AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Turned caching back on for Ajax Modals Function Fix some PHP Error, update credential vars in assets and contacts

This commit is contained in:
johnnyq 2025-03-14 12:31:18 -04:00
parent 06c31e0808
commit eabfef22be
8 changed files with 52 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ajax/ajax_asset_details.php
View File

@ -50,6 +50,7 @@ $device_icon = getAssetIcon($asset_type);
$contact_name = nullable_htmlentities($row['contact_name']); $contact_name = nullable_htmlentities($row['contact_name']);
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_phone = nullable_htmlentities($row['contact_phone']); $contact_phone = nullable_htmlentities($row['contact_phone']);
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile = nullable_htmlentities($row['contact_mobile']); $contact_mobile = nullable_htmlentities($row['contact_mobile']);
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']); $contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
if ($contact_archived_at) { if ($contact_archived_at) {
@ -155,8 +156,9 @@ $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM recurring_
$recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets); $recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets);
// Related Documents // Related Documents
$sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents $sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents
LEFT JOIN documents ON asset_documents.document_id = documents.document_id LEFT JOIN documents ON asset_documents.document_id = documents.document_id
LEFT JOIN users ON user_id = document_created_by
WHERE asset_documents.asset_id = $asset_id WHERE asset_documents.asset_id = $asset_id
AND document_archived_at IS NULL AND document_archived_at IS NULL
ORDER BY document_name DESC" ORDER BY document_name DESC"
@ -553,12 +555,13 @@ ob_start();
$ticket_number = intval($row['ticket_number']); $ticket_number = intval($row['ticket_number']);
$ticket_subject = nullable_htmlentities($row['ticket_subject']); $ticket_subject = nullable_htmlentities($row['ticket_subject']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_status_id = intval($row['ticket_status_id']);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
if (empty($ticket_updated_at)) { if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") { if ($ticket_status_name == "Closed") {
$ticket_updated_at_display = "<p>Never</p>"; $ticket_updated_at_display = "<p>Never</p>";
} else { } else {
$ticket_updated_at_display = "<p class='text-danger'>Never</p>"; $ticket_updated_at_display = "<p class='text-danger'>Never</p>";
@ -579,7 +582,7 @@ ob_start();
} }
$ticket_assigned_to = intval($row['ticket_assigned_to']); $ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) { if (empty($ticket_assigned_to)) {
if ($ticket_status == 5) { if ($ticket_status_id == 5) {
$ticket_assigned_to_display = "<p>Not Assigned</p>"; $ticket_assigned_to_display = "<p>Not Assigned</p>";
} else { } else {
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>"; $ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";

2
ajax/ajax_contact_details.php
View File

@ -414,7 +414,7 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_credentials)) { while ($row = mysqli_fetch_array($sql_related_credentials)) {
$credential_id = intval($row['logins_credential_id']); $credential_id = intval($row['credentials_credential_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $credential_name = nullable_htmlentities($row['credential_name']);
$credential_description = nullable_htmlentities($row['credential_description']); $credential_description = nullable_htmlentities($row['credential_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $credential_uri = nullable_htmlentities($row['credential_uri']);

5
asset_details.php
View File

@ -1007,12 +1007,13 @@ if (isset($_GET['asset_id'])) {
$ticket_number = intval($row['ticket_number']); $ticket_number = intval($row['ticket_number']);
$ticket_subject = nullable_htmlentities($row['ticket_subject']); $ticket_subject = nullable_htmlentities($row['ticket_subject']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_status_id = intval($row['ticket_status_id']);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
if (empty($ticket_updated_at)) { if (empty($ticket_updated_at)) {
if ($ticket_status == "Closed") { if ($ticket_status_name == "Closed") {
$ticket_updated_at_display = "<p>Never</p>"; $ticket_updated_at_display = "<p>Never</p>";
} else { } else {
$ticket_updated_at_display = "<p class='text-danger'>Never</p>"; $ticket_updated_at_display = "<p class='text-danger'>Never</p>";
@ -1033,7 +1034,7 @@ if (isset($_GET['asset_id'])) {
} }
$ticket_assigned_to = intval($row['ticket_assigned_to']); $ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) { if (empty($ticket_assigned_to)) {
if ($ticket_status == 5) { if ($ticket_status_id == 5) {
$ticket_assigned_to_display = "<p>Not Assigned</p>"; $ticket_assigned_to_display = "<p>Not Assigned</p>";
} else { } else {
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>"; $ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";

2
contact_details.php
View File

@ -468,7 +468,7 @@ if (isset($_GET['contact_id'])) {
<?php <?php
while ($row = mysqli_fetch_array($sql_related_credentials)) { while ($row = mysqli_fetch_array($sql_related_credentials)) {
$credential_id = intval($row['credential_id']); $credential_id = intval($row['credentials_credential_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $credential_name = nullable_htmlentities($row['credential_name']);
$credential_description = nullable_htmlentities($row['credential_description']); $credential_description = nullable_htmlentities($row['credential_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $credential_uri = nullable_htmlentities($row['credential_uri']);

