AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1154 from itflow-org/develop 

Release 25.01
This commit is contained in:
Johnny 2025-01-25 12:48:43 -05:00 committed by GitHub
parent 0bde1ccee4 33f80cb6b5
commit e8c3cabde7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1180 changed files with 28331 additions and 19598 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.htaccess Normal file
View File

@ -0,0 +1,2 @@
# Prevent access to .git, .github, and config.php
RedirectMatch 404 ^/(\.git|\.github|config\.php)

67
CHANGELOG.md Normal file
View File

@ -0,0 +1,67 @@
# Changelog
This file documents all notable changes made to ITFlow.
## [25.01]
### Added / Changed
- Added support for saving cards in Stripe for automatic invoice payments.
- Page titles now display detailed information (e.g., page name, client selection, company name, ticket and invoice info) for easier multi-tab navigation.
- Reintroduced the new admin role-check for admin pages.
- Admin roles can now be archived.
- Debug mode now shows the current Git branch.
- The auto-acknowledgment email for email-parsed tickets now includes a guest link.
- Recurring tickets no longer require a contact.
- Stripe online payment setup now prompts you to set the income/expense account.
- New cron/CLI scripts have been moved to the `/scripts` subfolder — remember to update your cron configurations!
- Moved modal includes to `/modals` to tidy up the root directory.
- Moved most include files to `/includes` to improve directory structure.
- Moved guest pages to `/guest` for better organization.
- Renamed the include file `pagination.php` to `filter_footer.php`, as it is used in conjunction with `filter_header.php` for page filtering.
- Guest ticket feedback now shows the ticket prefix and number, not just the ID.
- Individual POST handler logic pages are no longer directly accessible.
- Added the ability to delete payments on the Payments and Client Payments pages.
- Implemented domain history tracking.
- Added Asset Interface Linking/Connections to show what interface is connected to which interface port of another asset.
- Added Force Recurring Ticket option in more locations, not just for recurring tickets.
- Implemented row spanning and centered devices that occupy multiple units in a rack.
- Added tooltips to main navigation badge counts to clarify what is being counted.
- Reduced max records per page from 500 to 100 to prevent performance issues.
- Updated several plugins:
- `stripe-php` from 10.5.0 to 16.4.0
- `Inputmask` from 5.0.8 to 5.0.9
- `DataTables` from 2.1.8 to 2.2.1
- `pdfmake` from 0.2.8 to 0.2.18
- `php-mime-mail-parser` to 9.0.1
- `TinyMCE` from 7.5.1 to 7.6.1
- Removed unused libraries from the vendor folder and moved Stripe to the plugins folder, eliminating the vendor folder.
- Merged the MFA TOTP functionality files `base32static.php` and `rfc6238.php` into a single file (`totp`) and moved it to the plugins folder.
- No longer need to pass the DB connection (`$mysqli`) to the `addToMailQueue` function.
- Disabled HTML Purifier caching.
- Replaced the `nullable_htmlentities` function with `htmlspecialchars`.
- Updated filter variable naming.
- Implemented other minor UI updates, performance optimizations, and directory cleanups.
### Fixed
- Fixed an issue where the ticket edit modal didn't show multi-client or no-client projects.
- Fixed asset interface losing DHCP settings.
- Fixed a 500 error when creating or editing recurring expenses due to an incorrect variable name.
- Fixed tickets created via the portal/email not being marked as billable.
- Fixed issues with editing recurring expenses.
- Resolved a regression where the TinyMCE editor didnt display when adding or editing ticket templates.
- Fixed a TinyMCE license issue.
### Removed / Deprecated
- Deprecated the cron scripts in the root directory. Cron jobs should now use the ones in the `/scripts` subfolder, which no longer require a cron key and must be run via CLI.
### BREAKING CHANGES
- The client portal has been moved from `/portal` to `/client`:
- Links in previous emails will be broken.
- The Azure Entra ID SSO Redirect URI needs to be updated to `/client`.
- You may need to update other links (e.g., website, support page).
- Guest links have been moved from `/` to `/guest`. Previous links will be broken.
## [24.12]
### Added / Changed
- Introduced versioned releases for the first time!

64
README.md
View File

@ -3,15 +3,10 @@
<!-- PROJECT SHIELDS -->
[![Contributors][contributors-shield]][contributors-url]
[![Stargazers][stars-shield]][stars-url]
[![Issues][issues-shield]][issues-url]
[![Commits][commit-shield]][commit-url]
[![GPL License][license-shield]][license-url]
<!-- PROJECT LOGO -->
<div align="center">
<!-- <a href="https://github.com/itflow-org/itflow">
<img src="images/logo.png" alt="Logo" width="80" height="80">
</a> -->
<h3 align="center">ITFlow</h3>
@ -47,43 +42,26 @@
### The Problem
- You're a busy MSP with 101 things to do.
- Information about your clients is unorganised and unstructured: scattered in random tickets or folders - when you do eventually find it, it's out of date.
- For some issues, you spend longer looking for the relevant documentation than actually working the ticket.
- You're a small but busy managed service provider with 101 things to do. Information about your clients is unorganised, unstructured and outdated.
- For some work, you seem to spend longer looking for the relevant documentation than actually working on the issue/project.
- On top of the technical day to day, you also have to take care of the financial side of the business - consistent pricing, quotes/invoicing, and accounting.
### The Solution: ITFlow
- ITFlow consolidates common MSP needs (IT Documentation, ticketing and billing) into one system
### In Beta
* This project is in beta with many ongoing changes. Updates may unintentionally introduce bugs/security issues. Writing functional, secure code is very difficult.
* Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free. Use your best judgement before deciding to store highly confidential information in ITFlow.
* We are hoping to have a stable 1.0 release by early 2025.
- ITFlow consolidates common MSP needs (documentation, ticketing and billing) into one unified system.
<!-- GETTING STARTED -->
## Getting Started
ITFlow is self-hosted. There is a full installation guide in the [docs](https://docs.itflow.org/installation).
### Self Hosting
- The best installation method is to use the [install script](https://docs.itflow.org/installation_script) on Ubuntu/Debian. A video walk through is available [here](https://www.youtube.com/watch?v=kKz9NOU_1XE).
```
wget -O itflow_install.sh https://github.com/itflow-org/itflow-install-script/raw/main/itflow_install.sh
bash itflow_install.sh
```
- Other manual installation methods are available in the [docs](https://docs.itflow.org/installation).
<!-- EASY INSTALL -->
### Installation via Script (Recommended Method)
**Requirements**
- Clean Install of Debian 12 or Ubuntu 22.04
- A public IP Address
- Ports 80 (HTTP) and 443 (HTTPS) TCP accessible from the outside in
- A Fully Qualified Domain Name pointing to the public IP Address example itflow.example.com
**Process**
- Login as root
- Download & run install script
```
wget -O itflow_install.sh https://github.com/itflow-org/itflow-install-script/raw/main/itflow_install.sh
bash itflow_install.sh
```
- Follow Instructions & navigate to setup URL shown
- Leave us feedback in the [forum](https://forum.itflow.org/d/11-road-map)
### Managed Hosting
- If you'd prefer, we can [host ITFlow for you](https://services.itflow.org/hosting.php).
<!-- FEATURES -->
## Key Features
@ -95,14 +73,7 @@ ITFlow is self-hosted. There is a full installation guide in the [docs](https://
<!-- ROADMAP -->
## Roadmap / Future to-do
* Comprehensive API to allow custom third party integration
* CalDAV to integrate with 3rd party calendars
* CardDAV to integrate with 3rd party Address books
* Recent caller toast alerts to click and bring up the clients account right away
* FIDO2 WebAuthn Support for passwordless auth (TPM Fingerprint), (USB Hardware keys such as Yubikey)
See the [forum](https://forum.itflow.org/t/added-to-roadmap) and the [open issues](https://github.com/itflow-org/itflow/issues) for a full list of proposed features & known issues.
We track the implementation of confirmed features and bugs via [TaskFlow](https://tasks.dev.itflow.org/tasks.php). Use the [forum](https://forum.itflow.org) to request features or raise bug reports.
<!-- CONTRIBUTING -->
## Support & Contributions
@ -111,7 +82,7 @@ See the [forum](https://forum.itflow.org/t/added-to-roadmap) and the [open issue
For help using ITFlow, bugs, feature requests, and general ideas / discussions please use the community [forum](https://forum.itflow.org).
### Contributing
If you want to improve ITFlow, feel free to fork the repo and create a pull request, but make sure to discuss significant changes or new features with fellow contributors on the forum first. This helps ensure that your contributions are aligned with project goals, and saves time for everyone. All contributions should follow our [code standards](https://docs.itflow.org/code_standards).
If you want to improve ITFlow, feel free to fork the repo and create a pull reques. Make sure to discuss significant changes or new features with fellow contributors on the forum first. This helps ensure that your contributions are aligned with project goals, and saves time for everyone. All contributions should follow our [code standards](https://docs.itflow.org/code_standards). See the [contributing guide](https://docs.itflow.org/contribute).
#### Contributors
<a href="https://github.com/itflow-org/itflow/graphs/contributors">
@ -122,13 +93,14 @@ If you want to improve ITFlow, feel free to fork the repo and create a pull requ
Were incredibly grateful to the organizations and individuals who support the project - a big thank you to:
- CompuMatter
- F1 for HELP
- JetBrains
<!-- LICENSE -->
## License
ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details.
## Security
* As of 2025, we now have a stable release of the project.
* Whilst we are confident in the safety of the code, no system is risk-free. Nearly all software has bugs. Use your best judgement before storing highly confidential information in ITFlow.
* If you have a security concern, privately report it [here](https://github.com/itflow-org/itflow/security/policy).
<!-- MARKDOWN LINKS & IMAGES -->
<!-- https://www.markdownguide.org/basic-syntax/#reference-style-links -->

22
SECURITY.md
View File

@ -1,25 +1,21 @@
# Security Policy
## **Please do NOT report security concerns/vulnerabilities publicly (Github issues/forum)**
## **Please do NOT report security concerns/vulnerabilities publicly (Issues/forum)**
---
**We take security seriously**
## In Beta
ITFlow is currently in beta and is a work in progress.
**We take security seriously.** Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free. You should use your best judgment before entering confidential information into the app.
We attempt to follow security best practices where possible, including [automated code scanning](https://sonarcloud.io/component_measures?id=itflow-org_itflow&metric=security_rating&view=list).
[![Security](https://sonarcloud.io/api/project_badges/measure?project=itflow-org_itflow&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=itflow-org_itflow)
- Whilst we are confident in the safety of the code, no system is risk-free. Nearly all software has bugs. Use your best judgement before storing highly confidential information in ITFlow.
- We attempt to follow security best practices where possible, including [automated code scanning](https://sonarcloud.io/component_measures?id=itflow-org_itflow&metric=security_rating&view=list).
- [![Security](https://sonarcloud.io/api/project_badges/measure?project=itflow-org_itflow&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=itflow-org_itflow)
## Supported Versions
We operate a rolling release model. Any bug fixes will be released into latest version of ITFlow, so you must stay up-to-date.
| Version | Supported |
| ------- | ------------------ |
| Beta | :white_check_mark: |
| 1.0 | Yet to be released |
| Beta | :x: |
| 24.12 | :white_check_mark: |
| 25.1 | :white_check_mark: (When released) |
## Reporting a Vulnerability via GitHub Security Advisories

10
accounts.php
View File

@ -4,7 +4,7 @@
$sort = "account_name";
$order = "ASC";
require_once "inc_all.php";
require_once "includes/inc_all.php";
// Perms
enforceUserPermission('module_financial');
@ -109,18 +109,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tr>
<?php
include "account_edit_modal.php";
require "modals/account_edit_modal.php";
}
?>
</tbody>
</table>
</div>
<?php require_once "pagination.php"; ?>
<?php require_once "includes/filter_footer.php"; ?>
</div>
</div>
<?php
require_once "account_add_modal.php";
require_once "footer.php";
require_once "modals/account_add_modal.php";
require_once "includes/footer.php";

8
admin_api.php
View File

@ -4,7 +4,7 @@
$sort = "api_key_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -166,7 +166,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</form>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
@ -174,7 +174,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<script src="js/bulk_actions.js"></script>
<?php
require_once "admin_api_key_add_modal.php";
require_once "modals/admin_api_key_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

22
admin_app_log.php
View File

@ -4,26 +4,26 @@
$sort = "app_log_id";
$order = "DESC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
// Log Type Filter
if (isset($_GET['type']) & !empty($_GET['type'])) {
$log_type_query = "AND (app_log_type = '" . sanitizeInput($_GET['type']) . "')";
$type = nullable_htmlentities($_GET['type']);
$type_filter = nullable_htmlentities($_GET['type']);
} else {
// Default - any
$log_type_query = '';
$type = '';
$type_filter = '';
}
// Log Category Filter
if (isset($_GET['category']) & !empty($_GET['catergory'])) {
$log_category_query = "AND (app_log_category = '" . sanitizeInput($_GET['category']) . "')";
$category = nullable_htmlentities($_GET['category']);
$category_filter = nullable_htmlentities($_GET['category']);
} else {
// Default - any
$log_category_query = '';
$category = '';
$category_filter = '';
}
//Rebuild URL
@ -63,14 +63,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-sm-2">
<div class="form-group">
<select class="form-control select2" name="type" onchange="this.form.submit()">
<option value="" <?php if ($type == "") { echo "selected"; } ?>>- All Types -</option>
<option value="">- All Types -</option>
<?php
$sql_types_filter = mysqli_query($mysqli, "SELECT DISTINCT app_log_type FROM app_logs ORDER BY app_log_type ASC");
while ($row = mysqli_fetch_array($sql_types_filter)) {
$log_type = nullable_htmlentities($row['app_log_type']);
?>
<option <?php if ($type == $log_type) { echo "selected"; } ?>><?php echo $log_type; ?></option>
<option <?php if ($type_filter == $log_type) { echo "selected"; } ?>><?php echo $log_type; ?></option>
<?php
}
?>
@ -82,14 +82,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-sm-2">
<div class="form-group">
<select class="form-control select2" name="category" onchange="this.form.submit()">
<option value="" <?php if ($category == "") { echo "selected"; } ?>>- All Categories -</option>
<option value="">- All Categories -</option>
<?php
$sql_categories_filter = mysqli_query($mysqli, "SELECT DISTINCT app_log_category FROM app_logs ORDER BY app_log_category ASC");
while ($row = mysqli_fetch_array($sql_categories_filter)) {
$log_category = nullable_htmlentities($row['app_log_category']);
?>
<option <?php if ($category == $log_category) { echo "selected"; } ?>><?php echo $log_category; ?></option>
<option <?php if ($category_filter == $log_category) { echo "selected"; } ?>><?php echo $log_category; ?></option>
<?php
}
?>
@ -184,10 +184,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

