From e300907e327bfc0749a0b6d137a46fb208f52132 Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Tue, 21 Feb 2023 01:29:04 -0500
Subject: [PATCH] More UI Work, santizeInput conv

---
 categories.php                    | 22 ++++++----
 category_add_modal.php            |  8 ++--
 category_edit_modal.php           |  8 ++--
 client_asset_add_modal.php        | 16 +++----
 client_asset_copy_modal.php       | 14 +++----
 client_asset_documents_modal.php  |  6 +--
 client_asset_edit_modal.php       | 14 +++----
 client_asset_import_modal.php     |  4 +-
 client_asset_tickets_modal.php    | 10 ++---
 client_assets.php                 | 70 ++++++++++++++++++-------------
 client_certificate_add_modal.php  |  6 +--
 client_certificate_edit_modal.php |  6 +--
 client_certificates.php           | 12 +++---
 client_contact_add_modal.php      | 16 +++----
 client_contact_edit_modal.php     | 16 +++----
 client_contact_import_modal.php   |  2 +-
 client_contact_invite_modal.php   |  6 +--
 client_contacts.php               | 54 ++++++++++++++----------
 18 files changed, 158 insertions(+), 132 deletions(-)

diff --git a/categories.php b/categories.php
index a20bc85c..969ea761 100644
--- a/categories.php
+++ b/categories.php
@@ -3,13 +3,13 @@
 require_once("inc_all_settings.php");
 
 if (isset($_GET['category'])) {
-    $category = strip_tags(mysqli_real_escape_string($mysqli, $_GET['category']));
+    $category = sanitizeInput($_GET['category']);
 } else {
     $category = "Expense";
 }
 
 if (!empty($_GET['sb'])) {
-    $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
+    $sb = sanitizeInput($_GET['sb']);
 } else {
     $sb = "category_name";
 }
@@ -48,9 +48,9 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
 
     <div class="card card-dark">
         <div class="card-header py-2">
-            <h3 class="card-title mt-2"><i class="fa fa-fw fa-list"></i> <?php echo htmlentities($category); ?> Categories</h3>
+            <h3 class="card-title mt-2"><i class="fa fa-fw fa-list mr-2"></i><?php echo htmlentities($category); ?> Categories</h3>
             <div class="card-tools">
-                <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCategoryModal"><i class="fas fa-fw fa-plus"></i> New</button>
+                <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCategoryModal"><i class="fas fa-plus mr-2"></i>New</button>
             </div>
         </div>
         <div class="card-body">
@@ -59,7 +59,7 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
                 <div class="row">
                     <div class="col-sm-4 mb-2">
                         <div class="input-group">
-                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Categories">
+                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Categories">
                             <div class="input-group-append">
                                 <button class="btn btn-primary"><i class="fa fa-search"></i></button>
                             </div>
@@ -89,14 +89,14 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
                     <?php
 
                     while ($row = mysqli_fetch_array($sql)) {
-                        $category_id = $row['category_id'];
+                        $category_id = intval($row['category_id']);
                         $category_name = htmlentities($row['category_name']);
                         $category_color = htmlentities($row['category_color']);
                         //$colors_used_array[] = $row['category_color'];
 
                         ?>
                         <tr>
-                            <td><a class="text-dark" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>"><?php echo "$category_name"; ?></a></td>
+                            <td><a class="text-dark" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>"><?php echo $category_name; ?></a></td>
                             <td><i class="fa fa-3x fa-circle" style="color:<?php echo $category_color; ?>;"></i></td>
                             <td>
                                 <div class="dropdown dropleft text-center">
@@ -104,9 +104,13 @@ $colors_diff = array_diff($colors_array, $colors_used_array);
                                         <i class="fas fa-ellipsis-h"></i>
                                     </button>
                                     <div class="dropdown-menu">
-                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>">Edit</a>
+                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editCategoryModal<?php echo $category_id; ?>">
+                                            <i class="fas fa-fw fa-edit mr-2"></i>Edit
+                                        </a>
                                         <div class="dropdown-divider"></div>
-                                        <a class="dropdown-item text-danger" href="post.php?archive_category=<?php echo $category_id; ?>">Archive</a>
+                                        <a class="dropdown-item text-danger" href="post.php?archive_category=<?php echo $category_id; ?>">
+                                            <i class="fas fa-fw fa-archive mr-2"></i>Archive
+                                        </a>
                                     </div>
                                 </div>
                             </td>
diff --git a/category_add_modal.php b/category_add_modal.php
index 82341c32..d99eb0b4 100644
--- a/category_add_modal.php
+++ b/category_add_modal.php
@@ -2,13 +2,13 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-list"></i> New <?php echo $category; ?> Category</h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-list mr-2"></i>New <?php echo htmlentities($category); ?> Category</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
             </div>
             <form action="post.php" method="post" autocomplete="off">
-                <input type="hidden" name="type" value="<?php echo $category; ?>">
+                <input type="hidden" name="type" value="<?php echo htmlentities($category); ?>">
 
