AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1223 from itflow-org/develop 

25.06 Release
This commit is contained in:
Johnny 2025-06-20 15:34:32 -04:00 committed by GitHub
parent f78a2250f1 5c6a7acb7d
commit ed8a576ac3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
165 changed files with 4727 additions and 4243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
CHANGELOG.md
View File

@ -2,6 +2,43 @@
This file documents all notable changes made to ITFlow.
## [25.06]
### Breaking CHANGES
- Old Document Verions will be deleted due to the major backend rewrite how document versions work.
### Added / Changed
- Improved function for retrieving remote IP address for logging purposes.
- Ticket categories are now sorted alphabetically.
- Visiting a deleted invoice or recurring invoice now redirects to the listing page; delete option added to invoice details page.
- Added "Mark as Sent" and "Make Payment" actions directly on the invoice listing page.
- Introduced Ticket Category UI for recurring tickets.
- In Project Details, bulk actions and sorting are now available for tickets.
- Updated ticket details UI to use full card stacks with edit icons for stackable items (e.g., asset, watchers, contact).
- Added a new setting to toggle AutoStart Timer in ticket details (disabled by default).
- Applied gray accent theme in the client section to visually distinguish from the global view.
- Introduced Ticket Due Date functionality (currently supports add/edit only; more updates coming next release).
- Added settings option to display Company Tax ID on invoices.
- Client overview now displays badge counts for all entities.
- Overhauled UI for Invoice, Quote, and Recurring Invoice details; switched PDF generation to TCPDF PHP from PDFMake JS.
- Document versioning has been moved to a separate backend table to resolve permanent link issues -- SEE Breaking CHANGES.
- Migrated Document Templates, Vendor Templates, and Software/License Templates to dedicated tables.
- Added functionality to mark all tasks in a ticket as complete or incomplete.
- Asset CSV import now supports a purchase date field.
- Recurring Payments have been restructured to auto-charge on the invoice due date instead of at generation time.
- Added "Base Template" label for vendor templates when available.
- Backup and restore processes now use a temporary directory; files are cleaned up automatically if operations fail.
- Added confirmation prompt when accepting or declining a quote.
- Other minor code UI/UX cleanups and refactoring throughout the app.
### Fixed
- Resolved issue with enabling MFA.
- Fixed UI regression where ticket listing columns would misalign.
- Non-billable invoices are no longer included in calculations.
- Addressed multiple minor reported security vulnerabilities.
- Tickets with open tasks are no longer resolved in bulk; a warning is shown along with a count of affected tickets.
## [25.05.1]
### Added / Changed

3
accounts.php
View File

@ -9,9 +9,6 @@ require_once "includes/inc_all.php";
// Perms
enforceUserPermission('module_financial');
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM accounts

4
admin_api.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM api_keys

3
admin_app_log.php
View File

@ -26,9 +26,6 @@ if (isset($_GET['category']) & !empty($_GET['catergory'])) {
$category_filter = '';
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM app_logs

3
admin_audit_log.php
View File

@ -46,9 +46,6 @@ if (isset($_GET['action']) & !empty($_GET['action'])) {
$action_filter = '';
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs

4
admin_category.php
View File

@ -13,10 +13,6 @@ if (isset($_GET['category'])) {
$category = "Expense";
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM categories

4
admin_custom_link.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_links

60
admin_document_template.php
View File

@ -1,27 +1,16 @@
<?php
// Default Column Sort by Filter
$sort = "document_name";
$sort = "document_template_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
// Search query SQL snippet
if (!empty($q)) {
$query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q') OR document_name LIKE '%$q%')";
} else {
$query_snippet = ""; // empty
}
// Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
LEFT JOIN users ON document_created_by = user_id
WHERE document_template = 1
$query_snippet
"SELECT SQL_CALC_FOUND_ROWS * FROM document_templates
LEFT JOIN users ON document_template_created_by = user_id
WHERE user_name LIKE '%$q%' OR document_template_name LIKE '%$q%'
ORDER BY $sort $order LIMIT $record_from, $record_to"
);
@ -55,18 +44,18 @@
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">
Template Name <?php if ($sort == 'document_name') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_name&order=<?php echo $disp; ?>">
Template Name <?php if ($sort == 'document_template_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'document_created_at') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'document_template_created_at') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">
Updated <?php if ($sort == 'document_updated_at') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_updated_at&order=<?php echo $disp; ?>">
Updated <?php if ($sort == 'document_template_updated_at') { echo $order_icon; } ?>
</a>
</th>
<th class="text-center">
@ -78,27 +67,26 @@
<?php
while ($row = mysqli_fetch_array($sql)) {
$document_id = intval($row['document_id']);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']);
$document_created_by_name = nullable_htmlentities($row['user_name']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
$document_template_id = intval($row['document_template_id']);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']);
$document_template_created_by_name = nullable_htmlentities($row['user_name']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
?>
<tr>
<td>
<a class="text-bold" href="admin_document_template_details.php?document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_name; ?></a>
<div class="mt-1 text-secondary"><?php echo $document_description; ?></div>
<a class="text-bold" href="admin_document_template_details.php?document_template_id=<?php echo $document_template_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_template_name; ?></a>
<div class="mt-1 text-secondary"><?php echo $document_template_description; ?></div>
</td>
<td>
<?php echo $document_created_at; ?>
<div class="text-secondary"><?php echo $document_created_by_name; ?></div>
<?php echo $document_template_created_at; ?>
<div class="text-secondary"><?php echo $document_template_created_by_name; ?></div>
</td>
<td><?php echo $document_updated_at; ?></td>
<td><?php echo $document_template_updated_at; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@ -109,12 +97,12 @@
data-toggle="ajax-modal"
data-modal-size="xl"
data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_id; ?>"
data-ajax-id="<?php echo $document_template_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document_template=<?php echo $document_template_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>

24
admin_document_template_details.php
View File

@ -11,19 +11,19 @@ $purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['document_id'])) {
$document_id = intval($_GET['document_id']);
if (isset($_GET['document_template_id'])) {
$document_template_id = intval($_GET['document_template_id']);
}
$sql_document = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id");
$sql_document = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id");
$row = mysqli_fetch_array($sql_document);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = $purifier->purify($row['document_content']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = $purifier->purify($row['document_template_content']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
?>
@ -37,27 +37,27 @@ $document_updated_at = nullable_htmlentities($row['document_updated_at']);
<li class="breadcrumb-item">
<a href="admin_document_template.php">Document Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_name; ?></li>
<li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_template_name; ?></li>
</ol>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_name; ?></h3>
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_template_name; ?></h3>
<div class="card-tools">
<button type="button" class="btn btn-primary"
data-toggle="ajax-modal"
data-modal-size="xl"
data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_id; ?>"
data-ajax-id="<?php echo $document_template_id; ?>"
>
<i class="fas fa-edit mr-2"></i>Edit
</button>
</div>
</div>
<div class="card-body prettyContent">
<?php echo $document_content; ?>
<?php echo $document_template_content; ?>
</div>
</div>

3
admin_mail_queue.php
View File

@ -6,9 +6,6 @@ $order = "DESC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM email_queue

4
admin_project_template.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM project_templates

4
admin_role.php
View File

@ -6,10 +6,6 @@ $order = "DESC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM user_roles

11
admin_settings_company.php
View File

@ -19,6 +19,7 @@ $company_website = nullable_htmlentities($row['company_website']);
$company_logo = nullable_htmlentities($row['company_logo']);
$company_locale = nullable_htmlentities($row['company_locale']);
$company_currency = nullable_htmlentities($row['company_currency']);
$company_tax_id = nullable_htmlentities($row['company_tax_id']);
$company_initials = nullable_htmlentities(initials($company_name));
@ -146,6 +147,16 @@ $company_initials = nullable_htmlentities(initials($company_name));
</div>
</div>
<div class="form-group">
<label>Tax ID</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<input type="text" class="form-control" name="tax_id" value="<?php echo $company_tax_id; ?>" placeholder="Tax ID" maxlength="200">
</div>
</div>
<hr>
<button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>

3
admin_settings_custom_fields.php
View File

@ -13,9 +13,6 @@ if (isset($_GET['table'])) {
$table = "client_assets";
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_fields

15
admin_settings_invoice.php
View File

@ -37,12 +37,21 @@ require_once "includes/inc_all_admin.php";
<textarea class="form-control" rows="4" name="config_invoice_footer"><?php echo nullable_htmlentities($config_invoice_footer); ?></textarea>
</div>
<h5>Show Tax ID On Invoices</h5>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_invoice_show_tax_id" <?php if ($config_invoice_show_tax_id == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
<label class="custom-control-label" for="customSwitch1">Show Tax ID</label>
</div>
</div>
<h5>Invoice Late Fees</h5>
<div class="form-group">
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_invoice_late_fee_enable" <?php if ($config_invoice_late_fee_enable == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
<label class="custom-control-label" for="customSwitch1">Enable Late Fee</label>
<input type="checkbox" class="custom-control-input" name="config_invoice_late_fee_enable" <?php if ($config_invoice_late_fee_enable == 1) { echo "checked"; } ?> value="1" id="customSwitch2">
<label class="custom-control-label" for="customSwitch2">Enable Late Fee</label>
</div>
</div>

2
admin_settings_online_payment.php
View File

@ -76,7 +76,7 @@ require_once "includes/inc_all_admin.php";
<option value="">- Do not expense Stripe fees -</option>
<?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);

7
admin_settings_ticket.php
View File

@ -53,6 +53,13 @@ require_once "includes/inc_all_admin.php";
</div>
<?php } ?>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_timer_autostart" <?php if ($config_ticket_timer_autostart == 1) { echo "checked"; } ?> value="1" id="ticketTimerSwitch">
<label class="custom-control-label" for="ticketTimerSwitch">Autostart Ticket Timer <small class="text-secondary">(This option will control if the timer starts automatically or manually)</small></label>
</div>
</div>
<div class="form-group">
<label>Number of hours to auto close resolved tickets</label>
<div class="input-group">

51
admin_software_template.php
View File

@ -1,20 +1,15 @@
<?php
// Default Column Sortby Filter
$sort = "software_name";
$sort = "software_template_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM software
WHERE software_template = 1
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%')
"SELECT SQL_CALC_FOUND_ROWS * FROM software_templates
WHERE software_template_name LIKE '%$q%' OR software_template_type LIKE '%$q%'
ORDER BY $sort $order LIMIT $record_from, $record_to"
);
@ -53,18 +48,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
<tr>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_name&order=<?php echo $disp; ?>">
Template <?php if ($sort == 'software_name') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_name&order=<?php echo $disp; ?>">
Template <?php if ($sort == 'software_template_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_type&order=<?php echo $disp; ?>">
Type <?php if ($sort == 'software_type') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_type&order=<?php echo $disp; ?>">
Type <?php if ($sort == 'software_template_type') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_license_type&order=<?php echo $disp; ?>">
License Type <?php if ($sort == 'software_license_type') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_license_type&order=<?php echo $disp; ?>">
License Type <?php if ($sort == 'software_template_license_type') { echo $order_icon; } ?>
</a>
</th>
<th class="text-center">Action</th>
@ -74,41 +69,41 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
while($row = mysqli_fetch_array($sql)){
$software_id = intval($row['software_id']);
$software_name = nullable_htmlentities($row['software_name']);
$software_version = nullable_htmlentities($row['software_version']);
$software_description = nullable_htmlentities($row['software_description']);
$software_type = nullable_htmlentities($row['software_type']);
$software_license_type = nullable_htmlentities($row['software_license_type']);
$software_notes = nullable_htmlentities($row['software_notes']);
$software_template_id = intval($row['software_template_id']);
$software_template_name = nullable_htmlentities($row['software_template_name']);
$software_template_version = nullable_htmlentities($row['software_template_version']);
$software_template_description = nullable_htmlentities($row['software_template_description']);
$software_template_type = nullable_htmlentities($row['software_template_type']);
$software_template_license_type = nullable_htmlentities($row['software_template_license_type']);
$software_template_notes = nullable_htmlentities($row['software_template_notes']);
?>
<tr>
<td>
<a class="text-dark" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_id; ?>">
<a class="text-dark" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_template_id; ?>">
<div class="media">
<i class="fa fa-fw fa-2x fa-cube mr-3"></i>
<div class="media-body">
<div><?php echo "$software_name <span>$software_version</span>"; ?></div>
<div><small class="text-secondary"><?php echo $software_description; ?></small></div>
<div><?php echo "$software_template_name <span>$software_template_version</span>"; ?></div>
<div><small class="text-secondary"><?php echo $software_template_description; ?></small></div>
</div>
</div>
</a>
</td>
<td><?php echo $software_type; ?></td>
<td><?php echo $software_license_type; ?></td>
<td><?php echo $software_template_type; ?></td>
<td><?php echo $software_template_license_type; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_id; ?>">
<a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_template_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_software=<?php echo $software_id; ?>">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_software_template=<?php echo $software_template_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>

4
admin_tag.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM tags

4
admin_tax.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT * FROM taxes

4
admin_ticket_status.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM ticket_statuses

4
admin_ticket_template.php
View File

@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM ticket_templates

86
admin_vendor_template.php
View File

@ -1,20 +1,15 @@
<?php
// Default Column Sortby Filter
$sort = "vendor_name";
$sort = "vendor_template_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_template = 1
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sort $order LIMIT $record_from, $record_to"
"SELECT SQL_CALC_FOUND_ROWS * FROM vendor_templates
WHERE vendor_template_name LIKE '%$q%' OR vendor_template_description LIKE '%$q%' OR vendor_template_account_number LIKE '%$q%' OR vendor_template_website LIKE '%$q%' OR vendor_template_contact_name LIKE '%$q%' OR vendor_template_email LIKE '%$q%' OR vendor_template_phone LIKE '%$phone_query%' ORDER BY $sort $order LIMIT $record_from, $record_to"
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@ -53,13 +48,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">
Vendor <?php if ($sort == 'vendor_name') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_template_name&order=<?php echo $disp; ?>">
Vendor <?php if ($sort == 'vendor_template_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'vendor_description') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_template_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'vendor_template_description') { echo $order_icon; } ?>
</a>
</th>
<th>Contact</th>
@ -70,30 +65,29 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_description = nullable_htmlentities($row['vendor_description']);
if (empty($vendor_description)) {
$vendor_description_display = "-";
$vendor_template_id = intval($row['vendor_template_id']);
$vendor_template_name = nullable_htmlentities($row['vendor_template_name']);
$vendor_template_description = nullable_htmlentities($row['vendor_template_description']);
if (empty($vendor_template_description)) {
$vendor_template_description_display = "-";
} else {
$vendor_description_display = $vendor_description;
$vendor_template_description_display = $vendor_template_description;
}
$vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
if (empty($vendor_contact_name)) {
$vendor_contact_name_display = "-";
$vendor_template_account_number = nullable_htmlentities($row['vendor_template_account_number']);
$vendor_template_contact_name = nullable_htmlentities($row['vendor_template_contact_name']);
if (empty($vendor_template_contact_name)) {
$vendor_template_contact_name_display = "-";
} else {
$vendor_contact_name_display = $vendor_contact_name;
$vendor_template_contact_name_display = $vendor_template_contact_name;
}
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_website = nullable_htmlentities($row['vendor_website']);
$vendor_hours = nullable_htmlentities($row['vendor_hours']);
$vendor_sla = nullable_htmlentities($row['vendor_sla']);
$vendor_code = nullable_htmlentities($row['vendor_code']);
$vendor_notes = nullable_htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
$vendor_template_phone = formatPhoneNumber($row['vendor_template_phone']);
$vendor_template_extension = nullable_htmlentities($row['vendor_template_extension']);
$vendor_template_email = nullable_htmlentities($row['vendor_template_email']);
$vendor_template_website = nullable_htmlentities($row['vendor_template_website']);
$vendor_template_hours = nullable_htmlentities($row['vendor_template_hours']);
$vendor_template_sla = nullable_htmlentities($row['vendor_template_sla']);
$vendor_template_code = nullable_htmlentities($row['vendor_template_code']);
$vendor_template_notes = nullable_htmlentities($row['vendor_template_notes']);
?>
<tr>
@ -101,38 +95,38 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="text-dark" href="#"
data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_vendor_template_edit.php"
data-ajax-id="<?php echo $vendor_id; ?>"
data-ajax-id="<?php echo $vendor_template_id; ?>"
>
<i class="fa fa-fw fa-building text-secondary mr-2"></i><?php echo $vendor_name; ?>
<i class="fa fa-fw fa-building text-secondary mr-2"></i><?php echo $vendor_template_name; ?>
</a>
<?php
if (!empty($vendor_account_number)) {
if (!empty($vendor_template_account_number)) {
?>
<br>
<small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<small class="text-secondary"><?php echo $vendor_template_account_number; ?></small>
<?php
}
?>
</th>
<td><?php echo $vendor_description_display; ?></td>
<td><?php echo $vendor_template_description_display; ?></td>
<td>
<?php
if (!empty($vendor_contact_name)) {
if (!empty($vendor_template_contact_name)) {
?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_template_contact_name_display; ?>
<br>
<?php
} else {
echo $vendor_contact_name_display;
echo $vendor_template_contact_name_display;
}
if (!empty($vendor_phone)) { ?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
if (!empty($vendor_template_phone)) { ?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_template_phone; ?>
<br>
<?php }
if (!empty($vendor_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
if (!empty($vendor_template_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_template_email; ?>
<br>
<?php } ?>
@ -146,13 +140,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="dropdown-item" href="#"
data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_vendor_template_edit.php"
data-ajax-id="<?php echo $vendor_id; ?>"
data-ajax-id="<?php echo $vendor_template_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_template_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>

2
ajax/ajax_asset_copy.php
View File

@ -341,7 +341,7 @@ ob_start();
<option value="">- Select Vendor -</option>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);

38
ajax/ajax_asset_details.php
View File

@ -24,8 +24,8 @@ $asset_make = nullable_htmlentities($row['asset_make']);
$asset_model = nullable_htmlentities($row['asset_model']);
$asset_serial = nullable_htmlentities($row['asset_serial']);
$asset_os = nullable_htmlentities($row['asset_os']);
$asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
$asset_uri = sanitize_url($row['asset_uri']);
$asset_uri_2 = sanitize_url($row['asset_uri_2']);
$asset_status = nullable_htmlentities($row['asset_status']);
$asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']);
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
@ -262,25 +262,25 @@ ob_start();
</div>
<div class="card-body">
<?php if ($asset_type) { ?>
<div><i class="fa fa-fw fa-tag text-secondary mr-3"></i><?php echo $asset_type; ?></div>
<div><i class="fa fa-fw fa-tag text-secondary mr-2"></i><?php echo $asset_type; ?></div>
<?php }
if ($asset_make) { ?>
<div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-3"></i><?php echo "$asset_make $asset_model"; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-2"></i><?php echo "$asset_make $asset_model"; ?></div>
<?php }
if ($asset_os) { ?>
<div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-3"></i><?php echo "$asset_os"; ?></div>
<div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-2"></i><?php echo "$asset_os"; ?></div>
<?php }
if ($asset_serial) { ?>
<div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-3"></i><?php echo $asset_serial; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-2"></i><?php echo $asset_serial; ?></div>
<?php }
if ($asset_purchase_date) { ?>
<div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_purchase_date)); ?></div>
<div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_purchase_date)); ?></div>
<?php }
if ($asset_install_date) { ?>
<div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_install_date)); ?></div>
<div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_install_date)); ?></div>
<?php }
if ($asset_warranty_expire) { ?>
<div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_warranty_expire)); ?></div>
<div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_warranty_expire)); ?></div>
<?php } ?>
</div>
</div>
@ -291,19 +291,19 @@ ob_start();
</div>
<div class="card-body">
<?php if ($asset_ip) { ?>
<div><i class="fa fa-fw fa-globe text-secondary mr-3"></i><?php echo $asset_ip; ?></div>
<div><i class="fa fa-fw fa-globe text-secondary mr-2"></i><?php echo $asset_ip; ?></div>
<?php } ?>
<?php if ($asset_nat_ip) { ?>
<div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-3"></i><?php echo $asset_nat_ip; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-2"></i><?php echo $asset_nat_ip; ?></div>
<?php }
if ($asset_mac) { ?>
<div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-3"></i><?php echo $asset_mac; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-2"></i><?php echo $asset_mac; ?></div>
<?php }
if ($asset_uri) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri; ?>" target="_blank">Link</a></div>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri; ?>" target="_blank" title="<?php echo $asset_uri; ?>"><?php echo truncate($asset_uri, 20); ?></a></div>
<?php }
if ($asset_uri_2) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank">Link 2</a></div>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank" title="<?php echo $asset_uri_2; ?>"><?php echo truncate($asset_uri_2, 20); ?></a></div>
<?php } ?>
</div>
</div>
@ -315,19 +315,19 @@ ob_start();
</div>
<div class="card-body">
<?php if ($location_name) { ?>
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name_display; ?></div>
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name_display; ?></div>
<?php }
if ($contact_name) { ?>
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-3"></i><?php echo $contact_name_display; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-2"></i><?php echo $contact_name_display; ?></div>
<?php }
if ($contact_email) { ?>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php }
if ($contact_phone) { ?>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
<?php }
if ($contact_mobile) { ?>
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_mobile); ?></div>
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_mobile); ?></div>
<?php } ?>
</div>

1
ajax/ajax_contact_details.php
View File

@ -125,7 +125,6 @@ $sql_linked_documents = mysqli_query($mysqli, "SELECT * FROM contact_documents,
LEFT JOIN users ON document_created_by = user_id
WHERE contact_documents.contact_id = $contact_id
AND contact_documents.document_id = documents.document_id
AND document_template = 0
AND document_archived_at IS NULL
ORDER BY document_name ASC"
);