38
admin_audit_log.php
View File

@ -4,46 +4,46 @@
$sort = "log_id";
$order = "DESC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
// User Filter
if (isset($_GET['user']) & !empty($_GET['user'])) {
$user_query = 'AND (log_user_id = ' . intval($_GET['user']) . ')';
$user = intval($_GET['user']);
$user_filter = intval($_GET['user']);
} else {
// Default - any
$user_query = '';
$user = '';
$user_filter = '';
}
// Client Filter
if (isset($_GET['client']) & !empty($_GET['client'])) {
$client_query = 'AND (log_client_id = ' . intval($_GET['client']) . ')';
$client = intval($_GET['client']);
$client_filter = intval($_GET['client']);
} else {
// Default - any
$client_query = '';
$client = '';
$client_filter = '';
}
// Log Type Filter
if (isset($_GET['type']) & !empty($_GET['type'])) {
$log_type_query = "AND (log_type = '" . sanitizeInput($_GET['type']) . "')";
$type = nullable_htmlentities($_GET['type']);
$type_filter = nullable_htmlentities($_GET['type']);
} else {
// Default - any
$log_type_query = '';
$type = '';
$type_filter = '';
}
// Log Action Filter
if (isset($_GET['action']) & !empty($_GET['action'])) {
$log_action_query = "AND (log_action = '" . sanitizeInput($_GET['action']) . "')";
$action = nullable_htmlentities($_GET['action']);
$action_filter = nullable_htmlentities($_GET['action']);
} else {
// Default - any
$log_action_query = '';
$action = '';
$action_filter = '';
}
//Rebuild URL
@ -87,7 +87,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-sm-2">
<div class="form-group">
<select class="form-control select2" name="client" onchange="this.form.submit()">
<option value="" <?php if ($client == "") { echo "selected"; } ?>>- All Clients -</option>
<option value="">- All Clients -</option>
<?php
$sql_clients_filter = mysqli_query($mysqli, "SELECT * FROM clients ORDER BY client_name ASC");
@ -95,7 +95,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
?>
<option <?php if ($client == $client_id) { echo "selected"; } ?> value="<?php echo $client_id; ?>"><?php echo $client_name; ?></option>
<option <?php if ($client_filter == $client_id) { echo "selected"; } ?> value="<?php echo $client_id; ?>"><?php echo $client_name; ?></option>
<?php
}
?>
@ -107,7 +107,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-sm-2">
<div class="form-group">
<select class="form-control select2" name="user" onchange="this.form.submit()">
<option value="" <?php if ($user == "") { echo "selected"; } ?>>- All Users -</option>
<option value="">- All Users -</option>
<?php
$sql_users_filter = mysqli_query($mysqli, "SELECT * FROM users ORDER BY user_name ASC");
@ -115,7 +115,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$user_id = intval($row['user_id']);
$user_name = nullable_htmlentities($row['user_name']);
?>
<option <?php if ($user == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<option <?php if ($user_filter == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php
}
?>
@ -127,14 +127,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-sm-2">
<div class="form-group">
<select class="form-control select2" name="type" onchange="this.form.submit()">
<option value="" <?php if ($type == "") { echo "selected"; } ?>>- All Types -</option>
<option value="">- All Types -</option>
<?php
$sql_types_filter = mysqli_query($mysqli, "SELECT DISTINCT log_type FROM logs ORDER BY log_type ASC");
while ($row = mysqli_fetch_array($sql_types_filter)) {
$log_type = nullable_htmlentities($row['log_type']);
?>
<option <?php if ($type == $log_type) { echo "selected"; } ?>><?php echo $log_type; ?></option>
<option <?php if ($type_filter == $log_type) { echo "selected"; } ?>><?php echo $log_type; ?></option>
<?php
}
?>
@ -146,14 +146,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-sm-2">
<div class="form-group">
<select class="form-control select2" name="action" onchange="this.form.submit()">
<option value="" <?php if ($action == "") { echo "selected"; } ?>>- All Actions -</option>
<option value="">- All Actions -</option>
<?php
$sql_actions_filter = mysqli_query($mysqli, "SELECT DISTINCT log_action FROM logs ORDER BY log_action ASC");
while ($row = mysqli_fetch_array($sql_actions_filter)) {
$log_action = nullable_htmlentities($row['log_action']);
?>
<option <?php if ($action == $log_action) { echo "selected"; } ?>><?php echo $log_action; ?></option>
<option <?php if ($action_filter == $log_action) { echo "selected"; } ?>><?php echo $log_action; ?></option>
<?php
}
?>
@ -295,11 +295,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_backup.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark mb-3">
@ -34,5 +34,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_bulk_mail.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
@ -149,4 +149,4 @@ $sql = mysqli_query($mysqli, "SELECT * FROM contacts
<?php
require_once "footer.php";
require_once "includes/footer.php";

10
admin_category.php
View File

@ -4,7 +4,7 @@
$sort = "category_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
if (isset($_GET['category'])) {
@ -177,7 +177,7 @@ if (isset($_GET['archived'])) {
<?php
include "admin_category_edit_modal.php";
require "modals/admin_category_edit_modal.php";
}
@ -186,12 +186,12 @@ if (isset($_GET['archived'])) {
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_category_add_modal.php";
require_once "modals/admin_category_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

10
admin_custom_link.php
View File

@ -4,7 +4,7 @@
$sort = "custom_link_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -131,7 +131,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_custom_link_edit_modal.php";
require "modals/admin_custom_link_edit_modal.php";
}
@ -141,13 +141,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_custom_link_add_modal.php";
require_once "modals/admin_custom_link_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

21
admin_debug.php
View File

@ -1,15 +1,16 @@
<?php
require_once "inc_all_admin.php";
require_once "database_version.php";
require_once "includes/inc_all_admin.php";
require_once "includes/database_version.php";
require_once "config.php";
$checks = [];
// Execute the git command to get the latest commit hash
$commitHash = exec('git log -1 --format=%H');
$commitHash = shell_exec('git log -1 --format=%H');
// Get branch info
$gitBranch = shell_exec('git rev-parse --abbrev-ref HEAD');
// Section: System Information
$systemInfo = [];
@ -522,13 +523,17 @@ $mysqli->close();
<th>ITFlow release version</th>
<th><?php echo APP_VERSION; ?></th>
</tr>
<tr>
<td>Current DB Version</td>
<td><?php echo CURRENT_DATABASE_VERSION; ?></td>
</tr>
<tr>
<td>Current Code Commit</td>
<td><?php echo $commitHash; ?></td>
</tr>
<tr>
<td>Current DB Version</td>
<td><?php echo CURRENT_DATABASE_VERSION; ?></td>
<td>Current Branch</td>
<td><?php echo $gitBranch; ?></td>
</tr>
</table>
@ -748,5 +753,5 @@ $mysqli->close();
<?php
require_once "footer.php";
require_once "includes/footer.php";

10
admin_document_template.php
View File

@ -4,7 +4,7 @@
$sort = "document_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
// Search query SQL snippet
if (!empty($q)) {
@ -119,7 +119,7 @@
<?php
include "admin_document_template_edit_modal.php";
require "modals/admin_document_template_edit_modal.php";
}
@ -129,12 +129,12 @@
</table>
<br>
</div>
<?php include "pagination.php"; ?>
<?php require_once "includes/filter_footer.php"; ?>
</div>
</div>
<?php include "admin_document_template_add_modal.php"; ?>
<?php include "footer.php"; ?>
<?php require_once "modals/admin_document_template_add_modal.php"; ?>
<?php require_once "includes/footer.php"; ?>
<script>
$(document).ready(function(){

7
admin_document_template_details.php
View File

@ -1,12 +1,13 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
@ -59,7 +60,7 @@ $document_updated_at = nullable_htmlentities($row['document_updated_at']);
<?php
require_once "admin_document_template_edit_modal.php";
require_once "modals/admin_document_template_edit_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

335
admin_legacy_debug.php
View File

@ -1,335 +0,0 @@
<?php
require_once "inc_all_admin.php";
require_once "database_version.php";
require_once "config.php";
$folderPath = 'uploads';
function countFilesInDirectory($dir) {
$count = 0;
$size = 0;
$files = scandir($dir);
foreach ($files as $file) {
if ($file === '.' || $file === '..') {
continue;
}
$filePath = $dir . '/' . $file;
if (is_file($filePath)) {
$count++;
$size += filesize($filePath);
} elseif (is_dir($filePath)) {
$result = countFilesInDirectory($filePath);
$count += $result['count'];
$size += $result['size'];
}
}
return [
'count' => $count,
'size' => $size
];
}
// Function to compare two arrays recursively and return the differences
function arrayDiffRecursive($array1, $array2) {
$diff = array();
foreach ($array1 as $key => $value) {
if (is_array($value)) {
if (!isset($array2[$key]) || !is_array($array2[$key])) {
$diff[$key] = $value;
} else {
$recursiveDiff = arrayDiffRecursive($value, $array2[$key]);
if (!empty($recursiveDiff)) {
$diff[$key] = $recursiveDiff;
}
}
} else {
if (!isset($array2[$key]) || $array2[$key] !== $value) {
$diff[$key] = $value;
}
}
}
return $diff;
}
// Function to load the table structures from an SQL dump file URL
function loadTableStructuresFromSQLDumpURL($fileURL) {
$context = stream_context_create(array('http' => array('header' => 'Accept: application/octet-stream')));
$fileContent = file_get_contents($fileURL, false, $context);
if ($fileContent === false) {
return null;
}
$structure = array();
$queries = explode(";", $fileContent);
foreach ($queries as $query) {
$query = trim($query);
if (!empty($query)) {
if (preg_match("/^CREATE TABLE `(.*)` \((.*)\)$/s", $query, $matches)) {
$tableName = $matches[1];
$tableStructure = $matches[2];
$structure[$tableName] = array('structure' => $tableStructure);
}
}
}
return $structure;
}
// Function to fetch the database structure from the MySQL server
function fetchDatabaseStructureFromServer() {
global $mysqli;
$tables = array();
// Fetch table names
$result = $mysqli->query("SHOW TABLES");
if ($result->num_rows > 0) {
while ($row = $result->fetch_row()) {
$tableName = $row[0];
$tables[$tableName] = array();
}
}
// Fetch table structures
foreach ($tables as $tableName => &$table) {
$result = $mysqli->query("SHOW CREATE TABLE `$tableName`");
if ($result->num_rows > 0) {
$row = $result->fetch_row();
$table['structure'] = $row[1];
}
}
return $tables;
}
//function to get current crontab and return it as an array
function get_crontab() {
$crontab = shell_exec('crontab -l');
$crontab = explode(PHP_EOL, $crontab);
return $crontab;
}
// URL to the SQL dump file
$fileURL = "https://raw.githubusercontent.com/itflow-org/itflow/master/db.sql";
// Load the desired table structures from the SQL dump file URL
$desiredStructure = loadTableStructuresFromSQLDumpURL($fileURL);
if ($desiredStructure === null) {
die("Failed to load the desired table structures from the SQL dump file URL.");
}
// Fetch the current database structure from the MySQL server
$currentStructure = fetchDatabaseStructureFromServer();
if ($currentStructure === null) {
die("Failed to fetch the current database structure from the server.");
}
// Compare the structures and display the differences
$differences = arrayDiffRecursive($desiredStructure, $currentStructure);
//DB Stats
// Query to fetch the number of tables
$tablesQuery = "SHOW TABLES";
$tablesResult = $mysqli->query($tablesQuery);
$numTables = $tablesResult->num_rows;
$numFields = 0;
$numRows = 0;
// Loop through each table
while ($row = $tablesResult->fetch_row()) {
$tableName = $row[0];
// Query to fetch the number of fields
$fieldsQuery = "DESCRIBE `$tableName`";
$fieldsResult = $mysqli->query($fieldsQuery);
// Check if the query was successful
if ($fieldsResult) {
$numFields += $fieldsResult->num_rows;
// Query to fetch the number of rows
$rowsQuery = "SELECT COUNT(*) FROM `$tableName`";
$rowsResult = $mysqli->query($rowsQuery);
// Check if the query was successful
if ($rowsResult) {
$numRows += $rowsResult->fetch_row()[0];
} else {
echo "Error executing query: " . $mysqli->error;
}
} else {
echo "Error executing query: " . $mysqli->error;
}
}
//Get loaded PHP modules
$loadedModules = get_loaded_extensions();
//Get Server Info / Service versions
$phpVersion = phpversion();
$databaseInfo = mysqli_get_server_info($mysqli) . " / " . $mysqli->server_version;
$operatingSystem = php_uname();
$webServer = $_SERVER['SERVER_SOFTWARE'];
$errorLog = ini_get('error_log') ?: "Debian/Ubuntu default is usually /var/log/apache2/error.log";
$updates = fetchUpdates();
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-bug mr-2"></i>Debug</h3>
</div>
<div class="card-body">
<h2>Debugging</h2>
<ul>
<li>If you are experiencing a problem with ITFlow you may be directed to this page to gather server/app info.</li>
<li>When creating forum posts / support requests ensure you share the information under <i>Server Info</i>, <i>ITFlow app</i> and <i>Database stats</i>.</li>
<li><a class="text-danger text-bold">Caution:</a> Be careful when sharing the full debug output - it contains your PHP session variables/cookies ("PHPSESSID") which could allow anyone to login to your ITFlow instance</li>
<li>Note: Sometimes you might need to gather <a href="https://docs.itflow.org/gathering_logs#error_logs">PHP error logs</a> as well</li>
</ul>
<br>
<h3>Server Info</h3>
<?php
echo "PHP version: " . $phpVersion . "<br>";
echo "Database Version: " . $databaseInfo . "<br>";
echo "Operating System: " . $operatingSystem . "<br>";
echo "Web Server: " . $webServer . "<br>";
echo "Apache/PHP Error Log: " . $errorLog
?>
<hr>
<h3>File System</h3>
<?php
$result = countFilesInDirectory($folderPath);
$totalFiles = $result['count'];
$totalSizeMB = round($result['size'] / (1024 * 1024), 2);
echo "Total number of files in $folderPath and its subdirectories: " . $totalFiles . "<br>";
echo "Total size of files in $folderPath and its subdirectories: " . $totalSizeMB . " MB";
?>
<hr>
<h3>ITFlow app</h3>
<?php
echo "App Version: " . $updates->current_version . "<br>";
echo "Cron enabled: " . $config_enable_cron . "<br>";
echo "App Timezone: " . $config_timezone;
?>
<hr>
<h3>Database Structure Check</h3>
<h4>Database stats</h4>
<?php
echo "Number of tables: " . $numTables . "<br>";
echo "Total number of fields: " . $numFields . "<br>";
echo "Total number of rows: " . $numRows . "<br>";
echo "Current Database Version: " . CURRENT_DATABASE_VERSION . "<br>";
?>
<hr>
<h4>Table Stats</h4>
<?php
// Fetch all table names from the database
$tables = array();
$result = mysqli_query($mysqli, "SHOW TABLES");
while ($row = mysqli_fetch_array($result)) {
$tables[] = $row[0];
}
// Generate an HTML table to display the results
?>
<table class="table table-sm">
<tr>
<th>Table Name</th>
<th>Number of Fields</th>
<th>Number of Rows</th>
</tr>
<?php
foreach ($tables as $table) {
// Count the number of fields and rows for each table
$columns_result = mysqli_query($mysqli, "SHOW COLUMNS FROM `$table`");
$columns = mysqli_num_rows($columns_result);
$rows_result = mysqli_query($mysqli, "SELECT COUNT(*) FROM `$table`");
$rows = mysqli_fetch_array($rows_result)[0];
?>
<tr>
<td><?php echo $table; ?></td>
<td><?php echo $columns; ?></td>
<td><?php echo $rows; ?></td>
</tr>
<?php
}
?>
</table>
<hr>
<h3>PHP Modules Installed</h3>
<?php
foreach ($loadedModules as $module) {
echo $module . "<br>";
}
?>
<hr>
<h3>PHP Info</h3>
<?php
//Output phpinfo, but in a way that doesnt mess up the page
ob_start();
phpinfo();
$phpinfo = ob_get_contents();
ob_end_clean();
//Remove everything before the body tag
$phpinfo = preg_replace('%^.*<body>(.*)</body>.*$%ms', '$1', $phpinfo);
//Remove everything after the body tag
$phpinfo = preg_replace('%^(.*)</body>.*$%ms', '$1', $phpinfo);
//Remove the body tag itself
$phpinfo = preg_replace('%^<body>(.*)$%ms', '$1', $phpinfo);
//Output the result
echo $phpinfo;
?>
<hr>
</div>
</div>
<?php
require_once "footer.php";

6
admin_mail_queue.php
View File

@ -4,7 +4,7 @@
$sort = "email_id";
$order = "DESC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
@ -209,11 +209,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
</form>
<?php require_once "pagination.php"; ?>
<?php require_once "includes/filter_footer.php"; ?>
</div>
</div>
<script src="js/bulk_actions.js"></script>
<?php
require_once "footer.php";
require_once "includes/footer.php";