                 <div class="modal-body bg-white">
 
@@ -38,8 +38,8 @@
 
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
+                    <button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/category_edit_modal.php b/category_edit_modal.php
index c8d34098..5a8fd17e 100644
--- a/category_edit_modal.php
+++ b/category_edit_modal.php
@@ -2,14 +2,14 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-list"></i> Editing category: <strong><?php echo $category_name; ?></strong></h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-list mr-2"></i>Editing category: <strong><?php echo $category_name; ?></strong></h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
             </div>
             <form action="post.php" method="post" autocomplete="off">
                 <input type="hidden" name="category_id" value="<?php echo $category_id; ?>">
-                <input type="hidden" name="type" value="<?php echo $category; ?>">
+                <input type="hidden" name="type" value="<?php echo htmlentities($category); ?>">
                 <div class="modal-body bg-white">
 
                     <div class="form-group">
@@ -45,8 +45,8 @@
 
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
+                    <button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_asset_add_modal.php b/client_asset_add_modal.php
index 0031f630..39b7d455 100644
--- a/client_asset_add_modal.php
+++ b/client_asset_add_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-desktop"></i> New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags($_GET['type'])); }else{ echo "Asset"; } ?></h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-desktop mr-2"></i>New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags($_GET['type'])); }else{ echo "Asset"; } ?></h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -66,7 +66,7 @@
                             <?php //Do not display Make Model or Serial if Virtual is selected
                             if ($_GET['type'] !== 'virtual') { ?>
                                 <div class="form-group">
-                                    <label>Make </label>
+                                    <label>Make</label>
                                     <div class="input-group">
                                         <div class="input-group-prepend">
                                             <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
@@ -124,7 +124,7 @@
 
                                         $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
                                         while ($row = mysqli_fetch_array($sql)) {
-                                            $location_id = $row['location_id'];
+                                            $location_id = intval($row['location_id']);
                                             $location_name = htmlentities($row['location_name']);
                                             ?>
                                             <option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
@@ -147,7 +147,7 @@
 
                                             $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
                                             while ($row = mysqli_fetch_array($sql)) {
-                                                $contact_id = $row['contact_id'];
+                                                $contact_id = intval($row['contact_id']);
                                                 $contact_name = htmlentities($row['contact_name']);
                                                 ?>
                                                 <option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
@@ -186,7 +186,7 @@
 
                                         $sql = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
                                         while ($row = mysqli_fetch_array($sql)) {
-                                            $network_id = $row['network_id'];
+                                            $network_id = intval($row['network_id']);
                                             $network_name = htmlentities($row['network_name']);
                                             $network = htmlentities($row['network']);
 
@@ -234,7 +234,7 @@
 
                                         $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
                                         while ($row = mysqli_fetch_array($sql)) {
-                                            $vendor_id = $row['vendor_id'];
+                                            $vendor_id = intval($row['vendor_id']);
                                             $vendor_name = htmlentities($row['vendor_name']);
                                             ?>
                                             <option value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
@@ -312,8 +312,8 @@
                     </div>
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
+                    <button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_asset_copy_modal.php b/client_asset_copy_modal.php
index b39623fa..7f322248 100644
--- a/client_asset_copy_modal.php
+++ b/client_asset_copy_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?>"></i> Copying asset: <strong><?php echo $asset_name; ?></strong></h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i>Copying asset: <strong><?php echo $asset_name; ?></strong></h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -121,7 +121,7 @@
 
                                         $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
                                         while ($row = mysqli_fetch_array($sql_locations)) {
-                                            $location_id_select = $row['location_id'];
+                                            $location_id_select = intval($row['location_id']);
                                             $location_name_select = htmlentities($row['location_name']);
                                             ?>
                                             <option <?php if ($asset_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
@@ -144,7 +144,7 @@
 
                                             $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_archived_at IS NULL AND contact_client_id = $client_id ORDER BY contact_name ASC");
                                             while ($row = mysqli_fetch_array($sql_contacts)) {
-                                                $contact_id = $row['contact_id'];
+                                                $contact_id = intval($row['contact_id']);
                                                 $contact_name = htmlentities($row['contact_name']);
                                                 ?>
                                                 <option value="<?php echo $contact_id; ?>"><?php echo $contact_name; ?></option>
@@ -181,7 +181,7 @@
 
                                         $sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
                                         while ($row = mysqli_fetch_array($sql_networks)) {
-                                            $network_id_select = $row['network_id'];
+                                            $network_id_select = intval($row['network_id']);
                                             $network_name_select = htmlentities($row['network_name']);
                                             $network_select = htmlentities($row['network']);
 