6
ajax/ajax_credential_edit.php
View File

@ -12,6 +12,8 @@ $credential_name = nullable_htmlentities($row['credential_name']);
$credential_description = nullable_htmlentities($row['credential_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']);
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']);
$credential_uri_link = sanitize_url($row['credential_uri']);
$credential_uri_2_link = sanitize_url($row['credential_uri_2']);
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username']));
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']);
@ -137,7 +139,7 @@ ob_start();
<input type="text" class="form-control" name="uri" placeholder="ex. http://192.168.1.1" maxlength="500" value="<?php echo $credential_uri; ?>">
<div class="input-group-append">
<a href="<?php echo $credential_uri; ?>" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
<a href="<?php echo $credential_uri_link; ?>" target="_blank" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
</div>
<div class="input-group-append">
<button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $credential_uri; ?>"><i class="fa fa-fw fa-copy"></i></button>
@ -153,7 +155,7 @@ ob_start();
</div>
<input type="text" class="form-control" name="uri_2" placeholder="ex. https://server.company.com:5001" maxlength="500" value="<?php echo $credential_uri_2; ?>">
<div class="input-group-append">
<a href="<?php echo $credential_uri_2; ?>" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
<a href="<?php echo $credential_uri_2_link; ?>" target="_blank" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
</div>
<div class="input-group-append">
<button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $credential_uri_2; ?>"><i class="fa fa-fw fa-copy"></i></button>

9
ajax/ajax_document_edit.php
View File

@ -10,12 +10,7 @@ $row = mysqli_fetch_array($sql);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']);
$document_created_by_id = intval($row['document_created_by']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_archived_at = nullable_htmlentities($row['document_archived_at']);
$document_folder_id = intval($row['document_folder_id']);
$document_parent = intval($row['document_parent']);
$document_client_visible = intval($row['document_client_visible']);
$client_id = intval($row['document_client_id']);
@ -30,10 +25,8 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php if($document_parent == 0){ echo $document_id; } else { echo $document_parent; } ?>">
<input type="hidden" name="document_parent" value="<?php echo $document_parent; ?>">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="created_by" value="<?php echo $document_created_by_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">

20
ajax/ajax_document_template_edit.php
View File

@ -2,38 +2,38 @@
require_once '../includes/ajax_header.php';
$document_id = intval($_GET['id']);
$document_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1");
$sql = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_name; ?></strong></h5>
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_template_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<input type="hidden" name="document_template_id" value="<?php echo $document_template_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_name; ?>" placeholder="Name" required>
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_template_name; ?>" placeholder="Name" required>
</div>
<div class="form-group">
<textarea class="form-control tinymce" name="content"><?php echo $document_content; ?></textarea>
<textarea class="form-control tinymce" name="content"><?php echo $document_template_content; ?></textarea>
</div>
<div class="form-group">
<input type="text" class="form-control" name="description" value="<?php echo $document_description; ?>" placeholder="Short summary">
<input type="text" class="form-control" name="description" value="<?php echo $document_template_description; ?>" placeholder="Short summary">
</div>
</div>

39
ajax/ajax_document_version_view.php Normal file
View File

@ -0,0 +1,39 @@
<?php
require_once '../includes/ajax_header.php';
// Initialize the HTML Purifier to prevent XSS
require_once "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
$document_version_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM document_versions WHERE document_version_id = $document_version_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$document_version_name = nullable_htmlentities($row['document_version_name']);
$document_version_content = $purifier->purify($row['document_version_content']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title text-white"><i class="fa fa-fw fa-file-alt mr-2"></i><?php echo $document_version_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white prettyContent">
<?php echo $document_version_content; ?>
</div>
<script src="../js/pretty_content.js"></script>
<?php
require_once "../includes/ajax_footer.php";

3
ajax/ajax_document_view.php
View File

@ -33,5 +33,8 @@ ob_start();
<?php echo $document_content; ?>
</div>
<script src="../js/pretty_content.js"></script>
<?php
require_once "../includes/ajax_footer.php";

2
ajax/ajax_expense_copy.php
View File

@ -105,7 +105,7 @@ ob_start();
<select class="form-control select2" name="vendor" required>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);

2
ajax/ajax_expense_edit.php
View File

@ -119,7 +119,7 @@ ob_start();
<select class="form-control select2" name="vendor" required>
<?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);

182
ajax/ajax_invoice_pay.php Normal file
View File

@ -0,0 +1,182 @@
<?php
require_once '../includes/ajax_header.php';
$invoice_id = intval($_GET['id']);
$sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON client_id = contact_client_id AND contact_primary = 1
WHERE invoice_id = $invoice_id
LIMIT 1"
);
$row = mysqli_fetch_array($sql);
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
$invoice_number = intval($row['invoice_number']);
$invoice_amount = floatval($row['invoice_amount']);
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$client_currency_code = nullable_htmlentities($row['client_currency_code']);
$contact_name = nullable_htmlentities($row['contact_name']);
$contact_email = nullable_htmlentities($row['contact_email']);
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
$row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = floatval($row['amount_paid']);
$balance = $invoice_amount - $amount_paid;
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i><?php echo "$invoice_prefix$invoice_number"; ?>: Make Payment</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="invoice_id" value="<?php echo $invoice_id; ?>">
<input type="hidden" name="balance" value="<?php echo $balance; ?>">
<input type="hidden" name="currency_code" value="<?php echo $client_currency_code; ?>">
<div class="modal-body bg-white">
<div class="form-row">
<div class="col-md">
<div class="form-group">
<label>Date <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="date" class="form-control" name="date" max="2999-12-31" value="<?php echo date("Y-m-d"); ?>" required>
</div>
</div>
</div>
<div class="col-md">
<div class="form-group">
<label>Amount <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="amount" value="<?php echo number_format($balance, 2, '.', ''); ?>" placeholder="0.00" required>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Account <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
</div>
<select class="form-control select2" name="account" required>
<option value="">- Select an Account -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$account_id = intval($row['account_id']);
$account_name = nullable_htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments);
$total_payments = floatval($row['total_payments']);
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = floatval($row['total_revenues']);
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = floatval($row['total_expenses']);
$account_balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?>
value="<?php echo $account_id; ?>">
<?php echo $account_name; ?> [$<?php echo number_format($account_balance, 2); ?>]
</option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Payment Method <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-money-check-alt"></i></span>
</div>
<select class="form-control select2" name="payment_method" required>
<option value="">- Method of Payment -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_name = nullable_htmlentities($row['category_name']);
?>
<option <?php if ($config_default_payment_method == $category_name) {
echo "selected";
} ?>><?php echo $category_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-file-alt"></i></span>
</div>
<input type="text" class="form-control" name="reference" placeholder="Check #, Trans #, etc" maxlength="200">
</div>
</div>
<?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
<div class="form-group">
<label>Email Receipt</label>
<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="customControlAutosizing" name="email_receipt" value="1" checked>
<label class="custom-control-label" for="customControlAutosizing"><?php echo $contact_email; ?></label>
</div>
</div>
<?php } ?>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="add_payment" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Pay</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

2
ajax/ajax_recurring_expense_edit.php
View File

@ -157,7 +157,7 @@ ob_start();
<select class="form-control select2" name="vendor" required>
<?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$recurring_expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND (vendor_archived_at > '$recurring_expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);

57
ajax/ajax_recurring_ticket_edit.php
View File

@ -16,6 +16,7 @@ $recurring_ticket_next_run = nullable_htmlentities($row['recurring_ticket_next_r
$recurring_ticket_assigned_to = intval($row['recurring_ticket_assigned_to']);
$recurring_ticket_contact_id = intval($row['recurring_ticket_contact_id']);
$recurring_ticket_asset_id = intval($row['recurring_ticket_asset_id']);
$recurring_ticket_category = intval($row['recurring_ticket_category']);
$recurring_ticket_billable = intval($row['recurring_ticket_billable']);
// Additional Assets Selected
@ -75,17 +76,53 @@ ob_start();
<textarea class="form-control tinymce" name="details"><?php echo $recurring_ticket_details; ?></textarea>
</div>
<div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
<div class="row">
<div class="col">
<div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
</div>
<select class="form-control select2" name="priority" required>
<option <?php if ($recurring_ticket_priority == "Low") { echo "selected"; } ?> >Low</option>
<option <?php if ($recurring_ticket_priority == "Medium") { echo "selected"; } ?> >Medium</option>
<option <?php if ($recurring_ticket_priority == "High") { echo "selected"; } ?> >High</option>
</select>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Category</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-layer-group"></i></span>
</div>
<select class="form-control select2" name="category">
<option value="0">- Uncategorized -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option <?php if ($recurring_ticket_category == $category_id) {echo "selected";} ?> value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php } ?>
</select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Ticket">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div>
</div>
<select class="form-control select2" name="priority" required>
<option <?php if ($recurring_ticket_priority == "Low") { echo "selected"; } ?> >Low</option>
<option <?php if ($recurring_ticket_priority == "Medium") { echo "selected"; } ?> >Medium</option>
<option <?php if ($recurring_ticket_priority == "High") { echo "selected"; } ?> >High</option>
</select>
</div>
</div>

338
ajax/ajax_service_details.php
View File

@ -5,7 +5,6 @@ require_once '../includes/ajax_header.php';
$service_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM services WHERE service_id = $service_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$service_name = nullable_htmlentities($row['service_name']);
$service_description = nullable_htmlentities($row['service_description']);
@ -17,6 +16,7 @@ $service_created_at = nullable_htmlentities($row['service_created_at']);
$service_updated_at = nullable_htmlentities($row['service_updated_at']);
$service_review_due = nullable_htmlentities($row['service_review_due']);
$client_id = intval($row['service_client_id']);
// Service Importance
if ($service_importance == "High") {
$service_importance_display = "<span class='p-2 badge badge-danger'>$service_importance</span>";
@ -55,6 +55,7 @@ $sql_domains = mysqli_query(
LEFT JOIN domains ON service_domains.domain_id = domains.domain_id
WHERE service_id = $service_id"
);
// Associated Certificates
$sql_certificates = mysqli_query(
$mysqli,
@ -63,10 +64,6 @@ $sql_certificates = mysqli_query(
WHERE service_id = $service_id"
);
// Associated URLs ---- REMOVED for now
//$sql_urls = mysqli_query($mysqli, "SELECT * FROM service_urls
//WHERE service_id = '$service_id'");
// Associated Vendors
$sql_vendors = mysqli_query(
$mysqli,
@ -116,149 +113,99 @@ ob_start();
<!-- Assets -->
<?php
if (mysqli_num_rows($sql_assets) > 0) { ?>
<h5><i class="fas fa-fw fa-desktop mr-2"></i>Assets</h5>
<ul>
<?php
// Reset the $sql_assets pointer to the start - as we've already cycled through once
mysqli_data_seek($sql_assets, 0);
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id = intval($row['asset_id']);
$asset_name = nullable_htmlentities($row['asset_name']);
if (!empty($row['interface_ip'])) {
$ip = '('.nullable_htmlentities($row["interface_ip"]).')';
} else {
$ip = '';
}
echo "<li><a href='#' data-toggle='ajax-modal'
data-modal-size='lg'
data-ajax-url='ajax/ajax_asset_details.php'
data-ajax-id='$asset_id'>$asset_name</a>$ip</li>";
}
?>
</ul>
<?php
if (mysqli_num_rows($sql_assets) > 0) {
echo "<h5><i class='fas fa-fw fa-desktop mr-2'></i>Assets</h5><ul>";
mysqli_data_seek($sql_assets, 0);
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id = intval($row['asset_id']);
$asset_name = nullable_htmlentities($row['asset_name']);
$ip = !empty($row['interface_ip']) ? '(' . nullable_htmlentities($row['interface_ip']) . ')' : '';
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_asset_details.php' data-ajax-id='$asset_id'>$asset_name</a>$ip</li>";
}
echo "</ul>";
}
?>
<!-- Networks -->
<?php
$networks = [];
if ($sql_assets) {
$networks = [];
// Reset the $sql_assets pointer to the start
mysqli_data_seek($sql_assets, 0);
// Get networks linked to assets - push name to array
while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['network_name'])) {
$network_data = nullable_htmlentities("$row[network_name]:$row[network_vlan]");
array_push($networks, $network_data);
$network_data = nullable_htmlentities($row["network_name"]) . ':' . nullable_htmlentities($row["network_vlan"]);
$networks[] = $network_data;
}
}
// Remove duplicates
$networks = array_unique($networks);
// Display
if (!empty($networks)) { ?>
<h5><i class="fas fa-fw fa-network-wired mr-2"></i>Networks</h5>
<ul>
<?php
if (!empty($networks)) {
echo "<h5><i class='fas fa-fw fa-network-wired mr-2'></i>Networks</h5><ul>";
foreach ($networks as $network) {
$network_parts = explode(":", $network);
$network_name = $network_parts[0];
$network_vlan = $network_parts[1] ?? '';
echo "<li><a href='networks.php?client_id=$client_id&q=$network_name'>$network_name</a> (VLAN $network_vlan)</li>";
}
echo "</ul>";
}
foreach($networks as $network) {
$network = explode(":", $network);
echo "<li><a href=\"networks.php?client_id=$client_id&q=$network[0]\">$network[0] </a>(VLAN $network[1])</li>";
}
?>
</ul>
<?php
}
?>
<!-- Locations -->
<?php
$location_names = [];
if ($sql_assets) {
$location_names = [];
// Reset the $sql_assets pointer to the start - as we've already cycled through once
mysqli_data_seek($sql_assets, 0);
// Get locations linked to assets - push their name and vlan to arrays
while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['location_name'])) {
array_push($location_names, $row['location_name']);
$location_names[] = nullable_htmlentities($row['location_name']);
}
}
// Remove duplicates
$location_names = array_unique($location_names);
// Display
if (!empty($location_names)) { ?>
<h5><i class="fas fa-fw fa-map-marker-alt mr-2"></i>Locations</h5>
<ul>
<?php
if (!empty($location_names)) {
echo "<h5><i class='fas fa-fw fa-map-marker-alt mr-2'></i>Locations</h5><ul>";
foreach ($location_names as $location) {
echo "<li><a href='locations.php?client_id=$client_id&q=$location'>$location</a></li>";
}
echo "</ul>";
}
foreach($location_names as $location) {
echo "<li><a href=\"locations.php?client_id=$client_id&q=$location\">$location</a></li>";
}
?>
</ul>
<?php
}
?>
<!-- Domains -->
<?php
if (mysqli_num_rows($sql_domains) > 0) { ?>
<h5><i class="fas fa-fw fa-globe mr-2"></i>Domains</h5>
<ul>
<?php
// Reset the $sql_domains pointer to the start
mysqli_data_seek($sql_domains, 0);
// Showing linked domains
while ($row = mysqli_fetch_array($sql_domains)) {
if (!empty($row['domain_name'])) {
echo "<li><a href=\"domains.php?client_id=$client_id&q=$row[domain_name]\">$row[domain_name]</a></li>";
}
if (mysqli_num_rows($sql_domains) > 0) {
echo "<h5><i class='fas fa-fw fa-globe mr-2'></i>Domains</h5><ul>";
mysqli_data_seek($sql_domains, 0);
while ($row = mysqli_fetch_array($sql_domains)) {
if (!empty($row['domain_name'])) {
$domain_name = nullable_htmlentities($row['domain_name']);
echo "<li><a href='domains.php?client_id=$client_id&q=$domain_name'>$domain_name</a></li>";
}
?>
</ul>
<?php
}
echo "</ul>";
}
?>
<!-- Certificates -->
<?php
if (mysqli_num_rows($sql_certificates) > 0) { ?>
<h5><i class="fas fa-fw fa-lock mr-2"></i>Certificates</h5>
<ul>
<?php
// Reset the $sql_certificates pointer to the start
mysqli_data_seek($sql_certificates, 0);
// Showing linked certs
while ($row = mysqli_fetch_array($sql_certificates)) {
if (!empty($row['certificate_name'])) {
echo "<li><a href=\"certificates.php?client_id=$client_id&q=$row[certificate_name]\">$row[certificate_name] ($row[certificate_domain])</a></li>";
}
if (mysqli_num_rows($sql_certificates) > 0) {
echo "<h5><i class='fas fa-fw fa-lock mr-2'></i>Certificates</h5><ul>";
mysqli_data_seek($sql_certificates, 0);
while ($row = mysqli_fetch_array($sql_certificates)) {
if (!empty($row['certificate_name'])) {
$certificate_name = nullable_htmlentities($row['certificate_name']);
$certificate_domain = nullable_htmlentities($row['certificate_domain']);
echo "<li><a href='certificates.php?client_id=$client_id&q=$certificate_name'>$certificate_name ($certificate_domain)</a></li>";
}
?>
</ul>
<?php
}
echo "</ul>";
}
?>
</div>
</div>
<!-- Right side -->
<div class="col-4">
<div class="col-12">
@ -267,148 +214,96 @@ ob_start();
<!-- Vendors -->
<?php
// Reset the $sql_vendors pointer to the start
mysqli_data_seek($sql_vendors, 0);
if (mysqli_num_rows($sql_vendors) > 0) { ?>
<h5><i class="fas fa-fw fa-building mr-2"></i>Vendors</h5>
<ul>
<?php
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
echo "<li><a href='#' data-toggle='ajax-modal'
data-modal-size='lg'
data-ajax-url='ajax/ajax_vendor_details.php'
data-ajax-id='$vendor_id'>
$vendor_name
</a>
</li>";
}
?>
</ul>
<?php
if (mysqli_num_rows($sql_vendors) > 0) {
echo "<h5><i class='fas fa-fw fa-building mr-2'></i>Vendors</h5><ul>";
mysqli_data_seek($sql_vendors, 0);
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_vendor_details.php' data-ajax-id='$vendor_id'>$vendor_name</a></li>";
}
echo "</ul>";
}
?>
<!-- Contacts -->
<?php
if (mysqli_num_rows($sql_contacts) > 0) { ?>
<h5><i class="fas fa-fw fa-users mr-2"></i>Contacts</h5>
<ul>
<?php
// Reset the $sql_contacts pointer to the start
mysqli_data_seek($sql_contacts, 0);
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = intval($row['contact_id']);
$contact_name = nullable_htmlentities($row['contact_name']);
echo "<li><a href='#' data-toggle='ajax-modal'
data-modal-size='lg'
data-ajax-url='ajax/ajax_contact_details.php'
data-ajax-id='$contact_id'>
$contact_name
</a>
</li>";
}
?>
</ul>
<?php
if (mysqli_num_rows($sql_contacts) > 0) {
echo "<h5><i class='fas fa-fw fa-users mr-2'></i>Contacts</h5><ul>";
mysqli_data_seek($sql_contacts, 0);
while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = intval($row['contact_id']);
$contact_name = nullable_htmlentities($row['contact_name']);
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_contact_details.php' data-ajax-id='$contact_id'>$contact_name</a></li>";
}
echo "</ul>";
}
?>
<!-- Credentials -->
<?php
if (mysqli_num_rows($sql_assets) > 0 || mysqli_num_rows($sql_credentials) > 0) { ?>
<h5><i class="fas fa-fw fa-key mr-2"></i>Credentials</h5>
<ul>
<?php
// Reset the $sql_assets/credentials pointer to the start
mysqli_data_seek($sql_assets, 0);
mysqli_data_seek($sql_credentials, 0);
// Showing credentials linked to assets
while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['credential_name'])) {
echo "<li><a href=\"credentials.php?client_id=$client_id&q=$row[credential_name]\">$row[credential_name]</a></li>";
}
if (mysqli_num_rows($sql_assets) > 0 || mysqli_num_rows($sql_credentials) > 0) {
echo "<h5><i class='fas fa-fw fa-key mr-2'></i>Credentials</h5><ul>";
// Credentials linked to assets
mysqli_data_seek($sql_assets, 0);
while ($row = mysqli_fetch_array($sql_assets)) {
$credential_name = nullable_htmlentities($row['credential_name']);
if (!empty($credential_name)) {
echo "<li><a href='credentials.php?client_id=$client_id&q=$credential_name'>$credential_name</a></li>";
}
// Showing explicitly linked credentials
while ($row = mysqli_fetch_array($sql_credentials)) {
if (!empty($row['credential_name'])) {
echo "<li><a href=\"credentials.php?client_id=$client_id&q=$row[credential_name]\">$row[credential_name]</a></li>";
}
}
// Explicitly linked credentials
mysqli_data_seek($sql_credentials, 0);
while ($row = mysqli_fetch_array($sql_credentials)) {
$credential_name = nullable_htmlentities($row['credential_name']);
if (!empty($credential_name)) {
echo "<li><a href='credentials.php?client_id=$client_id&q=$credential_name'>$credential_name</a></li>";
}
?>
</ul>
<?php
}
echo "</ul>";
}
?>
<!-- URLs -->
<?php
if ($sql_credentials || $sql_assets) { ?>
<h5><i class="fas fa-fw fa-link mr-2"></i>URLs</h5>
<ul>
<?php
// Reset the $sql_credentials pointer to the start
mysqli_data_seek($sql_credentials, 0);
// Showing URLs linked to credentials
while ($row = mysqli_fetch_array($sql_credentials)) {
if (!empty($row['credential_uri'])) {
echo "<li><a href=\"https://$row[credential_uri]\">$row[credential_uri]</a></li>";
}
}
// Reset the $sql_assets pointer to the start
mysqli_data_seek($sql_assets, 0);
// Show URLs linked to assets, that also have credentials
while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['credential_uri'])) {
echo "<li><a href=\"https://$row[credential_uri]\">$row[credential_uri]</a></li>";
}
}
?>
</ul>
<?php
$urls = [];
mysqli_data_seek($sql_credentials, 0);
while ($row = mysqli_fetch_array($sql_credentials)) {
if (!empty($row['credential_uri'])) {
$urls[] = sanitize_url($row['credential_uri']);
}
}
mysqli_data_seek($sql_assets, 0);
while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['asset_uri'])) {
$urls[] = sanitize_url($row['asset_uri']);
}
}
$urls = array_unique($urls);
if (!empty($urls)) {
echo "<h5><i class='fas fa-fw fa-link mr-2'></i>URLs</h5><ul>";
foreach ($urls as $url) {
$label = htmlspecialchars(parse_url($url, PHP_URL_HOST) ?: $url);
echo "<li><a href='$url' target='_blank'>$label</a></li>";
}
echo "</ul>";
}
?>
<!-- Documents -->
<?php
if (mysqli_num_rows($sql_docs) > 0) { ?>
<h5><i class="fas fa-fw fa-file-alt mr-2"></i>Documents</h5>
<ul>
<?php
// Reset the $sql_docs pointer to the start
mysqli_data_seek($sql_docs, 0);
while ($row = mysqli_fetch_array($sql_docs)) {
$document_id = intval($row['document_id']);
$document_name = nullable_htmlentities($row['document_name']);
echo "<li><a href='#' data-toggle='ajax-modal'
data-modal-size='lg'
data-ajax-url='ajax/ajax_document_view.php'
data-ajax-id='$document_id'>
$document_name
</a>
</li>";
}
?>
</ul>
<?php
if (mysqli_num_rows($sql_docs) > 0) {
echo "<h5><i class='fas fa-fw fa-file-alt mr-2'></i>Documents</h5><ul>";
mysqli_data_seek($sql_docs, 0);
while ($row = mysqli_fetch_array($sql_docs)) {
$document_id = intval($row['document_id']);
$document_name = nullable_htmlentities($row['document_name']);
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_document_view.php' data-ajax-id='$document_id'>$document_name</a></li>";
}
echo "</ul>";
}
?>
<!-- <h5><i class="nav-icon fas fa-file-alt"></i> Services</h5>-->
<!-- <ul>-->
<!-- <li>Related Service - Coming soon!</li>-->
<!-- </ul>-->
</div>
</div>
</div>
@ -416,3 +311,4 @@ ob_start();
<?php
require_once "../includes/ajax_footer.php";
?>

