Correct typos

SECURITY.md

@@ -20,7 +20,7 @@ ITFlow is in Beta.
 
 **Please do not report security vulnerabilities through public GitHub issues.**
 
-If you have discovered a security issue, please report it to us in as much detail as possible so we can fix it. 
+If you have discovered a security issue, please report it to us in as much detail as possible, so we can fix it. 
 You should expect to receive an initial acknowledgement within 72 hours. If you do not, please get in touch discretely via GitHub issues/Forum/Discord to ensure we received your e-mail.
 
 Security contact:

check_login.php

@@ -71,7 +71,7 @@ $session_company_currency = $row['company_currency'];
 
 include("get_settings.php");
 
-//Detects if using an apple device and uses apple maps instead of google
+//Detects if using an Apple device and uses Apple Maps instead of google
 $iPod = stripos($_SERVER['HTTP_USER_AGENT'],"iPod");
 $iPhone = stripos($_SERVER['HTTP_USER_AGENT'],"iPhone");
 $iPad = stripos($_SERVER['HTTP_USER_AGENT'],"iPad");

client_delete_modal.php

@@ -16,7 +16,7 @@
       	<div class="mb-4" style="text-align: center;">
       		<i class="far fa-10x fa-times-circle text-danger mb-3 mt-3"></i>
       		<h2>Are you sure?</h2>
-          <h6 class="mb-4 text-secondary">Do you really want to <b>delete <?php echo $client_name; ?></b> and all associated data including financial data, logs, shared links etc? This process cannot be undone.</h6>
+          <h6 class="mb-4 text-secondary">Do you really want to <b>delete <?php echo $client_name; ?></b> and all associated data including financial data, logs, shared links etc.? This process cannot be undone.</h6>
           <div class="form-group">
             <input type="hidden" id="clientName<?php echo $client_id ?>" value="<?php echo $client_name; ?>">
             <input class="form-control" type="text" id="clientNameProvided<?php echo $client_id ?>" onkeyup="validateClientNameDelete(<?php echo $client_id ?>)" placeholder="Please enter: '<?php echo $client_name; ?>'">

cron.php

@@ -254,7 +254,7 @@ while ($row = mysqli_fetch_array($sql_companies)) {
 
     }
 
-    //Send Recurring Invoices that match todays date and are active
+    //Send Recurring Invoices that match today's date and are active
 
     //Loop through all recurring that match today's date and is active
     $sql_recurring = mysqli_query($mysqli,"SELECT * FROM recurring LEFT JOIN clients ON client_id = recurring_client_id WHERE recurring_next_date = CURDATE() AND recurring_status = 1 AND recurring.company_id = $company_id");

dashboard_financial.php

@@ -39,7 +39,7 @@ $largest_income_month = 0;
 $sql_total_payments_to_invoices = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_payments_to_invoices FROM payments WHERE YEAR(payment_date) = $year AND company_id = $session_company_id");
 $row = mysqli_fetch_array($sql_total_payments_to_invoices);
 $total_payments_to_invoices = $row['total_payments_to_invoices'];
-//Do not grab transfer payment as these have an category_id of 0
+//Do not grab transfer payment as these have a category_id of 0
 $sql_total_revenues = mysqli_query($mysqli,"SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE YEAR(revenue_date) = $year AND revenue_category_id > 0 AND company_id = $session_company_id");
 $row = mysqli_fetch_array($sql_total_revenues);
 $total_revenues = $row['total_revenues'];

database_updates.php

@@ -243,7 +243,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
 
   if (CURRENT_DATABASE_VERSION == '0.1.1') {
     // Insert queries here required to update to DB version 0.1.2
-    // Create Many to Many Relationship tables for Assets, Contacts, Software and Vendors
+    // Create Many-to-Many Relationship tables for Assets, Contacts, Software and Vendors
 