@@ -229,7 +229,7 @@
 
                                         $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id  AND vendor_template = 0 ORDER BY vendor_name ASC");
                                         while ($row = mysqli_fetch_array($sql_vendors)) {
-                                            $vendor_id_select = $row['vendor_id'];
+                                            $vendor_id_select = intval($row['vendor_id']);
                                             $vendor_name_select = htmlentities($row['vendor_name']);
                                             ?>
                                             <option <?php if ($asset_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
@@ -308,8 +308,8 @@
                     </div>
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Copy</button>
+                    <button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Copy</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_asset_documents_modal.php b/client_asset_documents_modal.php
index 6abe904b..1c6e5829 100644
--- a/client_asset_documents_modal.php
+++ b/client_asset_documents_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog modal-lg">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?>"></i> <?php echo $asset_name; ?> Documents</h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i><?php echo $asset_name; ?> Documents</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -11,7 +11,7 @@
             <div class="modal-body bg-white">
                 <?php
                 while ($row = mysqli_fetch_array($sql_related_documents)) {
-                    $related_document_id = $row['document_id'];
+                    $related_document_id = intval($row['document_id']);
                     $related_document_name = htmlentities($row['document_name']);
                     ?>
                     <p>
@@ -21,7 +21,7 @@
                 <?php } ?>
             </div>
             <div class="modal-footer bg-white">
-                <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
+                <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
             </div>
 
         </div>
diff --git a/client_asset_edit_modal.php b/client_asset_edit_modal.php
index 74ab4a28..ee575ba9 100644
--- a/client_asset_edit_modal.php
+++ b/client_asset_edit_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?>"></i> Editing asset: <strong><?php echo $asset_name; ?></strong></h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i>Editing asset: <strong><?php echo $asset_name; ?></strong></h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -123,7 +123,7 @@
 
                                         $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC");
                                         while ($row = mysqli_fetch_array($sql_locations)) {
-                                            $location_id_select = $row['location_id'];
+                                            $location_id_select = intval($row['location_id']);
                                             $location_name_select = htmlentities($row['location_name']);
                                             ?>
                                             <option <?php if ($asset_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
@@ -145,7 +145,7 @@
 
                                         $sql_contacts = mysqli_query($mysqli, "SELECT * FROM contacts WHERE (contact_archived_at > '$asset_created_at' OR contact_archived_at IS NULL) AND contact_client_id = $client_id ORDER BY contact_name ASC");
                                         while ($row = mysqli_fetch_array($sql_contacts)) {
-                                            $contact_id_select = $row['contact_id'];
+                                            $contact_id_select = intval($row['contact_id']);
                                             $contact_name_select = htmlentities($row['contact_name']);
                                             ?>
                                             <option <?php if ($asset_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>">
@@ -183,7 +183,7 @@
 
                                         $sql_networks = mysqli_query($mysqli, "SELECT * FROM networks WHERE (network_archived_at > '$asset_created_at' OR network_archived_at IS NULL) AND network_client_id = $client_id ORDER BY network_name ASC");
                                         while ($row = mysqli_fetch_array($sql_networks)) {
-                                            $network_id_select = $row['network_id'];
+                                            $network_id_select = intval($row['network_id']);
                                             $network_name_select = htmlentities($row['network_name']);
                                             $network_select = htmlentities($row['network']);
 
@@ -231,7 +231,7 @@
 
                                         $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$asset_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
                                         while ($row = mysqli_fetch_array($sql_vendors)) {
-                                            $vendor_id_select = $row['vendor_id'];
+                                            $vendor_id_select = intval($row['vendor_id']);
                                             $vendor_name_select = htmlentities($row['vendor_name']);
                                             ?>
                                             <option <?php if ($asset_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
@@ -310,8 +310,8 @@
                     </div>
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="edit_asset" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Save</button>
+                    <button type="submit" name="edit_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_asset_import_modal.php b/client_asset_import_modal.php
index 81ce6148..55fb1d6a 100644
--- a/client_asset_import_modal.php
+++ b/client_asset_import_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-desktop"></i> Import Assets</h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-desktop mr-2"></i>Import Assets</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -19,7 +19,7 @@
                     <div>Download <a href="post.php?download_client_assets_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="submit" name="import_client_assets_csv" class="btn btn-primary">Import</button>
+                    <button type="submit" name="import_client_assets_csv" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Import</button>
                 </div>
             </form>
         </div>
diff --git a/client_asset_tickets_modal.php b/client_asset_tickets_modal.php
index 05ccf2b3..d35f515f 100644
--- a/client_asset_tickets_modal.php
+++ b/client_asset_tickets_modal.php
@@ -12,13 +12,13 @@
                 <?php
                 // Query is run from client_assets.php
                 while ($row = mysqli_fetch_array($sql_tickets)) {
-                    $ticket_id = $row['ticket_id'];
+                    $ticket_id = intval($row['ticket_id']);
                     $ticket_prefix = htmlentities($row['ticket_prefix']);
-                    $ticket_number = htmlentities($row['ticket_number']);
+                    $ticket_number = intval($row['ticket_number']);
                     $ticket_subject = htmlentities($row['ticket_subject']);
                     $ticket_status = htmlentities($row['ticket_status']);
-                    $ticket_created_at = $row['ticket_created_at'];
-                    $ticket_updated_at = $row['ticket_updated_at'];
+                    $ticket_created_at = htmlentities($row['ticket_created_at']);
+                    $ticket_updated_at = htmlentities($row['ticket_updated_at']);
                     ?>
                     <p>
                         <i class="fas fa-fw fa-ticket-alt"></i>
@@ -27,7 +27,7 @@
                 <?php } ?>
             </div>
             <div class="modal-footer bg-white">
-                <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
+                <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
             </div>
 