5
admin_mail_queue_message_view.php
View File

@ -1,11 +1,12 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
@ -74,4 +75,4 @@ if ($email_status == 0) {
<?php
require_once "footer.php";
require_once "includes/footer.php";

10
admin_project_template.php
View File

@ -4,7 +4,7 @@
$sort = "project_template_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -129,7 +129,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_project_template_edit_modal.php";
require "modals/admin_project_template_edit_modal.php";
}
@ -138,12 +138,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_project_template_add_modal.php";
require_once "modals/admin_project_template_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

8
admin_project_template_details.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
if (isset($_GET['project_template_id'])) {
@ -222,12 +222,12 @@ if (isset($_GET['project_template_id'])) {
<?php
require_once "admin_project_template_edit_modal.php";
require_once "admin_project_template_ticket_template_add_modal.php";
require_once "modals/admin_project_template_edit_modal.php";
require_once "modals/admin_project_template_ticket_template_add_modal.php";
}
require_once "footer.php";
require_once "includes/footer.php";
?>

17
admin_role.php
View File

@ -4,7 +4,7 @@
$sort = "user_role_is_admin";
$order = "DESC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -110,11 +110,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</a>
<?php if (empty($role_archived_at) && $role_user_count == 0) { ?>
<!-- To be added -->
<div class="dropdown-divider"></div>
<!-- <a class="dropdown-item text-danger confirm-link" href="post.php?archive_role=--><?php //echo $role_id; ?><!--&csrf_token=--><?php //echo $_SESSION['csrf_token'] ?><!--">-->
<!-- <i class="fas fa-fw fa-archive mr-2"></i>Archive-->
<!-- </a>-->
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_role=<?php echo $role_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-archive mr-2"></i>Archive
</a>
<?php } ?>
</div>
@ -125,7 +124,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_role_edit_modal.php";
require "modals/admin_role_edit_modal.php";
}
@ -135,14 +134,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_role_add_modal.php";
require_once "modals/admin_role_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_ai.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -73,5 +73,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

218
admin_settings_company.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli,"SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1");
@ -24,126 +24,132 @@ $company_initials = nullable_htmlentities(initials($company_name));
?>
<div class="card card-dark">
<div class="card-header py-3">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-fw fa-briefcase mr-2"></i>Company Details</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Company Name" value="<?php echo $company_name; ?>" required>
</div>
</div>
<div class="card col-md-2">
<div class="card-body">
<img class="img-fluid" src="<?php echo "uploads/settings/$company_logo"; ?>">
</div>
</div>
<div class="form-group">
<input type="file" class="form-control-file" name="file" accept=".jpg, .jpeg, .png">
</div>
<div class="form-group">
<label>Address</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-map-marker-alt"></i></span>
</div>
<input type="text" class="form-control" name="address" placeholder="Street Address" value="<?php echo $company_address; ?>">
</div>
</div>
<div class="form-group">
<label>City</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-city"></i></span>
</div>
<input type="text" class="form-control" name="city" placeholder="City" value="<?php echo $company_city; ?>">
</div>
</div>
<div class="form-group">
<label>State / Province</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-flag"></i></span>
</div>
<input type="text" class="form-control" name="state" placeholder="State or Province" value="<?php echo $company_state; ?>">
</div>
</div>
<div class="form-group">
<label>Postal Code</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fab fa-fw fa-usps"></i></span>
</div>
<input type="text" class="form-control" name="zip" placeholder="Zip or Postal Code" value="<?php echo $company_zip; ?>">
</div>
</div>
<div class="form-group">
<label>Country</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe-americas"></i></span>
</div>
<select class="form-control select2" name="country">
<option value="">- Country -</option>
<?php foreach($countries_array as $country_name) { ?>
<option <?php if ($company_country == $country_name) { echo "selected"; } ?>><?php echo $country_name; ?></option>
<div class="row">
<div class="col-md-3 text-center">
<?php if(file_exists("uploads/settings/$company_logo")) { ?>
<img class="img-thumbnail" src="<?php echo "uploads/settings/$company_logo"; ?>">
<a href="post.php?remove_company_logo" class="btn btn-outline-danger btn-block">Remove Logo</a>
<hr>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Phone</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
<div class="form-group">
<label>Upload company logo</label>
<input type="file" class="form-control-file" name="file" accept=".jpg, .jpeg, .png">
</div>
</div>
<input type="text" class="form-control" name="phone" placeholder="Phone Number" value="<?php echo $company_phone; ?>">
</div>
</div>
<div class="col-md-9">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Company Name" value="<?php echo $company_name; ?>" required>
</div>
</div>
<div class="form-group">
<label>Email</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
<div class="form-group">
<label>Address</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-map-marker-alt"></i></span>
</div>
<input type="text" class="form-control" name="address" placeholder="Street Address" value="<?php echo $company_address; ?>">
</div>
</div>
<div class="form-group">
<label>City</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-city"></i></span>
</div>
<input type="text" class="form-control" name="city" placeholder="City" value="<?php echo $company_city; ?>">
</div>
</div>
<div class="form-group">
<label>State / Province</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-flag"></i></span>
</div>
<input type="text" class="form-control" name="state" placeholder="State or Province" value="<?php echo $company_state; ?>">
</div>
</div>
<div class="form-group">
<label>Postal Code</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fab fa-fw fa-usps"></i></span>
</div>
<input type="text" class="form-control" name="zip" placeholder="Zip or Postal Code" value="<?php echo $company_zip; ?>">
</div>
</div>
<div class="form-group">
<label>Country</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe-americas"></i></span>
</div>
<select class="form-control select2" name="country">
<option value="">- Country -</option>
<?php foreach($countries_array as $country_name) { ?>
<option <?php if ($company_country == $country_name) { echo "selected"; } ?>><?php echo $country_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Phone</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="text" class="form-control" name="phone" placeholder="Phone Number" value="<?php echo $company_phone; ?>">
</div>
</div>
<div class="form-group">
<label>Email</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
</div>
<input type="email" class="form-control" name="email" placeholder="Email address" value="<?php echo $company_email; ?>">
</div>
</div>
<div class="form-group">
<label>Website</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="text" class="form-control" name="website" placeholder="Website address" value="<?php echo $company_website; ?>">
</div>
</div>
<hr>
<button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
</div>
<input type="email" class="form-control" name="email" placeholder="Email address" value="<?php echo $company_email; ?>">
</div>
</div>
<div class="form-group">
<label>Website</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="text" class="form-control" name="website" placeholder="Website address" value="<?php echo $company_website; ?>">
</div>
</div>
<hr>
<button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
</form>
</div>
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

6
admin_settings_custom_fields.php
View File

@ -4,7 +4,7 @@
$sort = "custom_field_label";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
if (isset($_GET['table'])) {
@ -112,7 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
@ -120,5 +120,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require_once "custom_field_create_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_default.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -249,4 +249,4 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_integration.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -39,5 +39,5 @@ require_once "inc_all_admin.php";
</div>
</div>
<?php require_once "footer.php";
<?php require_once "includes/footer.php";

4
admin_settings_invoice.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -102,5 +102,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_localization.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli,"SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1");
@ -75,5 +75,5 @@ $timezones = DateTimeZone::listIdentifiers();
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_mail.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -327,5 +327,5 @@ require_once "inc_all_admin.php";
<?php } ?>
<?php require_once "footer.php";
<?php require_once "includes/footer.php";

13
admin_settings_maintenance.php
View File

@ -1,13 +0,0 @@
<?php
require_once "inc_all_admin.php";
require_once "database_version.php";
require_once "config.php";
echo "Content Here";
require_once "footer.php";

4
admin_settings_module.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -78,5 +78,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_notification.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
@ -193,4 +193,4 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

15
admin_settings_online_payment.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
@ -12,9 +12,6 @@ require_once "inc_all_admin.php";
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="alert alert-secondary">Currently, we only integrate with Stripe. Please see <a href="https://forum.itflow.org/d/439-payment-integrations-megathread" target="_blank">this forum post</a>.</div>
<br>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_stripe_enable" <?php if ($config_stripe_enable == 1) { echo "checked"; } ?> value="1" id="enableStripeSwitch">
@ -25,7 +22,7 @@ require_once "inc_all_admin.php";
<div class="<?php if ($config_stripe_enable == 0) { echo "d-none"; } ?>">
<div class="form-group">
<label>Publishable key</label>
<label>Publishable key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
@ -35,7 +32,7 @@ require_once "inc_all_admin.php";
</div>
<div class="form-group">
<label>Secret key</label>
<label>Secret key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
@ -45,7 +42,7 @@ require_once "inc_all_admin.php";
</div>
<div class="form-group">
<label>Expense / Income Account</label>
<label>Account <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-piggy-bank"></i></span>
@ -140,6 +137,8 @@ require_once "inc_all_admin.php";
</div>
<div class="alert alert-secondary">Currently, we only integrate with Stripe. Please see <a href="https://forum.itflow.org/d/439-payment-integrations-megathread" target="_blank">this forum post</a>.</div>
</div>
<hr>
@ -151,5 +150,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

70
admin_settings_online_payment_clients.php Normal file
View File

@ -0,0 +1,70 @@
<?php
require_once "includes/inc_all_admin.php";
$stripe_clients_sql = mysqli_query($mysqli, "SELECT * FROM client_stripe LEFT JOIN clients ON client_stripe.client_id = clients.client_id");
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-credit-card mr-2"></i>Online Payment - Client info</h3>
</div>
<div class="card-body">
<table class="table border border-dark">
<thead class="thead-dark">
<tr>
<th>Client</th>
<th>Stripe Customer ID</th>
<th>Stripe Payment ID</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($stripe_clients_sql)) {
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$stripe_id = nullable_htmlentities($row['stripe_id']);
$stripe_pm = nullable_htmlentities($row['stripe_pm']);
?>
<tr>
<td><?php echo "$client_name ($client_id)" ?></td>
<td><?php echo $stripe_id; ?></td>
<td><?php echo $stripe_pm ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($stripe_pm)) { ?>
<a class="dropdown-item text-danger confirm-link" href="post.php?stripe_remove_pm&client_id=<?php echo $client_id ?>&pm=<?php echo $stripe_pm ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-credit-card mr-2"></i>Delete payment method
</a>
<?php } else { ?>
<a data-toggle="tooltip" data-placement="left" title="May result in duplicate customer records in Stripe" class="dropdown-item text-danger confirm-link" href="post.php?stripe_reset_customer&client_id=<?php echo $client_id ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Reset Stripe
</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
<?php
require_once "includes/footer.php";

4
admin_settings_project.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -41,4 +41,4 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_quote.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -54,5 +54,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

6
admin_settings_security.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
@ -44,7 +44,7 @@ require_once "inc_all_admin.php";
</div>
<div class="form-group">
<label>Log retention <small class="text-secondary">(The amount of days before audit logs are deleted during nightly cron)</small></label>
<label>Log retention <small class="text-secondary">(The amount of days before app/audit/auth logs are deleted during nightly cron)</small></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
@ -62,5 +62,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_telemetry.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -38,5 +38,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_theme.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -63,5 +63,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
admin_settings_ticket.php
View File

@ -1,5 +1,5 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
@ -82,5 +82,5 @@ require_once "inc_all_admin.php";
</div>
<?php
require_once "footer.php";
require_once "includes/footer.php";

10
admin_software_template.php
View File

@ -4,7 +4,7 @@
$sort = "software_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -119,7 +119,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_software_template_edit_modal.php";
require "modals/admin_software_template_edit_modal.php";
}
@ -128,13 +128,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_software_template_add_modal.php";
require_once "modals/admin_software_template_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

10
admin_tag.php
View File

@ -4,7 +4,7 @@
$sort = "tag_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -112,7 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_tag_edit_modal.php";
require "modals/admin_tag_edit_modal.php";
}
@ -122,13 +122,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_tag_add_modal.php";
require_once "modals/admin_tag_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

8
admin_tax.php
View File

@ -4,7 +4,7 @@
$sort = "tax_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -78,7 +78,7 @@ $num_rows = mysqli_num_rows($sql);
<?php
require "admin_tax_edit_modal.php";
require "modals/admin_tax_edit_modal.php";
}
@ -96,7 +96,7 @@ $num_rows = mysqli_num_rows($sql);
</div>
<?php
require_once "admin_tax_add_modal.php";
require_once "modals/admin_tax_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

10
admin_ticket_status.php
View File

@ -4,7 +4,7 @@
$sort = "ticket_status_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -114,7 +114,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
if ( $ticket_status_id > 5 ) {
require "admin_ticket_status_edit_modal.php";
require "modals/admin_ticket_status_edit_modal.php";
}
}
@ -123,13 +123,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_ticket_status_add_modal.php";
require_once "modals/admin_ticket_status_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

8
admin_ticket_template.php
View File

@ -4,7 +4,7 @@
$sort = "ticket_template_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -108,12 +108,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_ticket_template_add_modal.php";
require_once "footer.php";
require_once "modals/admin_ticket_template_add_modal.php";
require_once "includes/footer.php";

9
admin_ticket_template_details.php
View File

@ -1,12 +1,13 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
@ -124,7 +125,7 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
</td>
</tr>
<?php
require "task_edit_modal.php";
require "modals/task_edit_modal.php";
}
?>
</table>
@ -139,5 +140,5 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
<?php
require_once "admin_ticket_template_edit_modal.php";
require_once "footer.php";
require_once "modals/admin_ticket_template_edit_modal.php";
require_once "includes/footer.php";

6
admin_update.php
View File

@ -1,7 +1,7 @@
<?php
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
require_once "database_version.php";
require_once "includes/database_version.php";
$updates = fetchUpdates();
@ -84,5 +84,5 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<?php
require_once "footer.php";
require_once "includes/footer.php";

18
admin_user.php
View File

@ -4,7 +4,7 @@
$sort = "user_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -207,9 +207,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_user_edit_modal.php";
require "modals/admin_user_edit_modal.php";
require "admin_user_archive_modal.php";
require "modals/admin_user_archive_modal.php";
}
@ -219,7 +219,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
@ -231,13 +231,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require_once "admin_user_add_modal.php";
require_once "modals/admin_user_add_modal.php";
require_once "admin_user_invite_modal.php";
require_once "modals/admin_user_invite_modal.php";
require_once "admin_user_export_modal.php";
require_once "modals/admin_user_export_modal.php";
require_once "admin_user_all_reset_password_modal.php";
require_once "modals/admin_user_all_reset_password_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

10
admin_vendor_template.php
View File

@ -4,7 +4,7 @@
$sort = "vendor_name";
$order = "ASC";
require_once "inc_all_admin.php";
require_once "includes/inc_all_admin.php";
//Rebuild URL
@ -155,7 +155,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "admin_vendor_template_edit_modal.php";
require "modals/admin_vendor_template_edit_modal.php";
}
@ -164,13 +164,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "admin_vendor_template_add_modal.php";
require_once "modals/admin_vendor_template_add_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