1
js/ajax_modal.js
View File

@ -27,7 +27,6 @@ $(document).on('click', '[data-toggle="ajax-modal"]', function (e) {
method: 'GET', method: 'GET',
data: { id: ajaxId }, data: { id: ajaxId },
dataType: 'json', dataType: 'json',
cache: false, // Prevent caching if necessary
success: function (response) { success: function (response) {
if (response.error) { if (response.error) {
alert(response.error); alert(response.error);

40
post/user/asset.php
View File

@ -39,7 +39,7 @@ if (isset($_POST['add_asset'])) {
} }
// Add Primary Interface // Add Primary Interface
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '1', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id"); mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '01', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
if (!empty($_POST['username'])) { if (!empty($_POST['username'])) {
@ -89,7 +89,7 @@ if (isset($_POST['edit_asset'])) {
if(mysqli_num_rows($sql_interfaces) == 0 ) { if(mysqli_num_rows($sql_interfaces) == 0 ) {
// Add Primary Interface // Add Primary Interface
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '1', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id"); mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = '01', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
} else { } else {
// Update Primary Interface // Update Primary Interface
mysqli_query($mysqli,"UPDATE asset_interfaces SET interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_network_id = $network WHERE interface_asset_id = $asset_id AND interface_primary = 1"); mysqli_query($mysqli,"UPDATE asset_interfaces SET interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_network_id = $network WHERE interface_asset_id = $asset_id AND interface_primary = 1");
@ -592,26 +592,26 @@ if (isset($_POST['link_asset_to_credential'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);
$login_id = intval($_POST['login_id']); $credential_id = intval($_POST['credential_id']);
$asset_id = intval($_POST['asset_id']); $asset_id = intval($_POST['asset_id']);
// Get login Name and Client ID for logging // Get credential Name and Client ID for logging
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id"); $sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
$row = mysqli_fetch_array($sql_login); $row = mysqli_fetch_array($sql_credential);
$login_name = sanitizeInput($row['login_name']); $credential_name = sanitizeInput($row['credential_name']);
$client_id = intval($row['login_client_id']); $client_id = intval($row['credential_client_id']);
// Get Asset Name for logging // Get Asset Name for logging
$sql_asset = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id"); $sql_asset = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id");
$row = mysqli_fetch_array($sql_asset); $row = mysqli_fetch_array($sql_asset);
$asset_name = sanitizeInput($row['asset_name']); $asset_name = sanitizeInput($row['asset_name']);
mysqli_query($mysqli,"UPDATE logins SET login_asset_id = $asset_id WHERE login_id = $login_id"); mysqli_query($mysqli,"UPDATE credentials SET credential_asset_id = $asset_id WHERE credential_id = $credential_id");
// Logging // Logging
logAction("Credential", "Link", "$session_name linked credential $login_name to asset $asset_name", $client_id, $login_id); logAction("Credential", "Link", "$session_name linked credential $credential_name to asset $asset_name", $client_id, $credential_id);
$_SESSION['alert_message'] = "Asset <strong>$asset_name</strong> linked with credential <strong>$login_name</strong>"; $_SESSION['alert_message'] = "Asset <strong>$asset_name</strong> linked with credential <strong>$crdential_name</strong>";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -622,26 +622,26 @@ if (isset($_GET['unlink_credential_from_asset'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);
$asset_id = intval($_GET['asset_id']); $asset_id = intval($_GET['asset_id']);
$login_id = intval($_GET['login_id']); $credential_id = intval($_GET['credential_id']);
// Get login Name and Client ID for logging // Get credential Name and Client ID for logging
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id"); $sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
$row = mysqli_fetch_array($sql_login); $row = mysqli_fetch_array($sql_credential);
$login_name = sanitizeInput($row['login_name']); $credential_name = sanitizeInput($row['credential_name']);
$client_id = intval($row['login_client_id']); $client_id = intval($row['credential_client_id']);
// Get Asset Name for logging // Get Asset Name for logging
$sql_asset = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id"); $sql_asset = mysqli_query($mysqli,"SELECT asset_name FROM assets WHERE asset_id = $asset_id");
$row = mysqli_fetch_array($sql_asset); $row = mysqli_fetch_array($sql_asset);
$asset_name = sanitizeInput($row['asset_name']); $asset_name = sanitizeInput($row['asset_name']);
mysqli_query($mysqli,"UPDATE logins SET login_asset_id = 0 WHERE login_id = $login_id"); mysqli_query($mysqli,"UPDATE credentials SET credential_asset_id = 0 WHERE credential_id = $credential_id");
//Logging //Logging
logAction("Credential", "Unlink", "$session_name unlinked asset $asset_name from credential $login_name", $client_id, $login_id); logAction("Credential", "Unlink", "$session_name unlinked asset $asset_name from credential $credential_name", $client_id, $credential_id);
$_SESSION['alert_type'] = "error"; $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> unlinked from Asset <strong>$asset_name</strong>"; $_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> unlinked from Asset <strong>$asset_name</strong>";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);