     mysqli_query($mysqli, "CREATE TABLE `asset_documents` (`asset_id` int(11) NOT NULL,`document_id` int(11) NOT NULL, PRIMARY KEY (`asset_id`,`document_id`))");
     mysqli_query($mysqli, "CREATE TABLE `asset_logins` (`asset_id` int(11) NOT NULL,`login_id` int(11) NOT NULL, PRIMARY KEY (`asset_id`,`login_id`))");

functions.php

@@ -160,7 +160,7 @@ function get_device() {
   }
   if (strpos(strtolower(get_user_agent()),'opera mini') > 0) {
     $mobile_browser++;
-    //Check for tablets on opera mini alternative headers
+    //Check for tablets on Opera Mini alternative headers
     $stock_ua = strtolower(isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])?$_SERVER['HTTP_X_OPERAMINI_PHONE_UA']:(isset($_SERVER['HTTP_DEVICE_STOCK_UA'])?$_SERVER['HTTP_DEVICE_STOCK_UA']:''));
     if (preg_match('/(tablet|ipad|playbook)|(android(?!.*mobile))/i', $stock_ua)) {
       $tablet_browser++;
@@ -290,7 +290,7 @@ function decryptUserSpecificKey($user_encryption_ciphertext, $user_password) {
 /*
 Generates what is probably best described as a session key (ephemeral-ish)
 - Allows us to store the master key on the server whilst the user is using the application, without prompting to type their password everytime they want to decrypt a credential
-- Ciphertext/IV is stored on the server in the users session, encryption key is controlled/provided by the user as a cookie
+- Ciphertext/IV is stored on the server in the users' session, encryption key is controlled/provided by the user as a cookie
 - Only the user can decrypt their session ciphertext to get the master key
 - Encryption key never hits the disk in cleartext
 */
@@ -541,7 +541,7 @@ function sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_
   }
 
   catch(Exception $e) {
-    // If we couldn't send the message return the error so we can log it
+    // If we couldn't send the message return the error, so we can log it
     return "Message not sent. Mailer Error: {$mail->ErrorInfo}";
   }
 }

login.php

@@ -78,7 +78,7 @@ if (isset($_POST['login'])) {
                     // Note: Browsers don't accept cookies with SameSite None if they are not HTTPS.
                     setcookie("user_extension_key", "$row[user_extension_key]", ['path' => '/', 'secure' => true, 'httponly' => true, 'samesite' => 'None']);
 
-                    // Set PHP session in DB so we can access the session encryption data (above)
+                    // Set PHP session in DB, so we can access the session encryption data (above)
                     $user_php_session = session_id();
                     mysqli_query($mysqli, "UPDATE users SET user_php_session = '$user_php_session' WHERE user_id = '$user_id'");
                 }

portal/login_microsoft.php

@@ -30,7 +30,7 @@ $auth_code_url = "https://login.microsoftonline.com/organizations/oauth2/v2.0/au
 $token_grant_url = "https://login.microsoftonline.com/organizations/oauth2/v2.0/token";
 
 // Initial Login Request, via Microsoft
-// Returns a authorization code if login was successful
+// Returns an authorization code if login was successful
 if ($_SERVER['REQUEST_METHOD'] == "GET") {
 
     $params = array (
@@ -45,7 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
 
 }
 
-// Login was successful, Microsoft has returned us a authorization code via POST
+// Login was successful, Microsoft has returned us an authorization code via POST
 // Request an access token using authorization code (& client secret) (server side)
 if (isset($_POST['code']) && $_POST['state'] == session_id()) {
 

rfc6238.php

@@ -118,7 +118,7 @@
 
       if ($debug)  {
         print "Prior to HMAC calculation pad with zero on the left until 8 characters.<br/>";
-        print "Calculate sha1 HMAC(Hash-based Message Authentication Code http://en.wikipedia.org/wiki/HMAC).<br/>";
+        print "Calculate sha1 HMAC(Hash-based Message Authentication Code https://en.wikipedia.org/wiki/HMAC).<br/>";
         print "hash_hmac ('sha1', $binary, $key)<br/>";
       }
 			$result = hash_hmac ('sha1', $binary, $key);