2
ajax/ajax_service_edit.php
View File

@ -211,7 +211,7 @@ ob_start();
<?php
$selected_ids = array_column(mysqli_fetch_all($sql_vendors, MYSQLI_ASSOC), "vendor_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$service_created_at' OR vendor_archived_at IS NULL) AND vendor_template = 0 AND vendor_client_id = $client_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$service_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id");
while ($row_all = mysqli_fetch_array($sql_all)) {
$vendor_id = intval($row_all['vendor_id']);
$vendor_name = nullable_htmlentities($row_all['vendor_name']);

18
ajax/ajax_software_template_edit.php
View File

@ -2,16 +2,16 @@
require_once '../includes/ajax_header.php';
$software_id = intval($_GET['id']);
$software_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = $software_id LIMIT 1");
$sql = mysqli_query($mysqli, "SELECT * FROM software_templates WHERE software_template_id = $software_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$software_name = nullable_htmlentities($row['software_name']);
$software_version = nullable_htmlentities($row['software_version']);
$software_description = nullable_htmlentities($row['software_description']);
$software_type = nullable_htmlentities($row['software_type']);
$software_license_type = nullable_htmlentities($row['software_license_type']);
$software_notes = nullable_htmlentities($row['software_notes']);
$software_name = nullable_htmlentities($row['software_template_name']);
$software_version = nullable_htmlentities($row['software_template_version']);
$software_description = nullable_htmlentities($row['software_template_description']);
$software_type = nullable_htmlentities($row['software_template_type']);
$software_license_type = nullable_htmlentities($row['software_template_license_type']);
$software_notes = nullable_htmlentities($row['software_template_notes']);
// Generate the HTML form content using output buffering.
ob_start();
@ -24,7 +24,7 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="software_id" value="<?php echo $software_id; ?>">
<input type="hidden" name="software_template_id" value="<?php echo $software_template_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">

49
ajax/ajax_ticket_edit.php
View File

@ -18,6 +18,8 @@ $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_billable = intval($row['ticket_billable']);
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_due_at = nullable_htmlentities($row['ticket_due_at']);
$ticket_assigned_to = intval($row['ticket_assigned_to']);
$contact_id = intval($row['ticket_contact_id']);
$asset_id = intval($row['ticket_asset_id']);
$location_id = intval($row['ticket_location_id']);
@ -105,7 +107,7 @@ ob_start();
<select class="form-control select2" name="category">
<option value="0">- Uncategorized -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL");
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
@ -128,6 +130,49 @@ ob_start();
</div>
</div>
<div class="row">
<div class="col">
<div class="form-group">
<label>Assign to</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-check"></i></span>
</div>
<select class="form-control select2" name="assigned_to">
<option value="0">Not Assigned</option>
<?php
$sql = mysqli_query(
$mysqli,
"SELECT user_id, user_name FROM users
WHERE user_role_id > 1
AND user_type = 1
AND user_status = 1
AND user_archived_at IS NULL
ORDER BY user_name ASC"
);
while ($row = mysqli_fetch_array($sql)) {
$user_id = intval($row['user_id']);
$user_name = nullable_htmlentities($row['user_name']); ?>
<option <?php if ($ticket_assigned_to === $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php } ?>
</select>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Due</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar-check"></i></span>
</div>
<input type="datetime-local" class="form-control" name="due" value="<?php echo $ticket_due_at; ?>">
</div>
</div>
</div>
</div>
<?php if ($config_module_enable_accounting && lookupUserPermission("module_sales") >= 2) { ?>
<div class="form-group">
<div class="custom-control custom-switch">
@ -283,7 +328,7 @@ ob_start();
<option value="0">- None -</option>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);

6
ajax/ajax_vendor_edit.php
View File

@ -104,10 +104,10 @@ ob_start();
<option value="0">- None -</option>
<?php
$sql_vendor_templates = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 1 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql_vendor_templates = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_archived_at IS NULL ORDER BY vendor_template_name ASC");
while ($row = mysqli_fetch_array($sql_vendor_templates)) {
$vendor_template_id_select = $row['vendor_id'];
$vendor_template_name_select = nullable_htmlentities($row['vendor_name']); ?>
$vendor_template_id_select = $row['vendor_template_id'];
$vendor_template_name_select = nullable_htmlentities($row['vendor_template_name']); ?>
<option <?php if ($vendor_template_id == $vendor_template_id_select) { echo "selected"; } ?> value="<?php echo $vendor_template_id_select; ?>"><?php echo $vendor_template_name_select; ?></option>
<?php } ?>

47
ajax/ajax_vendor_template_edit.php
View File

@ -2,23 +2,22 @@
require_once '../includes/ajax_header.php';
$vendor_id = intval($_GET['id']);
$vendor_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_id = $vendor_id LIMIT 1");
$sql = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_id = $vendor_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_description = nullable_htmlentities($row['vendor_description']);
$vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_website = nullable_htmlentities($row['vendor_website']);
$vendor_hours = nullable_htmlentities($row['vendor_hours']);
$vendor_sla = nullable_htmlentities($row['vendor_sla']);
$vendor_code = nullable_htmlentities($row['vendor_code']);
$vendor_notes = nullable_htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
$vendor_name = nullable_htmlentities($row['vendor_template_name']);
$vendor_description = nullable_htmlentities($row['vendor_template_description']);
$vendor_account_number = nullable_htmlentities($row['vendor_template_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_template_contact_name']);
$vendor_phone = formatPhoneNumber($row['vendor_template_phone']);
$vendor_extension = nullable_htmlentities($row['vendor_template_extension']);
$vendor_email = nullable_htmlentities($row['vendor_template_email']);
$vendor_website = nullable_htmlentities($row['vendor_template_website']);
$vendor_hours = nullable_htmlentities($row['vendor_template_hours']);
$vendor_sla = nullable_htmlentities($row['vendor_template_sla']);
$vendor_code = nullable_htmlentities($row['vendor_template_code']);
$vendor_notes = nullable_htmlentities($row['vendor_template_notes']);
// Generate the HTML form content using output buffering.
ob_start();
@ -31,18 +30,18 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="vendor_id" value="<?php echo $vendor_id; ?>">
<input type="hidden" name="vendor_template_id" value="<?php echo $vendor_template_id; ?>">
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $vendor_id; ?>">Details</a>
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $vendor_template_id; ?>">Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-support<?php echo $vendor_id; ?>">Support</a>
<a class="nav-link" data-toggle="pill" href="#pills-support<?php echo $vendor_template_id; ?>">Support</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $vendor_id; ?>">Notes</a>
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $vendor_template_id; ?>">Notes</a>
</li>
</ul>
@ -52,7 +51,7 @@ ob_start();
<div class="tab-content">
<div class="tab-pane fade show active" id="pills-details<?php echo $vendor_id; ?>">
<div class="tab-pane fade show active" id="pills-details<?php echo $vendor_template_id; ?>">
<div class="form-group">
@ -117,14 +116,14 @@ ob_start();
<div class="form-group">
<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="updateVendorsCheckbox<?php echo $vendor_id; ?>" name="update_base_vendors" value="1" >
<label class="custom-control-label" for="updateVendorsCheckbox<?php echo $vendor_id; ?>">Update All Base Vendors</label>
<input type="checkbox" class="custom-control-input" id="updateVendorsCheckbox<?php echo $vendor_template_id; ?>" name="update_base_vendors" value="1" >
<label class="custom-control-label" for="updateVendorsCheckbox<?php echo $vendor_template_id; ?>">Update All Base Vendors</label>
</div>
</div>
</div>
<div class="tab-pane fade" id="pills-support<?php echo $vendor_id; ?>">
<div class="tab-pane fade" id="pills-support<?php echo $vendor_template_id; ?>">
<label>Support Phone</label>
<div class="form-row">
@ -225,7 +224,7 @@ ob_start();
</div>
<div class="tab-pane fade" id="pills-notes<?php echo $vendor_id; ?>">
<div class="tab-pane fade" id="pills-notes<?php echo $vendor_template_id; ?>">
<div class="form-group">
<textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"><?php echo $vendor_notes; ?></textarea>

5
api/v1/documents/create.php
View File

@ -13,15 +13,12 @@ $insert_id = false;
if (!empty($name) && !(empty($content))) {
// Create document
$insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id");
$insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id");
// Check insert & get insert ID
if ($insert_sql) {
$insert_id = mysqli_insert_id($mysqli);
// Update field document_parent to be the same id as document ID as this is the only version of the document.
mysqli_query($mysqli,"UPDATE documents SET document_parent = $insert_id WHERE document_id = $insert_id");
// Logging
logAction("Document", "Create", "$name via API ($api_key_name)", $client_id, $insert_id);
logAction("API", "Success", "Created document $name via API ($api_key_name)", $client_id);

24
api/v1/documents/update.php
View File

@ -18,34 +18,12 @@ if (!empty($document_id)) {
require_once 'document_model.php';
// Documents are a little weird as we update them by *inserting* a new document row
$update_insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id");
$update_insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id");
// Check insert & get insert ID
if ($update_insert_sql) {
$insert_id = $new_document_id = mysqli_insert_id($mysqli);
// Update the parent ID of the new document to match its new document ID
mysqli_query($mysqli,"UPDATE documents SET document_parent = $new_document_id WHERE document_id = $new_document_id");
// Link all existing links with old document with new document
mysqli_query($mysqli,"UPDATE documents SET document_parent = $new_document_id, document_archived_at = NOW() WHERE document_parent = $document_id");
// Update Links to the new parent document:-
// Document files
mysqli_query($mysqli,"UPDATE document_files SET document_id = $new_document_id WHERE document_id = $document_id");
// Contact documents
mysqli_query($mysqli,"UPDATE contact_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Asset documents
mysqli_query($mysqli,"UPDATE asset_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Software documents
mysqli_query($mysqli,"UPDATE software_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Vendor documents
mysqli_query($mysqli,"UPDATE vendor_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Logging
logAction("Document", "Edit", "$name via API ($api_key_name) previous version kept", $client_id, $insert_id);
logAction("API", "Success", "Edited document $name via API ($api_key_name)", $client_id);

25
asset_details.php
View File

@ -34,8 +34,8 @@ if (isset($_GET['asset_id'])) {
$asset_model = nullable_htmlentities($row['asset_model']);
$asset_serial = nullable_htmlentities($row['asset_serial']);
$asset_os = nullable_htmlentities($row['asset_os']);
$asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
$asset_uri = sanitize_url($row['asset_uri']);
$asset_uri_2 = sanitize_url($row['asset_uri_2']);
$asset_status = nullable_htmlentities($row['asset_status']);
$asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']);
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
@ -177,7 +177,6 @@ if (isset($_GET['asset_id'])) {
LEFT JOIN users ON document_created_by = user_id
WHERE asset_documents.asset_id = $asset_id
AND asset_documents.document_id = documents.document_id
AND document_template = 0
AND document_archived_at IS NULL
ORDER BY document_name ASC"
);
@ -283,19 +282,19 @@ if (isset($_GET['asset_id'])) {
</div>
<div class="card-body">
<?php if ($asset_ip) { ?>
<div><i class="fa fa-fw fa-globe text-secondary mr-3"></i><?php echo $asset_ip; ?></div>
<div><i class="fa fa-fw fa-globe text-secondary mr-2"></i><?php echo $asset_ip; ?></div>
<?php } ?>
<?php if ($asset_nat_ip) { ?>
<div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-3"></i><?php echo $asset_nat_ip; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-2"></i><?php echo $asset_nat_ip; ?></div>
<?php }
if ($asset_mac) { ?>
<div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-3"></i><?php echo $asset_mac; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-2"></i><?php echo $asset_mac; ?></div>
<?php }
if ($asset_uri) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri; ?>" target="_blank">Link</a></div>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri; ?>" target="_blank" title="<?php echo $asset_uri; ?>"><?php echo truncate($asset_uri, 20); ?></a></div>
<?php }
if ($asset_uri_2) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank">Link 2</a></div>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank" title="<?php echo $asset_uri_2; ?>"><?php echo truncate($asset_uri_2, 20); ?></a></div>
<?php } ?>
</div>
</div>
@ -307,19 +306,19 @@ if (isset($_GET['asset_id'])) {
</div>
<div class="card-body">
<?php if ($location_name) { ?>
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name_display; ?></div>
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name_display; ?></div>
<?php }
if ($contact_name) { ?>
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-3"></i><?php echo $contact_name_display; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-2"></i><?php echo $contact_name_display; ?></div>
<?php }
if ($contact_email) { ?>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php }
if ($contact_phone) { ?>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
<?php }
if ($contact_mobile) { ?>
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_mobile); ?></div>
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_mobile); ?></div>
<?php } ?>
</div>

6
assets.php
View File

@ -486,8 +486,8 @@ if (mysqli_num_rows($os_sql) > 0) {
$asset_ipv6 = nullable_htmlentities($row['interface_ipv6']);
$asset_nat_ip = nullable_htmlentities($row['interface_nat_ip']);
$asset_mac = nullable_htmlentities($row['interface_mac']);
$asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
$asset_uri = sanitize_url($row['asset_uri']);
$asset_uri_2 = sanitize_url($row['asset_uri_2']);
$asset_status = nullable_htmlentities($row['asset_status']);
$asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']);
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
@ -535,7 +535,7 @@ if (mysqli_num_rows($os_sql) > 0) {
if ($contact_name) {
$contact_name_display = "<a href='#'
data-toggle='ajax-modal'
data-modal-size='xl'
data-modal-size='lg'
data-ajax-url='ajax/ajax_contact_details.php'
data-ajax-id='$asset_contact_id'>
$contact_name $contact_archive_display

2
calendar.php
View File

@ -303,7 +303,7 @@ while ($row = mysqli_fetch_array($sql)) {
}
//Vendors Added Created
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id $client_query AND vendor_template = 0 ");
$sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id $client_query");
while ($row = mysqli_fetch_array($sql)) {
$event_id = intval($row['vendor_id']);
$client_id = intval($row['client_id']);

2
client/index.php
View File

@ -11,7 +11,7 @@ require_once "includes/inc_all.php";
// Billing Card Queries
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $session_client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'");
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $session_client_id AND invoice_status != 'Draft' AND invoice_status != 'Cancelled' AND invoice_status != 'Non-Billable'");
$row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = floatval($row['invoice_amounts']);

85
client_document_details.php
View File

@ -35,7 +35,6 @@ $document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_archived_at = nullable_htmlentities($row['document_archived_at']);
$document_folder_id = intval($row['document_folder_id']);
$document_parent = intval($row['document_parent']);
$document_client_visible = intval($row['document_client_visible']);
// Override Tab Title // No Sanitizing needed as this var will opnly be used in the tab title
@ -115,45 +114,44 @@ $page_title = $row['document_name'];
<table class="table table-sm">
<thead class="thead-light">
<th>Revision</th>
<th>Version</th>
<th>Date</th>
<th>Name</th>
<th>Description</th>
<th>Author</th>
</thead>
<tbody>
<?php
$sql_document_revisions = mysqli_query($mysqli, "SELECT * FROM documents
LEFT JOIN users ON document_updated_by = user_id
WHERE document_parent = $document_parent
ORDER BY document_created_at ASC"
$sql_document_versions = mysqli_query($mysqli, "SELECT * FROM document_versions
LEFT JOIN users ON document_version_created_by = user_id
WHERE document_version_document_id = $document_id
ORDER BY document_version_created_at ASC"
);
$revision_count = 1; // Initialize the revision counter
$document_version_count = 1; // Initialize the document version counter
while ($row = mysqli_fetch_array($sql_document_revisions)) {
$revision_document_id = intval($row['document_id']);
$revision_document_name = nullable_htmlentities($row['document_name']);
$revision_document_description = nullable_htmlentities($row['document_description']);
if ($revision_document_description ) {
$revision_document_description_display = $revision_document_description;
while ($row = mysqli_fetch_array($sql_document_versions)) {
$document_version_id = intval($row['document_version_id']);
$document_version_name = nullable_htmlentities($row['document_version_name']);
$document_version_description = nullable_htmlentities($row['document_version_description']);
if ($document_version_description ) {
$document_version_description_display = $document_version_description;
} else {
$revision_document_description_display = "-";
$document_version_description_display = "-";
}
$revision_document_author = nullable_htmlentities($row['user_name']);
if (empty($revision_document_author)) {
$revision_document_author = $document_created_by_name;
}
$revision_document_created_date = date('Y-m-d', strtotime($row['document_created_at']));
$document_version_author = nullable_htmlentities($row['user_name']);
$document_version_created_date = date('Y-m-d', strtotime($row['document_version_created_at']));
?>
<tr>
<td><?php echo "$revision_count.0"; ?></td>
<td><?php echo $revision_document_created_date; ?></td>
<td><?php echo $revision_document_description_display; ?></td>
<td><?php echo $revision_document_author; ?></td>
<td><?php echo $document_version_count; ?></td>
<td><?php echo $document_version_created_date; ?></td>
<td><?php echo $document_version_name; ?></td>
<td><?php echo $document_version_description_display; ?></td>
<td><?php echo $document_version_author; ?></td>
</tr>
<?php
$revision_count++; // Increment the counter
$document_version_count++; // Increment the counter
}
?>
</tbody>
@ -378,29 +376,30 @@ $page_title = $row['document_name'];
<h6><i class="fas fa-history mr-2"></i>Revisions</h6>
<?php
$sql_document_revisions = mysqli_query($mysqli, "SELECT * FROM documents
LEFT JOIN users ON document_created_by = user_id
WHERE document_parent = $document_parent
ORDER BY document_created_at DESC"
$sql_document_versions = mysqli_query($mysqli, "SELECT * FROM document_versions
LEFT JOIN users ON document_version_created_by = user_id
WHERE document_version_document_id = $document_id
ORDER BY document_version_created_at DESC"
);
while ($row = mysqli_fetch_array($sql_document_revisions)) {
$revision_document_id = intval($row['document_id']);
$revision_document_name = nullable_htmlentities($row['document_name']);
$revision_document_description = nullable_htmlentities($row['document_description']);
$revision_document_created_by_name = nullable_htmlentities($row['user_name']);
$revision_document_created_date = nullable_htmlentities($row['document_created_at']);
while ($row = mysqli_fetch_array($sql_document_versions)) {
$document_version_id = intval($row['document_version_id']);
$document_version_name = nullable_htmlentities($row['document_version_name']);
$document_version_description = nullable_htmlentities($row['document_version_description']);
$document_version_author = nullable_htmlentities($row['user_name']);
$document_version_created_date = nullable_htmlentities($row['document_version_created_at']);
?>
<div class="mt-1 <?php if($document_id == $revision_document_id){ echo "text-bold"; } ?>">
<i class="fas fa-fw fa-history text-secondary mr-2"></i><a href="?client_id=<?php echo $client_id; ?>&document_id=<?php echo $revision_document_id; ?>"><?php echo " $revision_document_created_date"; ?></a><?php if($document_parent == $revision_document_id){ echo "<span class='float-right'>(Parent)</span>";
} else { ?>
<a class="confirm-link float-right" href="post.php?delete_document_version=<?php echo $revision_document_id; ?>">
<i class="fas fa-fw fa-trash-alt text-secondary"></i>
</a>
<?php
}
?>
<div class="mt-1 <?php if($document_id === $document_version_id){ echo "text-bold"; } ?>">
<i class="fas fa-fw fa-history text-secondary mr-2"></i>
<a href="#"
data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_document_version_view.php"
data-ajax-id="<?php echo $document_version_id; ?>"><?php echo "$document_version_created_date | $document_version_author"; ?></a>
<a class="confirm-link float-right" href="post.php?delete_document_version=<?php echo $document_version_id; ?>">
<i class="fas fa-fw fa-trash-alt text-secondary"></i>
</a>
</div>
<?php
}

