERE history_id = $history_id AND company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Deleted', log_description = '$quote_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quotes deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1307,6 +1490,9 @@ if(isset($_GET['delete_quote_item'])){
mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_id = $item_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote Item', log_action = 'Deleted', log_description = '$item_id from $quote_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Item deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1321,6 +1507,9 @@ if(isset($_GET['approve_quote'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Approved', history_description = 'Quote approved!', history_created_at = NOW(), quote_id = $quote_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modified', log_description = 'Approved Quote $quote_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote approved";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1335,6 +1524,9 @@ if(isset($_GET['reject_quote'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Cancelled', history_description = 'Quote rejected!', history_created_at = NOW(), quote_id = $quote_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Modified', log_description = 'Rejected Quote $quote_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote rejected";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1514,6 +1706,9 @@ if(isset($_GET['pdf_quote'])){
$mpdf->WriteHTML($html);
$mpdf->Output();
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Downloaded', log_description = '$quote_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
}
if(isset($_GET['email_quote'])){
@ -1589,6 +1784,9 @@ if(isset($_GET['email_quote'])){
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Quote', log_action = 'Emailed', log_description = '$quote_id emailed to $client_email', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Quote has been sent";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1612,6 +1810,9 @@ if(isset($_POST['add_recurring'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_description = 'Recurring Invoice created!', history_created_at = NOW(), recurring_id = $recurring_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Created', log_description = '$start_date - $category', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Recurring Invoice added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1637,6 +1838,9 @@ if(isset($_GET['delete_recurring'])){
mysqli_query($mysqli,"DELETE FROM history WHERE history_id = $history_id AND company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Deleted', log_description = '$recurring_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Recurring Invoice deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1649,6 +1853,9 @@ if(isset($_GET['recurring_activate'])){
mysqli_query($mysqli,"UPDATE recurring SET recurring_status = 1 WHERE recurring_id = $recurring_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Modified', log_description = 'Activated', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Recurring Invoice Activated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1661,6 +1868,9 @@ if(isset($_GET['recurring_deactivate'])){
mysqli_query($mysqli,"UPDATE recurring SET recurring_status = 0 WHERE recurring_id = $recurring_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring', log_action = 'Modified', log_description = 'Deactivated', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Recurring Invoice Deactivated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1728,13 +1938,15 @@ if(isset($_GET['delete_recurring_item'])){
mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_id = $item_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Recurring Item', log_action = 'Deleted', log_description = 'Item ID $item_id from Recurring ID $recurring_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Item deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if(isset($_GET['mark_invoice_sent'])){
$invoice_id = intval($_GET['mark_invoice_sent']);
@ -1743,6 +1955,9 @@ if(isset($_GET['mark_invoice_sent'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Sent', history_description = 'INVOICE marked sent', history_created_at = NOW(), invoice_id = $invoice_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Updated', log_description = '$invoice_id marked sent', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice marked sent";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1757,6 +1972,9 @@ if(isset($_GET['cancel_invoice'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Cancelled', history_description = 'INVOICE cancelled!', history_created_at = NOW(), invoice_id = $invoice_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Modified', log_description = 'Cancelled', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice cancelled";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1789,6 +2007,9 @@ if(isset($_GET['delete_invoice'])){
mysqli_query($mysqli,"DELETE FROM payments WHERE payment_id = $payment_id AND company_id = $session_company_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Deleted', log_description = '$invoice_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1859,6 +2080,9 @@ if(isset($_GET['delete_invoice_item'])){