40
post/user/contact.php
View File

@ -709,7 +709,7 @@ if (isset($_POST['bulk_delete_contacts'])) {
mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_logins WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_credentials WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id");
// Individual Logging // Individual Logging
@ -914,7 +914,7 @@ if (isset($_GET['delete_contact'])) {
mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_assets WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_documents WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_files WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_logins WHERE contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_credentials WHERE contact_id = $contact_id");
mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id"); mysqli_query($mysqli, "DELETE FROM contact_notes WHERE contact_note_contact_id = $contact_id");
//Logging //Logging
@ -1049,26 +1049,26 @@ if (isset($_POST['link_contact_to_credential'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);
$login_id = intval($_POST['login_id']); $credential_id = intval($_POST['credential_id']);
$contact_id = intval($_POST['contact_id']); $contact_id = intval($_POST['contact_id']);
// Get login Name and Client ID for logging // Get credential Name and Client ID for logging
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id"); $sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
$row = mysqli_fetch_array($sql_login); $row = mysqli_fetch_array($sql_credential);
$login_name = sanitizeInput($row['login_name']); $credential_name = sanitizeInput($row['credential_name']);
$client_id = intval($row['login_client_id']); $client_id = intval($row['credential_client_id']);
// Get Contact Name for logging // Get Contact Name for logging
$sql_contact = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id"); $sql_contact = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id");
$row = mysqli_fetch_array($sql_contact); $row = mysqli_fetch_array($sql_contact);
$contact_name = sanitizeInput($row['contact_name']); $contact_name = sanitizeInput($row['contact_name']);
mysqli_query($mysqli,"UPDATE logins SET login_contact_id = $contact_id WHERE login_id = $login_id"); mysqli_query($mysqli,"UPDATE credentials SET credential_contact_id = $contact_id WHERE credential_id = $credential_id");
// Logging // Logging
logAction("Asset", "Link", "$session_name linked credential $login_name to contact $contact_name", $client_id, $login_id); logAction("Asset", "Link", "$session_name linked credential $credential_name to contact $contact_name", $client_id, $credential_id);
$_SESSION['alert_message'] = "Contact <strong>$contact_name</strong> linked with credential <strong>$login_name</strong>"; $_SESSION['alert_message'] = "Contact <strong>$contact_name</strong> linked with credential <strong>$credential_name</strong>";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -1079,26 +1079,26 @@ if (isset($_GET['unlink_credential_from_contact'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);
$contact_id = intval($_GET['contact_id']); $contact_id = intval($_GET['contact_id']);
$login_id = intval($_GET['login_id']); $credential_id = intval($_GET['credential_id']);
// Get login Name and Client ID for logging // Get credential Name and Client ID for logging
$sql_login = mysqli_query($mysqli,"SELECT login_name, login_client_id FROM logins WHERE login_id = $login_id"); $sql_credential = mysqli_query($mysqli,"SELECT credential_name, credential_client_id FROM credentials WHERE credential_id = $credential_id");
$row = mysqli_fetch_array($sql_login); $row = mysqli_fetch_array($sql_credential);
$login_name = sanitizeInput($row['login_name']); $credential_name = sanitizeInput($row['credential_name']);
$client_id = intval($row['login_client_id']); $client_id = intval($row['credential_client_id']);
// Get Contact Name for logging // Get Contact Name for logging
$sql_contact = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id"); $sql_contact = mysqli_query($mysqli,"SELECT contact_name FROM contacts WHERE contact_id = $contact_id");
$row = mysqli_fetch_array($sql_contact); $row = mysqli_fetch_array($sql_contact);
$contact_name = sanitizeInput($row['contact_name']); $contact_name = sanitizeInput($row['contact_name']);
mysqli_query($mysqli,"UPDATE logins SET login_contact_id = 0 WHERE login_id = $login_id"); mysqli_query($mysqli,"UPDATE credentials SET credential_contact_id = 0 WHERE credential_id = $credential_id");
//Logging //Logging
logAction("Credential", "Unlink", "$session_name unlinked contact $contact_name from credential $login_name", $client_id, $login_id); logAction("Credential", "Unlink", "$session_name unlinked contact $contact_name from credential $credential_name", $client_id, $credential_id);
$_SESSION['alert_type'] = "error"; $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> unlinked from Contact <strong>$contact_name</strong>"; $_SESSION['alert_message'] = "Credential <strong>$credential_name</strong> unlinked from Contact <strong>$contact_name</strong>";
header("Location: " . $_SERVER["HTTP_REFERER"]); header("Location: " . $_SERVER["HTTP_REFERER"]);

1
software.php
View File

@ -175,6 +175,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} else { } else {
$software_expire_display = "<span class='text-muted'>N/A</span>"; $software_expire_display = "<span class='text-muted'>N/A</span>";
$tr_class = '';
} }
$software_created_at = nullable_htmlentities($row['software_created_at']); $software_created_at = nullable_htmlentities($row['software_created_at']);