32
ajax.php
View File

@ -7,13 +7,9 @@
*/
require_once "config.php";
require_once "functions.php";
require_once "check_login.php";
require_once "rfc6238.php";
require_once "plugins/totp/totp.php";
/*
* Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
@ -71,7 +67,7 @@ if (isset($_GET['certificate_get_json_details'])) {
* Looks up info for a given domain ID from the database, used to dynamically populate modal fields
*/
if (isset($_GET['domain_get_json_details'])) {
validateTechRole();
enforceUserPermission('module_support');
$domain_id = intval($_GET['domain_id']);
$client_id = intval($_GET['client_id']);
@ -88,6 +84,24 @@ if (isset($_GET['domain_get_json_details'])) {
$response['vendors'][] = $row;
}
// Get domain history
$history_sql = mysqli_query($mysqli, "SELECT * FROM domain_history WHERE domain_history_domain_id = $domain_id");
$history_html = "<table class='table table-sm table-striped border table-hover'>";
$history_html .= "<thead class='thead-dark'><tr><th>Date</th><th>Field</th><th>Before</th><th>After</th></tr></thead><tbody>";
while ($row = mysqli_fetch_array($history_sql)) {
// Fetch data from the query and create table rows
$history_html .= "<tr>";
$history_html .= "<td>" . htmlspecialchars(date('Y-m-d', strtotime($row['domain_history_modified_at']))) . "</td>";
$history_html .= "<td>" . htmlspecialchars($row['domain_history_column']) . "</td>";
$history_html .= "<td>" . htmlspecialchars($row['domain_history_old_value']) . "</td>";
$history_html .= "<td>" . htmlspecialchars($row['domain_history_new_value']) . "</td>";
$history_html .= "</tr>";
}
$history_html .= "</tbody></table>";
// Return the HTML content to JavaScript
$response['history'] = $history_html;
echo json_encode($response);
}
@ -306,10 +320,10 @@ if (isset($_GET['share_generate_link'])) {
// Return URL
if ($item_type == "Login") {
$url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
$url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
}
else {
$url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
$url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key";
}
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
@ -346,7 +360,7 @@ if (isset($_GET['share_generate_link'])) {
]
];
addToMailQueue($mysqli, $data);
addToMailQueue($data);
}

96
base32static.php
View File

@ -1,96 +0,0 @@
<?php
/**
* Encode in Base32 based on RFC 4648.
* Requires 20% more space than base64
* Great for case-insensitive filesystems like Windows and URL's (except for = char which can be excluded using the pad option for urls)
*
* @package default
* @author Bryan Ruiz
**/
class Base32Static {
private static $map = array(
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', // 7
'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', // 15
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', // 23
'Y', 'Z', '2', '3', '4', '5', '6', '7', // 31
'=' // padding character
);
private static $flippedMap = array(
'A'=>'0', 'B'=>'1', 'C'=>'2', 'D'=>'3', 'E'=>'4', 'F'=>'5', 'G'=>'6', 'H'=>'7',
'I'=>'8', 'J'=>'9', 'K'=>'10', 'L'=>'11', 'M'=>'12', 'N'=>'13', 'O'=>'14', 'P'=>'15',
'Q'=>'16', 'R'=>'17', 'S'=>'18', 'T'=>'19', 'U'=>'20', 'V'=>'21', 'W'=>'22', 'X'=>'23',
'Y'=>'24', 'Z'=>'25', '2'=>'26', '3'=>'27', '4'=>'28', '5'=>'29', '6'=>'30', '7'=>'31'
);
/**
* Use padding false when encoding for urls
*
* @return base32 encoded string
* @author Bryan Ruiz
**/
public static function encode($input, $padding = true) {
if (empty($input)) return "";
$input = str_split($input);
$binaryString = "";
for ($i = 0; $i < count($input); $i++) {
$binaryString .= str_pad(base_convert(ord($input[$i]), 10, 2), 8, '0', STR_PAD_LEFT);
}
$fiveBitBinaryArray = str_split($binaryString, 5);
$base32 = "";
$i=0;
while($i < count($fiveBitBinaryArray)) {
$base32 .= self::$map[base_convert(str_pad($fiveBitBinaryArray[$i], 5, '0'), 2, 10)];
$i++;
}
if ($padding && ($x = strlen($binaryString) % 40) != 0) {
if ($x == 8) $base32 .= str_repeat(self::$map[32], 6);
else if ($x == 16) $base32 .= str_repeat(self::$map[32], 4);
else if ($x == 24) $base32 .= str_repeat(self::$map[32], 3);
else if ($x == 32) $base32 .= self::$map[32];
}
return $base32;
}
public static function decode($input) {
if (empty($input)) return;
$paddingCharCount = substr_count($input, self::$map[32]);
$allowedValues = array(6,4,3,1,0);
if (!in_array($paddingCharCount, $allowedValues)) return false;
for ($i=0; $i<4; $i++){
if ($paddingCharCount == $allowedValues[$i] &&
substr($input, -($allowedValues[$i])) != str_repeat(self::$map[32], $allowedValues[$i])) return false;
}
$input = str_replace('=', '', $input);
$input = str_split($input);
$binaryString = "";
for ($i=0; $i < count($input); $i = $i+8) {
$x = "";
if (!in_array($input[$i], self::$map)) return false;
for ($j=0; $j < 8; $j++) {
$x .= str_pad(base_convert(@self::$flippedMap[@$input[$i + $j]], 10, 2), 5, '0', STR_PAD_LEFT);
}
$eightBits = str_split($x, 8);
for ($z = 0; $z < count($eightBits); $z++) {
$binaryString .= (($y = chr(base_convert($eightBits[$z], 2, 10))) || ord($y) == 48) ? $y:"";
}
}
return $binaryString;
}
}

4
blank.php
View File

@ -1,4 +1,4 @@
<?php require_once "inc_all.php"; ?>
<?php require_once "includes/inc_all.php"; ?>
<!-- Breadcrumbs-->
<ol class="breadcrumb">
@ -52,4 +52,4 @@ echo "Current Date and Time: <strong>$date_time</strong>";
<script>toastr.success('Have Fun Wozz!!')</script>
<?php require_once "footer.php";
<?php require_once "includes/footer.php";

4
budget.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all.php";
require_once "includes/inc_all.php";
// Perms
enforceUserPermission('module_financial');
@ -109,5 +109,5 @@ function getBudgetAmount($budgets, $categoryId, $month) {
return 0;
}
require_once "footer.php";
require_once "includes/footer.php";
?>

4
budget_edit.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all.php";
require_once "includes/inc_all.php";
enforceUserPermission('module_financial', 2);
@ -110,5 +110,5 @@ function getBudgetAmount($budgets, $categoryId, $month) {
return 0;
}
require_once "footer.php";
require_once "includes/footer.php";
?>

12
calendar_events.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all.php";
require_once "includes/inc_all.php";
if (isset($_GET['calendar_id'])) {
@ -41,7 +41,7 @@ if (isset($_GET['calendar_id'])) {
<button type="button" class="btn btn-link btn-sm float-right" data-toggle="modal" data-target="#editCalendarModal<?php echo $calendar_id; ?>"><i class="fas fa-fw fa-pencil-alt text-secondary"></i></button>
</div>
<?php
require "calendar_edit_modal.php";
require "modals/calendar_edit_modal.php";
}
?>
</form>
@ -69,9 +69,9 @@ if (isset($_GET['calendar_id'])) {
<?php
require_once "calendar_event_add_modal.php";
require_once "modals/calendar_event_add_modal.php";
require_once "calendar_add_modal.php";
require_once "modals/calendar_add_modal.php";
//loop through IDs and create a modal for each
@ -89,12 +89,12 @@ while ($row = mysqli_fetch_array($sql)) {
$calendar_color = nullable_htmlentities($row['calendar_color']);
$client_id = intval($row['event_client_id']);
require "calendar_event_edit_modal.php";
require "modals/calendar_event_edit_modal.php";
}
?>
<?php require_once "footer.php";
<?php require_once "includes/footer.php";
?>
<script src='plugins/fullcalendar/dist/index.global.js'></script>

134
client/autopay.php Normal file
View File

@ -0,0 +1,134 @@
<?php
/*
* Client Portal
* Auto-pay configuration for PTC/finance contacts
*/
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: post.php?logout");
exit();
}
// Initialize stripe
require_once '../plugins/stripe-php/init.php';
// Get Stripe vars
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
// Get client's StripeID from database
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT * FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
if ($stripe_client_details) {
$stripe_id = sanitizeInput($stripe_client_details['stripe_id']);
$stripe_pm = sanitizeInput($stripe_client_details['stripe_pm']);
}
// Stripe not enabled in settings
if (!$config_stripe_enable || !$config_stripe_publishable || !$config_stripe_secret) {
echo "Stripe payment error - Stripe is not enabled, please talk to your helpdesk for further information.";
include_once 'includes/footer.php';
exit();
}
?>
<h3>AutoPay</h3>
<div class="row">
<div class="col-md-10">
<!-- Setup pt1: Stripe ID not found / auto-payment not configured -->
<?php if (!$stripe_client_details || empty($stripe_id)) { ?>
<b>Save card details</b><br>
In order to set up automatic payments, you must create a customer record in Stripe.<br>
First, you must authorize Stripe to store your card details for the purpose of automatic payment.
<br><br>
<div class="col-5">
<form action="post.php" method="POST">
<div class="form-group">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="consent" name="consent" value="1" required>
<label for="consent" class="custom-control-label">
I grant consent for automatic payments
</label>
</div>
</div>
<div class="form-group">
<button type="submit" class="form-control btn-success" name="create_stripe_customer">Create Stripe Customer Record</button>
</div>
</form>
</div>
<?php }
// Setup pt2: Stripe ID found / payment may be configured -->
elseif (empty($stripe_pm)) { ?>
<b>Save card details</b><br>
Please add the payment details you would like to save.<br>
By adding payment details here, you grant consent for future automatic payments of invoices.<br><br>
<input type="hidden" id="stripe_publishable_key" value="<?php echo $config_stripe_publishable ?>">
<script src="https://js.stripe.com/v3/"></script>
<script src="../js/autopay_setup_stripe.js"></script>
<div id="checkout">
<!-- Checkout will insert the payment form here -->
</div>
<?php }
// Manage the saved card
else { ?>
<b>Manage saved payment methods</b>
<?php
try {
// Initialize
$stripe = new \Stripe\StripeClient($config_stripe_secret);
// Get payment method info (last 4 digits etc)
$payment_method = $stripe->customers->retrievePaymentMethod(
$stripe_id,
$stripe_pm,
[]
);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when fetching payment method info for $stripe_pm: $error");
logApp("Stripe", "error", "Exception when fetching payment method info for $stripe_pm: $error");
}
$card_name = nullable_htmlentities($payment_method->billing_details->name);
$card_brand = nullable_htmlentities($payment_method->card->display_brand);
$card_last4 = nullable_htmlentities($payment_method->card->last4);
$card_expires = nullable_htmlentities($payment_method->card->exp_month) . "/" . nullable_htmlentities($payment_method->card->exp_year);
?>
<ul><li><?php echo "$card_name - $card_brand card ending in $card_last4, expires $card_expires"; ?></li></ul>
<hr>
<b>Actions</b><br>
- <a href="post.php?stripe_remove_pm&pm=<?php echo $stripe_pm; ?>">Remove saved payment method</a>
<?php } ?>
</div>
</div>
<?php
require_once "includes/footer.php";

6
portal/certificates.php → client/certificates.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -58,4 +58,4 @@ $certificates_sql = mysqli_query($mysqli, "SELECT certificate_id, certificate_na
</div>
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

0
portal/check_login.php → client/check_login.php
View File

8
portal/contact_add.php → client/contact_add.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -26,7 +26,7 @@ if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
</ol>
<div class="col-md-6">
<form action="portal_post.php" method="post">
<form action="post.php" method="post">
<!-- Prevent undefined checkbox errors on submit -->
<input type="hidden" name="contact_billing" value="0">
<input type="hidden" name="contact_technical" value="0">
@ -93,4 +93,4 @@ if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

10
portal/contact_edit.php → client/contact_edit.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -39,7 +39,7 @@ if ($row) {
$contact_billing = intval($row['contact_billing']);
$contact_auth_method = nullable_htmlentities($row['user_auth_method']);
} else {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -56,7 +56,7 @@ if ($row) {
</ol>
<div class="col-md-6">
<form action="portal_post.php" method="post">
<form action="post.php" method="post">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<!-- Prevent undefined checkbox errors on submit -->
<input type="hidden" name="contact_billing" value="0">
@ -126,4 +126,4 @@ if ($row) {
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

6
portal/contacts.php → client/contacts.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -77,4 +77,4 @@ $contacts_sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_
</div>
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

9
portal/document.php → client/document.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'; img-src 'self' data:");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -17,6 +17,7 @@ if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
require_once "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
@ -41,7 +42,7 @@ if ($row) {
$document_name = nullable_htmlentities($row['document_name']);
$document_content = $purifier->purify($row['document_content']);
} else {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -67,4 +68,4 @@ if ($row) {
</div>
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

6
portal/documents.php → client/documents.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -61,4 +61,4 @@ $documents_sql = mysqli_query($mysqli, "SELECT document_id, document_name, docum
</div>
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

6
portal/domains.php → client/domains.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -52,4 +52,4 @@ $domains_sql = mysqli_query($mysqli, "SELECT domain_id, domain_name, domain_expi
</div>
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

0
portal/portal_functions.php → client/functions.php
View File

2
portal/portal_footer.php → client/includes/footer.php
View File

@ -21,7 +21,7 @@
</p>
<?php require_once "../inc_confirm_modal.php"; ?>
<?php require_once "../includes/inc_confirm_modal.php"; ?>
<!-- jQuery -->
<script src="../plugins/jquery/jquery.min.js"></script>

45
portal/portal_header.php → client/includes/header.php
View File

@ -27,7 +27,7 @@ header("X-Frame-Options: DENY"); // Legacy
<link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
<!-- Theme style -->
<link rel="stylesheet" href="../dist/css/adminlte.min.css">
<link rel="stylesheet" href="../plugins/adminlte/css/adminlte.min.css">
</head>
@ -50,28 +50,34 @@ header("X-Frame-Options: DENY"); // Legacy
</li>
<?php if (($session_contact_primary == 1 || $session_contact_is_billing_contact) && $config_module_enable_accounting == 1) { ?>
<li class="nav-item">
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "invoices.php") {echo "active";} ?>" href="invoices.php">Invoices</a>
</li>
<li class="nav-item">
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "quotes.php") {echo "active";} ?>" href="quotes.php">Quotes</a>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle <?php echo in_array(basename($_SERVER['PHP_SELF']), ['invoices.php', 'quotes.php', 'autopay.php']) ? 'active' : ''; ?>" href="#" id="navbarDropdown1" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
Finance
</a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown1">
<a class="dropdown-item" href="invoices.php">Invoices</a>
<a class="dropdown-item" href="quotes.php">Quotes</a>
<a class="dropdown-item" href="autopay.php">Auto Payment</a>
</div>
</li>
<?php } ?>
<?php if ($config_module_enable_itdoc && ($session_contact_primary == 1 || $session_contact_is_technical_contact)) { ?>
<li class="nav-item">
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "documents.php") {echo "active";} ?>" href="documents.php">Documents</a>
</li>
<li class="nav-item">
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "contacts.php") {echo "active";} ?>" href="contacts.php">Contacts</a>
</li>
<li class="nav-item">
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "domains.php") {echo "active";} ?>" href="domains.php">Domains</a>
</li>
<li class="nav-item">
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "certificates.php") {echo "active";} ?>" href="certificates.php">Certificates</a>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle <?php echo in_array(basename($_SERVER['PHP_SELF']), ['documents.php', 'contacts.php', 'domains.php', 'certificates.php']) ? 'active' : ''; ?>" href="#" id="navbarDropdown2" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
Technical
</a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown2">
<a class="dropdown-item" href="contacts.php">Contacts</a>
<a class="dropdown-item" href="documents.php">Documents</a>
<a class="dropdown-item" href="domains.php">Domains</a>
<a class="dropdown-item" href="certificates.php">Certificates</a>
<a class="dropdown-item" href="ticket_view_all.php">All tickets</a>
</div>
</li>
<?php } ?>
</ul>
</ul><!-- End left nav -->
<ul class="nav navbar-nav pull-right">
<li class="nav-item dropdown">
@ -81,7 +87,7 @@ header("X-Frame-Options: DENY"); // Legacy
<div class="dropdown-menu">
<a class="dropdown-item" href="profile.php"><i class="fas fa-fw fa-user mr-2"></i>Account</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="portal_post.php?logout"><i class="fas fa-fw fa-sign-out-alt mr-2"></i>Sign out</a>
<a class="dropdown-item" href="post.php?logout"><i class="fas fa-fw fa-sign-out-alt mr-2"></i>Sign out</a>
</div>
</li>
</ul>
@ -100,7 +106,6 @@ header("X-Frame-Options: DENY"); // Legacy
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<?php } else { ?>
<span class="fa-stack fa-2x rounded-left">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>

