AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-09 15:24:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed Guest Accept or Decline Quote through guest URL, add correct bage color for Accepted quotes

Browse Source
This commit is contained in:
johnnyq
2022-02-21 19:12:17 -05:00
parent e6167ffaa3
commit dc68eda592
4 changed files with 35 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
guest_header.php
View File

@@ -3,6 +3,8 @@
include("config.php"); include("config.php");
include("functions.php"); include("functions.php");
session_start();
$ip = trim(strip_tags(mysqli_real_escape_string($mysqli,get_ip()))); $ip = trim(strip_tags(mysqli_real_escape_string($mysqli,get_ip())));
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT'])); $user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
@@ -39,4 +41,23 @@ $user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_A
<!-- Main content --> <!-- Main content -->
<div class="content"> <div class="content">
<div class="container"> <div class="container">
<?php
//Alert Feedback
if(!empty($_SESSION['alert_message'])){
if (!isset($_SESSION['alert_type'])){
$_SESSION['alert_type'] = "info";
}
?>
<div class="alert alert-<?php echo $_SESSION['alert_type']; ?>" id="alert">
<?php echo $_SESSION['alert_message']; ?>
<button class='close' data-dismiss='alert'>&times;</button>
</div>
<?php
unset($_SESSION['alert_type']);
unset($_SESSION['alert_message']);
}
?>

19
guest_post.php
View File

@@ -3,15 +3,15 @@
include("config.php"); include("config.php");
include("functions.php"); include("functions.php");
if(isset($_GET['accept_quote'], $_GET['url_key'])){ session_start();
if(isset($_GET['accept_quote'], $_GET['company_id'], $_GET['url_key'])){
$quote_id = intval($_GET['accept_quote']); $quote_id = intval($_GET['accept_quote']);
$company_id = intval($_GET['company_id']);
$url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']); $url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']);
$sql = mysqli_query($mysqli,"SELECT * FROM quotes $sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND company_id = $company_id");
WHERE quote_id = $quote_id
AND quote_url_key = '$url_key'"
);
if(mysqli_num_rows($sql) == 1){ if(mysqli_num_rows($sql) == 1){
@@ -28,15 +28,13 @@ if(isset($_GET['accept_quote'], $_GET['url_key'])){
} }
if(isset($_GET['decline_quote'], $_GET['url_key'])){ if(isset($_GET['decline_quote'], $_GET['company_id'], $_GET['url_key'])){
$quote_id = intval($_GET['decline_quote']); $quote_id = intval($_GET['decline_quote']);
$company_id = intval($_GET['company_id']);
$url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']); $url_key = mysqli_real_escape_string($mysqli,$_GET['url_key']);
$sql = mysqli_query($mysqli,"SELECT * FROM quotes $sql = mysqli_query($mysqli,"SELECT * FROM quotes WHERE quote_id = $quote_id AND quote_url_key = '$url_key' AND quote_url_key = '$url_key' AND company_id = $company_id");
WHERE quote_id = $quote_id
AND quote_url_key = '$url_key'"
);
if(mysqli_num_rows($sql) == 1){ if(mysqli_num_rows($sql) == 1){
@@ -44,6 +42,7 @@ if(isset($_GET['decline_quote'], $_GET['url_key'])){
mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Declined', history_description = 'Client declined Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id"); mysqli_query($mysqli,"INSERT INTO history SET history_date = CURDATE(), history_status = 'Declined', history_description = 'Client declined Quote!', history_created_at = NOW(), history_quote_id = $quote_id, company_id = $company_id");
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Quote Declined"; $_SESSION['alert_message'] = "Quote Declined";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);

4
guest_view_quote.php
View File

@@ -88,8 +88,8 @@ if(isset($_GET['quote_id'], $_GET['url_key'])){
<?php <?php
if($quote_status == "Draft" or $quote_status == "Sent" or $quote_status == "Viewed"){ if($quote_status == "Draft" or $quote_status == "Sent" or $quote_status == "Viewed"){
?> ?>
<a class="btn btn-success" href="guest_post.php?accept_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-check"></i> Accept</a> <a class="btn btn-success" href="guest_post.php?accept_quote=<?php echo $quote_id; ?>&company_id=<?php echo $company_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-check"></i> Accept</a>
<a class="btn btn-danger" href="guest_post.php?decline_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-times"></i> Decline</a> <a class="btn btn-danger" href="guest_post.php?decline_quote=<?php echo $quote_id; ?>&company_id=<?php echo $company_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-times"></i> Decline</a>
<?php } ?> <?php } ?>
</div> </div>

4
quotes.php
View File

@@ -193,9 +193,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
$quote_badge_color = "warning text-white"; $quote_badge_color = "warning text-white";
}elseif($quote_status == "Viewed"){ }elseif($quote_status == "Viewed"){
$quote_badge_color = "primary"; $quote_badge_color = "primary";
}elseif($quote_status == "Approved"){ }elseif($quote_status == "Accepted"){
$quote_badge_color = "success"; $quote_badge_color = "success";
}elseif($quote_status == "Rejected"){ }elseif($quote_status == "Declined"){
$quote_badge_color = "danger"; $quote_badge_color = "danger";
}elseif($quote_status == "Invoiced"){ }elseif($quote_status == "Invoiced"){
$quote_badge_color = "info"; $quote_badge_color = "info";