         </div>
diff --git a/client_assets.php b/client_assets.php
index 4e889f87..15e3933b 100644
--- a/client_assets.php
+++ b/client_assets.php
@@ -4,34 +4,34 @@ require_once("inc_all_client.php");
 //Get Asset Counts
 //All Asset Count
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE asset_archived_at IS NULL AND asset_client_id = $client_id"));
-$all_count = $row['count'];
+$all_count = intval($row['count']);
 //Workstation Count
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'laptop' OR asset_type = 'desktop') 
   AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
-$workstation_count = $row['count'];
+$workstation_count = intval($row['count']);
 
 //Server Count
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'server') 
   AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
-$server_count = $row['count'];
+$server_count = intval($row['count']);
 
 //Virtual Server Count
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'virtual machine') 
   AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
-$virtual_count = $row['count'];
+$virtual_count = intval($row['count']);
 
 //Network Device Count
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type = 'Firewall/Router' OR asset_type = 'switch' OR asset_type = 'access point')
   AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
-$network_count = $row['count'];
+$network_count = intval($row['count']);
 
 //Other Count
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(*) AS count FROM assets WHERE (asset_type NOT LIKE 'laptop' AND asset_type NOT LIKE 'desktop' AND asset_type NOT LIKE 'server' AND asset_type NOT LIKE 'virtual machine' AND asset_type NOT LIKE 'firewall/router' AND asset_type NOT LIKE 'switch' AND asset_type NOT LIKE 'access point')
   AND asset_archived_at IS NULL AND asset_client_id = $client_id"));
-$other_count = $row['count'];
+$other_count = intval($row['count']);
 
 if (!empty($_GET['sb'])) {
-    $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
+    $sb = sanitizeInput($_GET['sb']);
 } else {
     $sb = "asset_name";
 }
@@ -74,20 +74,20 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
     <div class="card card-dark">
         <div class="card-header py-2">
-            <h3 class="card-title mt-2"><i class="fa fa-fw fa-desktop"></i> Assets</h3>
+            <h3 class="card-title mt-2"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</h3>
             <div class="card-tools">
-                <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetModal"><i class="fas fa-fw fa-plus"></i> New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags(htmlentities($_GET['type']))); } else { echo "Asset"; } ?></button>
+                <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetModal"><i class="fas fa-plus mr-2"></i>New <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags(htmlentities($_GET['type']))); } else { echo "Asset"; } ?></button>
             </div>
         </div>
         <div class="card-body">
             <form autocomplete="off">
                 <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
-                <input type="hidden" name="type" value="<?php echo strip_tags(htmlentities($_GET['type'])); ?>">
+                <input type="hidden" name="type" value="<?php echo stripslashes(htmlentities($_GET['type'])); ?>">
                 <div class="row">
 
                     <div class="col-md-4">
                         <div class="input-group mb-3 mb-md-0">
-                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search <?php if (!empty($_GET['type'])) { echo ucwords(strip_tags(htmlentities($_GET['type']))); } else { echo "Asset"; } ?>s">
+                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search <?php if (!empty($_GET['type'])) { echo ucwords(stripslashes(htmlentities($_GET['type']))); } else { echo "Asset"; } ?>s">
                             <div class="input-group-append">
                                 <button class="btn btn-dark"><i class="fa fa-search"></i></button>
                             </div>
@@ -160,7 +160,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                     <?php
 