9
portal/inc_portal.php → client/includes/inc_all.php
View File

@ -5,13 +5,8 @@
*/
require_once '../config.php';
require_once '../get_settings.php';
require_once '../functions.php';
require_once 'check_login.php';
require_once 'portal_functions.php';
require_once "portal_header.php";
require_once 'functions.php';
require_once "header.php";

5
portal/index.php → client/index.php
View File

@ -6,12 +6,11 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
?>
<div class="col-md-2 offset-1">
<a href="ticket_add.php" class="btn btn-primary btn-block">New ticket</a>
</div>
<?php require_once "portal_footer.php"; ?>
<?php require_once "includes/footer.php"; ?>

8
portal/invoices.php → client/invoices.php
View File

@ -6,11 +6,11 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -76,7 +76,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
?>
<tr>
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"?>"> <?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"?>"> <?php echo "$invoice_prefix$invoice_number"; ?></a></td>
<td><?php echo $invoice_scope_display; ?></td>
<td><?php echo numfmt_format_currency($currency_format, $invoice_amount, $session_company_currency); ?></td>
<td><?php echo $invoice_date; ?></td>
@ -99,5 +99,5 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

4
portal/login.php → client/login.php
View File

@ -125,7 +125,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
<link rel="stylesheet" href="../plugins/fontawesome-free/css/all.min.css">
<!-- Theme style -->
<link rel="stylesheet" href="../dist/css/adminlte.min.css">
<link rel="stylesheet" href="../plugins/adminlte/css/adminlte.min.css">
</head>
@ -215,7 +215,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
<script src="../plugins/bootstrap/js/bootstrap.bundle.min.js"></script>
<!-- AdminLTE App -->
<script src="../dist/js/adminlte.min.js"></script>
<script src="../plugins/adminlte/js/adminlte.min.js"></script>
<!-- Prevents resubmit on refresh or back -->
<script src="../js/login_prevent_resubmit.js"></script>

2
portal/login_microsoft.php → client/login_microsoft.php
View File

@ -29,7 +29,7 @@ $settings = mysqli_fetch_array($sql_settings);
$client_id = $settings['config_azure_client_id'];
$client_secret = $settings['config_azure_client_secret'];
$redirect_uri = "https://$config_base_url/portal/login_microsoft.php";
$redirect_uri = "https://$config_base_url/client/login_microsoft.php";
# https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
$auth_code_url = "https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize";

10
portal/login_reset.php → client/login_reset.php
View File

@ -73,7 +73,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$client = intval($row['contact_client_id']);
$token = randomString(156);
$url = "https://$config_base_url/portal/login_reset.php?email=$email&token=$token&client=$client";
$url = "https://$config_base_url/client/login_reset.php?email=$email&token=$token&client=$client";
mysqli_query($mysqli, "UPDATE users SET user_password_reset_token = '$token' WHERE user_id = $user_id LIMIT 1");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Sent a portal password reset e-mail for $email.', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $client");
@ -91,7 +91,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
'body' => $body
]
];
$mail = addToMailQueue($mysqli, $data);
$mail = addToMailQueue($data);
// Error handling
if ($mail !== true) {
@ -147,7 +147,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
]
];
$mail = addToMailQueue($mysqli, $data);
$mail = addToMailQueue($data);
// Error handling
if ($mail !== true) {
@ -193,7 +193,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
<?php } ?>
<!-- Theme style -->
<link rel="stylesheet" href="../dist/css/adminlte.min.css">
<link rel="stylesheet" href="../plugins/adminlte/css/adminlte.min.css">
</head>
@ -294,7 +294,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
<script src="../plugins/bootstrap/js/bootstrap.bundle.min.js"></script>
<!-- AdminLTE App -->
<script src="../dist/js/adminlte.min.js"></script>
<script src="../plugins/adminlte/js/adminlte.min.js"></script>
<!-- Prevents resubmit on refresh or back -->
<script src="../js/login_prevent_resubmit.js"></script>

284
portal/portal_post.php → client/post.php
View File

@ -4,8 +4,11 @@
* Process GET/POST requests
*/
require_once "inc_portal.php";
require_once '../config.php';
require_once '../get_settings.php';
require_once '../functions.php';
require_once 'check_login.php';
require_once 'functions.php';
if (isset($_POST['add_ticket'])) {
@ -34,7 +37,7 @@ if (isset($_POST['add_ticket'])) {
$new_config_ticket_next_number = $config_ticket_next_number + 1;
mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id");
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id");
$ticket_id = mysqli_insert_id($mysqli);
// Notify agent DL of the new ticket, if populated with a valid email
@ -57,7 +60,7 @@ if (isset($_POST['add_ticket'])) {
'body' => $email_body,
]
];
addToMailQueue($mysqli, $data);
addToMailQueue($data);
}
// Custom action/notif handler
@ -122,7 +125,7 @@ if (isset($_POST['add_ticket_comment'])) {
]
];
addToMailQueue($mysqli, $data);
addToMailQueue($data);
}
@ -171,7 +174,7 @@ if (isset($_POST['add_ticket_comment'])) {
} else {
// The client does not have access to this ticket
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
}
@ -200,7 +203,7 @@ if (isset($_POST['add_ticket_feedback'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]);
} else {
// The client does not have access to this ticket
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -327,6 +330,12 @@ if (isset($_POST['edit_profile'])) {
}
if (isset($_POST['add_contact'])) {
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: post.php?logout");
exit();
}
$contact_name = sanitizeInput($_POST['contact_name']);
$contact_email = sanitizeInput($_POST['contact_email']);
$contact_technical = intval($_POST['contact_technical']);
@ -368,6 +377,12 @@ if (isset($_POST['add_contact'])) {
}
if (isset($_POST['edit_contact'])) {
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: post.php?logout");
exit();
}
$contact_id = intval($_POST['contact_id']);
$contact_name = sanitizeInput($_POST['contact_name']);
$contact_email = sanitizeInput($_POST['contact_email']);
@ -413,3 +428,258 @@ if (isset($_POST['edit_contact'])) {
customAction('contact_update', $contact_id);
}
if (isset($_POST['create_stripe_customer'])) {
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: post.php?logout");
exit();
}
// Get Stripe vars
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
if (!$config_stripe_enable) {
header("Location: autopay.php");
exit();
}
// Include stripe SDK
require_once '../plugins/stripe-php/init.php';
// Get client's StripeID from database (should be none)
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT stripe_id FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
if (!$stripe_client_details) {
try {
// Initiate Stripe
$stripe = new \Stripe\StripeClient($config_stripe_secret);
// Create customer
$customer = $stripe->customers->create([
'name' => $session_client_name,
'email' => $session_contact_email,
'metadata' => [
'itflow_client_id' => $session_client_id,
'consent' => $session_contact_name
]
]);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when creating customer record for $session_client_name: $error");
logApp("Stripe", "error", "Exception creating customer $session_client_name: $error");
}
// Get & Store customer ID
$stripe_id = sanitizeInput($customer->id);
mysqli_query($mysqli, "INSERT INTO client_stripe SET client_id = $session_client_id, stripe_id = '$stripe_id'");
// Logging
logAction("Stripe", "Create", "$session_contact_name created Stripe customer for $session_client_name as $stripe_id and authorised future automatic payments", $session_client_id, $session_client_id);
$_SESSION['alert_message'] = "Stripe customer created, thank you for your consent";
} else {
$_SESSION['alert_type'] = "danger";
$_SESSION['alert_message'] = "Stripe customer already exists";
}
header('Location: autopay.php');
}
if (isset($_GET['create_stripe_checkout'])) {
// This page is called by the autopay_setup_stripe.js, it returns a checkout session client secret
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: post.php?logout");
exit();
}
// Get Stripe vars
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
if (!$config_stripe_enable) {
header("Location: autopay.php");
exit();
}
// Client Currency
$client_currency_details = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT client_currency_code FROM clients WHERE client_id = $session_client_id LIMIT 1"));
$client_currency = $client_currency_details['client_currency_code'];
// Define return URL that user is redirected to once payment method is verified by Stripe
$return_url = "https://$config_base_url/client/post.php?stripe_save_card&session_id={CHECKOUT_SESSION_ID}";
try {
// Initialize stripe
require_once '../plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($config_stripe_secret);
// Create checkout session (server side)
$checkout_session = $stripe->checkout->sessions->create([
'currency' => $client_currency,
'mode' => 'setup',
'ui_mode' => 'embedded',
'return_url' => $return_url,
]);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when creating checkout session: $error");
logApp("Stripe", "error", "Exception creating checkout: $error");
}
// Return the client secret to the js script
echo json_encode(array('clientSecret' => $checkout_session->client_secret));
// No redirect & no point logging this
}
if (isset($_GET['stripe_save_card'])) {
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: post.php?logout");
exit();
}
// Get Stripe vars
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
if (!$config_stripe_enable) {
header("Location: autopay.php");
exit();
}
// Get session ID from URL
$checkout_session_id = sanitizeInput($_GET['session_id']);
// Get client's StripeID from database
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT stripe_id FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
$client_stripe_id = sanitizeInput($stripe_client_details['stripe_id']);
try {
// Initialize stripe
require_once '../plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($config_stripe_secret);
// Retrieve checkout session
$checkout_session = $stripe->checkout->sessions->retrieve($checkout_session_id,[]);
// Get setup intent
$setup_intent_id = $checkout_session->setup_intent;
// Retrieve the setup intent details
$setup_intent = $stripe->setupIntents->retrieve($setup_intent_id, []);
// Get the payment method token
$payment_method = sanitizeInput($setup_intent->payment_method);
// Attach the payment method to the client in Stripe
$stripe->paymentMethods->attach($payment_method, ['customer' => $client_stripe_id]);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when adding payment method info: $error");
logApp("Stripe", "error", "Exception adding payment method: $error");
}
// Update ITFlow
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = '$payment_method' WHERE client_id = $session_client_id LIMIT 1");
// Get some card/payment method details for the email/logging
$payment_method_details = $stripe->paymentMethods->retrieve($payment_method);
$card_info = sanitizeInput($payment_method_details->card->display_brand) . " " . sanitizeInput($payment_method_details->card->last4);
// Send email confirmation
// Company Details & Settings
$sql_settings = mysqli_query($mysqli, "SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1");
$row = mysqli_fetch_array($sql_settings);
$company_name = sanitizeInput($row['company_name']);
$config_smtp_host = $row['config_smtp_host'];
$config_smtp_port = intval($row['config_smtp_port']);
$config_smtp_encryption = $row['config_smtp_encryption'];
$config_smtp_username = $row['config_smtp_username'];
$config_smtp_password = $row['config_smtp_password'];
$config_invoice_from_name = sanitizeInput($row['config_invoice_from_name']);
$config_invoice_from_email = sanitizeInput($row['config_invoice_from_email']);
$config_base_url = sanitizeInput($config_base_url);
if (!empty($config_smtp_host)) {
$subject = "Payment method saved";
$body = "Hello $session_contact_name,<br><br>Were writing to confirm that your payment details have been securely stored with Stripe, our trusted payment processor.<br><br>By agreeing to save your payment information, you have authorized us to automatically bill your card ($card_info) for any future invoices. The payment details youve provided are securely stored with Stripe and will be used solely for invoices. We do not have access to your full card details.<br><br>You may update or remove your payment information at any time using the portal.<br><br>Thank you for your business!<br><br>--<br>$company_name - Billing Department<br>$config_invoice_from_email<br>$company_phone";
$data = [
[
'from' => $config_invoice_from_email,
'from_name' => $config_invoice_from_name,
'recipient' => $session_contact_email,
'recipient_name' => $session_contact_name,
'subject' => $subject,
'body' => $body,
]
];
$mail = addToMailQueue($data);
}
// Logging
logAction("Stripe", "Update", "$session_contact_name saved payment method ($card_info) for future automatic payments (PM: $payment_method)", $session_client_id, $session_client_id);
// Redirect
$_SESSION['alert_message'] = "Payment method saved - thank you";
header('Location: autopay.php');
}
if (isset($_GET['stripe_remove_pm'])) {
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: post.php?logout");
exit();
}
// Get Stripe vars
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
if (!$config_stripe_enable) {
header("Location: autopay.php");
exit();
}
$payment_method = sanitizeInput($_GET['pm']);
try {
// Initialize stripe
require_once '../plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($config_stripe_secret);
// Detach PM
$stripe->paymentMethods->detach($payment_method, []);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when removing payment method info for $payment_method: $error");
logApp("Stripe", "error", "Exception removing payment method for $payment_method: $error");
}
// Remove payment method from ITFlow
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = NULL WHERE client_id = $session_client_id LIMIT 1");
// Logging & Redirect
logAction("Stripe", "Update", "$session_contact_name deleted saved Stripe payment method (PM: $payment_method)", $session_client_id, $session_client_id);
$_SESSION['alert_message'] = "Payment method removed";
header('Location: autopay.php');
}

6
portal/profile.php → client/profile.php
View File

@ -6,7 +6,7 @@
header("Content-Security-Policy: default-src 'self'");
require_once 'inc_portal.php';
require_once 'includes/inc_all.php';
?>
@ -30,7 +30,7 @@ require_once 'inc_portal.php';
<hr>
<div class="col-md-6">
<h4>Password</h4>
<form action="portal_post.php" method="post" autocomplete="off">
<form action="post.php" method="post" autocomplete="off">
<div class="form-group">
<label>New Password</label>
<div class="input-group">
@ -46,5 +46,5 @@ require_once 'inc_portal.php';
<?php endif ?>
<?php
require_once 'portal_footer.php';
require_once 'includes/footer.php';

8
portal/quotes.php → client/quotes.php
View File

@ -6,10 +6,10 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -67,7 +67,7 @@ $quotes_sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_client_id
?>
<tr>
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest_view_quote.php?quote_id=<?php echo "$quote_id&url_key=$quote_url_key"?>"> <?php echo "$quote_prefix$quote_number"; ?></a></td>
<td><a target="_blank" href="//<?php echo $config_base_url ?>/guest/guest_view_quote.php?quote_id=<?php echo "$quote_id&url_key=$quote_url_key"?>"> <?php echo "$quote_prefix$quote_number"; ?></a></td>
<td><?php echo $quote_scope_display; ?></td>
<td><?php echo numfmt_format_currency($currency_format, $quote_amount, $session_company_currency); ?></td>
<td><?php echo $quote_date; ?></td>
@ -88,4 +88,4 @@ $quotes_sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_client_id
</div>
<?php
require_once "portal_footer.php";
require_once "includes/footer.php";