11
client_documents.php
View File

@ -41,8 +41,6 @@ if ($get_folder_id == 0 && $_GET["q"]) {
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
LEFT JOIN users ON document_created_by = user_id
WHERE document_client_id = $client_id
AND document_template = 0
AND document_archived_at IS NULL
$query_snippet
ORDER BY $sort $order LIMIT $record_from, $record_to"
@ -53,7 +51,6 @@ if ($get_folder_id == 0 && $_GET["q"]) {
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
LEFT JOIN users ON document_created_by = user_id
WHERE document_client_id = $client_id
AND document_template = 0
AND document_folder_id = $folder
AND document_archived_at IS NULL
$query_snippet
@ -353,7 +350,11 @@ while ($folder_id > 0) {
$document_content = nullable_htmlentities($row['document_content']);
$document_created_by_name = nullable_htmlentities($row['user_name']);
$document_created_at = date("m/d/Y",strtotime($row['document_created_at']));
$document_updated_at = date("m/d/Y",strtotime($row['document_updated_at']));
if ($row['document_updated_at']) {
$document_updated_at_display = date("m/d/Y",strtotime($row['document_updated_at']));
} else {
$document_updated_at_display = "-";
}
$document_folder_id = intval($row['document_folder_id']);
// Check if shared
@ -398,7 +399,7 @@ while ($folder_id > 0) {
<?php echo $document_created_at; ?>
<div class="text-secondary mt-1"><?php echo $document_created_by_name; ?>
</td>
<td><?php echo $document_updated_at; ?></td>
<td><?php echo $document_updated_at_display; ?></td>
<td>
<?php if (mysqli_num_rows($sql_shared) > 0) { ?>
<div class="media" title="Expires <?php echo $item_expire_at_human; ?>">

39
client_overview.php
View File

@ -193,7 +193,7 @@ $sql_asset_retired = mysqli_query(
<!-- Notes -->
<div class="col-md-4">
<div class="col-md-8">
<div class="card card-dark mb-3">
<div class="card-header">
@ -226,19 +226,42 @@ $sql_asset_retired = mysqli_query(
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_initials = initials($contact_name);
?>
<tr>
<td>
<a href="#" class="text-bold"
data-toggle="ajax-modal"
<a href="#" data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_contact_details.php"
data-ajax-id="<?php echo $contact_id; ?>">
<?php echo $contact_name; ?>
<div class="media">
<?php if ($contact_photo) { ?>
<span class="fa-stack fa-2x mr-2 text-center">
<img class="img-size-50 img-circle" src="<?php echo "uploads/clients/$client_id/$contact_photo"; ?>">
</span>
<?php } else { ?>
<span class="fa-stack fa-2x mr-2">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $contact_initials; ?></span>
</span>
<?php } ?>
<div class="media-body">
<div class="text-bold"><?php echo $contact_name; ?></div>
<small class="text-secondary"><?php echo $contact_title; ?></small>
<div><?php echo $contact_primary_display; ?></div>
<?php
if (!empty($contact_tags_display)) { ?>
<div class="mt-1">
<?php echo $contact_tags_display; ?>
</div>
<?php } ?>
</div>
</div>
</a>
<br>
<small class="text-secondary"><?php echo $contact_title; ?></small>
</td>
<td>
<?php if (!empty($contact_phone)) { ?>
@ -613,7 +636,7 @@ $sql_asset_retired = mysqli_query(
<!-- Recent Activities -->
<div class="col-md-4">
<div class="col-md-6">
<div class="card card-dark mb-3">
<div class="card-header">
@ -631,7 +654,7 @@ $sql_asset_retired = mysqli_query(
?>
<tr>
<td><?php echo $log_created_at_time_ago; ?></td>
<td class="text-nowrap text-secondary"><?php echo $log_created_at_time_ago; ?></td>
<td><?php echo $log_description; ?></td>
</tr>

8
clients.php
View File

@ -339,7 +339,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$client_tags_display = implode('', $client_tag_name_display_array);
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' ");
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status != 'Draft' AND invoice_status != 'Cancelled' AND invoice_status != 'Non-Billable' ");
$row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = floatval($row['invoice_amounts']);
@ -404,13 +404,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (!empty($contact_name)) { ?>
<div class="text-bold">
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i>
<a href="#"
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><a href="#"
data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_contact_details.php?client_id=<?php echo $client_id; ?>"
data-ajax-id="<?php echo $contact_id; ?>">
<?php echo $contact_name; ?>
data-ajax-id="<?php echo $contact_id; ?>"><?php echo $contact_name; ?>
</a>
</div>
<?php } else {

1
contact_details.php
View File

@ -143,7 +143,6 @@ if (isset($_GET['contact_id'])) {
LEFT JOIN users ON document_created_by = user_id
WHERE contact_documents.contact_id = $contact_id
AND contact_documents.document_id = documents.document_id
AND document_template = 0
AND document_archived_at IS NULL
ORDER BY document_name ASC"
);

6
credentials.php
View File

@ -300,13 +300,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$credential_id = intval($row['c_credential_id']);
$credential_name = nullable_htmlentities($row['credential_name']);
$credential_description = nullable_htmlentities($row['credential_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']);
$credential_uri = sanitize_url($row['credential_uri']);
if (empty($credential_uri)) {
$credential_uri_display = "-";
} else {
$credential_uri_display = truncate($credential_uri,40) . "<button class='btn btn-sm clipboardjs' type='button' data-clipboard-text='$credential_uri'><i class='far fa-copy text-secondary'></i></button>";
$credential_uri_display = "<a href='$credential_uri'>" . truncate($credential_uri,40) . "</a><button class='btn btn-sm clipboardjs' type='button' title='$credential_uri' data-clipboard-text='$credential_uri'><i class='far fa-copy text-secondary'></i></button>";
}
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']);
$credential_uri_2 = sanitize_url($row['credential_uri_2']);
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username']));
if (empty($credential_username)) {
$credential_username_display = "-";

8
dashboard.php
View File

@ -91,7 +91,7 @@ if ($user_config_dashboard_financial_enable == 1) {
$row = mysqli_fetch_array($sql_total_expenses);
$total_expenses = floatval($row['total_expenses']);
$sql_invoice_totals = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_totals FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled' AND YEAR(invoice_date) = $year");
$sql_invoice_totals = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_totals FROM invoices WHERE invoice_status != 'Draft' AND invoice_status != 'Cancelled' AND invoice_status != 'Non-Billable' AND YEAR(invoice_date) = $year");
$row = mysqli_fetch_array($sql_invoice_totals);
$invoice_totals = floatval($row['invoice_totals']);
@ -99,7 +99,7 @@ if ($user_config_dashboard_financial_enable == 1) {
$row = mysqli_fetch_array($sql_total_payments_to_invoices_all_years);
$total_payments_to_invoices_all_years = floatval($row['total_payments_to_invoices_all_years']);
$sql_invoice_totals_all_years = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_totals_all_years FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'");
$sql_invoice_totals_all_years = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_totals_all_years FROM invoices WHERE invoice_status != 'Draft' AND invoice_status != 'Cancelled' AND invoice_status != 'Non-Billable'");
$row = mysqli_fetch_array($sql_invoice_totals_all_years);
$invoice_totals_all_years = floatval($row['invoice_totals_all_years']);
@ -158,7 +158,7 @@ if ($user_config_dashboard_financial_enable == 1) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(client_id) AS clients_added FROM clients WHERE YEAR(client_created_at) = $year AND client_archived_at IS NULL"));
$clients_added = intval($row['clients_added']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(vendor_id) AS vendors_added FROM vendors WHERE YEAR(vendor_created_at) = $year AND vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(vendor_id) AS vendors_added FROM vendors WHERE YEAR(vendor_created_at) = $year AND vendor_client_id = 0 AND vendor_archived_at IS NULL"));
$vendors_added = intval($row['vendors_added']);
?>
<div class="card card-body">
@ -808,7 +808,7 @@ if ($user_config_dashboard_technical_enable == 1) {
<?php
$largest_invoice_month = 0;
for ($month = 1; $month <= 12; $month++) {
$sql_projected = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amount_for_month FROM invoices WHERE YEAR(invoice_due) = $year AND MONTH(invoice_due) = $month AND invoice_status NOT LIKE 'Cancelled' AND invoice_status NOT LIKE 'Draft'");
$sql_projected = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amount_for_month FROM invoices WHERE YEAR(invoice_due) = $year AND MONTH(invoice_due) = $month AND invoice_status != 'Cancelled' AND invoice_status != 'Draft' AND invoice_status != 'Non-Billable'");
$row = mysqli_fetch_array($sql_projected);
$invoice_for_month = floatval($row['invoice_amount_for_month']);

210
database_updates.php
View File

@ -3464,12 +3464,216 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.4'");
}
if (CURRENT_DATABASE_VERSION == '2.1.4') {
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_ticket_timer_autostart` TINYINT(1) NOT NULL DEFAULT '0' AFTER `config_ticket_default_billable`");
mysqli_query($mysqli, "ALTER TABLE `tickets` ADD `ticket_due_at` DATETIME DEFAULT NULL AFTER `ticket_updated_at`");
mysqli_query($mysqli, "ALTER TABLE `companies` ADD `company_tax_id` VARCHAR(200) DEFAULT NULL AFTER `company_currency`");
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_invoice_show_tax_id` TINYINT(1) NOT NULL DEFAULT '0' AFTER `config_invoice_paid_notification_email`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.5'");
}
// if (CURRENT_DATABASE_VERSION == '2.1.4') {
// // Insert queries here required to update to DB version 2.1.5
if (CURRENT_DATABASE_VERSION == '2.1.5') {
mysqli_query($mysqli, "CREATE TABLE `document_versions` (
`document_version_id` INT(11) NOT NULL AUTO_INCREMENT,
`document_version_name` VARCHAR(200) NOT NULL,
`document_version_description` TEXT DEFAULT NULL,
`document_version_content` LONGTEXT NOT NULL,
`document_version_created_by` INT(11) DEFAULT 0,
`document_version_created_at` DATETIME NOT NULL,
`document_version_document_id` INT(11) NOT NULL,
PRIMARY KEY (`document_version_id`)
)");
// Delete all Current Document Versions
mysqli_query($mysqli, "
DELETE FROM `documents`
WHERE `document_parent` > 0 AND `document_parent` != `document_id`
");
mysqli_query($mysqli, "ALTER TABLE `documents` DROP `document_parent`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.6'");
}
if (CURRENT_DATABASE_VERSION == '2.1.6') {
mysqli_query($mysqli, "CREATE TABLE `document_templates` (
`document_template_id` INT(11) NOT NULL AUTO_INCREMENT,
`document_template_name` VARCHAR(200) NOT NULL,
`document_template_description` TEXT DEFAULT NULL,
`document_template_content` LONGTEXT NOT NULL,
`document_template_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`document_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`document_template_archived_at` DATETIME NULL DEFAULT NULL,
`document_template_created_by` INT(11) NOT NULL DEFAULT 0,
`document_template_updated_by` INT(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`document_template_id`)
)");
// Copy Document Templates over to new document templates table
mysqli_query($mysqli, "
INSERT INTO document_templates (
document_template_name,
document_template_description,
document_template_content,
document_template_created_at,
document_template_updated_at,
document_template_archived_at,
document_template_created_by,
document_template_updated_by
)
SELECT
document_name,
document_description,
document_content,
document_created_at,
document_updated_at,
document_archived_at,
document_created_by,
document_updated_by
FROM
documents
WHERE
document_template = 1
");
mysqli_query($mysqli, "DELETE FROM documents WHERE document_template = 1");
mysqli_query($mysqli, "ALTER TABLE `documents` DROP `document_template`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.7'");
}
if (CURRENT_DATABASE_VERSION == '2.1.7') {
mysqli_query($mysqli, "CREATE TABLE `software_templates` (
`software_template_id` INT(11) NOT NULL AUTO_INCREMENT,
`software_template_name` VARCHAR(200) NOT NULL,
`software_template_description` TEXT DEFAULT NULL,
`software_template_version` VARCHAR(200) DEFAULT NULL,
`software_template_type` VARCHAR(200) NOT NULL,
`software_template_license_type` VARCHAR(200) DEFAULT NULL,
`software_template_notes` TEXT DEFAULT NULL,
`software_template_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`software_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`software_template_archived_at` DATETIME NULL DEFAULT NULL,
PRIMARY KEY (`software_template_id`)
)");
// Copy software Templates over to new software templates table
mysqli_query($mysqli, "
INSERT INTO software_templates (
software_template_name,
software_template_description,
software_template_version,
software_template_type,
software_template_license_type,
software_template_notes,
software_template_created_at,
software_template_updated_at,
software_template_archived_at
)
SELECT
software_name,
software_description,
software_version,
software_type,
software_license_type,
software_notes,
software_created_at,
software_updated_at,
software_archived_at
FROM
software
WHERE
software_template = 1
");
mysqli_query($mysqli, "DELETE FROM software WHERE software_template = 1");
mysqli_query($mysqli, "ALTER TABLE `software` DROP `software_template`");
mysqli_query($mysqli, "ALTER TABLE `software` DROP `software_template_id`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.8'");
}
if (CURRENT_DATABASE_VERSION == '2.1.8') {
mysqli_query($mysqli, "CREATE TABLE `vendor_templates` (
`vendor_template_id` INT(11) NOT NULL AUTO_INCREMENT,
`vendor_template_name` VARCHAR(200) NOT NULL,
`vendor_template_description` VARCHAR(200) DEFAULT NULL,
`vendor_template_contact_name` VARCHAR(200) DEFAULT NULL,
`vendor_template_phone_country_code` VARCHAR(10) DEFAULT NULL,
`vendor_template_phone` VARCHAR(200) DEFAULT NULL,
`vendor_template_extension` VARCHAR(200) DEFAULT NULL,
`vendor_template_email` VARCHAR(200) DEFAULT NULL,
`vendor_template_website` VARCHAR(200) DEFAULT NULL,
`vendor_template_hours` VARCHAR(200) DEFAULT NULL,
`vendor_template_sla` VARCHAR(200) DEFAULT NULL,
`vendor_template_code` VARCHAR(200) DEFAULT NULL,
`vendor_template_account_number` VARCHAR(200) DEFAULT NULL,
`vendor_template_notes` TEXT DEFAULT NULL,
`vendor_template_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`vendor_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`vendor_template_archived_at` DATETIME NULL DEFAULT NULL,
PRIMARY KEY (`vendor_template_id`)
)");
// Copy Vendor Templates over to new vendor templates table
mysqli_query($mysqli, "
INSERT INTO vendor_templates (
vendor_template_name,
vendor_template_description,
vendor_template_contact_name,
vendor_template_phone_country_code,
vendor_template_phone,
vendor_template_extension,
vendor_template_email,
vendor_template_website,
vendor_template_hours,
vendor_template_sla,
vendor_template_code,
vendor_template_account_number,
vendor_template_notes,
vendor_template_created_at,
vendor_template_updated_at,
vendor_template_archived_at
)
SELECT
vendor_name,
vendor_description,
vendor_contact_name,
vendor_phone_country_code,
vendor_phone,
vendor_extension,
vendor_email,
vendor_website,
vendor_hours,
vendor_sla,
vendor_code,
vendor_account_number,
vendor_notes,
vendor_created_at,
vendor_updated_at,
vendor_archived_at
FROM
vendors
WHERE
vendor_template = 1
");
mysqli_query($mysqli, "DELETE FROM vendors WHERE vendor_template = 1");
mysqli_query($mysqli, "ALTER TABLE `vendors` DROP `vendor_template`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.9'");
}
// if (CURRENT_DATABASE_VERSION == '2.1.9') {
// // Insert queries here required to update to DB version 2.2.0
// // Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.5'");
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.0'");
// }
} else {

102
db.sql
View File

@ -555,6 +555,7 @@ CREATE TABLE `companies` (
`company_logo` varchar(250) DEFAULT NULL,
`company_locale` varchar(200) DEFAULT NULL,
`company_currency` varchar(200) NOT NULL,
`company_tax_id` varchar(200) DEFAULT NULL,
`company_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`company_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
PRIMARY KEY (`company_id`)
@ -829,6 +830,46 @@ CREATE TABLE `document_files` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `document_templates`
--
DROP TABLE IF EXISTS `document_templates`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8mb4 */;
CREATE TABLE `document_templates` (
`document_template_id` int(11) NOT NULL AUTO_INCREMENT,
`document_template_name` varchar(200) NOT NULL,
`document_template_description` text DEFAULT NULL,
`document_template_content` longtext NOT NULL,
`document_template_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`document_template_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`document_template_archived_at` datetime DEFAULT NULL,
`document_template_created_by` int(11) NOT NULL DEFAULT 0,
`document_template_updated_by` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`document_template_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `document_versions`
--
DROP TABLE IF EXISTS `document_versions`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8mb4 */;
CREATE TABLE `document_versions` (
`document_version_id` int(11) NOT NULL AUTO_INCREMENT,
`document_version_name` varchar(200) NOT NULL,
`document_version_description` text DEFAULT NULL,
`document_version_content` longtext NOT NULL,
`document_version_created_by` int(11) DEFAULT 0,
`document_version_created_at` datetime NOT NULL,
`document_version_document_id` int(11) NOT NULL,
PRIMARY KEY (`document_version_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `documents`
--
@ -843,13 +884,11 @@ CREATE TABLE `documents` (
`document_content` longtext NOT NULL,
`document_content_raw` longtext NOT NULL,
`document_important` tinyint(1) NOT NULL DEFAULT 0,
`document_parent` int(11) NOT NULL DEFAULT 0,
`document_client_visible` int(11) NOT NULL DEFAULT 1,
`document_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`document_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`document_archived_at` datetime DEFAULT NULL,
`document_accessed_at` datetime DEFAULT NULL,
`document_template` tinyint(1) NOT NULL DEFAULT 0,
`document_folder_id` int(11) NOT NULL DEFAULT 0,
`document_created_by` int(11) NOT NULL DEFAULT 0,
`document_updated_by` int(11) NOT NULL DEFAULT 0,
@ -1794,6 +1833,7 @@ CREATE TABLE `settings` (
`config_invoice_late_fee_enable` tinyint(1) NOT NULL DEFAULT 0,
`config_invoice_late_fee_percent` decimal(5,2) NOT NULL DEFAULT 0.00,
`config_invoice_paid_notification_email` varchar(200) DEFAULT NULL,
`config_invoice_show_tax_id` tinyint(1) NOT NULL DEFAULT 0,
`config_recurring_invoice_prefix` varchar(200) DEFAULT NULL,
`config_recurring_invoice_next_number` int(11) NOT NULL DEFAULT 1,
`config_quote_prefix` varchar(200) DEFAULT NULL,
@ -1812,6 +1852,7 @@ CREATE TABLE `settings` (
`config_ticket_autoclose_hours` int(5) NOT NULL DEFAULT 72,
`config_ticket_new_ticket_notification_email` varchar(200) DEFAULT NULL,
`config_ticket_default_billable` tinyint(1) NOT NULL DEFAULT 0,
`config_ticket_timer_autostart` tinyint(1) NOT NULL DEFAULT 0,
`config_enable_cron` tinyint(1) NOT NULL DEFAULT 0,
`config_recurring_auto_send_invoice` tinyint(1) NOT NULL DEFAULT 1,
`config_enable_alert_domain_expire` tinyint(1) NOT NULL DEFAULT 1,
@ -1900,14 +1941,12 @@ CREATE TABLE `software` (
`software_purchase` date DEFAULT NULL,
`software_expire` date DEFAULT NULL,
`software_notes` text DEFAULT NULL,
`software_template` tinyint(1) NOT NULL DEFAULT 0,
`software_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`software_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`software_archived_at` datetime DEFAULT NULL,
`software_accessed_at` datetime DEFAULT NULL,
`software_vendor_id` int(11) DEFAULT 0,
`software_client_id` int(11) NOT NULL,
`software_template_id` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`software_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
@ -1997,6 +2036,28 @@ CREATE TABLE `software_files` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `software_templates`
--
DROP TABLE IF EXISTS `software_templates`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8mb4 */;
CREATE TABLE `software_templates` (
`software_template_id` int(11) NOT NULL AUTO_INCREMENT,
`software_template_name` varchar(200) NOT NULL,
`software_template_description` text DEFAULT NULL,
`software_template_version` varchar(200) DEFAULT NULL,
`software_template_type` varchar(200) NOT NULL,
`software_template_license_type` varchar(200) DEFAULT NULL,
`software_template_notes` text DEFAULT NULL,
`software_template_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`software_template_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`software_template_archived_at` datetime DEFAULT NULL,
PRIMARY KEY (`software_template_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `tags`
--
@ -2244,6 +2305,7 @@ CREATE TABLE `tickets` (
`ticket_url_key` varchar(200) DEFAULT NULL,
`ticket_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`ticket_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`ticket_due_at` datetime DEFAULT NULL,
`ticket_resolved_at` datetime DEFAULT NULL,
`ticket_archived_at` datetime DEFAULT NULL,
`ticket_first_response_at` datetime DEFAULT NULL,
@ -2458,6 +2520,35 @@ CREATE TABLE `vendor_files` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `vendor_templates`
--
DROP TABLE IF EXISTS `vendor_templates`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8mb4 */;
CREATE TABLE `vendor_templates` (
`vendor_template_id` int(11) NOT NULL AUTO_INCREMENT,
`vendor_template_name` varchar(200) NOT NULL,
`vendor_template_description` varchar(200) DEFAULT NULL,
`vendor_template_contact_name` varchar(200) DEFAULT NULL,
`vendor_template_phone_country_code` varchar(10) DEFAULT NULL,
`vendor_template_phone` varchar(200) DEFAULT NULL,
`vendor_template_extension` varchar(200) DEFAULT NULL,
`vendor_template_email` varchar(200) DEFAULT NULL,
`vendor_template_website` varchar(200) DEFAULT NULL,
`vendor_template_hours` varchar(200) DEFAULT NULL,
`vendor_template_sla` varchar(200) DEFAULT NULL,
`vendor_template_code` varchar(200) DEFAULT NULL,
`vendor_template_account_number` varchar(200) DEFAULT NULL,
`vendor_template_notes` text DEFAULT NULL,
`vendor_template_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`vendor_template_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`vendor_template_archived_at` datetime DEFAULT NULL,
PRIMARY KEY (`vendor_template_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Table structure for table `vendors`
--
@ -2480,7 +2571,6 @@ CREATE TABLE `vendors` (
`vendor_code` varchar(200) DEFAULT NULL,
`vendor_account_number` varchar(200) DEFAULT NULL,
`vendor_notes` text DEFAULT NULL,
`vendor_template` tinyint(1) NOT NULL DEFAULT 0,
`vendor_created_at` datetime NOT NULL DEFAULT current_timestamp(),
`vendor_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(),
`vendor_archived_at` datetime DEFAULT NULL,
@ -2500,4 +2590,4 @@ CREATE TABLE `vendors` (
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2025-05-24 13:23:21
-- Dump completed on 2025-06-17 22:44:10