                     while ($row = mysqli_fetch_array($sql)) {
-                        $asset_id = $row['asset_id'];
+                        $asset_id = intval($row['asset_id']);
                         $asset_type = htmlentities($row['asset_type']);
                         $asset_name = htmlentities($row['asset_name']);
                         $asset_make = htmlentities($row['asset_make']);
@@ -185,34 +185,34 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                         }
                         $asset_mac = htmlentities($row['asset_mac']);
                         $asset_status = htmlentities($row['asset_status']);
-                        $asset_purchase_date = $row['asset_purchase_date'];
-                        $asset_warranty_expire = $row['asset_warranty_expire'];
-                        $asset_install_date = $row['asset_install_date'];
+                        $asset_purchase_date = htmlentities($row['asset_purchase_date']);
+                        $asset_warranty_expire = htmlentities($row['asset_warranty_expire']);
+                        $asset_install_date = htmlentities($row['asset_install_date']);
                         if (empty($asset_install_date)) {
                             $asset_install_date_display = "-";
                         } else {
                             $asset_install_date_display = $asset_install_date;
                         }
                         $asset_notes = htmlentities($row['asset_notes']);
-                        $asset_created_at = $row['asset_created_at'];
-                        $asset_vendor_id = $row['asset_vendor_id'];
-                        $asset_location_id = $row['asset_location_id'];
-                        $asset_contact_id = $row['asset_contact_id'];
-                        $asset_network_id = $row['asset_network_id'];
+                        $asset_created_at = htmlentities($row['asset_created_at']);
+                        $asset_vendor_id = intval($row['asset_vendor_id']);
+                        $asset_location_id = intval($row['asset_location_id']);
+                        $asset_contact_id = intval($row['asset_contact_id']);
+                        $asset_network_id = intval($row['asset_network_id']);
 
                         $device_icon = getAssetIcon($asset_type);
 
-                        $contact_name = $row['contact_name'];
+                        $contact_name = htmlentities($row['contact_name']);
                         if (empty($contact_name)) {
                             $contact_name = "-";
                         }
 
-                        $location_name = $row['location_name'];
+                        $location_name = htmlentities($row['location_name']);
                         if (empty($location_name)) {
                             $location_name = "-";
                         }
 
-                        $login_id = $row['login_id'];
+                        $login_id = intval($row['login_id']);
                         $login_username = htmlentities(decryptLoginEntry($row['login_username']));
                         $login_password = htmlentities(decryptLoginEntry($row['login_password']));
 
@@ -302,18 +302,30 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                     <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"><i class="fas fa-ellipsis-h"></i></button>
                                     <div class="dropdown-menu">
                                         <a class="dropdown-item" href="#" data-toggle="modal" data-target="#addAssetInterfaceModal<?php echo $asset_id; ?>">Interfaces</a>
-                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">Edit</a>
-                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">Copy</a>
+                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetModal<?php echo $asset_id; ?>">
+                                            <i class="fas fa-fw fa-edit mr-2"></i>Edit
+                                        </a>
+                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#copyAssetModal<?php echo $asset_id; ?>">
+                                            <i class="fas fa-fw fa-copy mr-2"></i>Copy
+                                        </a>
                                         <?php if ($document_count > 0) { ?>
-                                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetDocumentsModal<?php echo $asset_id; ?>">Documents (<?php echo $document_count; ?>)</a>
+                                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetDocumentsModal<?php echo $asset_id; ?>">
+                                                <i class="fas fa-fw fa-document mr-2"></i>Documents (<?php echo $document_count; ?>)
+                                            </a>
                                         <?php } ?>
                                         <?php if ($ticket_count > 0) { ?>
-                                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetTicketsModal<?php echo $asset_id; ?>">Tickets (<?php echo $ticket_count; ?>)</a>
+                                            <a class="dropdown-item" href="#" data-toggle="modal" data-target="#assetTicketsModal<?php echo $asset_id; ?>">
+                                                <i class="fas fa-fw fa-life-ring mr-2"></i>Tickets (<?php echo $ticket_count; ?>)
+                                            </a>
                                         <?php } ?>
                                         <?php if ($session_user_role == 3) { ?>
                                             <div class="dropdown-divider"></div>
-                                            <a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">Archive</a>
-                                            <a class="dropdown-item text-danger" href="post.php?delete_asset=<?php echo $asset_id; ?>">Delete</a>
+                                            <a class="dropdown-item text-danger" href="post.php?archive_asset=<?php echo $asset_id; ?>">
+                                                <i class="fas fa-fw fa-archive mr-2"></i>Archive
+                                            </a>
+                                            <div class="dropdown-divider"></div>
+                                            <a class="dropdown-item text-danger text-bold" href="post.php?delete_asset=<?php echo $asset_id; ?>">
+                                                <i class="fas fa-fw fa-trash mr-2"></i>Delete</a>
                                         <?php } ?>
                                     </div>
                                 </div>
diff --git a/client_certificate_add_modal.php b/client_certificate_add_modal.php
index 19a9e8d3..1a15124a 100644
--- a/client_certificate_add_modal.php
+++ b/client_certificate_add_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-lock"></i> New Certificate</h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-lock mr-2"></i>New Certificate</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -75,7 +75,7 @@
                                 <?php
                                 $domains_sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_client_id = '$client_id'");
                                 while ($domain_row = mysqli_fetch_array($domains_sql)) {
-                                    $domain_id = $domain_row['domain_id'];
+                                    $domain_id = intval($domain_row['domain_id']);
                                     $domain_name = htmlentities($domain_row['domain_name']);
                                     echo "<option value=\"$domain_id\">$domain_name</option>";
                                 }
@@ -86,8 +86,8 @@
                 </div>
 