15
portal/ticket.php → client/ticket.php
View File

@ -4,12 +4,13 @@
* Ticket detail page
*/
require_once "inc_portal.php";
require_once "includes/inc_all.php";
//Initialize the HTML Purifier to prevent XSS
require "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
@ -90,7 +91,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
Ticket <?php echo $ticket_prefix, $ticket_number ?>
<?php
if (empty($ticket_resolved_at) && $task_count == $completed_task_count) { ?>
<a href="portal_post.php?resolve_ticket=<?php echo $ticket_id; ?>" class="btn btn-sm btn-outline-success float-right text-white confirm-link"><i class="fas fa-fw fa-check text-success"></i> Resolve ticket</a>
<a href="post.php?resolve_ticket=<?php echo $ticket_id; ?>" class="btn btn-sm btn-outline-success float-right text-white confirm-link"><i class="fas fa-fw fa-check text-success"></i> Resolve ticket</a>
<?php } ?>
</h4>
</div>
@ -134,7 +135,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
<?php if (empty($ticket_resolved_at)) { ?>
<!-- Reply -->
<form action="portal_post.php" enctype="multipart/form-data" method="post">
<form action="post.php" enctype="multipart/form-data" method="post">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id ?>">
<div class="form-group">
<textarea class="form-control tinymce" name="comment" placeholder="Add comments.."></textarea>
@ -153,11 +154,11 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
<div class="col-6">
<div class="row">
<div class="col">
<a href="portal_post.php?reopen_ticket=<?php echo $ticket_id; ?>" class="btn btn-secondary btn-lg"><i class="fas fa-fw fa-redo text-white"></i> Reopen ticket</a>
<a href="post.php?reopen_ticket=<?php echo $ticket_id; ?>" class="btn btn-secondary btn-lg"><i class="fas fa-fw fa-redo text-white"></i> Reopen ticket</a>
</div>
<div class="col">
<a href="portal_post.php?close_ticket=<?php echo $ticket_id; ?>" class="btn btn-success btn-lg confirm-link"><i class="fas fa-fw fa-gavel text-white"></i> Close ticket</a>
<a href="post.php?close_ticket=<?php echo $ticket_id; ?>" class="btn btn-success btn-lg confirm-link"><i class="fas fa-fw fa-gavel text-white"></i> Close ticket</a>
</div>
</div>
</div>
@ -167,7 +168,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
<h4>Ticket closed. Please rate your ticket</h4>
<form action="portal_post.php" method="post">
<form action="post.php" method="post">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id ?>">
<button type="submit" class="btn btn-primary btn-lg" name="add_ticket_feedback" value="Good" onclick="this.form.submit()">
@ -281,6 +282,6 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
header("Location: index.php");
}
require_once "portal_footer.php";
require_once "includes/footer.php";

6
portal/ticket_add.php → client/ticket_add.php
View File

@ -4,7 +4,7 @@
* New ticket form
*/
require_once 'inc_portal.php';
require_once 'includes/inc_all.php';
?>
@ -21,7 +21,7 @@ require_once 'inc_portal.php';
<h3>Raise a new ticket</h3>
<div class="col-md-8">
<form action="portal_post.php" method="post">
<form action="post.php" method="post">
<div class="form-group">
<label>Subject <strong class="text-danger">*</strong></label>
@ -58,5 +58,5 @@ require_once 'inc_portal.php';
</div>
<?php
require_once 'portal_footer.php';
require_once 'includes/footer.php';

6
portal/ticket_view_all.php → client/ticket_view_all.php
View File

@ -4,11 +4,11 @@
* Primary contact view: all tickets
*/
require_once 'inc_portal.php';
require_once 'includes/inc_all.php';
if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) {
header("Location: portal_post.php?logout");
header("Location: post.php?logout");
exit();
}
@ -74,5 +74,5 @@ $all_tickets = mysqli_query($mysqli, "SELECT ticket_id, ticket_prefix, ticket_nu
</div>
<?php
require_once 'portal_footer.php';
require_once 'includes/footer.php';

4
portal/tickets.php → client/tickets.php
View File

@ -6,7 +6,7 @@
header("Content-Security-Policy: default-src 'self'");
require_once "inc_portal.php";
require_once "includes/inc_all.php";
// Ticket status from GET
@ -109,5 +109,5 @@ $total_tickets = intval($row['total_tickets']);
</div>
</div>
<?php require_once "portal_footer.php";
<?php require_once "includes/footer.php";
?>

182
client_asset_details.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
if (isset($_GET['asset_id'])) {
@ -66,6 +66,9 @@ if (isset($_GET['asset_id'])) {
$location_name_display = $location_name;
}
// Override Tab Title // No Sanitizing needed as this var will opnly be used in the tab title
$page_title = $row['asset_name'];
// Related Tickets Query
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
LEFT JOIN users on ticket_assigned_to = user_id
@ -92,13 +95,41 @@ if (isset($_GET['asset_id'])) {
$document_count = mysqli_num_rows($sql_related_documents);
// Network Interfaces
$sql_related_interfaces = mysqli_query($mysqli, "SELECT * FROM asset_interfaces
LEFT JOIN assets ON asset_id = interface_asset_id
LEFT JOIN networks ON network_id = interface_network_id
WHERE asset_id = $asset_id
AND interface_archived_at IS NULL
ORDER BY interface_name DESC"
);
$sql_related_interfaces = mysqli_query($mysqli, "
SELECT
ai.interface_id,
ai.interface_name,
ai.interface_mac,
ai.interface_ip,
ai.interface_ipv6,
ai.interface_port,
ai.interface_primary,
ai.interface_notes,
n.network_name,
n.network_id,
connected_interfaces.interface_id AS connected_interface_id,
connected_interfaces.interface_name AS connected_interface_name,
connected_interfaces.interface_port AS connected_interface_port,
connected_assets.asset_name AS connected_asset_name
FROM asset_interfaces AS ai
LEFT JOIN networks AS n
ON n.network_id = ai.interface_network_id
LEFT JOIN asset_interface_links AS ail
ON (ail.interface_a_id = ai.interface_id OR ail.interface_b_id = ai.interface_id)
LEFT JOIN asset_interfaces AS connected_interfaces
ON (
(ail.interface_a_id = ai.interface_id AND ail.interface_b_id = connected_interfaces.interface_id)
OR
(ail.interface_b_id = ai.interface_id AND ail.interface_a_id = connected_interfaces.interface_id)
)
LEFT JOIN assets AS connected_assets
ON connected_assets.asset_id = connected_interfaces.interface_asset_id
WHERE
ai.interface_asset_id = $asset_id
AND ai.interface_archived_at IS NULL
ORDER BY ai.interface_name ASC
");
$interface_count = mysqli_num_rows($sql_related_interfaces);
// Related Files
@ -246,7 +277,7 @@ if (isset($_GET['asset_id'])) {
<textarea class="form-control" rows=6 id="assetNotes" placeholder="Enter quick notes here" onblur="updateAssetNotes(<?php echo $asset_id ?>)"><?php echo $asset_notes ?></textarea>
</div>
<?php require_once "client_asset_edit_modal.php"; ?>
<?php require_once "modals/client_asset_edit_modal.php"; ?>
</div>
@ -317,64 +348,63 @@ if (isset($_GET['asset_id'])) {
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-ethernet mr-2"></i>Network Interfaces</h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-ethernet mr-2"></i><?php echo $asset_name; ?> Network Interfaces</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetInterfaceModal"><i class="fas fa-plus mr-2"></i>New Interface</button>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAssetInterfaceModal">
<i class="fas fa-plus mr-2"></i>New Interface
</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<table class="table table-striped table-borderless table-hover table-sm">
<thead class="<?php if ($interface_count == 0) { echo "d-none"; } ?>">
<tr>
<th>Name</th>
<th>MAC</th>
<th>IP</th>
<th>Port</th>
<th>Connected To</th>
<th class="text-center">Action</th>
</tr>
<tr>
<th>Name</th>
<th>MAC</th>
<th>IP</th>
<th>Port</th>
<th>Network</th>
<th>Connected To</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
<?php while ($row = mysqli_fetch_array($sql_related_interfaces)) { ?>
<?php
$interface_id = intval($row['interface_id']);
$interface_name = nullable_htmlentities($row['interface_name']);
$interface_mac = nullable_htmlentities($row['interface_mac']);
$interface_ip = nullable_htmlentities($row['interface_ip']);
$interface_ipv6 = nullable_htmlentities($row['interface_ipv6']);
$interface_port = nullable_htmlentities($row['interface_port']);
$interface_primary = intval($row['interface_primary']);
$network_id = intval($row['network_id']);
$network_name = nullable_htmlentities($row['network_name']);
$interface_notes = nullable_htmlentities($row['interface_notes']);
while ($row = mysqli_fetch_array($sql_related_interfaces)) {
$interface_id = intval($row['interface_id']);
$interface_name = nullable_htmlentities($row['interface_name']);
$interface_mac = nullable_htmlentities($row['interface_mac']);
if ($interface_mac) {
$interface_mac_display = "$interface_mac";
} else {
$interface_mac_display = "-";
}
$interface_ip = nullable_htmlentities($row['interface_ip']);
if ($interface_ip) {
$interface_ip_display = "$interface_ip";
} else {
$interface_ip_display = "-";
}
$interface_ipv6 = nullable_htmlentities($row['interface_ipv6']);
$interface_port = nullable_htmlentities($row['interface_port']);
if ($interface_port) {
$interface_port_display = "$interface_port";
} else {
$interface_port_display = "-";
}
$interface_primary = intval($row['interface_primary']);
$network_id = intval($row['network_id']);
$network_name = nullable_htmlentities($row['network_name']);
if ($network_name) {
$network_name_display = "<i class='fas fa-fw fa-network-wired mr-2'></i>$network_name";
} else {
$network_name_display = "-";
}
$interface_notes = nullable_htmlentities($row['interface_notes']);
// Prepare display text
$interface_mac_display = $interface_mac ?: '-';
$interface_ip_display = $interface_ip ?: '-';
$interface_port_display = $interface_port ?: '-';
$network_name_display = $network_name
? "<i class='fas fa-fw fa-network-wired mr-1'></i>$network_name $network_id"
: '-';
// Connected interface details
$connected_asset_name = nullable_htmlentities($row['connected_asset_name']);
$connected_interface_port = nullable_htmlentities($row['connected_interface_port']);
// Show either "-" or "AssetName - Port"
if ($connected_asset_name) {
$connected_to_display = "<strong>$connected_asset_name</strong> - $connected_interface_port";
} else {
$connected_to_display = "-";
}
?>
<tr>
<td>
<i class="fa fa-fw fa-ethernet text-secondary mr-2"></i>
<i class="fa fa-fw fa-ethernet text-secondary mr-1"></i>
<a class="text-dark" href="#" data-toggle="modal" data-target="#editAssetInterfaceModal<?php echo $interface_id; ?>">
<?php echo $interface_name; ?>
</a>
@ -383,6 +413,7 @@ if (isset($_GET['asset_id'])) {
<td><?php echo $interface_ip_display; ?></td>
<td><?php echo $interface_port_display; ?></td>
<td><?php echo $network_name_display; ?></td>
<td><?php echo $connected_to_display; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@ -392,29 +423,22 @@ if (isset($_GET['asset_id'])) {
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editAssetInterfaceModal<?php echo $interface_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3 && $interface_primary == 0) { ?>
<?php if ($session_user_role == 3 && $interface_primary == 0): ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_asset_interface=<?php echo $interface_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<a class="dropdown-item text-danger text-bold" href="post.php?delete_asset_interface=<?php echo $interface_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token']; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
<?php endif; ?>
</div>
</div>
</td>
</tr>
<?php
require "client_asset_interface_edit_modal.php";
}
?>
<?php require "modals/client_asset_interface_edit_modal.php"; ?>
<?php } ?>
</tbody>
</table>
</div>
</div>
</div>
@ -532,7 +556,7 @@ if (isset($_GET['asset_id'])) {
<?php
require "client_login_edit_modal.php";
require "modals/client_login_edit_modal.php";
}
@ -746,6 +770,10 @@ if (isset($_GET['asset_id'])) {
data-target="#editRecurringTicketModal" onclick="populateRecurringTicketEditModal(<?php echo $client_id, ',', $scheduled_ticket_id ?>)">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="post.php?force_recurring_ticket=<?php echo $scheduled_ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fa fa-fw fa-paper-plane text-secondary mr-2"></i>Force Reoccur
</a>
<?php
if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
@ -860,13 +888,12 @@ if (isset($_GET['asset_id'])) {
<?php
require_once "share_modal.php";
require_once "modals/share_modal.php";
}
?>
<?php } ?>
<script>
function updateAssetNotes(asset_id) {
var notes = document.getElementById("assetNotes").value;
@ -902,13 +929,8 @@ if (isset($_GET['asset_id'])) {
<?php
require_once "client_asset_interface_add_modal.php";
require_once "ticket_add_modal.php";
require_once "recurring_ticket_add_modal.php";
require_once "recurring_ticket_edit_modal.php";
require_once "footer.php";
require_once "modals/client_asset_interface_add_modal.php";
require_once "modals/ticket_add_modal.php";
require_once "modals/recurring_ticket_add_modal.php";
require_once "modals/recurring_ticket_edit_modal.php";
require_once "includes/footer.php";

102
client_asset_interface_edit_modal.php
View File

@ -1,102 +0,0 @@
<div class="modal" id="editAssetInterfaceModal<?php echo $interface_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-ethernet mr-2"></i>Editing: <?php echo $interface_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="interface_id" value="<?php echo $interface_id; ?>">
<div class="modal-body bg-white" <?php if (lookupUserPermission('module_support') <= 1) { echo 'inert'; } ?>>
<div class="form-group">
<label>Interface Name</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-ethernet"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Interface Name" value="<?php echo $interface_name; ?>" required>
</div>
</div>
<div class="form-group">
<label>MAC Address</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-ethernet"></i></span>
</div>
<input type="text" class="form-control" name="mac" placeholder="MAC Address" value="<?php echo $interface_mac; ?>" data-inputmask="'alias': 'mac'" data-mask>
</div>
</div>
<div class="form-group">
<label>IP</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-ethernet"></i></span>
</div>
<input type="text" class="form-control" name="ip" placeholder="IP Address" value="<?php echo $interface_ip; ?>" data-inputmask="'alias': 'ip'" data-mask>
</div>
</div>
<div class="form-group">
<label>IPv6</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-ethernet"></i></span>
</div>
<input type="text" class="form-control" name="ipv6" placeholder="IPv6 Address" value="<?php echo $interface_ipv6; ?>">
</div>
</div>
<div class="form-group">
<label>Port</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-ethernet"></i></span>
</div>
<input type="text" class="form-control" name="port" placeholder="Interface Port ex. eth0" value="<?php echo $interface_port; ?>">
</div>
</div>
<div class="form-group">
<label>Connected to</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-network-wired"></i></span>
</div>
<select class="form-control select2" name="network">
<option value="">- None -</option>
<?php
$sql_network_select = mysqli_query($mysqli, "SELECT * FROM networks WHERE network_archived_at IS NULL AND network_client_id = $client_id ORDER BY network_name ASC");
while ($row = mysqli_fetch_array($sql_network_select)) {
$network_id_select = $row['network_id'];
$network_name_select = nullable_htmlentities($row['network_name']);
$network_select = nullable_htmlentities($row['network']);
?>
<option <?php if ($network_id == $network_id_select) { echo "selected"; } ?> value="<?php echo $network_id_select; ?>"><?php echo $network_name_select; ?> - <?php echo $network_select; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="5" placeholder="Enter some notes" name="notes"><?php echo $interface_notes; ?></textarea>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<button type="submit" name="edit_asset_interface" class="btn btn-primary"><i class="fa fa-check mr-2"></i>Save</button>
</div>
</form>
</div>
</div>
</div>