4
expenses.php
View File

@ -154,7 +154,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<option value="">- All Vendors -</option>
<?php
$sql_vendors_filter = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql_vendors_filter = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors_filter)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
@ -348,7 +348,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-fw fa-copy mr-2"></i>Copy
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item"
<a class="dropdown-item" href="#"
data-toggle="ajax-modal"
data-modal-size="lg"
data-ajax-url="ajax/ajax_expense_refund.php"

39
functions.php
View File

@ -77,17 +77,21 @@ function getUserAgent() {
}
function getIP() {
if (defined("CONST_GET_IP_METHOD")) {
if (CONST_GET_IP_METHOD == "HTTP_X_FORWARDED_FOR") {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} else {
$ip = $_SERVER["HTTP_CF_CONNECTING_IP"] ?? $_SERVER['REMOTE_ADDR'];
}
} else {
// Default way to get IP
$ip = $_SERVER['REMOTE_ADDR'];
// Allow overrides via config.php in-case we use a proxy - https://docs.itflow.org/config_php
if (defined("CONST_GET_IP_METHOD") && CONST_GET_IP_METHOD == "HTTP_X_FORWARDED_FOR") {
$ip = explode(',', getenv('HTTP_X_FORWARDED_FOR'))[0] ?? $_SERVER['REMOTE_ADDR'];
} elseif (defined("CONST_GET_IP_METHOD") && CONST_GET_IP_METHOD == "HTTP_CF_CONNECTING_IP") {
$ip = $_SERVER["HTTP_CF_CONNECTING_IP"] ?? $_SERVER['REMOTE_ADDR'];
}
// Abort if something isn't right
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
error_log("ITFlow - Could not validate remote IP address");
error_log("ITFlow - IP was [$ip] using method " . CONST_GET_IP_METHOD);
exit("Potential Security Violation");
}
@ -195,7 +199,7 @@ function truncate($text, $chars) {
function formatPhoneNumber($phoneNumber, $country_code = '', $show_country_code = false) {
// Remove all non-digit characters
$digits = preg_replace('/\D/', '', $phoneNumber);
$digits = preg_replace('/\D/', '', $phoneNumber ?? '');
$formatted = '';
// If no digits at all, fallback early
@ -1652,3 +1656,22 @@ function display_folder_options($parent_folder_id, $client_id, $folder_location
display_folder_options($folder_id, $client_id, $folder_location, $indent + 1);
}
}
function sanitize_url($url) {
$allowed = ['http', 'https', 'file', 'ftp', 'ftps', 'sftp', 'dav', 'webdav', 'caldav', 'carddav', 'ssh', 'telnet', 'smb', 'rdp', 'vnc', 'rustdesk', 'anydesk', 'connectwise', 'splashtop', 'sip', 'sips', 'ldap', 'ldaps'];
$parts = parse_url($url ?? '');
if (isset($parts['scheme']) && !in_array(strtolower($parts['scheme']), $allowed)) {
// Remove the scheme and colon
$pos = strpos($url, ':');
$without_scheme = $url;
if ($pos !== false) {
$without_scheme = substr($url, $pos + 1); // This keeps slashes (e.g. //pizza.com)
}
// Prepend 'unsupported://' (strip any leading slashes from $without_scheme to avoid triple slashes)
$unsupported = 'unsupported://' . ltrim($without_scheme, '/');
return htmlspecialchars($unsupported, ENT_QUOTES, 'UTF-8');
}
// Safe schemes: return escaped original URL
return htmlspecialchars($url ?? '', ENT_QUOTES, 'UTF-8');
}

1
global_search.php
View File

@ -43,7 +43,6 @@ if (isset($_GET['query'])) {
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors
LEFT JOIN clients ON vendor_client_id = client_id
WHERE vendor_archived_at IS NULL
AND vendor_template = 0
AND (vendor_name LIKE '%$query%' OR vendor_phone LIKE '%$phone_query%')
$access_permission_query
ORDER BY vendor_id DESC LIMIT 5"

432
guest/guest_post.php
View File

@ -2,6 +2,7 @@
require_once "../config.php";
require_once "../functions.php";
require_once "../includes/get_settings.php";
session_start();
@ -201,6 +202,437 @@ if (isset($_GET['add_ticket_feedback'], $_GET['url_key'])) {
}
}
if (isset($_GET['export_quote_pdf'])) {
$quote_id = intval($_GET['export_quote_pdf']);
$url_key = sanitizeInput($_GET['url_key']);
$sql = mysqli_query(
$mysqli,
"SELECT * FROM quotes
LEFT JOIN clients ON quote_client_id = client_id
LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1
LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1
WHERE quote_id = $quote_id AND quote_url_key = '$url_key'
LIMIT 1"
);
if (mysqli_num_rows($sql) == 1) {
$row = mysqli_fetch_array($sql);
$quote_id = intval($row['quote_id']);
$quote_prefix = nullable_htmlentities($row['quote_prefix']);
$quote_number = intval($row['quote_number']);
$quote_scope = nullable_htmlentities($row['quote_scope']);
$quote_status = nullable_htmlentities($row['quote_status']);
$quote_date = nullable_htmlentities($row['quote_date']);
$quote_expire = nullable_htmlentities($row['quote_expire']);
$quote_amount = floatval($row['quote_amount']);
$quote_discount = floatval($row['quote_discount_amount']);
$quote_currency_code = nullable_htmlentities($row['quote_currency_code']);
$quote_note = nullable_htmlentities($row['quote_note']);
$quote_url_key = nullable_htmlentities($row['quote_url_key']);
$quote_created_at = nullable_htmlentities($row['quote_created_at']);
$category_id = intval($row['quote_category_id']);
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$location_address = nullable_htmlentities($row['location_address']);
$location_city = nullable_htmlentities($row['location_city']);
$location_state = nullable_htmlentities($row['location_state']);
$location_zip = nullable_htmlentities($row['location_zip']);
$location_country = nullable_htmlentities($row['location_country']);
$contact_email = nullable_htmlentities($row['contact_email']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$client_website = nullable_htmlentities($row['client_website']);
$client_currency_code = nullable_htmlentities($row['client_currency_code']);
$client_net_terms = intval($row['client_net_terms']);
if ($client_net_terms == 0) {
$client_net_terms = $config_default_net_terms;
}
$sql = mysqli_query($mysqli, "SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1");
$row = mysqli_fetch_array($sql);
$company_id = intval($row['company_id']);
$company_name = nullable_htmlentities($row['company_name']);
$company_country = nullable_htmlentities($row['company_country']);
$company_address = nullable_htmlentities($row['company_address']);
$company_city = nullable_htmlentities($row['company_city']);
$company_state = nullable_htmlentities($row['company_state']);
$company_zip = nullable_htmlentities($row['company_zip']);
$company_phone_country_code = nullable_htmlentities($row['company_phone_country_code']);
$company_phone = nullable_htmlentities(formatPhoneNumber($row['company_phone'], $company_phone_country_code));
$company_email = nullable_htmlentities($row['company_email']);
$company_website = nullable_htmlentities($row['company_website']);
$company_logo = nullable_htmlentities($row['company_logo']);
$company_locale = nullable_htmlentities($row['company_locale']);
//Set Currency Format
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
require_once("../plugins/TCPDF/tcpdf.php");
// Start TCPDF
$pdf = new TCPDF('P', 'mm', 'A4', true, 'UTF-8', false);
$pdf->SetMargins(15, 15, 15);
$pdf->setPrintHeader(false);
$pdf->setPrintFooter(false);
$pdf->AddPage();
$pdf->SetFont('helvetica', '', 10);
// Logo + Right Columns
$html = '<table width="100%" cellspacing="0" cellpadding="5">
<tr>
<td width="40%">';
if (!empty($company_logo)) {
$logo_path = "../uploads/settings/$company_logo";
if (file_exists($logo_path)) {
$pdf->Image($logo_path, $pdf->GetX(), $pdf->GetY(), 40);
}
}
$html .= '</td>
<td width="60%" align="right">
<span style="font-size:18pt; font-weight:bold;">QUOTE</span><br>
<span style="font-size:14pt;">' . $quote_prefix . $quote_number . '</span><br>';
if (strtolower($quote_status) === 'accepted') {
$html .= '<span style="color:green; font-weight:bold;">ACCEPTED</span><br>';
}
if (strtolower($quote_status) === 'declined') {
$html .= '<span style="color:red; font-weight:bold;">DECLINED</span><br>';
}
$html .= '</td>
</tr>
</table><br><br>';
// Billing titles
$html .= '<table width="100%" cellspacing="0" cellpadding="2">
<tr>
<td width="50%" style="font-size:14pt; font-weight:bold;">' . $company_name . '</td>
<td width="50%" align="right" style="font-size:14pt; font-weight:bold;">' . $client_name . '</td>
</tr>
<tr>
<td style="font-size:10pt; line-height:1.4;">' . nl2br("$company_address\n$company_city $company_state $company_zip\n$company_country\n$company_phone\n$company_website") . '</td>
<td style="font-size:10pt; line-height:1.4;" align="right">' . nl2br("$location_address\n$location_city $location_state $location_zip\n$location_country\n$contact_email\n$contact_phone") . '</td>
</tr>
</table><br>';
// Date table
$html .= '<table border="0" cellpadding="3" cellspacing="0" width="100%">
<tr>
<td width="60%"></td>
<td width="20%" style="font-size:10pt;"><strong>Date:</strong></td>
<td width="20%" style="font-size:10pt;" align="right">' . $quote_date . '</td>
</tr>
<tr>
<td></td>
<td style="font-size:10pt;"><strong>Expires:</strong></td>
<td style="font-size:10pt;" align="right">' . $quote_expire . '</td>
</tr>
</table><br><br>';
// Items header
$html .= '
<table border="0" cellpadding="5" cellspacing="0" width="100%">
<tr style="background-color:#f0f0f0;">
<th align="left" width="40%"><strong>Item</strong></th>
<th align="center" width="10%"><strong>Qty</strong></th>
<th align="right" width="15%"><strong>Price</strong></th>
<th align="right" width="15%"><strong>Tax</strong></th>
<th align="right" width="20%"><strong>Amount</strong></th>
</tr>';
// Load items
$sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_order ASC");
while ($item = mysqli_fetch_array($sql_items)) {
$name = $item['item_name'];
$desc = $item['item_description'];
$qty = $item['item_quantity'];
$price = $item['item_price'];
$tax = $item['item_tax'];
$total = $item['item_total'];
$sub_total += $price * $qty;
$total_tax += $tax;
$html .= '
<tr>
<td>
<strong>' . $name . '</strong><br>
<span style="font-style:italic; font-size:9pt;">' . nl2br($desc) . '</span>
</td>
<td align="center">' . number_format($qty, 2) . '</td>
<td align="right">' . numfmt_format_currency($currency_format, $price, $quote_currency_code) . '</td>
<td align="right">' . numfmt_format_currency($currency_format, $tax, $quote_currency_code) . '</td>
<td align="right">' . numfmt_format_currency($currency_format, $total, $quote_currency_code) . '</td>
</tr>';
}
$html .= '</table><br><hr><br><br>';
// Totals
$html .= '<table width="100%" cellspacing="0" cellpadding="4">
<tr>
<td width="70%" rowspan="6" valign="top"><i>' . nl2br($quote_note) . '</i></td>
<td width="30%">
<table width="100%" cellpadding="3" cellspacing="0">
<tr><td>Subtotal:</td><td align="right">' . numfmt_format_currency($currency_format, $sub_total, $quote_currency_code) . '</td></tr>';
if ($quote_discount > 0) {
$html .= '<tr><td>Discount:</td><td align="right">-' . numfmt_format_currency($currency_format, $quote_discount, $quote_currency_code) . '</td></tr>';
}
if ($total_tax > 0) {
$html .= '<tr><td>Tax:</td><td align="right">' . numfmt_format_currency($currency_format, $total_tax, $quote_currency_code) . '</td></tr>';
}
$html .= '
<tr><td><h3><strong>Total:</strong></h3></td><td align="right"><h3><strong>' . numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code) . '</strong></h3></td></tr>
</table>
</td>
</tr>
</table><br><br>';
// Footer
$html .= '<div style="text-align:center; font-size:9pt; color:gray;">' . nl2br($config_quote_footer) . '</div>';
$pdf->writeHTML($html, true, false, true, false, '');
$filename = preg_replace('/[^A-Za-z0-9_\-]/', '_', "{$quote_date}_{$company_name}_{$client_name}_Quote_{$quote_prefix}{$quote_number}");
$pdf->Output("$filename.pdf", 'I');
}
exit;
}
if (isset($_GET['export_invoice_pdf'])) {
$invoice_id = intval($_GET['export_invoice_pdf']);
$url_key = sanitizeInput($_GET['url_key']);
$sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1
LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1
WHERE invoice_id = $invoice_id AND invoice_url_key = '$url_key'
LIMIT 1"
);
if (mysqli_num_rows($sql) == 1) {
$row = mysqli_fetch_array($sql);
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
$invoice_number = intval($row['invoice_number']);
$invoice_scope = nullable_htmlentities($row['invoice_scope']);
$invoice_status = nullable_htmlentities($row['invoice_status']);
$invoice_date = nullable_htmlentities($row['invoice_date']);
$invoice_due = nullable_htmlentities($row['invoice_due']);
$invoice_amount = floatval($row['invoice_amount']);
$invoice_discount = floatval($row['invoice_discount_amount']);
$invoice_currency_code = nullable_htmlentities($row['invoice_currency_code']);
$invoice_note = nullable_htmlentities($row['invoice_note']);
$invoice_url_key = nullable_htmlentities($row['invoice_url_key']);
$invoice_created_at = nullable_htmlentities($row['invoice_created_at']);
$category_id = intval($row['invoice_category_id']);
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$location_address = nullable_htmlentities($row['location_address']);
$location_city = nullable_htmlentities($row['location_city']);
$location_state = nullable_htmlentities($row['location_state']);
$location_zip = nullable_htmlentities($row['location_zip']);
$location_country = nullable_htmlentities($row['location_country']);
$contact_email = nullable_htmlentities($row['contact_email']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$client_website = nullable_htmlentities($row['client_website']);
$client_currency_code = nullable_htmlentities($row['client_currency_code']);
$client_net_terms = intval($row['client_net_terms']);
if ($client_net_terms == 0) {
$client_net_terms = $config_default_net_terms;
}
$sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql);
$company_id = intval($row['company_id']);
$company_name = nullable_htmlentities($row['company_name']);
$company_country = nullable_htmlentities($row['company_country']);
$company_address = nullable_htmlentities($row['company_address']);
$company_city = nullable_htmlentities($row['company_city']);
$company_state = nullable_htmlentities($row['company_state']);
$company_zip = nullable_htmlentities($row['company_zip']);
$company_phone_country_code = nullable_htmlentities($row['company_phone_country_code']);
$company_phone = nullable_htmlentities(formatPhoneNumber($row['company_phone'], $company_phone_country_code));
$company_email = nullable_htmlentities($row['company_email']);
$company_website = nullable_htmlentities($row['company_website']);
$company_tax_id = nullable_htmlentities($row['company_tax_id']);
if ($config_invoice_show_tax_id && !empty($company_tax_id)) {
$company_tax_id_display = "Tax ID: $company_tax_id";
} else {
$company_tax_id_display = "";
}
$company_logo = nullable_htmlentities($row['company_logo']);
$company_locale = nullable_htmlentities($row['company_locale']);
//Set Currency Format
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
$sql_payments = mysqli_query($mysqli, "SELECT * FROM payments, accounts WHERE payment_account_id = account_id AND payment_invoice_id = $invoice_id ORDER BY payments.payment_id DESC");
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
$row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = floatval($row['amount_paid']);
$balance = $invoice_amount - $amount_paid;
//check to see if overdue
if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled" && $invoice_status !== "Non-Billable") {
$unixtime_invoice_due = strtotime($invoice_due) + 86400;
if ($unixtime_invoice_due < time()) {
$invoice_overdue = "Overdue";
}
}
//Set Badge color based off of invoice status
$invoice_badge_color = getInvoiceBadgeColor($invoice_status);
require_once("../plugins/TCPDF/tcpdf.php");
// Start TCPDF
$pdf = new TCPDF('P', 'mm', 'A4', true, 'UTF-8', false);
$pdf->SetMargins(15, 15, 15);
$pdf->setPrintHeader(false);
$pdf->setPrintFooter(false);
$pdf->AddPage();
$pdf->SetFont('helvetica', '', 10);
// Logo + Right Columns
$html = '<table width="100%" cellspacing="0" cellpadding="5">
<tr>
<td width="40%">';
if (!empty($company_logo)) {
$logo_path = "../uploads/settings/$company_logo";
if (file_exists($logo_path)) {
$pdf->Image($logo_path, $pdf->GetX(), $pdf->GetY(), 40);
}
}
$html .= '</td>
<td width="60%" align="right">
<span style="font-size:18pt; font-weight:bold;">Invoice</span><br>
<span style="font-size:14pt;">' . $invoice_prefix . $invoice_number . '</span><br>';
if (strtolower($invoice_status) === 'paid') {
$html .= '<span style="color:green; font-weight:bold;">PAID</span><br>';
}
$html .= '</td>
</tr>
</table><br><br>';
// Billing titles
$html .= '<table width="100%" cellspacing="0" cellpadding="2">
<tr>
<td width="50%" style="font-size:14pt; font-weight:bold;">' . $company_name . '</td>
<td width="50%" align="right" style="font-size:14pt; font-weight:bold;">' . $client_name . '</td>
</tr>
<tr>
<td style="font-size:10pt; line-height:1.4;">' . nl2br("$company_address\n$company_city $company_state $company_zip\n$company_country\n$company_phone\n$company_website\n$company_tax_id_display") . '</td>
<td style="font-size:10pt; line-height:1.4;" align="right">' . nl2br("$location_address\n$location_city $location_state $location_zip\n$location_country\n$contact_email\n$contact_phone") . '</td>
</tr>
</table><br>';
// Date table
$html .= '<table border="0" cellpadding="3" cellspacing="0" width="100%">
<tr>
<td width="60%"></td>
<td width="20%" style="font-size:10pt;"><strong>Date:</strong></td>
<td width="20%" style="font-size:10pt;" align="right">' . $invoice_date . '</td>
</tr>
<tr>
<td></td>
<td style="font-size:10pt;"><strong>Due:</strong></td>
<td style="font-size:10pt;" align="right">' . $invoice_due . '</td>
</tr>
</table><br><br>';
// Items header
$html .= '
<table border="0" cellpadding="5" cellspacing="0" width="100%">
<tr style="background-color:#f0f0f0;">
<th align="left" width="40%"><strong>Item</strong></th>
<th align="center" width="10%"><strong>Qty</strong></th>
<th align="right" width="15%"><strong>Price</strong></th>
<th align="right" width="15%"><strong>Tax</strong></th>
<th align="right" width="20%"><strong>Amount</strong></th>
</tr>';
// Load items
$sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_invoice_id = $invoice_id ORDER BY item_order ASC");
while ($item = mysqli_fetch_array($sql_items)) {
$name = $item['item_name'];
$desc = $item['item_description'];
$qty = $item['item_quantity'];
$price = $item['item_price'];
$tax = $item['item_tax'];
$total = $item['item_total'];
$sub_total += $price * $qty;
$total_tax += $tax;
$html .= '
<tr>
<td>
<strong>' . $name . '</strong><br>
<span style="font-style:italic; font-size:9pt;">' . nl2br($desc) . '</span>
</td>
<td align="center">' . number_format($qty, 2) . '</td>
<td align="right">' . numfmt_format_currency($currency_format, $price, $invoice_currency_code) . '</td>
<td align="right">' . numfmt_format_currency($currency_format, $tax, $invoice_currency_code) . '</td>
<td align="right">' . numfmt_format_currency($currency_format, $total, $invoice_currency_code) . '</td>
</tr>';
}
$html .= '</table><br><hr><br><br>';
// Totals
$html .= '<table width="100%" cellspacing="0" cellpadding="4">
<tr>
<td width="70%" rowspan="6" valign="top"><i>' . nl2br($invoice_note) . '</i></td>
<td width="30%">
<table width="100%" cellpadding="3" cellspacing="0">
<tr><td>Subtotal:</td><td align="right">' . numfmt_format_currency($currency_format, $sub_total, $invoice_currency_code) . '</td></tr>';
if ($invoice_discount > 0) {
$html .= '<tr><td>Discount:</td><td align="right">-' . numfmt_format_currency($currency_format, $invoice_discount, $invoice_currency_code) . '</td></tr>';
}
if ($total_tax > 0) {
$html .= '<tr><td>Tax:</td><td align="right">' . numfmt_format_currency($currency_format, $total_tax, $invoice_currency_code) . '</td></tr>';
}
$html .= '
<tr><td>Total:</td><td align="right">' . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . '</td></tr>';
if ($amount_paid > 0) {
$html .= '<tr><td>Paid:</td><td align="right">' . numfmt_format_currency($currency_format, $amount_paid, $invoice_currency_code) . '</td></tr>';
}
$html .= '
<tr><td><h3><strong>Balance:</strong></h3></td><td align="right"><h3><strong>' . numfmt_format_currency($currency_format, $balance, $invoice_currency_code) . '</strong></h3></td></tr>
</table>
</td>
</tr>
</table><br><br>';
// Footer
$html .= '<div style="text-align:center; font-size:9pt; color:gray;">' . nl2br($config_invoice_footer) . '</div>';
$pdf->writeHTML($html, true, false, true, false, '');
$filename = preg_replace('/[^A-Za-z0-9_\-]/', '_', "{$invoice_date}_{$company_name}_{$client_name}_Invoice_{$invoice_prefix}{$invoice_number}");
$pdf->Output("$filename.pdf", 'I');
}
exit;
}
if (isset($_POST['guest_quote_upload_file'])) {
$quote_id = intval($_POST['quote_id']);
$url_key = sanitizeInput($_POST['url_key']);