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
                     <button type="submit" name="add_certificate" class="btn btn-primary text-bold"><i class="fa fa-check"></i> Create</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_certificate_edit_modal.php b/client_certificate_edit_modal.php
index 04b8abb9..a5d884d5 100644
--- a/client_certificate_edit_modal.php
+++ b/client_certificate_edit_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-lock"></i> Editing certificate: <span class="text-bold" id="editHeader"></span></h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-lock mr-2"></i>Editing certificate: <span class="text-bold" id="editHeader"></span></h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -77,8 +77,8 @@
                     </div>
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="edit_certificate" class="btn btn-primary">Save</button>
+                    <button type="submit" name="edit_certificate" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_certificates.php b/client_certificates.php
index d5ea31c7..976ccd7b 100644
--- a/client_certificates.php
+++ b/client_certificates.php
@@ -2,7 +2,7 @@
 require_once("inc_all_client.php");
 
 if (!empty($_GET['sb'])) {
-    $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
+    $sb = sanitizeInput($_GET['sb']);
 } else {
     $sb = "certificate_name";
 }
@@ -20,9 +20,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
 <div class="card card-dark">
     <div class="card-header py-2">
-        <h3 class="card-title mt-2"><i class="fa fa-fw fa-lock"></i> Certificates</h3>
+        <h3 class="card-title mt-2"><i class="fa fa-fw fa-lock mr-2"></i>Certificates</h3>
         <div class="card-tools">
-            <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCertificateModal"><i class="fas fa-fw fa-plus"></i> New Certificate</button>
+            <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCertificateModal"><i class="fas fa-plus mr-2"></i>New Certificate</button>
         </div>
     </div>
     <div class="card-body">
@@ -32,7 +32,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
                 <div class="col-md-4">
                     <div class="input-group mb-3 mb-md-0">
-                        <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Certificates">
+                        <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Certificates">
                         <div class="input-group-append">
                             <button class="btn btn-dark"><i class="fa fa-search"></i></button>
                         </div>
@@ -41,7 +41,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
                 <div class="col-md-8">
                     <div class="float-right">
-                        <a href="post.php?export_client_certificates_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
+                        <a href="post.php?export_client_certificates_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-download mr-2"></i>Export</a>
                     </div>
                 </div>
 
@@ -63,7 +63,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                 <?php
 
                 while ($row = mysqli_fetch_array($sql)) {
-                    $certificate_id = $row['certificate_id'];
+                    $certificate_id = intval($row['certificate_id']);
                     $certificate_name = htmlentities($row['certificate_name']);
                     $certificate_domain = htmlentities($row['certificate_domain']);
                     $certificate_issued_by = htmlentities($row['certificate_issued_by']);
diff --git a/client_contact_add_modal.php b/client_contact_add_modal.php
index a7e24878..c76ac220 100644
--- a/client_contact_add_modal.php
+++ b/client_contact_add_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-user-plus"></i> New Contact</h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-user-plus mr-2"></i>New Contact</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -19,16 +19,16 @@
 
                     <ul class="nav nav-pills nav-justified mb-3">
                         <li class="nav-item">
-                            <a class="nav-link active" data-toggle="pill" href="#pills-details">Details</a>
+                            <a class="nav-link active" data-toggle="pill" href="#pills-details"><i class="fa fa-fw fa-user mr-2"></i>Details</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link" data-toggle="pill" href="#pills-photo">Photo</a>
+                            <a class="nav-link" data-toggle="pill" href="#pills-photo"><i class="fa fa-fw fa-image mr-2"></i>Photo</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link" data-toggle="pill" href="#pills-portal">Portal</a>
+                            <a class="nav-link" data-toggle="pill" href="#pills-portal"><i class="fa fa-fw fa-lock mr-2"></i>Portal</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link" data-toggle="pill" href="#pills-notes">Notes</a>
+                            <a class="nav-link" data-toggle="pill" href="#pills-notes"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a>
                         </li>
                     </ul>
 
@@ -122,7 +122,7 @@
 
                                         $sql = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_archived_at IS NULL AND location_client_id = $client_id ORDER BY location_name ASC");
                                         while ($row = mysqli_fetch_array($sql)) {
-                                            $location_id = $row['location_id'];
+                                            $location_id = intval($row['location_id']);
                                             $location_name = htmlentities($row['location_name']);
                                             ?>
                                             <option value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
@@ -202,8 +202,8 @@
 
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="add_contact" class="btn btn-primary text-bold"><i class="fas fa-check"></i> Create</button>
+                    <button type="submit" name="add_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_contact_edit_modal.php b/client_contact_edit_modal.php
index 3e9d76a1..1d537805 100644
--- a/client_contact_edit_modal.php
+++ b/client_contact_edit_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-user-edit"></i> Editing: <strong><?php echo $contact_name; ?></strong></h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-user-edit mr-2"></i>Editing: <strong><?php echo $contact_name; ?></strong></h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -21,16 +21,16 @@
 