mysqli_query($mysqli,"DELETE FROM invoice_items WHERE item_id = $item_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice Item', log_action = 'Deleted', log_description = '$item_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Item deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1987,6 +2211,9 @@ if(isset($_POST['add_payment'])){
//Add Payment to History
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = '$invoice_status', history_description = 'INVOICE payment added', history_created_at = NOW(), invoice_id = $invoice_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Created', log_description = '$payment_amount', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Payment added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2029,6 +2256,9 @@ if(isset($_GET['delete_payment'])){
mysqli_query($mysqli,"DELETE FROM payments WHERE payment_id = $payment_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Deleted', log_description = '$payment_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Payment deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2120,6 +2350,9 @@ if(isset($_GET['email_invoice'])){
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Emailed', log_description = 'Invoice $invoice_number emailed to $client_email', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Invoice has been sent";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2142,6 +2375,9 @@ if(isset($_POST['add_revenue'])){
mysqli_query($mysqli,"INSERT INTO revenues SET revenue_date = '$date', revenue_amount = '$amount', revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_created_at = NOW(), category_id = $category, account_id = $account, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Created', log_description = '$date - $amount', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Revenue added!";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2161,6 +2397,9 @@ if(isset($_POST['edit_revenue'])){
mysqli_query($mysqli,"UPDATE revenues SET revenue_date = '$date', revenue_amount = '$amount', revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_updated_at = NOW(), category_id = $category, account_id = $account WHERE revenue_id = $revenue_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Modified', log_description = '$revenue_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Revenue modified!";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2172,6 +2411,9 @@ if(isset($_GET['delete_revenue'])){
mysqli_query($mysqli,"DELETE FROM revenues WHERE revenue_id = $revenue_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Revenue', log_action = 'Deleted', log_description = '$revenue_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Revenue deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2372,6 +2614,9 @@ if(isset($_GET['pdf_invoice'])){
$mpdf->WriteHTML($html);
$mpdf->Output();
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Downloaded', log_description = '$invoice_number', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
}
if(isset($_POST['add_contact'])){
@ -2398,6 +2643,9 @@ if(isset($_POST['add_contact'])){
mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_mobile = '$mobile', contact_email = '$email', contact_photo = '$path', contact_created_at = NOW(), client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Contact added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2431,6 +2679,9 @@ if(isset($_POST['edit_contact'])){
mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_mobile = '$mobile', contact_email = '$email', contact_photo = '$path', contact_updated_at = NOW() WHERE contact_id = $contact_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Contact updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2442,6 +2693,9 @@ if(isset($_GET['delete_contact'])){
mysqli_query($mysqli,"DELETE FROM contacts WHERE contact_id = $contact_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Deleted', log_description = '$contact_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Contact deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2462,6 +2716,9 @@ if(isset($_POST['add_location'])){
mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_hours = '$hours', location_created_at = NOW(), client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Location added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2482,6 +2739,9 @@ if(isset($_POST['edit_location'])){
mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_hours = '$hours', location_updated_at = NOW() WHERE location_id = $location_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Location', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Location updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2493,6 +2753,9 @@ if(isset($_GET['delete_location'])){
mysqli_query($mysqli,"DELETE FROM locations WHERE location_id = $location_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'location', log_action = 'Deleted', log_description = '$location_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Location deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2533,6 +2796,9 @@ if(isset($_POST['add_asset'])){
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Asset added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2580,6 +2846,9 @@ if(isset($_POST['edit_asset'])){