995
guest/guest_view_invoice.php
View File

File diff suppressed because it is too large Load Diff

784
guest/guest_view_quote.php
View File

@ -87,6 +87,21 @@ $config_quote_footer = nullable_htmlentities($row['config_quote_footer']);
//Set Currency Format
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
//Set Badge color based off of quote status
if ($quote_status == "Sent") {
$quote_badge_color = "warning text-white";
} elseif ($quote_status == "Viewed") {
$quote_badge_color = "primary";
} elseif ($quote_status == "Accepted") {
$quote_badge_color = "success";
} elseif ($quote_status == "Declined") {
$quote_badge_color = "danger";
} elseif ($quote_status == "Invoiced") {
$quote_badge_color = "info";
} else {
$quote_badge_color = "secondary";
}
//Update status to Viewed only if invoice_status = "Sent"
if ($quote_status == 'Sent') {
mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Viewed' WHERE quote_id = $quote_id");
@ -102,627 +117,188 @@ if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Vie
?>
<div class="card">
<div class="card">
<div class="card-header d-print-none">
<div class="card-header d-print-none">
<div class="float-right">
<a class="btn btn-primary" href="#" onclick="window.print();"><i class="fas fa-fw fa-print mr-2"></i>Print</a>
<a class="btn btn-primary" href="#" onclick="pdfMake.createPdf(docDefinition).download('<?php echo strtoAZaz09(html_entity_decode("$quote_date-$company_name-QUOTE-$quote_prefix$quote_number")); ?>');">
<i class="fa fa-fw fa-download mr-2"></i>Download
</a>
<div class="float-right">
<a class="btn btn-primary" href="#" onclick="window.print();"><i class="fas fa-fw fa-print mr-2"></i>Print</a>
<a class="btn btn-primary" href="guest_post.php?export_quote_pdf=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
<i class="fa fa-fw fa-download mr-2"></i>Download
</a>
</div>
</div>
<div class="card-body">
<div class="row mb-3">
<?php if (file_exists("../uploads/settings/$company_logo")) { ?>
<div class="col-sm-2">
<img class="img-fluid" src="<?php echo "../uploads/settings/$company_logo"; ?>" alt="Company logo">
</div>
<?php } ?>
<div class="col-sm-6 <?php if (!file_exists("../uploads/settings/$company_logo")) { echo "col-sm-8"; } ?>">
<ul class="list-unstyled">
<li><h4><strong><?php echo $company_name; ?></strong></h4></li>
<li><?php echo $company_address; ?></li>
<li><?php echo "$company_city $company_state $company_zip, $company_country"; ?></li>
<li><?php echo "$company_email | $company_phone"; ?></li>
<li><?php echo $company_website; ?></li>
</ul>
</div>
<div class="col-sm-4">
<h3 class="text-right"><strong>QUOTE</strong></h3>
<h5 class="badge badge-<?php echo $quote_badge_color; ?> p-2 float-right">
<?php echo "$quote_status"; ?>
</h5>
<table class="table table-sm table-borderless">
<tr>
<th>Quote #:</th>
<td class="text-right"><?php echo "$quote_prefix$quote_number"; ?></td>
</tr>
<tr>
<th>Date:</th>
<td class="text-right"><?php echo $quote_date; ?></td>
</tr>
<tr>
<th>Expires:</th>
<td class="text-right"><?php echo $quote_expire; ?></td>
</tr>
</table>
</div>
</div>
<div class="row mb-3 bg-light p-3">
<div class="col">
<h6><strong>To:</strong></h6>
<ul class="list-unstyled mb-0">
<li><?php echo $client_name; ?></li>
<li><?php echo $location_address; ?></li>
<li><?php echo "$location_city $location_state $location_zip, $location_country"; ?></li>
<li><?php echo "$contact_email | $contact_phone $contact_extension"; ?></li>
</ul>
</div>
</div>
<div class="card-body">
<div class="row mb-4">
<div class="col-sm-2">
<img class="img-fluid" src="<?php echo "../uploads/settings/$company_logo"; ?>">
</div>
<div class="col-sm-10">
<?php if ($quote_status == "Accepted" || $quote_status == "Declined") { ?>
<div class="ribbon-wrapper">
<div class="ribbon bg-success <?php if ($quote_status == 'Declined') { echo 'bg-danger'; } ?>">
<?php echo $quote_status; ?>
</div>
</div>
<?php } ?>
<h3 class="text-right mt-5"><strong>Quote</strong><br><small class="text-secondary"><?php echo "$quote_prefix$quote_number"; ?></small></h3>
</div>
</div>
<?php $sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_order ASC"); ?>
<div class="row mb-4">
<div class="row mb-3">
<div class="col-md-12">
<div class="card">
<div class="table-responsive">
<table class="table table-borderless">
<thead class="bg-light">
<tr>
<th>Item</th>
<th>Description</th>
<th class="text-center">Qty</th>
<th class="text-right">Unit Price</th>
<th class="text-right">Tax</th>
<th class="text-right">Amount</th>
</tr>
</thead>
<tbody>
<?php
<div class="col-sm">
<ul class="list-unstyled">
<li><h4><strong><?php echo $company_name; ?></strong></h4></li>
<li><?php echo $company_address; ?></li>
<li><?php echo "$company_city $company_state $company_zip"; ?></li>
<li><small><?php echo $company_country; ?></small></li>
<li><?php echo $company_phone; ?></li>
<li><?php echo $company_email; ?></li>
</ul>
$total_tax = $sub_total = 0; // Default 0
</div>
<div class="col-sm">
<ul class="list-unstyled text-right">
<li><h4><strong><?php echo $client_name; ?></strong></h4></li>
<li><?php echo $location_address; ?></li>
<li><?php echo "$location_city $location_state $location_zip"; ?></li>
<li><small><?php echo $location_country; ?></small></li>
<li><?php echo "$contact_phone $contact_extension"; ?></li>
<li><?php echo $contact_mobile; ?></li>
<li><?php echo $contact_email; ?></li>
</ul>
</div>
</div>
<div class="row mb-4">
<div class="col-sm-8">
</div>
<div class="col-sm-4">
<table class="table">
<tr>
<td>Date</td>
<td class="text-right"><?php echo $quote_date; ?></td>
</tr>
<tr class="text-bold">
<td>Expire</td>
<td class="text-right"><?php echo $quote_expire; ?></td>
</tr>
</table>
</div>
</div>
<?php $sql_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_order ASC"); ?>
<div class="row mb-4">
<div class="col-md-12">
<div class="card">
<div class="table-responsive">
<table class="table">
<thead>
<tr>
<th>Product</th>
<th>Description</th>
<th class="text-center">Qty</th>
<th class="text-right">Price</th>
<th class="text-right">Tax</th>
<th class="text-right">Total</th>
</tr>
</thead>
<tbody>
<?php
$total_tax = $sub_total = 0; // Default 0
while ($row = mysqli_fetch_array($sql_items)) {
$item_id = intval($row['item_id']);
$item_name = nullable_htmlentities($row['item_name']);
$item_description = nullable_htmlentities($row['item_description']);
$item_quantity = floatval($row['item_quantity']);
$item_price = floatval($row['item_price']);
$item_tax = floatval($row['item_tax']);
$item_total = floatval($row['item_total']);
$total_tax = $item_tax + $total_tax;
$sub_total = $item_price * $item_quantity + $sub_total;
?>
<tr>
<td><?php echo $item_name; ?></td>
<td><?php echo nl2br($item_description); ?></td>
<td class="text-center"><?php echo $item_quantity; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_price, $quote_currency_code); ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_tax, $quote_currency_code); ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_total, $quote_currency_code); ?></td>
</tr>
<?php
}
while ($row = mysqli_fetch_array($sql_items)) {
$item_id = intval($row['item_id']);
$item_name = nullable_htmlentities($row['item_name']);
$item_description = nullable_htmlentities($row['item_description']);
$item_quantity = floatval($row['item_quantity']);
$item_price = floatval($row['item_price']);
$item_tax = floatval($row['item_tax']);
$item_total = floatval($row['item_total']);
$total_tax = $item_tax + $total_tax;
$sub_total = $item_price * $item_quantity + $sub_total;
?>
</tbody>
</table>
</div>
<tr>
<td><?php echo $item_name; ?></td>
<td><?php echo nl2br($item_description); ?></td>
<td class="text-center"><?php echo $item_quantity; ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_price, $quote_currency_code); ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_tax, $quote_currency_code); ?></td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_total, $quote_currency_code); ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
</div>
</div>
<div class="row mb-4">
<div class="col-sm-7">
<?php if (!empty($quote_note)) { ?>
<div class="card">
<div class="card-body">
<?php echo nl2br($quote_note); ?>
</div>
</div>
<?php } ?>
</div>
<div class="col-sm-3 offset-sm-2">
<table class="table table-borderless">
<tbody>
<tr class="border-bottom">
<td>Subtotal</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $sub_total, $quote_currency_code); ?></td>
</tr>
<?php if ($quote_discount > 0) { ?>
<tr class="border-bottom">
<td>Discount</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, -$quote_discount, $quote_currency_code); ?></td>
</tr>
<?php } ?>
<?php if ($total_tax > 0) { ?>
<tr class="border-bottom">
<td>Tax</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $total_tax, $quote_currency_code); ?></td>
</tr>
<?php } ?>
<tr class="border-bottom">
<td><strong>Total</strong></td>
<td class="text-right"><strong><?php echo numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code); ?></strong></td>
</tr>
</tbody>
</table>
</div>
</div>
<hr class="mt-5">
<div class="text-center"><?php echo nl2br($config_quote_footer); ?></div>
<div class="">
<?php
if ($quote_status == "Sent" || $quote_status == "Viewed" && strtotime($quote_expire) > strtotime("now")) { ?>
<a class="btn btn-success confirm-link" href="guest_post.php?accept_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
<i class="fas fa-fw fa-thumbs-up mr-2"></i>Accept
</a>
<a class="btn btn-danger confirm-link" href="guest_post.php?decline_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
<i class="fas fa-fw fa-thumbs-down mr-2"></i>Decline
</a>
<?php } ?>
<?php if ($quote_status == "Accepted") { ?>
<button type="button" class="btn btn-success" data-toggle="modal" data-target="#uploadFileModal">
<i class="fas fa-fw fa-cloud-upload-alt mr-2"></i>Upload File
</button>
<?php } ?>
</div>
</div>
<div class="row mb-3">
<div class="col-sm-7">
<?php if (!empty($quote_note)) { ?>
<div class="card">
<div class="card-body">
<?php echo nl2br($quote_note); ?>
</div>
</div>
<?php } ?>
</div>
<div class="col-sm-3 offset-sm-2">
<table class="table table-borderless">
<tbody>
<tr>
<td>Subtotal:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $sub_total, $quote_currency_code); ?></td>
</tr>
<?php if ($quote_discount > 0) { ?>
<tr>
<td>Discount:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, -$quote_discount, $quote_currency_code); ?></td>
</tr>
<?php } ?>
<?php if ($total_tax > 0) { ?>
<tr>
<td>Tax:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $total_tax, $quote_currency_code); ?></td>
</tr>
<?php } ?>
<tr class="border-top h5 text-bold">
<td><strong>Total:</strong></td>
<td class="text-right"><strong><?php echo numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code); ?></strong></td>
</tr>
</tbody>
</table>
</div>
</div>
<hr class="mt-5">
<div class="text-center"><?php echo nl2br($config_quote_footer); ?></div>
<div class="">
<?php
if ($quote_status == "Sent" || $quote_status == "Viewed" && strtotime($quote_expire) > strtotime("now")) { ?>
<a class="btn btn-success confirm-link" href="guest_post.php?accept_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
<i class="fas fa-fw fa-thumbs-up mr-2"></i>Accept
</a>
<a class="btn btn-danger confirm-link" href="guest_post.php?decline_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
<i class="fas fa-fw fa-thumbs-down mr-2"></i>Decline
</a>
<?php } ?>
<?php if ($quote_status == "Accepted") { ?>
<button type="button" class="btn btn-success" data-toggle="modal" data-target="#uploadFileModal">
<i class="fas fa-fw fa-cloud-upload-alt mr-2"></i>Upload File
</button>
<?php } ?>
</div>
</div>
<script src='../plugins/pdfmake/pdfmake.min.js'></script>
<script src='../plugins/pdfmake/vfs_fonts.js'></script>
<script>
var docDefinition = {
info: {
title: <?php echo json_encode(html_entity_decode($company_name) . "- Quote") ?>,
author: <?php echo json_encode(html_entity_decode($company_name)) ?>
},
//watermark: {text: '<?php echo $quote_status; ?>', color: 'lightgrey', opacity: 0.3, bold: true, italics: false},
content: [
// Header
{
columns: [
<?php if (!empty($company_logo_base64)) { ?>
{
image: <?php echo json_encode("data:image;base64,$company_logo_base64") ?>,
width: 120
},
<?php } ?>
[
{
text: 'Quote',
style: 'invoiceTitle',
width: '*'
},
{
text: <?php echo json_encode(html_entity_decode("$quote_prefix$quote_number")) ?>,
style: 'invoiceNumber',
width: '*'
},
],
],
},
// Billing Headers
{
columns: [
{
text: <?php echo json_encode(html_entity_decode($company_name)) ?>,
style: 'invoiceBillingTitle'
},
{
text: <?php echo json_encode(html_entity_decode($client_name)) ?>,
style: 'invoiceBillingTitleClient'
},
]
},
// Billing Address
{
columns: [
{
text: <?php echo json_encode(html_entity_decode("$company_address \n $company_city $company_state $company_zip \n $company_country \n $company_phone \n $company_website")) ?>,
style: 'invoiceBillingAddress'
},
{
text: <?php echo json_encode(html_entity_decode("$location_address \n $location_city $location_state $location_zip \n $location_country \n $contact_email \n $contact_phone")) ?>,
style: 'invoiceBillingAddressClient'
},
]
},
//Invoice Dates Table
{
table: {
// headers are automatically repeated if the table spans over multiple pages
// you can declare how many rows should be treated as headers
headerRows: 0,
widths: [ '*',80, 80 ],
body: [
// Total
[
{
text: '',
rowSpan: 3
},
{},
{},
],
[
{},
{
text: 'Date',
style: 'invoiceDateTitle'
},
{
text: <?php echo json_encode(html_entity_decode($quote_date)) ?>,
style: 'invoiceDateValue'
},
],
[
{},
{
text: 'Expire',
style: 'invoiceDueDateTitle'
},
{
text: <?php echo json_encode(html_entity_decode($quote_expire)) ?>,
style: 'invoiceDueDateValue'
},
],
]
}, // table
layout: 'lightHorizontalLines'
},
// Line breaks
'\n\n',
// Items
{
table: {
// headers are automatically repeated if the table spans over multiple pages
// you can declare how many rows should be treated as headers
headerRows: 1,
widths: [ '*', 40, 'auto', 'auto', 80 ],
body: [
// Table Header
[
{
text: 'Product',
style: [ 'itemsHeader', 'left']
},
{
text: 'Qty',
style: [ 'itemsHeader', 'center']
},
{
text: 'Price',
style: [ 'itemsHeader', 'right']
},
{
text: 'Tax',
style: [ 'itemsHeader', 'right']
},
{
text: 'Total',
style: [ 'itemsHeader', 'right']
}
],
// Items
<?php
$total_tax = 0;
$sub_total = 0;
$sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_quote_id = $quote_id ORDER BY item_order ASC");
while ($row = mysqli_fetch_array($sql_invoice_items)) {
$item_name = $row['item_name'];
$item_description = $row['item_description'];
$item_quantity = $row['item_quantity'];
$item_price = $row['item_price'];
$item_subtotal = $row['item_price'];
$item_tax = $row['item_tax'];
$item_total = $row['item_total'];
$tax_id = $row['item_tax_id'];
$total_tax = $item_tax + $total_tax;
$sub_total = $item_price * $item_quantity + $sub_total;
?>
// Item
[
[
{
text: <?php echo json_encode($item_name) ?>,
style: 'itemTitle'
},
{
text: <?php echo json_encode($item_description) ?>,
style: 'itemDescription'
}
],
{
text: <?php echo $item_quantity ?>,
style: 'itemQty'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $item_price, $quote_currency_code)) ?>,
style: 'itemNumber'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $item_tax, $quote_currency_code)) ?>,
style: 'itemNumber'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $item_total, $quote_currency_code)) ?>,
style: 'itemNumber'
}
],
<?php
}
?>
// END Items
]
}, // table
layout: 'lightHorizontalLines'
},
// TOTAL
{
table: {
// headers are automatically repeated if the table spans over multiple pages
// you can declare how many rows should be treated as headers
headerRows: 0,
widths: [ '*','auto', 80 ],
body: [
// Total
[
{
text: 'Notes',
style:'notesTitle'
},
{},
{}
],
[
{
rowSpan: '*',
text: <?php echo json_encode(html_entity_decode($quote_note)) ?>,
style: 'notesText'
},
{
text: 'Subtotal',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $sub_total, $quote_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php if ($quote_discount > 0) { ?>
[
{},
{
text: 'Discount',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, -$quote_discount, $quote_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php } ?>
<?php if ($total_tax > 0) { ?>
[
{},
{
text: 'Tax',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $total_tax, $quote_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php } ?>
[
{},
{
text: 'Total',
style: 'itemsFooterTotalTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code)) ?>,
style: 'itemsFooterTotalValue'
}
],
]
}, // table
layout: 'lightHorizontalLines'
},
// TERMS / FOOTER
{
text: <?php echo json_encode("$config_quote_footer"); ?>,
style: 'documentFooterCenter'
}
], //End Content,
styles: {
// Document Footer
documentFooterCenter: {
fontSize: 9,
margin: [10,50,10,10],
alignment: 'center'
},
// Invoice Title
invoiceTitle: {
fontSize: 18,
bold: true,
alignment: 'right',
margin: [0,0,0,3]
},
// Invoice Number
invoiceNumber: {
fontSize: 14,
alignment: 'right'
},
// Billing Headers
invoiceBillingTitle: {
fontSize: 14,
bold: true,
alignment: 'left',
margin: [0,20,0,5]
},
invoiceBillingTitleClient: {
fontSize: 14,
bold: true,
alignment: 'right',
margin: [0,20,0,5]
},
// Billing Details
invoiceBillingAddress: {
fontSize: 10,
lineHeight: 1.2
},
invoiceBillingAddressClient: {
fontSize: 10,
lineHeight: 1.2,
alignment: 'right',
margin: [0,0,0,30]
},
// Invoice Dates
invoiceDateTitle: {
fontSize: 10,
alignment: 'left',
margin: [0,5,0,5]
},
invoiceDateValue: {
fontSize: 10,
alignment: 'right',
margin: [0,5,0,5]
},
// Invoice Due Dates
invoiceDueDateTitle: {
fontSize: 10,
bold: true,
alignment: 'left',
margin: [0,5,0,5]
},
invoiceDueDateValue: {
fontSize: 10,
bold: true,
alignment: 'right',
margin: [0,5,0,5]
},
// Items Header
itemsHeader: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
// Item Title
itemTitle: {
fontSize: 10,
bold: true,
margin: [0,5,0,3]
},
itemDescription: {
italics: true,
fontSize: 9,
lineHeight: 1.1,
margin: [0,3,0,5]
},
itemQty: {
fontSize: 10,
margin: [0,5,0,5],
alignment: 'center'
},
itemNumber: {
fontSize: 10,
margin: [0,5,0,5],
alignment: 'right'
},
itemTotal: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
// Items Footer (Subtotal, Total, Tax, etc)
itemsFooterSubTitle: {
fontSize: 10,
margin: [0,5,0,5],
alignment: 'right'
},
itemsFooterSubValue: {
fontSize: 10,
margin: [0,5,0,5],
bold: false,
alignment: 'right'
},
itemsFooterTotalTitle: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
itemsFooterTotalValue: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
notesTitle: {
fontSize: 10,
bold: true,
margin: [0,5,0,5]
},
notesText: {
fontSize: 9,
margin: [0,5,50,5]
},
left: {
alignment: 'left'
},
center: {
alignment: 'center'
},
},
defaultStyle: {
columnGap: 20,
}
}
</script>
</div>
<?php
require_once "guest_quote_upload_file_modal.php";
require_once "includes/guest_footer.php";