                     <ul class="nav nav-pills nav-justified mb-3">
                         <li class="nav-item">
-                            <a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $contact_id; ?>">Details</a>
+                            <a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $contact_id; ?>"><i class="fa fa-fw fa-user mr-2"></i>Details</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link" data-toggle="pill" href="#pills-photo<?php echo $contact_id; ?>">Photo</a>
+                            <a class="nav-link" data-toggle="pill" href="#pills-photo<?php echo $contact_id; ?>"><i class="fa fa-fw fa-image mr-2"></i>Photo</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link" data-toggle="pill" href="#pills-portal<?php echo $contact_id; ?>">Portal</a>
+                            <a class="nav-link" data-toggle="pill" href="#pills-portal<?php echo $contact_id; ?>"><i class="fa fa-fw fa-lock mr-2"></i>Portal</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $contact_id; ?>">Notes</a>
+                            <a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $contact_id; ?>"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a>
                         </li>
                     </ul>
 
@@ -124,7 +124,7 @@
 
                                         $sql_locations = mysqli_query($mysqli, "SELECT * FROM locations WHERE (location_archived_at > '$contact_created_at' OR location_archived_at IS NULL) AND location_client_id = $client_id ORDER BY location_name ASC");
                                         while ($row = mysqli_fetch_array($sql_locations)) {
-                                            $location_id_select = $row['location_id'];
+                                            $location_id_select = intval($row['location_id']);
                                             $location_name_select = htmlentities($row['location_name']);
                                             ?>
                                             <option <?php if ($contact_location_id == $location_id_select) { echo "selected"; } ?> value="<?php echo $location_id_select; ?>"><?php echo $location_name_select; ?></option>
@@ -236,8 +236,8 @@
 
                 </div>
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="edit_contact" class="btn btn-primary"><i class="fas fa-check"></i> Save</button>
+                    <button type="submit" name="edit_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
             </form>
         </div>
diff --git a/client_contact_import_modal.php b/client_contact_import_modal.php
index ec4fc98d..2928e725 100644
--- a/client_contact_import_modal.php
+++ b/client_contact_import_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fa fa-fw fa-users"></i> Import Contacts</h5>
+                <h5 class="modal-title"><i class="fa fa-fw fa-users mr-2"></i>Import Contacts</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
diff --git a/client_contact_invite_modal.php b/client_contact_invite_modal.php
index 3d6fb8b0..baa87a27 100644
--- a/client_contact_invite_modal.php
+++ b/client_contact_invite_modal.php
@@ -2,7 +2,7 @@
     <div class="modal-dialog">
         <div class="modal-content bg-dark">
             <div class="modal-header">
-                <h5 class="modal-title"><i class="fas fa-fw fa-user-plus"></i> Invite Contact</h5>
+                <h5 class="modal-title"><i class="fas fa-fw fa-user-plus mr-2"></i>Invite Contact</h5>
                 <button type="button" class="close text-white" data-dismiss="modal">
                     <span>&times;</span>
                 </button>
@@ -73,8 +73,8 @@
                 </div>
 
                 <div class="modal-footer bg-white">
-                    <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-                    <button type="submit" name="invite_contact" class="btn btn-primary"><strong><i class="fas fa-paper-plane"></i> Send Invite</strong></button>
+                    <button type="submit" name="invite_contact" class="btn btn-primary text-bold"><i class="fas fa-paper-plane mr-2"></i>Send Invite</button>
+                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
                 </div>
 
             </form>
diff --git a/client_contacts.php b/client_contacts.php
index 50061218..ffcbe41a 100644
--- a/client_contacts.php
+++ b/client_contacts.php
@@ -3,7 +3,7 @@
 require_once("inc_all_client.php");
 
 if (isset($_GET['q'])) {
-    $q = strip_tags(mysqli_real_escape_string($mysqli, $_GET['q']));
+    $q = sanitizeInput($_GET['q']);
     //Phone Numbers
     $n = preg_replace("/[^0-9]/", '', $q);
     if (empty($n)) {
@@ -16,7 +16,7 @@ if (isset($_GET['q'])) {
 }
 
 if (!empty($_GET['sb'])) {
-    $sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
+    $sb = sanitizeInput($_GET['sb']);
 } else {
     $sb = "contact_name";
 }
@@ -25,10 +25,12 @@ if (!empty($_GET['sb'])) {
 $url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
 
 $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM contacts 
-  LEFT JOIN locations ON location_id = contact_location_id
-  WHERE contact_archived_at IS NULL 
-  AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%'  OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$n%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$n%')
-  AND contact_client_id = $client_id ORDER BY $sb $o LIMIT $record_from, $record_to");
+    LEFT JOIN locations ON location_id = contact_location_id
+    WHERE contact_archived_at IS NULL 
+    AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%'  OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$n%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$n%')
+    AND contact_client_id = $client_id 
+    ORDER BY $sb $o LIMIT $record_from, $record_to"
+);
 