}
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Asset updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2591,6 +2860,9 @@ if(isset($_GET['delete_asset'])){
mysqli_query($mysqli,"DELETE FROM assets WHERE asset_id = $asset_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Asset', log_action = 'Deleted', log_description = '$asset_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Asset deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2611,6 +2883,9 @@ if(isset($_POST['add_login'])){
mysqli_query($mysqli,"INSERT INTO logins SET login_description = '$description', login_web_link = '$web_link', login_username = '$username', login_password = '$password', login_note = '$note', login_created_at = NOW(), vendor_id = $vendor_id, asset_id = $asset_id, software_id = $software_id, client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Created', log_description = '$description', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Login added";
header("Location: client.php?client_id=$client_id&tab=logins");
@ -2631,6 +2906,9 @@ if(isset($_POST['edit_login'])){
mysqli_query($mysqli,"UPDATE logins SET login_description = '$description', login_web_link = '$web_link', login_username = '$username', login_password = '$password', login_note = '$note', login_updated_at = NOW(), vendor_id = $vendor_id, asset_id = $asset_id, software_id = $software_id WHERE login_id = $login_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modified', log_description = '$description', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Login updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2642,6 +2920,9 @@ if(isset($_GET['delete_login'])){
mysqli_query($mysqli,"DELETE FROM logins WHERE login_id = $login_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Deleted', log_description = '$login_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Login deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2668,6 +2949,9 @@ if(isset($_POST['add_file'])){
mysqli_query($mysqli,"INSERT INTO files SET file_name = '$path', file_ext = '$ext', file_created_at = NOW(), client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Uploaded', log_description = '$path', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "File uploaded";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2685,6 +2969,9 @@ if(isset($_GET['delete_file'])){
mysqli_query($mysqli,"DELETE FROM files WHERE file_id = $file_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Deleted', log_description = '$file_name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "File deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2699,6 +2986,9 @@ if(isset($_POST['add_note'])){
mysqli_query($mysqli,"INSERT INTO notes SET note_subject = '$subject', note_body = '$note', note_created_at = NOW(), client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Note', log_action = 'Created', log_description = '$subject', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Note added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2713,6 +3003,9 @@ if(isset($_POST['edit_note'])){
mysqli_query($mysqli,"UPDATE notes SET note_subject = '$subject', note_body = '$note', note_updated_at = NOW() WHERE note_id = $note_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Note', log_action = 'Modified', log_description = '$subject', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Note updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2724,6 +3017,9 @@ if(isset($_GET['delete_note'])){
mysqli_query($mysqli,"DELETE FROM notes WHERE note_id = $note_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Note', log_action = 'Deleted', log_description = '$note_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Note deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2741,6 +3037,9 @@ if(isset($_POST['add_network'])){
mysqli_query($mysqli,"INSERT INTO networks SET network_name = '$name', network = '$network', network_gateway = '$gateway', network_dhcp_range = '$dhcp_range', network_created_at = NOW(), location_id = $location_id, client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Network added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2758,6 +3057,9 @@ if(isset($_POST['edit_network'])){
mysqli_query($mysqli,"UPDATE networks SET network_name = '$name', network = '$network', network_gateway = '$gateway', network_dhcp_range = '$dhcp_range', network_updated_at = NOW(), location_id = $location_id WHERE network_id = $network_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Modifed', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Network updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2769,6 +3071,9 @@ if(isset($_GET['delete_network'])){
mysqli_query($mysqli,"DELETE FROM networks WHERE network_id = $network_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Network', log_action = 'Deleted', log_description = '$network_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Network deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2788,6 +3093,9 @@ if(isset($_POST['add_domain'])){
mysqli_query($mysqli,"INSERT INTO domains SET domain_name = '$name', domain_registrar = $registrar, domain_webhost = $webhost, domain_expire = '$expire', domain_created_at = NOW(), client_id = $client_id, company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Domain added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2807,6 +3115,9 @@ if(isset($_POST['edit_domain'])){