1
guest/includes/guest_header.php
View File

@ -2,6 +2,7 @@
require_once "../config.php";
require_once "../functions.php";
require_once "../includes/get_settings.php";
session_start();

2
includes/app_version.php
View File

@ -5,4 +5,4 @@
* Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month.
*/
DEFINE("APP_VERSION", "25.05.1");
DEFINE("APP_VERSION", "25.06");

104
includes/client_overview_side_nav.php
View File

@ -1,3 +1,35 @@
<?php
// Badge Counts
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS num FROM contacts WHERE contact_archived_at IS NULL"));
$num_contacts = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('location_id') AS num FROM locations WHERE location_archived_at IS NULL"));
$num_locations = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS num FROM assets WHERE asset_archived_at IS NULL"));
$num_assets = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services"));
$num_services = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('credential_id') AS num FROM credentials WHERE credential_archived_at IS NULL"));
$num_credentials = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('network_id') AS num FROM networks WHERE network_archived_at IS NULL"));
$num_networks = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') AS num FROM domains WHERE domain_archived_at IS NULL"));
$num_domains = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') AS num FROM certificates WHERE certificate_archived_at IS NULL"));
$num_certificates = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_archived_at IS NULL"));
$num_software = $row['num'];
?>
<!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-primary d-print-none">
@ -19,55 +51,109 @@
<li class="nav-item">
<a href="contacts.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "contacts.php" || basename($_SERVER["PHP_SELF"]) == "contact_details.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-address-book"></i>
<p>Contacts</p>
<p>
Contacts
<?php
if ($num_contacts > 0) { ?>
<span class="right badge text-light"><?php echo $num_contacts; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="locations.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "locations.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-map-marker-alt"></i>
<p>Locations</p>
<p>
Locations
<?php
if ($num_locations > 0) { ?>
<span class="right badge text-light"><?php echo $num_locations; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="assets.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "assets.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-desktop"></i>
<p>Assets</p>
<p>
Assets
<?php
if ($num_assets > 0) { ?>
<span class="right badge text-light"><?php echo $num_assets; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="software.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "software.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-cube"></i>
<p>Licenses</p>
<p>
Licenses
<?php
if ($num_software > 0) { ?>
<span class="right badge text-light"><?php echo $num_software; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="credentials.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "credentials.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-key"></i>
<p>Credentials</p>
<p>
Credentials
<?php
if ($num_credentials > 0) { ?>
<span class="right badge text-light"><?php echo $num_credentials; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="networks.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "networks.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-network-wired"></i>
<p>Networks</p>
<p>
Networks
<?php
if ($num_networks > 0) { ?>
<span class="right badge text-light"><?php echo $num_networks; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="certificates.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "certificates.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-lock"></i>
<p>Certificates</p>
<p>
Certificates
<?php
if ($num_certificates > 0) { ?>
<span class="right badge text-light"><?php echo $num_certificates; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="domains.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "domains.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-globe"></i>
<p>Domains</p>
<p>
Domains
<?php
if ($num_domains > 0) { ?>
<span class="right badge text-light"><?php echo $num_domains; ?></span>
<?php } ?>
</p>
</a>
</li>
<li class="nav-item">
<a href="services.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "services.php") { echo "active"; } ?>">
<i class="nav-icon fas fa-stream"></i>
<p>Services</p>
<p>
Services
<?php
if ($num_services > 0) { ?>
<span class="right badge text-light"><?php echo $num_services; ?></span>
<?php } ?>
</p>
</a>
</li>
<?php } ?>

2
includes/client_side_nav.php
View File

@ -1,5 +1,5 @@
<!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-<?php echo nullable_htmlentities($config_theme); ?> d-print-none">
<aside class="main-sidebar sidebar-dark-<?php if (isset($_GET['client_id'])) { echo "gray"; } else { echo nullable_htmlentities($config_theme); } ?> d-print-none">
<a class="brand-link pb-1 mt-1" href="clients.php">
<p class="h5">

2
includes/database_version.php
View File

@ -5,4 +5,4 @@
* It is used in conjunction with database_updates.php
*/
DEFINE("LATEST_DATABASE_VERSION", "2.1.4");
DEFINE("LATEST_DATABASE_VERSION", "2.1.9");

2
includes/footer.php
View File

@ -14,7 +14,7 @@ if (str_contains(basename($_SERVER["PHP_SELF"]), "admin_")) { ?>
</div> <!-- ./wrapper -->
<!-- Set the browser window title to the clients name -->
<script>document.title = "<?php echo "$tab_title - $page_title"; ?>"</script>
<script>document.title = <?php echo json_encode("$tab_title - $page_title"); ?>;</script>
<!-- REQUIRED SCRIPTS -->

2
includes/get_settings.php
View File

@ -47,6 +47,7 @@ $config_invoice_from_email = $row['config_invoice_from_email'];
$config_invoice_late_fee_enable = intval($row['config_invoice_late_fee_enable']);
$config_invoice_late_fee_percent = floatval($row['config_invoice_late_fee_percent']);
$config_invoice_paid_notification_email = $row['config_invoice_paid_notification_email'];
$config_invoice_show_tax_id = intval($row['config_invoice_show_tax_id']);
// Recurring Invoices
$config_recurring_invoice_prefix = $row['config_recurring_invoice_prefix'];
@ -78,6 +79,7 @@ $config_ticket_default_billable = intval($row['config_ticket_default_billable'])
$config_ticket_default_view = intval($row['config_ticket_default_view']);
$config_ticket_moving_columns = intval($row['config_ticket_moving_columns']);
$config_ticket_ordering = intval($row['config_ticket_ordering']);
$config_ticket_timer_autostart = intval($row['config_ticket_timer_autostart']);
// Cron
$config_enable_cron = intval($row['config_enable_cron']);

2
includes/header.php
View File

@ -48,5 +48,5 @@ header("X-Frame-Options: DENY");
<script src="plugins/toastr/toastr.min.js"></script>
</head>
<body class="hold-transition sidebar-mini layout-fixed layout-navbar-fixed accent-<?php echo nullable_htmlentities($config_theme); ?>">
<body class="hold-transition sidebar-mini layout-fixed layout-navbar-fixed accent-<?php if (isset($_GET['client_id'])) { echo "blue"; } else { echo nullable_htmlentities($config_theme); } ?>">
<div class="wrapper text-sm">

4
includes/inc_all_client.php
View File

@ -105,7 +105,7 @@ if (isset($_GET['client_id'])) {
$client_tags_display = implode('', $client_tag_name_display_array);
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Cancelled'");
$sql_invoice_amounts = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS invoice_amounts FROM invoices WHERE invoice_client_id = $client_id AND invoice_status != 'Draft' AND invoice_status != 'Cancelled' AND invoice_status != 'Non-Billable'");
$row = mysqli_fetch_array($sql_invoice_amounts);
$invoice_amounts = floatval($row['invoice_amounts']);
@ -158,7 +158,7 @@ if (isset($_GET['client_id'])) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services WHERE service_client_id = $client_id"));
$num_services = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0"));
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id"));
$num_vendors = $row['num'];
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('credential_id') AS num FROM credentials WHERE credential_archived_at IS NULL AND credential_client_id = $client_id"));

11
includes/inc_client_top_head.php
View File

@ -90,22 +90,20 @@
if (!empty($contact_name)) { ?>
<div>
<i class="fa fa-fw fa-user text-secondary ml-1 mr-2"></i> <?php echo $contact_name; ?>
<i class="fa fa-fw fa-user text-secondary ml-1 mr-2"></i><?php echo $contact_name; ?>
</div>
<?php }
if (!empty($contact_email)) { ?>
<div class="mt-1">
<i class="fa fa-fw fa-envelope text-secondary ml-1 mr-2"></i>
<a href="mailto:<?php echo $contact_email; ?>"> <?php echo $contact_email; ?></a>
<i class="fa fa-fw fa-envelope text-secondary ml-1 mr-2"></i><a href="mailto:<?php echo $contact_email; ?>"><?php echo $contact_email; ?></a>
</div>
<?php
}
if (!empty($contact_phone)) { ?>
<div class="mt-1">
<i class="fa fa-fw fa-phone text-secondary ml-1 mr-2"></i>
<a href="tel:<?php echo $contact_phone; ?>"><?php echo $contact_phone; ?></a>
<i class="fa fa-fw fa-phone text-secondary ml-1 mr-2"></i><a href="tel:<?php echo $contact_phone; ?>"><?php echo $contact_phone; ?></a>
<?php
if (!empty($contact_extension)) {
@ -118,8 +116,7 @@
if (!empty($contact_mobile)) { ?>
<div class="mt-1">
<i class="fa fa-fw fa-mobile-alt text-secondary ml-1 mr-2"></i>
<a href="tel:<?php echo $contact_mobile; ?>"><?php echo $contact_mobile; ?></a>
<i class="fa fa-fw fa-mobile-alt text-secondary ml-1 mr-2"></i><a href="tel:<?php echo $contact_mobile; ?>"><?php echo $contact_mobile; ?></a>
</div>
<?php } ?>

2
includes/side_nav.php
View File

@ -211,7 +211,7 @@
while ($row = mysqli_fetch_array($sql_custom_links)) {
$custom_link_name = nullable_htmlentities($row['custom_link_name']);
$custom_link_uri = nullable_htmlentities($row['custom_link_uri']);
$custom_link_uri = sanitize_url($row['custom_link_uri']);
$custom_link_icon = nullable_htmlentities($row['custom_link_icon']);
$custom_link_new_tab = intval($row['custom_link_new_tab']);
if ($custom_link_new_tab == 1) {

4
includes/top_nav.php
View File

@ -1,5 +1,5 @@
<!-- Navbar -->
<nav class="main-header navbar navbar-expand navbar-<?php echo nullable_htmlentities($config_theme); ?> navbar-dark">
<nav class="main-header navbar navbar-expand navbar-<?php if (isset($_GET['client_id'])) { echo "gray"; } else { echo nullable_htmlentities($config_theme); } ?> navbar-dark">
<!-- Left navbar links -->
<ul class="navbar-nav">
@ -36,7 +36,7 @@
while ($row = mysqli_fetch_array($sql_custom_links)) {
$custom_link_name = nullable_htmlentities($row['custom_link_name']);
$custom_link_uri = nullable_htmlentities($row['custom_link_uri']);
$custom_link_uri = sanitize_url($row['custom_link_uri']);
$custom_link_icon = nullable_htmlentities($row['custom_link_icon']);
$custom_link_new_tab = intval($row['custom_link_new_tab']);
if ($custom_link_new_tab == 1) {