 $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
@@ -36,11 +38,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
     <div class="card card-dark">
         <div class="card-header py-2">
-            <h3 class="card-title mt-2"><i class="fa fa-fw fa-users"></i> Contacts</h3>
+            <h3 class="card-title mt-2"><i class="fa fa-fw fa-users mr-2"></i>Contacts</h3>
             <div class="card-tools">
                 <div class="btn-group">
                     <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addContactModal">
-                        <i class="fas fa-fw fa-plus"></i> New Contact
+                        <i class="fas fa-plus mr-2"></i>New Contact
                     </button>
                     <button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
                     <div class="dropdown-menu">
@@ -56,7 +58,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
                     <div class="col-md-4">
                         <div class="input-group mb-3 mb-md-0">
-                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Contacts">
+                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(htmlentities($q)); } ?>" placeholder="Search Contacts">
                             <div class="input-group-append">
                                 <button class="btn btn-dark"><i class="fa fa-search"></i></button>
                             </div>
@@ -65,8 +67,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 
                     <div class="col-md-8">
                         <div class="float-right">
-                            <a href="post.php?export_client_contacts_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
-                            <button type="button" class="btn btn-default" data-toggle="modal" data-target="#importContactModal"><i class="fa fa-fw fa-upload"></i> Import</button>
+                            <a href="post.php?export_client_contacts_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
+                            <button type="button" class="btn btn-default" data-toggle="modal" data-target="#importContactModal"><i class="fa fa-fw fa-upload mr-2"></i>Import</button>
                         </div>
                     </div>
 
@@ -90,7 +92,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                     <?php
 
                     while ($row = mysqli_fetch_array($sql)) {
-                        $contact_id = $row['contact_id'];
+                        $contact_id = intval($row['contact_id']);
                         $contact_name = htmlentities($row['contact_name']);
                         $contact_title = htmlentities($row['contact_title']);
                         if (empty($contact_title)) {
@@ -98,7 +100,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                         } else {
                             $contact_title_display = "<small class='text-secondary'>$contact_title</small>";
                         }
-                        $contact_department =htmlentities($row['contact_department']);
+                        $contact_department = htmlentities($row['contact_department']);
                         if (empty($contact_department)) {
                             $contact_department_display = "-";
                         } else {
@@ -129,13 +131,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                         $contact_important = intval($row['contact_important']);
                         $contact_billing = intval($row['contact_billing']);
                         $contact_technical = intval($row['contact_technical']);
-                        $contact_created_at = $row['contact_created_at'];
+                        $contact_created_at = htmlentities($row['contact_created_at']);
                         if ($contact_id == $primary_contact) {
                             $primary_contact_display = "<small class='text-success'>Primary Contact</small>";
                         } else {
                             $primary_contact_display = false;
                         }
-                        $contact_location_id = $row['contact_location_id'];
+                        $contact_location_id = intval($row['contact_location_id']);
                         $location_name = htmlentities($row['location_name']);
                         if (empty($location_name)) {
                             $location_name_display = "-";
@@ -171,9 +173,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                     <?php } else { ?>
 
                                         <span class="fa-stack fa-2x">
-                                        <i class="fa fa-circle fa-stack-2x text-secondary"></i>
-                                        <span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
-                                    </span>
+                                            <i class="fa fa-circle fa-stack-2x text-secondary"></i>
+                                            <span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
+                                        </span>
 
                                         <br>
 
@@ -195,13 +197,21 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                         <i class="fas fa-ellipsis-h"></i>
                                     </button>
                                     <div class="dropdown-menu">
-                                        <a class="dropdown-item" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">View Details</a>
-                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">Edit</a>
+                                        <a class="dropdown-item" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
+                                            <i class="fas fa-fw fa-eye-open mr-2"></i>View Details
+                                        </a>
+                                        <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editContactModal<?php echo $contact_id; ?>">
+                                            <i class="fas fa-fw fa-edit mr-2"></i>Edit
+                                        </a>
                                         <?php if ($session_user_role == 3 && $contact_id !== $primary_contact) { ?>
                                             <div class="dropdown-divider"></div>
-                                            <a class="dropdown-item text-danger" href="post.php?archive_contact=<?php echo $contact_id; ?>">Archive</a>
+                                            <a class="dropdown-item text-danger" href="post.php?archive_contact=<?php echo $contact_id; ?>">
+                                                <i class="fas fa-fw fa-archive mr-2"></i>Archive
+                                            </a>
                                             <div class="dropdown-divider"></div>
-                                            <a class="dropdown-item text-danger text-bold" href="post.php?delete_contact=<?php echo $contact_id; ?>">Delete</a>
+                                            <a class="dropdown-item text-danger text-bold" href="post.php?delete_contact=<?php echo $contact_id; ?>">
+                                                <i class="fas fa-fw fa-trash mr-2"></i>Delete
+                                            </a>
                                         <?php } ?>
                                     </div>
                                 </div>