mysqli_query($mysqli,"UPDATE domains SET domain_name = '$name', domain_registrar = $registrar, domain_webhost = $webhost, domain_expire = '$expire', domain_updated_at = NOW() WHERE domain_id = $domain_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Domain updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2818,6 +3129,9 @@ if(isset($_GET['delete_domain'])){
mysqli_query($mysqli,"DELETE FROM domains WHERE domain_id = $domain_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Deleted', log_description = '$domain_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Domain deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2842,6 +3156,9 @@ if(isset($_POST['add_software'])){
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Software added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2872,6 +3189,9 @@ if(isset($_POST['edit_software'])){
}
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Software updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -2883,6 +3203,9 @@ if(isset($_GET['delete_software'])){
mysqli_query($mysqli,"DELETE FROM software WHERE software_id = $software_id AND company_id = $session_company_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Software', log_action = 'Deleted', log_description = '$software_id', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Software deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -3004,6 +3327,9 @@ if(isset($_GET['force_recurring'])){
} //End Mail Try
} //End Recurring Invoices Loop
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Created', log_description = 'Recurring Forced to an Invoice', log_created_at = NOW(), company_id = $session_company_id, user_id = $session_user_id");
$_SESSION['alert_message'] = "Recurring Invoice Forced";
header("Location: " . $_SERVER["HTTP_REFERER"]);

101
settings-user.php
View File

@ -1,13 +1,102 @@
<?php include("header.php"); ?>
<?php
$sql_recent_logins = mysqli_query($mysqli,"SELECT * FROM logs
WHERE log_type = 'Login' AND log_action = 'Success' AND user_id = $session_user_id
ORDER BY log_id DESC LIMIT 5");
?>
<div class="card">
<div class="card-header bg-dark text-white">
<h6 class="float-left mt-1"><i class="fa fa-fw fa-lock mr-2"></i>Two Factor Authentication</h6>
<h6 class="float-left mt-1"><i class="fa fa-fw fa-cog mr-2"></i>User Settings</h6>
</div>
<div class="card-body">
<form class="p-3" action="post.php" method="post" autocomplete="off">
<div class="row">
<div class="col-md-4">
<h5 class="text-secondary">User Details</h5>
<?php
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="current_avatar_path" value="<?php echo $session_avatar; ?>">
<div class="modal-body bg-white">
<center class="mb-3">
<?php if(!empty($session_avatar)){ ?>
<img class="img-fluid rounded-circle" src="<?php echo $session_avatar; ?>" height="128" width="128">
<?php }else{ ?>
<span class="fa-stack fa-4x">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $initials; ?></span>
</span>
<?php } ?>
</center>
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Full Name" value="<?php echo $session_name; ?>" required>
</div>
</div>
<div class="form-group">
<label>Email <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
</div>
<input type="email" class="form-control" name="email" placeholder="Email Address" value="<?php echo $session_email; ?>" required>
</div>
</div>
<div class="form-group">
<label>Password <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" name="password" placeholder="Enter a password" value="<?php echo $password; ?>">
</div>
</div>
<div class="form-group">
<label>Avatar</label>
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
</div>
<button type="submit" name="edit_user" class="btn btn-primary mt-3"><i class="fa fa-fw fa-check"></i> Save</button>
</div>
</form>
</div>
<div class="col-md-8">
<h5 class="text-secondary">Recent Logins</h5>
<table class="table">
<tbody>
<?php
while($row = mysqli_fetch_array($sql_recent_logins)){
$log_id = $row['log_id'];
$log_description = $row['log_description'];
$log_created_at = $row['log_created_at'];
?>
<tr>
<td><i class="fa fa-fw fa-sign-in-alt text-secondary"></i> <?php echo $log_description; ?></td>
<td><i class="fa fa-fw fa-clock text-secondary"></i> <?php echo $log_created_at; ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
</div>
<form class="p-3" action="post.php" method="post" autocomplete="off">
<?php
require_once('rfc6238.php');
@ -16,7 +105,7 @@
if(!empty($session_token)){
//Generate QR Code based off the generated key
print sprintf('<img src="%s"/>',TokenAuth6238::getBarCodeUrl('','',$session_token,'PittPC-CRM'));
print sprintf('<img src="%s"/>',TokenAuth6238::getBarCodeUrl('','',$session_token,$config_company_name));
}
?>
@ -26,9 +115,9 @@
<hr>
<?php if(empty($session_token)){ ?>
<button type="submit" name="enable_2fa" class="btn btn-primary">Enable 2FA</button>
<button type="submit" name="enable_2fa" class="btn btn-primary"><i class="fa fa-fw fa-lock"></i> Enable 2FA</button>
<?php }else{ ?>
<button type="submit" name="disable_2fa" class="btn btn-danger">Disable 2FA</button>
<button type="submit" name="disable_2fa" class="btn btn-danger"><i class="fa fa-fw fa-unlock"></i> Disable 2FA</button>
<?php } ?>
</form>