34
client_assets.php
View File

@ -4,7 +4,7 @@
$sort = "asset_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_support');
@ -28,11 +28,11 @@ if (isset($_GET['type']) && ($_GET['type']) == 'workstation') {
// Location Filter
if (isset($_GET['location']) & !empty($_GET['location'])) {
$location_query = 'AND (asset_location_id = ' . intval($_GET['location']) . ')';
$location = intval($_GET['location']);
$location_filter = intval($_GET['location']);
} else {
// Default - any
$location_query = '';
$location = '';
$location_filter = '';
}
//Get Asset Counts
@ -159,7 +159,7 @@ if (mysqli_num_rows($os_sql) > 0) {
<div class="col-md-2">
<div class="input-group">
<select class="form-control select2" name="location" onchange="this.form.submit()">
<option value="" <?php if ($location == "") { echo "selected"; } ?>>- All Locations -</option>
<option value="">- All Locations -</option>
<?php
$sql_locations_filter = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL ORDER BY location_name ASC");
@ -167,7 +167,7 @@ if (mysqli_num_rows($os_sql) > 0) {
$location_id = intval($row['location_id']);
$location_name = nullable_htmlentities($row['location_name']);
?>
<option <?php if ($location == $location_id) { echo "selected"; } ?> value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<option <?php if ($location_filter == $location_id) { echo "selected"; } ?> value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<?php
}
?>
@ -596,11 +596,11 @@ if (mysqli_num_rows($os_sql) > 0) {
<?php
require "client_asset_edit_modal.php";
require "modals/client_asset_edit_modal.php";
require "client_asset_copy_modal.php";
require "modals/client_asset_copy_modal.php";
require "client_asset_transfer_modal.php";
require "modals/client_asset_transfer_modal.php";
}
@ -609,25 +609,25 @@ if (mysqli_num_rows($os_sql) > 0) {
</tbody>
</table>
</div>
<?php require_once "client_asset_bulk_assign_location_modal.php"; ?>
<?php require_once "client_asset_bulk_assign_contact_modal.php"; ?>
<?php require_once "client_asset_bulk_edit_status_modal.php"; ?>
<?php require_once "client_asset_bulk_add_ticket_modal.php"; ?>
<?php require_once "modals/client_asset_bulk_assign_location_modal.php"; ?>
<?php require_once "modals/client_asset_bulk_assign_contact_modal.php"; ?>
<?php require_once "modals/client_asset_bulk_edit_status_modal.php"; ?>
<?php require_once "modals/client_asset_bulk_add_ticket_modal.php"; ?>
</form>
<?php require_once "pagination.php"; ?>
<?php require_once "includes/filter_footer.php"; ?>
</div>
</div>
<script src="js/bulk_actions.js"></script>
<?php
require_once "client_asset_add_modal.php";
require_once "modals/client_asset_add_modal.php";
require_once "client_asset_import_modal.php";
require_once "modals/client_asset_import_modal.php";
require_once "client_asset_export_modal.php";
require_once "modals/client_asset_export_modal.php";
require_once "footer.php";
require_once "includes/footer.php";
?>

14
client_certificates.php
View File

@ -4,7 +4,7 @@
$sort = "certificate_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_support');
@ -200,17 +200,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</form>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "client_certificate_edit_modal.php";
require_once "client_certificate_add_modal.php";
require_once "client_certificate_export_modal.php";
require_once "modals/client_certificate_edit_modal.php";
require_once "modals/client_certificate_add_modal.php";
require_once "modals/client_certificate_export_modal.php";
?>
@ -218,5 +216,5 @@ require_once "client_certificate_export_modal.php";
<script src="js/bulk_actions.js"></script>
<script src="js/certificate_fetch_ssl.js"></script>
<?php require_once "footer.php";
<?php require_once "includes/footer.php";
?>

57
client_contact_bulk_email_modal.php
View File

@ -1,57 +0,0 @@
<div class="modal" id="bulkSendEmailModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-envelope-open mr-2"></i>Bulk Send Email</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="form-group">
<select type="text" class="form-control select2" name="mail_from">
<option value="<?php echo nullable_htmlentities($config_mail_from_email); ?>">
<?php echo nullable_htmlentities("$config_mail_from_name - $config_mail_from_email"); ?></option>
<option value="<?php echo nullable_htmlentities($config_invoice_from_email); ?>">
<?php echo nullable_htmlentities("$config_invoice_from_name - $config_invoice_from_email"); ?></option>
<option value="<?php echo nullable_htmlentities($config_quote_from_email); ?>">
<?php echo nullable_htmlentities("$config_quote_from_name - $config_quote_from_email"); ?></option>
<option value="<?php echo nullable_htmlentities($config_ticket_from_email); ?>">
<?php echo nullable_htmlentities("$config_ticket_from_name - $config_ticket_from_email"); ?></option>
</select>
</div>
<div class="form-group">
<input type="text" class="form-control" name="mail_from_name" placeholder="From Name"
value="<?php echo nullable_htmlentities($config_mail_from_name); ?>">
</div>
<div class="form-group">
<input type="text" class="form-control" name="subject" placeholder="Subject">
</div>
<div class="form-group">
<textarea class="form-control tinymce" name="body"
placeholder="Type an email in here"></textarea>
</div>
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="datetime-local" class="form-control" name="queued_at">
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="send_bulk_mail_now" class="btn btn-primary text-bold"><i class="fas fa-paper-plane mr-2"></i>Send</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</div>
</div>
</div>

41
client_contact_details.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
if (isset($_GET['contact_id'])) {
@ -34,6 +34,9 @@ if (isset($_GET['contact_id'])) {
$auth_method = nullable_htmlentities($row['user_auth_method']);
$contact_client_id = intval($row['contact_client_id']);
// Override Tab Title // No Sanitizing needed as this var will opnly be used in the tab title
$page_title = $row['contact_name'];
// Check to see if Contact belongs to client
if($contact_client_id !== $client_id) {
exit();
@ -210,7 +213,7 @@ if (isset($_GET['contact_id'])) {
<?php } ?>
<div class="mt-2"><i class="fa fa-fw fa-clock text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
<?php require_once "client_contact_edit_modal.php";
<?php require_once "modals/client_contact_edit_modal.php";
?>
</div>
@ -414,9 +417,9 @@ if (isset($_GET['contact_id'])) {
<?php
require "client_asset_edit_modal.php";
require "modals/client_asset_edit_modal.php";
require "client_asset_copy_modal.php";
require "modals/client_asset_copy_modal.php";
}
@ -551,7 +554,7 @@ if (isset($_GET['contact_id'])) {
<?php
require "client_login_edit_modal.php";
require "modals/client_login_edit_modal.php";
}
@ -690,6 +693,10 @@ if (isset($_GET['contact_id'])) {
data-target="#editRecurringTicketModal" onclick="populateRecurringTicketEditModal(<?php echo $client_id, ',', $scheduled_ticket_id ?>)">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="post.php?force_recurring_ticket=<?php echo $scheduled_ticket_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fa fa-fw fa-paper-plane text-secondary mr-2"></i>Force Reoccur
</a>
<?php
if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
@ -1063,7 +1070,7 @@ if (isset($_GET['contact_id'])) {
<?php
require_once "share_modal.php";
require_once "modals/share_modal.php";
?>
@ -1125,16 +1132,16 @@ if (isset($_GET['contact_id'])) {
<?php
require_once "client_contact_create_note_modal.php";
require_once "ticket_add_modal.php";
require_once "client_contact_link_asset_modal.php";
require_once "client_contact_link_software_modal.php";
require_once "client_contact_link_credential_modal.php";
require_once "client_contact_link_service_modal.php";
require_once "client_contact_link_document_modal.php";
require_once "client_contact_link_file_modal.php";
require_once "modals/client_contact_create_note_modal.php";
require_once "modals/ticket_add_modal.php";
require_once "modals/client_contact_link_asset_modal.php";
require_once "modals/client_contact_link_software_modal.php";
require_once "modals/client_contact_link_credential_modal.php";
require_once "modals/client_contact_link_service_modal.php";
require_once "modals/client_contact_link_document_modal.php";
require_once "modals/client_contact_link_file_modal.php";
require_once "recurring_ticket_add_modal.php";
require_once "recurring_ticket_edit_modal.php";
require_once "modals/recurring_ticket_add_modal.php";
require_once "modals/recurring_ticket_edit_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

48
client_contacts.php
View File

@ -4,7 +4,7 @@
$sort = "contact_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Tags Filter
if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) {
@ -25,11 +25,11 @@ if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) {
// Location Filter
if (isset($_GET['location']) & !empty($_GET['location'])) {
$location_query = 'AND (contact_location_id = ' . intval($_GET['location']) . ')';
$location = intval($_GET['location']);
$location_filter = intval($_GET['location']);
} else {
// Default - any
$location_query = '';
$location = '';
$location_filter = '';
}
//Rebuild URL
@ -110,7 +110,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-md-2">
<div class="input-group">
<select class="form-control select2" name="location" onchange="this.form.submit()">
<option value="" <?php if ($location == "") { echo "selected"; } ?>>- All Locations -</option>
<option value="">- All Locations -</option>
<?php
$sql_locations_filter = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL ORDER BY location_name ASC");
@ -118,7 +118,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$location_id = intval($row['location_id']);
$location_name = nullable_htmlentities($row['location_name']);
?>
<option <?php if ($location == $location_id) { echo "selected"; } ?> value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<option <?php if ($location_filter == $location_id) { echo "selected"; } ?> value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<?php
}
?>
@ -342,21 +342,19 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<td>
<a class="text-dark" href="client_contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>">
<div class="media">
<?php if (!empty($contact_photo)) { ?>
<?php if ($contact_photo) { ?>
<span class="fa-stack fa-2x mr-3 text-center">
<img class="img-size-50 img-circle" src="<?php echo "uploads/clients/$client_id/$contact_photo"; ?>">
</span>
<?php } else { ?>
<span class="fa-stack fa-2x mr-3">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
</span>
<?php } ?>
<div class="media-body">
<div class="<?php if(!empty($contact_important)) { echo "text-bold"; } ?>"><?php echo $contact_name; ?></div>
<div class="<?php if($contact_important) { echo "text-bold"; } ?>"><?php echo $contact_name; ?></div>
<?php echo $contact_title_display; ?>
<div><?php echo $contact_primary_display; ?></div>
<?php
@ -419,8 +417,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "client_contact_create_note_modal.php";
require "client_contact_edit_modal.php";
require "modals/client_contact_create_note_modal.php";
require "modals/client_contact_edit_modal.php";
}
@ -429,14 +427,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "client_contact_bulk_assign_location_modal.php"; ?>
<?php require_once "client_contact_bulk_edit_phone_modal.php"; ?>
<?php require_once "client_contact_bulk_edit_department_modal.php"; ?>
<?php require_once "client_contact_bulk_edit_role_modal.php"; ?>
<?php require_once "client_contact_bulk_assign_tags_modal.php"; ?>
<?php require_once "client_contact_bulk_email_modal.php"; ?>
<?php require_once "modals/client_contact_bulk_assign_location_modal.php"; ?>
<?php require_once "modals/client_contact_bulk_edit_phone_modal.php"; ?>
<?php require_once "modals/client_contact_bulk_edit_department_modal.php"; ?>
<?php require_once "modals/client_contact_bulk_edit_role_modal.php"; ?>
<?php require_once "modals/client_contact_bulk_assign_tags_modal.php"; ?>
<?php require_once "modals/client_contact_bulk_email_modal.php"; ?>
</form>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
@ -482,12 +480,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require_once "client_contact_add_modal.php";
require_once "client_contact_invite_modal.php";
require_once "client_contact_import_modal.php";
require_once "client_contact_export_modal.php";
require_once "footer.php";
require_once "modals/client_contact_add_modal.php";
require_once "modals/client_contact_invite_modal.php";
require_once "modals/client_contact_import_modal.php";
require_once "modals/client_contact_export_modal.php";
require_once "includes/footer.php";

32
client_document_details.php
View File

@ -1,12 +1,13 @@
<?php
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
@ -37,6 +38,9 @@ $document_folder_id = intval($row['document_folder_id']);
$document_parent = intval($row['document_parent']);
$document_client_visible = intval($row['document_client_visible']);
// Override Tab Title // No Sanitizing needed as this var will opnly be used in the tab title
$page_title = $row['document_name'];
?>
<ol class="breadcrumb d-print-none">
@ -390,22 +394,14 @@ $document_client_visible = intval($row['document_client_visible']);
<?php
require_once "client_document_edit_modal.php";
require_once "client_document_link_file_modal.php";
require_once "client_document_link_contact_modal.php";
require_once "client_document_link_asset_modal.php";
require_once "client_document_link_software_modal.php";
require_once "client_document_link_vendor_modal.php";
require_once "document_edit_visibility_modal.php";
require_once "share_modal.php";
require_once "footer.php";
require_once "modals/client_document_edit_modal.php";
require_once "modals/client_document_link_file_modal.php";
require_once "modals/client_document_link_contact_modal.php";
require_once "modals/client_document_link_asset_modal.php";
require_once "modals/client_document_link_software_modal.php";
require_once "modals/client_document_link_vendor_modal.php";
require_once "modals/document_edit_visibility_modal.php";
require_once "modals/share_modal.php";
require_once "includes/footer.php";
?>

22
client_documents.php
View File

@ -4,7 +4,7 @@
$sort = "document_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_support');
@ -268,7 +268,7 @@ while ($folder_id > 0) {
echo '</div>';
// Include the rename and create subfolder modals
require "folder_rename_modal.php";
require "modals/folder_rename_modal.php";
if ($subfolder_count > 0) {
// Display subfolders
@ -285,7 +285,7 @@ while ($folder_id > 0) {
display_folders(0, $client_id);
?>
</ul>
<?php require_once "folder_create_modal.php"; ?>
<?php require_once "modals/folder_create_modal.php"; ?>
</div>
<div class="col-md-9">
@ -447,9 +447,9 @@ while ($folder_id > 0) {
<?php
require "client_document_move_modal.php";
require "modals/client_document_move_modal.php";
require "client_document_rename_modal.php";
require "modals/client_document_rename_modal.php";
}
@ -460,9 +460,9 @@ while ($folder_id > 0) {
</table>
<br>
</div>
<?php require_once "client_document_bulk_move_modal.php"; ?>
<?php require_once "modals/client_document_bulk_move_modal.php"; ?>
</form>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
@ -472,10 +472,10 @@ while ($folder_id > 0) {
<script src="js/bulk_actions.js"></script>
<?php
require_once "share_modal.php";
require_once "modals/share_modal.php";
require_once "client_document_add_modal.php";
require_once "modals/client_document_add_modal.php";
require_once "client_document_add_from_template_modal.php";
require_once "modals/client_document_add_from_template_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

18
client_domains.php
View File

@ -4,7 +4,7 @@
$sort = "domain_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_support');
@ -154,7 +154,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$domain_expire = nullable_htmlentities($row['domain_expire']);
$domain_expire_ago = timeAgo($domain_expire);
// Convert the expiry date to a timestamp
$domain_expire_timestamp = strtotime($row['domain_expire']);
$domain_expire_timestamp = strtotime($row['domain_expire'] ?? '');
$current_timestamp = time(); // Get current timestamp
// Calculate the difference in days
@ -228,12 +228,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="dropdown-item text-info confirm-link" href="post.php?unarchive_domain=<?php echo $domain_id; ?>">
<i class="fas fa-fw fa-redo mr-2"></i>Unarchive
</a>
<?php if ($config_destructive_deletes_enable) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_domain=<?php echo $domain_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
<?php } else { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_domain=<?php echo $domain_id; ?>">
@ -255,21 +253,19 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</form>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "client_domain_edit_modal.php";
require_once "client_domain_add_modal.php";
require_once "client_domain_export_modal.php";
require_once "modals/client_domain_edit_modal.php";
require_once "modals/client_domain_add_modal.php";
require_once "modals/client_domain_export_modal.php";
?>
<script src="js/domain_edit_modal.js"></script>
<script src="js/bulk_actions.js"></script>
<?php require_once "footer.php";
<?php require_once "includes/footer.php";

10
client_events.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
if (isset($_GET['calendar_id'])) {
@ -21,9 +21,9 @@ if (isset($_GET['calendar_id'])) {
</div>
<?php
include "calendar_event_add_modal.php";
require_once "modals/calendar_event_add_modal.php";
include "calendar_add_modal.php";
require_once "modals/calendar_add_modal.php";
//loop through IDs and create a modal for each
@ -40,7 +40,7 @@ while ($row = mysqli_fetch_array($sql)) {
$calendar_name = nullable_htmlentities($row['calendar_name']);
$calendar_color = nullable_htmlentities($row['calendar_color']);
require "calendar_event_edit_modal.php";
require "modals/calendar_event_edit_modal.php";
}
@ -278,5 +278,5 @@ while ($row = mysqli_fetch_array($sql)) {
</script>
<?php
require "footer.php";
require_once "includes/footer.php";

