mirror of https://github.com/itflow-org/itflow
Updated Share Model to have an Expire selection instead of selecting a date and time, also share link will now email a chosen contact that has a valid email with the secure link, along with notifications when link is clicked. The Link now adds the https:// in the beginning for easy copy paste
This commit is contained in:
johnnyq
parent
29dd0f6dee
commit
d3281ecd18
27
ajax.php
27
ajax.php
|
|
@ -230,6 +230,7 @@ if (isset($_GET['share_generate_link'])) {
|
|||
$client_id = intval($_GET['client_id']);
|
||||
$item_type = sanitizeInput($_GET['type']);
|
||||
$item_id = intval($_GET['id']);
|
||||
$item_email = sanitizeInput($_GET['contact_email']);
|
||||
$item_note = sanitizeInput($_GET['note']);
|
||||
$item_view_limit = intval($_GET['views']);
|
||||
$item_expires = sanitizeInput($_GET['expires']);
|
||||
|
|
@ -266,18 +267,38 @@ if (isset($_GET['share_generate_link'])) {
|
|||
}
|
||||
|
||||
// Insert entry into DB
|
||||
$sql = mysqli_query($mysqli, "INSERT INTO shared_items SET item_active = 1, item_key = '$item_key', item_type = '$item_type', item_related_id = $item_id, item_encrypted_username = '$item_encrypted_username', item_encrypted_credential = '$item_encrypted_credential', item_note = '$item_note', item_views = 0, item_view_limit = $item_view_limit, item_expire_at = '$item_expires', item_client_id = $client_id");
|
||||
$sql = mysqli_query($mysqli, "INSERT INTO shared_items SET item_active = 1, item_key = '$item_key', item_type = '$item_type', item_related_id = $item_id, item_encrypted_username = '$item_encrypted_username', item_encrypted_credential = '$item_encrypted_credential', item_note = '$item_note', item_views = 0, item_view_limit = $item_view_limit, item_expire_at = NOW() + INTERVAL + $item_expires, item_client_id = $client_id");
|
||||
$share_id = $mysqli->insert_id;
|
||||
|
||||
// Return URL
|
||||
if ($item_type == "Login") {
|
||||
$url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
|
||||
$url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
|
||||
}
|
||||
else {
|
||||
$url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
|
||||
$url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
|
||||
}
|
||||
|
||||
// Send user e-mail, if specified
|
||||
if(!empty($config_smtp_host) && filter_var($item_email, FILTER_VALIDATE_EMAIL)){
|
||||
|
||||
$subject = "Time sensitive encrypted link enclosed";
|
||||
$body = "Hello,<br><br>$session_name from $session_company_name sent you a time sensitive encrypted link which will expire in <strong>$item_expires</strong> and may only be viewed <strong>$item_view_limit</strong> times, before the link is destroyed. The sender will recieved a notification when the link is viewed. Please click the link below to view your shared secret<br><br><strong><a href='$url'>Click Here</a></strong><br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email";
|
||||
|
||||
$mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
|
||||
$config_ticket_from_email, $config_ticket_from_name,
|
||||
$item_email, $item_email,
|
||||
$subject, $body);
|
||||
|
||||
if ($mail !== true) {
|
||||
mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $item_email'");
|
||||
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $item_email regarding $subject. $item_mail', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
echo json_encode($url);
|
||||
|
||||
|
||||
// Logging
|
||||
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Sharing', log_action = 'Create', log_description = '$session_name created shared link for $item_type - $item_name', log_client_id = $client_id, log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
|
||||
|
||||
|
|
|
|||
|
|
@ -21,13 +21,14 @@ function generateShareLink() {
|
|||
let item_note = document.getElementById("share_note").value;
|
||||
let item_views = document.getElementById("share_views").value;
|
||||
let item_expires = document.getElementById("share_expires").value;
|
||||
let contact_email = document.getElementById("share_email").value;
|
||||
|
||||
// Check values are provided
|
||||
if (item_views && item_expires && item_note) {
|
||||
// Send a GET request to ajax.php as ajax.php?share_generate_link=true....
|
||||
jQuery.get(
|
||||
"ajax.php",
|
||||
{share_generate_link: 'true', client_id: client_id, type: item_type, id: item_ref_id, note: item_note ,views: item_views, expires: item_expires},
|
||||
{share_generate_link: 'true', client_id: client_id, type: item_type, id: item_ref_id, note: item_note ,views: item_views, expires: item_expires, contact_email},
|
||||
function(data) {
|
||||
|
||||
// If we get a response from ajax.php, parse it as JSON
|
||||
|
|
|
|||
|
|
@ -32,16 +32,43 @@
|
|||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
|
||||
</div>
|
||||
<input type="datetime-local" class="form-control" name="expires" id="share_expires" required>
|
||||
<select class="form-control" name="expires" id="share_expires" required>
|
||||
<option value="30 MINUTE">30 Minutes</option>
|
||||
<option value="24 HOUR">24 Hours (1 Day)</option>
|
||||
<option value="72 HOUR">72 Hours (3 Days)</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<textarea class="form-control" rows="4" name="note" id="share_note" placeholder="Client visible note (required)" required></textarea>
|
||||
<label>Share with</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
|
||||
</div>
|
||||
<select class="form-control" name="contact_email" id="share_email">
|
||||
<option value="">-Select a contact-</option>
|
||||
<?php
|
||||
|
||||
$sql_client_contacts_select = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id AND contact_email <> '' ORDER BY contact_name ASC");
|
||||
while ($row = mysqli_fetch_array($sql_client_contacts_select)) {
|
||||
$contact_id_select = intval($row['contact_id']);
|
||||
$contact_name_select = nullable_htmlentities($row['contact_name']);
|
||||
$contact_email_select = nullable_htmlentities($row['contact_email']);
|
||||
?>
|
||||
<option value="<?php echo $contact_email_select; ?>"><?php echo "$contact_name_select - $contact_email_select"; ?></option>
|
||||
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<p><i>Note: Logins are shared "as is" and will not update</i></p>
|
||||
<div class="form-group">
|
||||
<textarea class="form-control" rows="4" name="note" id="share_note" placeholder="Client visible note"></textarea>
|
||||
</div>
|
||||
|
||||
<hr>
|
||||
|
||||
|
|
@ -55,7 +82,7 @@
|
|||
</div>
|
||||
|
||||
<div class="modal-footer bg-white">
|
||||
<button type="button" id="div_share_link_generate" class="btn btn-primary text-bold" onclick="event.preventDefault(); generateShareLink()"><i class="fas fa-check mr-2"></i>Generate</button>
|
||||
<button type="button" id="div_share_link_generate" class="btn btn-primary text-bold" onclick="event.preventDefault(); generateShareLink()"><i class="fas fa-paper-plane mr-2"></i>Send and Show Link</button>
|
||||
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
|
||||
</div>
|
||||
</form>
|
||||
|
|
|
|||
Loading…
Reference in New Issue