31
client_files.php
View File

@ -4,7 +4,7 @@
$sort = "file_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Folder
@ -213,7 +213,7 @@ while ($folder_id > 0) {
echo '</div>';
// Include the rename and create subfolder modals
require "folder_rename_modal.php";
require "modals/folder_rename_modal.php";
if ($subfolder_count > 0) {
// Display subfolders
@ -230,7 +230,7 @@ while ($folder_id > 0) {
display_folders(0, $client_id);
?>
</ul>
<?php require_once "folder_create_modal.php"; ?>
<?php require_once "modals/folder_create_modal.php"; ?>
</div>
@ -386,7 +386,7 @@ while ($folder_id > 0) {
</div>
<?php
require "client_file_view_modal.php";
require "modals/client_file_view_modal.php";
}
?>
@ -583,11 +583,9 @@ while ($folder_id > 0) {
</td>
</tr>
<?php
require "client_file_rename_modal.php";
require "client_file_move_modal.php";
require "client_file_link_asset_modal.php";
require "modals/client_file_rename_modal.php";
require "modals/client_file_move_modal.php";
require "modals/client_file_link_asset_modal.php";
}
?>
@ -595,12 +593,12 @@ while ($folder_id > 0) {
</table>
</div>
<?php require_once "client_file_bulk_move_modal.php"; ?>
<?php require_once "modals/client_file_bulk_move_modal.php"; ?>
</form>
<?php } ?>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
@ -634,10 +632,7 @@ function prevFile() {
<script src="js/bulk_actions.js"></script>
<?php
require_once "client_file_upload_modal.php";
require_once "share_modal.php";
require_once "client_file_delete_modal.php";
require_once "footer.php";
require_once "modals/client_file_upload_modal.php";
require_once "modals/share_modal.php";
require_once "modals/client_file_delete_modal.php";
require_once "includes/footer.php";

20
client_invoices.php
View File

@ -4,7 +4,7 @@
$sort = "invoice_number";
$order = "DESC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_sales');
@ -203,9 +203,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "invoice_copy_modal.php";
require "invoice_edit_modal.php";
require "modals/invoice_copy_modal.php";
require "modals/invoice_edit_modal.php";
}
?>
@ -213,16 +212,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "invoice_add_modal.php";
require_once "invoice_payment_add_bulk_modal.php";
require_once "client_invoice_export_modal.php";
require_once "footer.php";
require_once "modals/invoice_add_modal.php";
require_once "modals/invoice_payment_add_bulk_modal.php";
require_once "modals/client_invoice_export_modal.php";
require_once "includes/footer.php";

16
client_locations.php
View File

@ -4,7 +4,7 @@
$sort = "location_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Tags Filter
if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) {
@ -297,7 +297,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php } ?>
</div>
</div>
<?php require "client_location_edit_modal.php";
<?php require "modals/client_location_edit_modal.php";
?>
</td>
</tr>
@ -307,9 +307,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "client_location_bulk_assign_tags_modal.php"; ?>
<?php require_once "modals/client_location_bulk_assign_tags_modal.php"; ?>
</form>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
@ -318,11 +318,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require_once "client_location_add_modal.php";
require_once "modals/client_location_add_modal.php";
require_once "client_location_import_modal.php";
require_once "modals/client_location_import_modal.php";
require_once "client_location_export_modal.php";
require_once "modals/client_location_export_modal.php";
require_once "footer.php";
require_once "includes/footer.php";

32
client_logins.php
View File

@ -4,7 +4,7 @@
$sort = "login_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_credential');
@ -32,12 +32,12 @@ if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) {
if (isset($_GET['location']) & !empty($_GET['location'])) {
$location_query = 'AND (a.asset_location_id = ' . intval($_GET['location']) . ')';
$location_query_innerjoin = 'INNER JOIN assets a on a.asset_id = l.login_asset_id ';
$location = intval($_GET['location']);
$location_filter = intval($_GET['location']);
} else {
// Default - any
$location_query_innerjoin = '';
$location_query = '';
$location = '';
$location_filter = '';
}
@ -106,7 +106,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="col-md-2">
<div class="input-group">
<select class="form-control select2" name="location" onchange="this.form.submit()">
<option value="" <?php if ($location == "") { echo "selected"; } ?>>- All Asset Locations -</option>
<option value="">- All Asset Locations -</option>
<?php
$sql_locations_filter = mysqli_query($mysqli, "SELECT * FROM locations WHERE location_client_id = $client_id AND location_archived_at IS NULL ORDER BY location_name ASC");
@ -114,7 +114,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$location_id = intval($row['location_id']);
$location_name = nullable_htmlentities($row['location_name']);
?>
<option <?php if ($location == $location_id) { echo "selected"; } ?> value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<option <?php if ($location_filter == $location_id) { echo "selected"; } ?> value="<?php echo $location_id; ?>"><?php echo $location_name; ?></option>
<?php
}
?>
@ -396,7 +396,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "client_login_edit_modal.php";
require "modals/client_login_edit_modal.php";
}
?>
@ -404,29 +404,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "client_login_bulk_assign_tags_modal.php"; ?>
<?php require_once "modals/client_login_bulk_assign_tags_modal.php"; ?>
</form>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<!-- Include script to get TOTP code via the login ID -->
<script src="js/logins_show_otp_via_id.js"></script>
<!-- Include script to generate readable passwords for login entries -->
<script src="js/logins_generate_password.js"></script>
<script src="js/bulk_actions.js"></script>
<?php
require_once "client_login_add_modal.php";
require_once "share_modal.php";
require_once "client_login_import_modal.php";
require_once "client_login_export_modal.php";
require_once "footer.php";
require_once "modals/client_login_add_modal.php";
require_once "modals/share_modal.php";
require_once "modals/client_login_import_modal.php";
require_once "modals/client_login_export_modal.php";
require_once "includes/footer.php";

12
client_networks.php
View File

@ -4,7 +4,7 @@
$sort = "network_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_support');
@ -224,18 +224,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</form>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "client_network_edit_modal.php";
require_once "modals/client_network_edit_modal.php";
require_once "client_network_add_modal.php";
require_once "modals/client_network_add_modal.php";
require_once "client_network_export_modal.php";
require_once "modals/client_network_export_modal.php";
?>
@ -244,4 +244,4 @@ require_once "client_network_export_modal.php";
<script src="js/bulk_actions.js"></script>
<?php
require_once "footer.php";
require_once "includes/footer.php";

4
client_overview.php
View File

@ -1,6 +1,6 @@
<?php
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Get expiration days from select box
$expiration_days = isset($_GET['expiration_days']) ? intval($_GET['expiration_days']) : 90;
@ -691,5 +691,5 @@ $sql_asset_retired = mysqli_query(
<?php
require_once "footer.php";
require_once "includes/footer.php";

24
client_payments.php
View File

@ -4,7 +4,7 @@
$sort = "payment_date";
$order = "DESC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_financial');
@ -101,6 +101,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
Account <?php if ($sort == 'account_name') { echo $order_icon; } ?>
</a>
</th>
<th></th>
</tr>
</thead>
<tbody>
@ -114,6 +115,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$invoice_amount = floatval($row['invoice_amount']);
$invoice_currency_code = nullable_htmlentities($row['invoice_currency_code']);
$invoice_date = nullable_htmlentities($row['invoice_date']);
$payment_id = intval($row['payment_id']);
$payment_date = nullable_htmlentities($row['payment_date']);
$payment_method = nullable_htmlentities($row['payment_method']);
$payment_reference = nullable_htmlentities($row['payment_reference']);
@ -137,6 +139,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<td><?php echo $payment_method; ?></td>
<td><?php echo $payment_reference_display; ?></td>
<td><?php echo $account_name; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_payment=<?php echo $payment_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php } ?>
@ -144,13 +158,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "client_payment_export_modal.php";
require_once "footer.php";
require_once "modals/client_payment_export_modal.php";
require_once "includes/footer.php";

18
client_quotes.php
View File

@ -4,7 +4,7 @@
$sort = "quote_number";
$order = "DESC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_sales');
@ -187,7 +187,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require "quote_copy_modal.php";
require "modals/quote_copy_modal.php";
}
@ -196,17 +196,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "pagination.php";
<?php require_once "includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "quote_add_modal.php";
require_once "quote_edit_modal.php";
require_once "client_quote_export_modal.php";
require_once "footer.php";
require_once "modals/quote_add_modal.php";
require_once "modals/quote_edit_modal.php";
require_once "modals/client_quote_export_modal.php";
require_once "includes/footer.php";

192
client_racks.php
View File

@ -4,7 +4,7 @@
$sort = "rack_name";
$order = "ASC";
require_once "inc_all_client.php";
require_once "includes/inc_all_client.php";
// Perms
enforceUserPermission('module_support');
@ -126,14 +126,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="row">
<div class="col-md-6">
<?php if ($rack_photo) { ?>
<img class="img-fluid mb-3" alt="rack_photo" src="<?php echo "uploads/clients/$client_id/$rack_photo"; ?>">
<img class="img-thumbnail mb-3" alt="rack_photo" src="<?php echo "uploads/clients/$client_id/$rack_photo"; ?>">
<?php } ?>
<table class="table table-sm table-borderless">
<table class="table table-sm table-borderless border">
<tbody>
<?php if ($rack_description) { ?>
<tr>
<th>Description</th>
<td><?php echo $rack_description; ?></td>
<th colspan="2">Description</th>
</tr>
<tr>
<td colspan="2"><?php echo $rack_description; ?></td>
</tr>
<?php } ?>
<?php if ($rack_type) { ?>
@ -168,7 +170,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php } ?>
<?php if ($rack_notes) { ?>
<tr>
<th>Notes</th>
<th colspan="2">Notes</th>
</tr>
<tr>
<td><?php echo $rack_notes; ?></td>
</tr>
<?php } ?>
@ -176,61 +180,161 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</table>
</div>
<div class="col-md-6">
<table class="table table-bordered">
<table class="table table-sm border">
<thead class="thead-dark">
<tr>
<th class="text-center px-0">U</th>
<th class="text-center">Device</th>
<th class=""></th>
</tr>
</thead>
<tbody>
<?php
for ($i = $rack_units; $i >= 1; $i--) {
// Keep track of which device_ids we've already printed
$printedDevices = [];
for ($i = $rack_units; $i >= 1; $i--) {
// Find all devices that occupy the current unit $i
$unit_devices = [];
foreach ($rack_units_data as $unit_data) {
if ($i >= $unit_data['unit_start_number'] && $i <= $unit_data['unit_end_number']) {
$start = (int) $unit_data['unit_start_number'];
$end = (int) $unit_data['unit_end_number'];
// If $i is between start and end, device occupies this unit
if ($i >= $start && $i <= $end) {
$unit_devices[] = [
'unit_id' => intval($unit_data['unit_id']),
'device' => nullable_htmlentities($unit_data['unit_device']),
'asset_id' => intval($unit_data['asset_id']),
'asset_name' => nullable_htmlentities($unit_data['asset_name']),
'asset_type' => nullable_htmlentities($unit_data['asset_type']),
'icon' => getAssetIcon($unit_data['asset_type'])
'unit_id' => (int) $unit_data['unit_id'],
'unit_device' => nullable_htmlentities($unit_data['unit_device']),
'unit_start_number'=> $start,
'unit_end_number' => $end,
'asset_id' => (int) $unit_data['asset_id'],
'asset_name' => nullable_htmlentities($unit_data['asset_name']),
'asset_type' => nullable_htmlentities($unit_data['asset_type']),
'icon' => getAssetIcon($unit_data['asset_type'])
];
}
}
?>
<tr>
<td class="px-0 text-center bg-light"><?php echo sprintf('%02d', $i); ?></td>
<td class="text-center">
<?php foreach ($unit_devices as $unit_device) { ?>
<?php echo $unit_device['device']; ?>
<?php if ($unit_device['asset_name']) { ?>
<i class="fa fa-fw fa-<?php echo $unit_device['icon']; ?> mr-1"></i>
<a href="client_asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $unit_device['asset_id']; ?>" target="_blank"><?php echo $unit_device['asset_name']; ?><i class="fas fa-fw fa-external-link-alt ml-1"></i></a>
<!-- Always print the left-hand U #, for reference -->
<td class="px-0 text-center bg-light border">
<?php echo sprintf('%02d', $i); ?>
</td>
<?php
// If there's exactly one device in this row, attempt to rowSpan it.
// (If you can have multiple overlapping devices, you'll need more logic.)
if (count($unit_devices) === 1) {
$d = $unit_devices[0];
$deviceId = $d['unit_id'];
// If not already printed, this is the *first* row of the device
if (!in_array($deviceId, $printedDevices)) {
// Mark it printed so it won't appear in later rows
$printedDevices[] = $deviceId;
// Calculate how many rows (U's) it spans
$span = $d['unit_end_number'] - $d['unit_start_number'] + 1;
if ($span < 1) {
$span = 1; // safety check
}
// Print the device cell and action cell with rowSpan
?>
<td class="text-center align-middle" rowspan="<?php echo $span; ?>">
<!-- DEVICE INFO HERE -->
<?php
echo $d['unit_device'];
if (!empty($d['asset_name'])) {
$icon = $d['icon']; // already from getAssetIcon
?>
<i class="fa fa-<?php echo $icon; ?>"></i>
<a href="client_asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $d['asset_id']; ?>"
target="_blank">
<?php echo $d['asset_name']; ?>
<i class="fas fa-external-link-alt ml-1"></i>
</a>
<?php
}
?>
</td>
<td class="px-0 text-right align-middle" rowspan="<?php echo $span; ?>">
<!-- ACTION ICON / DROPDOWN -->
<div class="dropdown dropleft">
<button class="btn btn-tool" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger text-bold confirm-link"
href="post.php?remove_rack_unit=<?php echo $d['unit_id']; ?>">
<i class="fas fa-fw fa-minus mr-2"></i>Remove
</a>
</div>
</div>
</td>
<?php
} else {
// This device was already spanned from a higher row, so skip printing device cell
// but we still have the left column (U #).
}
} elseif (count($unit_devices) > 1) {
// If your data might have multiple devices in the same row,
// you have to decide how to handle them.
// For now, we can fallback to older logic or display them all in one cell, etc.
?>
<td class="text-center">
<?php foreach ($unit_devices as $d) { ?>
<?php echo $d['unit_device']; ?><br>
<?php // Could also show asset_name, etc. ?>
<?php } ?>
<?php } ?>
</td>
<?php if(!empty($unit_devices)) { ?>
<td class="px-0 text-right">
<div class="dropdown dropleft">
<button class="btn btn-tool" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<?php foreach ($unit_devices as $unit_device) { ?>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?remove_rack_unit=<?php echo $unit_device['unit_id']; ?>">
<i class="fas fa-fw fa-minus mr-2"></i>Remove
</a>
<?php } ?>
</td>
<td class="text-right">
<div class="dropdown dropleft">
<button class="btn btn-tool" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<?php foreach ($unit_devices as $d) { ?>
<a class="dropdown-item text-danger text-bold confirm-link"
href="post.php?remove_rack_unit=<?php echo $d['unit_id']; ?>">
<i class="fas fa-fw fa-minus mr-2"></i>Remove
</a>
<?php } ?>
</div>
</div>
</div>
</td>
<?php } ?>
</td>
<?php
} else {
// No device in this row
?>
<td class="text-center">No device</td>
<td></td>
<?php
}
?>
</tr>
<?php } ?>
<?php
}
?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
<?php require "client_rack_edit_modal.php"; ?>
<?php require "client_rack_unit_add_modal.php"; ?>
<?php require "modals/client_rack_edit_modal.php"; ?>
<?php require "modals/client_rack_unit_add_modal.php"; ?>
<?php } ?>
</div>
@ -241,6 +345,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
require_once "client_rack_add_modal.php";
require_once "footer.php";
require_once "modals/client_rack_add_modal.php";
require_once "includes/footer.php";
?>

Some files were not shown because too many files have changed in this diff Show More