628
invoice.php
View File

@ -26,7 +26,12 @@ if (isset($_GET['invoice_id'])) {
);
if (mysqli_num_rows($sql) == 0) {
echo '<h1 class="text-secondary mt-5" style="text-align: center">Nothing to see here</h1>';
if (isset($_GET['client_id'])) {
$backlink_append = "?client_id=$client_id";
} else {
$backlink_append = '';
}
echo "<h1 class='text-secondary pt-5' style='text-align: center'>There is no Invoice here<br><small><a href='invoices.php$backlink_append'><i class='fas fa-arrow-left mr-2'></i>Back to Invoices</a></small></h1>";
require_once "includes/footer.php";
exit();
@ -84,10 +89,14 @@ if (isset($_GET['invoice_id'])) {
$company_phone = nullable_htmlentities(formatPhoneNumber($row['company_phone'], $company_phone_country_code));
$company_email = nullable_htmlentities($row['company_email']);
$company_website = nullable_htmlentities($row['company_website']);
$company_logo = nullable_htmlentities($row['company_logo']);
if (!empty($company_logo)) {
$company_logo_base64 = base64_encode(file_get_contents("uploads/settings/$company_logo"));
$company_tax_id = nullable_htmlentities($row['company_tax_id']);
if ($config_invoice_show_tax_id && !empty($company_tax_id)) {
$company_tax_id_display = "Tax ID: $company_tax_id";
} else {
$company_tax_id_display = "";
}
$company_logo = nullable_htmlentities($row['company_logo']);
$sql_history = mysqli_query($mysqli, "SELECT * FROM history WHERE history_invoice_id = $invoice_id ORDER BY history_id DESC");
$sql_payments = mysqli_query($mysqli, "SELECT * FROM payments, accounts WHERE payment_account_id = account_id AND payment_invoice_id = $invoice_id ORDER BY payments.payment_id DESC");
@ -134,7 +143,7 @@ if (isset($_GET['invoice_id'])) {
$balance = $invoice_amount - $amount_paid;
//check to see if overdue
if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled") {
if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled" && $invoice_status !== "Non-Billable") {
$unixtime_invoice_due = strtotime($invoice_due) + 86400;
if ($unixtime_invoice_due < time()) {
$invoice_overdue = "Overdue";
@ -215,8 +224,12 @@ if (isset($_GET['invoice_id'])) {
</div>
<?php } ?>
<?php if ($invoice_status !== 'Paid' && $invoice_status !== 'Cancelled' && $invoice_status !== 'Draft' && $invoice_amount != 0) { ?>
<a class="btn btn-success" href="#" data-toggle="modal" data-target="#addPaymentModal">
<?php if ($invoice_status !== 'Paid' && $invoice_status !== 'Cancelled' && $invoice_status !== 'Draft' && $invoice_status !== 'Non-Billable' && $invoice_amount != 0) { ?>
<a class="btn btn-success" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_invoice_pay.php"
data-ajax-id = "<?php echo $invoice_id; ?>"
>
<i class="fa fa-fw fa-credit-card mr-2"></i>Add Payment
</a>
<?php if ($invoice_status !== 'Partial' && $config_stripe_enable && $stripe_id && $stripe_pm) { ?>
@ -263,7 +276,7 @@ if (isset($_GET['invoice_id'])) {
<a class="dropdown-item" href="#" onclick="window.print();">
<i class="fa fa-fw fa-print text-secondary mr-2"></i>Print
</a>
<a class="dropdown-item" href="#" onclick="pdfMake.createPdf(docDefinition).download('<?php echo strtoAZaz09(html_entity_decode("$invoice_date-$company_name-$client_name-Invoice-$invoice_prefix$invoice_number")); ?>');">
<a class="dropdown-item" href="post.php?export_invoice_pdf=<?php echo $invoice_id; ?>" target="_blank">
<i class="fa fa-fw fa-download text-secondary mr-2"></i>Download PDF
</a>
<?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
@ -274,12 +287,16 @@ if (isset($_GET['invoice_id'])) {
<a class="dropdown-item" target="_blank" href="guest/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"; ?>">
<i class="fa fa-fw fa-link text-secondary mr-2"></i>Guest URL
</a>
<?php if ($invoice_status !== 'Cancelled' && $invoice_status !== 'Paid') { ?>
<?php if ($invoice_status !== 'Cancelled' && $invoice_status !== 'Paid' && $invoice_status !== 'Non-Billable') { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?cancel_invoice=<?php echo $invoice_id; ?>">
<i class="fa fa-fw fa-times mr-2"></i>Cancel
</a>
<?php } ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
@ -291,77 +308,75 @@ if (isset($_GET['invoice_id'])) {
<div class="card-body">
<div class="row mb-4">
<div class="row mb-3">
<?php if (file_exists("uploads/settings/$company_logo")) { ?>
<div class="col-sm-2">
<img class="img-fluid" src="<?php echo "uploads/settings/$company_logo"; ?>" alt="Company logo">
</div>
<div class="col-sm-10">
<div class="ribbon-wrapper">
<div class="ribbon bg-<?php echo $invoice_badge_color; ?>">
<?php echo "$invoice_status"; ?>
</div>
</div>
<h3 class="text-right mt-5"><strong>Invoice</strong><br><small class="text-secondary"><?php echo "$invoice_prefix$invoice_number"; ?></small></h3>
</div>
</div>
<div class="row mb-4">
<div class="col">
<?php } ?>
<div class="col-sm-6 <?php if (!file_exists("uploads/settings/$company_logo")) { echo "col-sm-8"; } ?>">
<ul class="list-unstyled">
<li><h4><strong><?php echo $company_name; ?></strong></h4></li>
<li><?php echo $company_address; ?></li>
<li><?php echo "$company_city $company_state $company_zip"; ?></li>
<li><small><?php echo $company_country; ?></small></li>
<li><?php echo $company_phone; ?></li>
<li><?php echo $company_email; ?></li>
<li><?php echo "$company_city $company_state $company_zip, $company_country"; ?></li>
<li><?php echo "$company_email | $company_phone"; ?></li>
<li><?php echo $company_website; ?></li>
<?php if ($company_tax_id_display) { ?>
<li><?php echo $company_tax_id_display; ?></li>
<?php } ?>
</ul>
</div>
<div class="col">
<ul class="list-unstyled text-right">
<li><h4><strong><?php echo $client_name; ?></strong></h4></li>
<li><?php echo $location_address; ?></li>
<li><?php echo "$location_city $location_state $location_zip"; ?></li>
<li><small><?php echo $location_country; ?></small></li>
<li><?php echo "$contact_phone $contact_extension"; ?></li>
<li><?php echo $contact_mobile; ?></li>
<li><?php echo $contact_email; ?></li>
</ul>
</div>
</div>
<div class="row mb-4">
<div class="col-sm-8">
</div>
<div class="col-sm-4">
<table class="table">
<h3 class="text-right"><strong>INVOICE</strong></h3>
<h5 class="badge badge-<?php echo $invoice_badge_color; ?> p-2 float-right">
<?php echo "$invoice_status"; ?>
</h5>
<table class="table table-sm table-borderless">
<tr>
<td>Date</td>
<th>Invoice #:</th>
<td class="text-right"><?php echo "$invoice_prefix$invoice_number"; ?></td>
</tr>
<tr>
<th>Date:</th>
<td class="text-right"><?php echo $invoice_date; ?></td>
</tr>
<tr class="text-bold">
<td>Due</td>
<tr>
<th>Due:</th>
<td class="text-right"><?php echo $invoice_due; ?></td>
</tr>
</table>
</div>
</div>
<div class="row mb-3 bg-light p-3">
<div class="col">
<h6><strong>Bill To:</strong></h6>
<ul class="list-unstyled mb-0">
<li><?php echo $client_name; ?></li>
<li><?php echo $location_address; ?></li>
<li><?php echo "$location_city $location_state $location_zip, $location_country"; ?></li>
<li><?php echo "$contact_email | $contact_phone $contact_extension"; ?></li>
</ul>
</div>
</div>
<?php $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_invoice_id = $invoice_id ORDER BY item_order ASC"); ?>
<div class="row mb-4">
<div class="row mb-3">
<div class="col-md-12">
<div class="card">
<div class="table-responsive">
<table class="table" id="items">
<thead>
<table class="table table-borderless" id="items">
<thead class="bg-light">
<tr>
<th class="d-print-none"></th>
<th>Item</th>
<th>Description</th>
<th class="text-center">Quantity</th>
<th class="text-right">Price</th>
<th class="text-center">Qty</th>
<th class="text-right">Unit Price</th>
<th class="text-right">Tax</th>
<th class="text-right">Total</th>
<th class="text-right">Amount</th>
</tr>
</thead>
<tbody>
@ -434,7 +449,7 @@ if (isset($_GET['invoice_id'])) {
<textarea class="form-control" rows="2" id="desc" name="description" placeholder="Enter a Description"></textarea>
</td>
<td>
<input type="text" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" class="form-control" style="text-align: center;" id="qty" name="qty" placeholder="Quantity">
<input type="text" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" class="form-control" style="text-align: center;" id="qty" name="qty" placeholder="Qty">
</td>
<td>
<input type="text" class="form-control" inputmode="numeric" pattern="-?[0-9]*\.?[0-9]{0,2}" style="text-align: right;" id="price" name="price" placeholder="Price (<?php echo $invoice_currency_code; ?>)">
@ -468,11 +483,11 @@ if (isset($_GET['invoice_id'])) {
</div>
</div>
</div>
<div class="row mb-4">
<div class="row mb-3">
<div class="col-sm-7">
<div class="card">
<div class="card-header text-bold">
Notes
Notes:
<div class="card-tools d-print-none">
<a href="#" class="btn btn-light btn-tool" data-toggle="modal" data-target="#invoiceNoteModal">
<i class="fas fa-edit"></i>
@ -488,48 +503,48 @@ if (isset($_GET['invoice_id'])) {
<table class="table table-borderless">
<tbody>
<tr class="border-bottom">
<td>Subtotal</td>
<tr>
<td>Subtotal:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $sub_total, $invoice_currency_code); ?></td>
</tr>
<?php
if ($invoice_discount > 0) {
?>
<tr class="border-bottom">
<td>Discount</td>
<tr>
<td>Discount:</td>
<td class="text-right">-<?php echo numfmt_format_currency($currency_format, $invoice_discount, $invoice_currency_code); ?></td>
</tr>
<?php
}
?>
<?php if ($total_tax > 0) { ?>
<tr class="border-bottom">
<td>Tax</td>
<tr>
<td>Tax:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $total_tax, $invoice_currency_code); ?></td>
</tr>
<?php } ?>
<tr class="border-bottom">
<td>Total</td>
<tr>
<td>Total:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code); ?></td>
</tr>
<?php
if ($amount_paid > 0) { ?>
<tr class="border-bottom">
<td><div class="text-success">Paid</div></td>
<tr>
<td><div class="text-success">Paid:</div></td>
<td class="text-right text-success"><?php echo numfmt_format_currency($currency_format, $amount_paid, $invoice_currency_code); ?></td>
</tr>
<?php } ?>
<tr class="border-bottom">
<td><strong>Balance</strong></td>
<td class="text-right"><strong><?php echo numfmt_format_currency($currency_format, $balance, $invoice_currency_code); ?></strong></td>
<tr class="h5 text-bold border-top">
<td>Balance:</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $balance, $invoice_currency_code); ?></td>
</tr>
</tbody>
</table>
</div>
</div>
<hr class="d-none d-print-block mt-5">
<div class="d-none d-print-block text-center"><?php echo nl2br(nullable_htmlentities($config_invoice_footer)); ?></div>
<div class="d-none d-print-block text-center text-secondary"><?php echo nl2br(nullable_htmlentities($config_invoice_footer)); ?></div>
</div>
</div>
<div class="row d-print-none mb-3">
@ -578,7 +593,7 @@ if (isset($_GET['invoice_id'])) {
</div>
</div>
</div>
<div class="col-sm d-print-none">
<div class="col-sm d-print-none <?php if (mysqli_num_rows($sql_payments) == 0) { echo "d-none"; } ?>">
<div class="card">
<div class="card-header text-bold">
<i class="fa fa-credit-card mr-2"></i>Payments
@ -594,7 +609,7 @@ if (isset($_GET['invoice_id'])) {
<div class="card-body">
<div class="table-responsive">
<table class="table">
<thead class="<?php if (mysqli_num_rows($sql_payments) == 0) { echo "d-none"; } ?>">
<thead>
<tr>
<th>Date</th>
<th class="text-right">Amount</th>
@ -631,7 +646,7 @@ if (isset($_GET['invoice_id'])) {
</div>
</div>
</div>
<div class="col-sm d-print-none">
<div class="col-sm d-print-none <?php if (mysqli_num_rows($sql_tickets) == 0) { echo "d-none"; } ?>">
<div class="card">
<div class="card-header text-bold">
<i class="fa fa-life-ring mr-2"></i>Tickets
@ -660,7 +675,7 @@ if (isset($_GET['invoice_id'])) {
<div class="card-body">
<div class="table-responsive">
<table class="table">
<thead class="<?php if (mysqli_num_rows($sql_tickets) == 0) { echo "d-none"; } ?>">
<thead>
<tr>
<th>Date</th>
<th>Subject</th>
@ -690,9 +705,9 @@ if (isset($_GET['invoice_id'])) {
</div>
</div>
</div>
</div>
<?php
include_once "modals/invoice_add_ticket_modal.php";
include_once "modals/invoice_payment_add_modal.php";
include_once "modals/invoice_recurring_add_modal.php";
include_once "modals/invoice_note_modal.php";
@ -723,473 +738,6 @@ require_once "includes/footer.php";
});
</script>
<script src='plugins/pdfmake/pdfmake.min.js'></script>
<script src='plugins/pdfmake/vfs_fonts.js'></script>
<script>
var docDefinition = {
info: {
title: <?php echo json_encode(html_entity_decode($company_name) . "- Invoice") ?>,
author: <?php echo json_encode(html_entity_decode($company_name)) ?>
},
//watermark: {text: '<?php echo $invoice_status; ?>', color: 'lightgrey', opacity: 0.3, bold: true, italics: false},
content: [
// Header
{
columns: [
<?php if (!empty($company_logo_base64)) { ?>
{
image: <?php echo json_encode("data:image;base64,$company_logo_base64") ?>,
width: 120
},
<?php } ?>
[
{
text: 'Invoice',
style: 'invoiceTitle',
width: '*'
},
{
text: <?php echo json_encode(html_entity_decode("$invoice_prefix$invoice_number")) ?>,
style: 'invoiceNumber',
width: '*'
},
<?php if ($invoice_status == "Paid") { ?>
{
text: 'PAID',
style: 'invoicePaid',
width: '*'
},
<?php } ?>
],
],
},
// Billing Headers
{
columns: [
{
text: <?php echo json_encode(html_entity_decode($company_name)) ?>,
style: 'invoiceBillingTitle',
},
{
text: <?php echo json_encode(html_entity_decode($client_name)) ?>,
style: 'invoiceBillingTitleClient',
},
]
},
// Billing Address
{
columns: [
{
text: <?php echo json_encode(html_entity_decode("$company_address \n $company_city $company_state $company_zip \n $company_country \n $company_phone \n $company_website")) ?>,
style: 'invoiceBillingAddress'
},
{
text: <?php echo json_encode(html_entity_decode("$location_address \n $location_city $location_state $location_zip \n $location_country \n $contact_email \n $contact_phone")) ?>,
style: 'invoiceBillingAddressClient'
},
]
},
//Invoice Dates Table
{
table: {
// headers are automatically repeated if the table spans over multiple pages
// you can declare how many rows should be treated as headers
headerRows: 0,
widths: [ '*',80, 80 ],
body: [
// Total
[
{
text: '',
rowSpan: 3
},
{},
{},
],
[
{},
{
text: 'Date',
style: 'invoiceDateTitle'
},
{
text: <?php echo json_encode($invoice_date) ?>,
style: 'invoiceDateValue'
},
],
[
{},
{
text: 'Due',
style: 'invoiceDueDateTitle'
},
{
text: <?php echo json_encode($invoice_due) ?>,
style: 'invoiceDueDateValue'
},
],
]
}, // table
layout: 'lightHorizontalLines'
},
// Line breaks
'\n\n',
// Items
{
table: {
// headers are automatically repeated if the table spans over multiple pages
// you can declare how many rows should be treated as headers
headerRows: 1,
widths: [ '*', 40, 'auto', 'auto', 80 ],
body: [
// Table Header
[
{
text: 'Product',
style: [ 'itemsHeader', 'left']
},
{
text: 'Qty',
style: [ 'itemsHeader', 'center']
},
{
text: 'Price',
style: [ 'itemsHeader', 'right']
},
{
text: 'Tax',
style: [ 'itemsHeader', 'right']
},
{
text: 'Total',
style: [ 'itemsHeader', 'right']
}
],
// Items
<?php
$total_tax = 0.00;
$sub_total = 0.00;
$sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_invoice_id = $invoice_id ORDER BY item_order ASC");
while ($row = mysqli_fetch_array($sql_invoice_items)) {
$item_name = $row['item_name'];
$item_description = $row['item_description'];
$item_quantity = $row['item_quantity'];
$item_price = $row['item_price'];
$item_subtotal = $row['item_price'];
$item_tax = $row['item_tax'];
$item_total = $row['item_total'];
$tax_id = $row['item_tax_id'];
$total_tax = $item_tax + $total_tax;
$sub_total = $item_price * $item_quantity + $sub_total;
?>
// Item
[
[
{
text: <?php echo json_encode($item_name) ?>,
style: 'itemTitle'
},
{
text: <?php echo json_encode($item_description) ?>,
style: 'itemDescription'
}
],
{
text: <?php echo json_encode($item_quantity) ?>,
style: 'itemQty'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $item_price, $invoice_currency_code)) ?>,
style: 'itemNumber'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $item_tax, $invoice_currency_code)) ?>,
style: 'itemNumber'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $item_total, $invoice_currency_code)) ?>,
style: 'itemNumber'
}
],
<?php
}
?>
// END Items
]
}, // table
layout: 'lightHorizontalLines'
},
// TOTAL
{
table: {
// headers are automatically repeated if the table spans over multiple pages
// you can declare how many rows should be treated as headers
headerRows: 0,
widths: [ '*','auto', 80 ],
body: [
// Total
[
{
text: 'Notes',
style: 'notesTitle'
},
{},
{}
],
[
{
rowSpan: '*',
text: <?php echo json_encode(html_entity_decode($invoice_note)) ?>,
style: 'notesText'
},
{
text: 'Subtotal',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $sub_total, $invoice_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php if ($invoice_discount > 0) { ?>
[
{},
{
text: 'Discount',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, -$invoice_discount, $invoice_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php } ?>
<?php if ($total_tax > 0) { ?>
[
{},
{
text: 'Tax',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $total_tax, $invoice_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php } ?>
[
{},
{
text: 'Total',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php if ($amount_paid > 0) { ?>
[
{},
{
text: 'Paid',
style: 'itemsFooterSubTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $amount_paid, $invoice_currency_code)) ?>,
style: 'itemsFooterSubValue'
}
],
<?php } ?>
[
{},
{
text: 'Balance',
style: 'itemsFooterTotalTitle'
},
{
text: <?php echo json_encode(numfmt_format_currency($currency_format, $balance, $invoice_currency_code)) ?>,
style: 'itemsFooterTotalValue'
}
],
]
}, // table
layout: 'lightHorizontalLines'
},
// TERMS / FOOTER
{
text: <?php echo json_encode($config_invoice_footer) ?>,
style: 'documentFooterCenter'
}
], //End Content,
styles: {
// Document Footer
documentFooterCenter: {
fontSize: 9,
margin: [10,50,10,10],
alignment: 'center',
},
// Invoice Title
invoiceTitle: {
fontSize: 18,
bold: true,
alignment: 'right',
margin: [0,0,0,3]
},
// Invoice Number
invoiceNumber: {
fontSize: 14,
alignment: 'right'
},
// Invoice Paid
invoicePaid: {
fontSize: 13,
bold: true,
margin: [0,5,0,0],
alignment: 'right',
color: 'green'
},
// Billing Headers
invoiceBillingTitle: {
fontSize: 14,
bold: true,
alignment: 'left',
margin: [0,20,0,5]
},
invoiceBillingTitleClient: {
fontSize: 14,
bold: true,
alignment: 'right',
margin: [0,20,0,5]
},
// Billing Details
invoiceBillingAddress: {
fontSize: 10,
lineHeight: 1.2
},
invoiceBillingAddressClient: {
fontSize: 10,
lineHeight: 1.2,
alignment: 'right',
margin: [0,0,0,30]
},
// Invoice Date
invoiceDateTitle: {
fontSize: 10,
alignment: 'left',
margin: [0,5,0,5]
},
invoiceDateValue: {
fontSize: 10,
alignment: 'right',
margin: [0,5,0,5]
},
// Invoice Due Date
invoiceDueDateTitle: {
fontSize: 10,
bold: true,
alignment: 'left',
margin: [0,5,0,5]
},
invoiceDueDateValue: {
fontSize: 10,
bold: true,
alignment: 'right',
margin: [0,5,0,5]
},
// Items Header
itemsHeader: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
// Item Title
itemTitle: {
fontSize: 10,
bold: true,
margin: [0,5,0,3]
},
itemDescription: {
italics: true,
fontSize: 9,
lineHeight: 1.1,
margin: [0,3,0,5]
},
itemQty: {
fontSize: 10,
margin: [0,5,0,5],
alignment: 'center'
},
itemNumber: {
fontSize: 10,
margin: [0,5,0,5],
alignment: 'right'
},
itemTotal: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
// Items Footer (Subtotal, Total, Tax, etc)
itemsFooterSubTitle: {
fontSize: 10,
margin: [0,5,0,5],
alignment:'right'
},
itemsFooterSubValue: {
fontSize: 10,
margin: [0,5,0,5],
bold: false,
alignment: 'right'
},
itemsFooterTotalTitle: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
itemsFooterTotalValue: {
fontSize: 10,
margin: [0,5,0,5],
bold: true,
alignment: 'right'
},
notesTitle: {
fontSize: 10,
bold: true,
margin: [0,5,0,5]
},
notesText: {
fontSize: 9,
margin: [0,5,50,5]
},
left: {
alignment: 'left'
},
center: {
alignment: 'center'
},
},
defaultStyle: {
columnGap: 20
}
}
</script>
<script src="plugins/SortableJS/Sortable.min.js"></script>
<script>
new Sortable(document.querySelector('table#items tbody'), {

26
invoices.php
View File

@ -61,7 +61,7 @@ $sql_total_overdue_partial_amount = mysqli_query($mysqli, "SELECT SUM(payment_am
$row = mysqli_fetch_array($sql_total_overdue_partial_amount);
$total_overdue_partial_amount = floatval($row['total_overdue_partial_amount']);
$sql_total_overdue_amount = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS total_overdue_amount FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_status NOT LIKE 'Cancelled' AND invoice_due < CURDATE() $client_query");
$sql_total_overdue_amount = mysqli_query($mysqli, "SELECT SUM(invoice_amount) AS total_overdue_amount FROM invoices WHERE invoice_status != 'Draft' AND invoice_status != 'Paid' AND invoice_status != 'Cancelled' AND invoice_status != 'Non-Billable' AND invoice_due < CURDATE() $client_query");
$row = mysqli_fetch_array($sql_total_overdue_amount);
$total_overdue_amount = floatval($row['total_overdue_amount']);
@ -342,6 +342,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if ($invoice_status !== 'Paid' && $invoice_status !== 'Cancelled' && $invoice_status !== 'Draft' && $invoice_status !== 'Non-Billable' && $invoice_amount != 0) { ?>
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_invoice_pay.php"
data-ajax-id = "<?php echo $invoice_id; ?>"
>
<i class="fa fa-fw fa-credit-card mr-2"></i>Add Payment
</a>
<div class="dropdown-divider"></div>
<?php if ($invoice_status !== 'Partial' && $config_stripe_enable && $stripe_id && $stripe_pm) { ?>
<a class="dropdown-item confirm-link" href="post.php?add_payment_stripe&invoice_id=<?php echo $invoice_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token']; ?>">
<i class="fa fa-fw fa-credit-card mr-2"></i>Pay via saved card
</a>
<div class="dropdown-divider"></div>
<?php } ?>
<?php } ?>
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_invoice_edit.php"
@ -359,10 +375,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="dropdown-divider"></div>
<?php if (!empty($config_smtp_host)) { ?>
<a class="dropdown-item" href="post.php?email_invoice=<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-paper-plane mr-2"></i>Send
<i class="fas fa-fw fa-paper-plane mr-2"></i>Send Email
</a>
<div class="dropdown-divider"></div>
<?php } ?>
<?php if ($invoice_status == 'Draft') { ?>
<a class="dropdown-item" href="post.php?mark_invoice_sent=<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-check mr-2"></i>Mark Sent
</a>
<div class="dropdown-divider"></div>
<?php } ?>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_invoice=<?php echo $invoice_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>

34
js/ticket_time_tracking.js
View File

@ -1,10 +1,7 @@
// Description: This file contains the JavaScript for the ticket time tracking feature
(function() {
document.addEventListener("DOMContentLoaded", function() {
// Initialize variables
var timerInterval = null;
var isPaused = false;
var ticketID = getCurrentTicketID();
var elapsedSecs = getElapsedSeconds();
@ -51,10 +48,8 @@
localStorage.setItem(getLocalStorageKey("startTime"), Date.now().toString());
}
timerInterval = setInterval(countTime, 1000);
isPaused = false;
document.getElementById("startStopTimer").innerHTML = "<i class='fas fa-pause'></i>";
localStorage.setItem("ticket-timer-running-" + ticketID, "true");
}
function pauseTimer() {
@ -65,10 +60,8 @@
let currentElapsed = getElapsedSeconds();
localStorage.setItem(getLocalStorageKey("pausedTime"), currentElapsed.toString());
localStorage.removeItem(getLocalStorageKey("startTime"));
isPaused = true;
document.getElementById("startStopTimer").innerHTML = "<i class='fas fa-play'></i>";
localStorage.setItem("ticket-timer-running-" + ticketID, "false");
}
function clearTimeStorage() {
@ -99,9 +92,7 @@
}
function handleInputFocus() {
if (!isPaused) {
pauseTimer();
}
pauseTimer();
}
function updateTimeFromInput() {
@ -110,7 +101,6 @@
const seconds = parseInt(document.getElementById("seconds").value, 10) || 0;
elapsedSecs = (hours * 3600) + (minutes * 60) + seconds;
// Update local storage so the manually entered time is retained even if the page is reloaded.
if (!timerInterval) {
localStorage.setItem(getLocalStorageKey("pausedTime"), elapsedSecs.toString());
} else {
@ -120,7 +110,6 @@
}
}
// Function to check status and pause timer
function checkStatusAndPauseTimer() {
var status = document.querySelector('select[name="status"]').value;
if (status.includes("Pending") || status.includes("Close")) {
@ -128,6 +117,7 @@
}
}
// Attach input listeners
document.getElementById("hours").addEventListener('change', updateTimeFromInput);
document.getElementById("minutes").addEventListener('change', updateTimeFromInput);
document.getElementById("seconds").addEventListener('change', updateTimeFromInput);
@ -151,25 +141,33 @@
});
document.getElementById("ticket_add_reply").addEventListener('click', function() {
// Wait for other synchronous actions (if any) to complete before resetting the timer.
setTimeout(forceResetTimer, 100); // 100ms delay should suffice, but you can adjust as needed.
setTimeout(forceResetTimer, 100);
});
document.getElementById("ticket_close").addEventListener('click', function() {
// Wait for other synchronous actions (if any) to complete before resetting the timer.
setTimeout(clearTimeStorage, 100); // 100ms delay should suffice, but you can adjust as needed.
setTimeout(clearTimeStorage, 100);
});
// Final initialization logic
try {
displayTime();
// If no timer state, respect ticketAutoStart
if (!localStorage.getItem(getLocalStorageKey("startTime")) && !localStorage.getItem(getLocalStorageKey("pausedTime"))) {
startTimer();
} else if (localStorage.getItem(getLocalStorageKey("startTime"))) {
if (ticketAutoStart === 1) {
startTimer();
} else {
pauseTimer();
}
}
// If timer already running, resume it
else if (localStorage.getItem(getLocalStorageKey("startTime"))) {
startTimer();
}
// Check and pause timer if status is pending
checkStatusAndPauseTimer();
} catch (error) {
console.error("There was an issue initializing the timer:", error);
}

2
modals/asset_add_modal.php
View File

@ -337,7 +337,7 @@
<option value="">- Select Vendor -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);

3
modals/asset_import_modal.php
View File

@ -14,13 +14,14 @@
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<?php } ?>
<div class="modal-body bg-white">
<p><strong>Format csv file with headings & data:</strong><br>Name, Description, Type, Make, Model, Serial, OS, Assigned To, Location, Physical Location</p>
<p><strong>Format csv file with headings & data:</strong><br>Name, Description, Type, Make, Model, Serial, OS, Purchase Date, Assigned To, Location, Physical Location</p>
<hr>
<div class="form-group my-4">
<input type="file" class="form-control-file" name="file" accept=".csv" required>
</div>
<hr>
<div>Download <a href="post.php?download_assets_csv_template=<?php echo $client_id; ?>">sample csv template</a></div>
<small class="text-muted">Note: Purchase date must be in the format YYYY-MM-DD. Spreadsheet tools may automatically reformat dates.</small>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="import_assets_csv" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Import</button>

6
modals/client_document_add_from_template_modal.php
View File

@ -20,10 +20,10 @@
<select class="form-control" name="document_template_id" required>
<option value="">- Select Template -</option>
<?php
$sql_document_templates = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_archived_at IS NULL ORDER BY document_name ASC");
$sql_document_templates = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_archived_at IS NULL ORDER BY document_template_name ASC");
while ($row = mysqli_fetch_array($sql_document_templates)) {
$document_template_id = intval($row['document_id']);
$document_template_name = nullable_htmlentities($row['document_name']);
$document_template_id = intval($row['document_template_id']);
$document_template_name = nullable_htmlentities($row['document_template_name']);
?>
<option value="<?php echo $document_template_id ?>"><?php echo $document_template_name; ?></option>

2
modals/client_file_upload_modal.php
View File

@ -44,7 +44,7 @@
</div>
<div class="form-group">
<input type="file" class="form-control-file" name="file[]" multiple id="fileInput" accept=".jpg, .jpeg, .gif, .png, .webp, .pdf, .txt, .md, .doc, .docx, .odt, .csv, .xls, .xlsx, .ods, .pptx, .odp, .zip, .tar, .gz, .xml, .msg, .json, .wav, .mp3, .ogg, .mov, .mp4, .av1, .ovpn, .cfg, .ps1, .vsdx, .drawio, .pfx, .unf, .key, .stk, .bat">
<input type="file" class="form-control-file" name="file[]" multiple id="fileInput" accept=".jpg, .jpeg, .gif, .png, .webp, .pdf, .txt, .md, .doc, .docx, .odt, .csv, .xls, .xlsx, .ods, .pptx, .odp, .zip, .tar, .gz, .msg, .json, .wav, .mp3, .ogg, .mov, .mp4, .av1, .ovpn, .cfg, .ps1, .vsdx, .drawio, .pfx, .unf, .key, .stk, .bat">
</div>
<small class="text-secondary">Up to 20 files can be uploaded at once by holding down CTRL and selecting files</small>

2
modals/expense_add_modal.php
View File

@ -83,7 +83,7 @@
<option value="">- Vendor -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);

2
modals/expense_export_modal.php
View File

@ -45,7 +45,7 @@
<option value="">- All Vendors -</option>
<?php
$sql_vendors_filter = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 ORDER BY vendor_name ASC");
$sql_vendors_filter = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_client_id = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors_filter)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);

146
modals/invoice_payment_add_modal.php
View File

@ -1,146 +0,0 @@
<div class="modal" id="addPaymentModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i><?php echo "$invoice_prefix$invoice_number"; ?>: Make Payment</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="invoice_id" value="<?php echo $invoice_id; ?>">
<input type="hidden" name="balance" value="<?php echo $balance; ?>">
<input type="hidden" name="currency_code" value="<?php echo $client_currency_code; ?>">
<div class="modal-body bg-white">
<div class="form-row">
<div class="col-md">
<div class="form-group">
<label>Date <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="date" class="form-control" name="date" max="2999-12-31" value="<?php echo date("Y-m-d"); ?>" required>
</div>
</div>
</div>
<div class="col-md">
<div class="form-group">
<label>Amount <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="amount" value="<?php echo number_format($balance, 2, '.', ''); ?>" placeholder="0.00" required>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Account <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
</div>
<select class="form-control select2" name="account" required>
<option value="">- Select an Account -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$account_id = intval($row['account_id']);
$account_name = nullable_htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments);
$total_payments = floatval($row['total_payments']);
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = floatval($row['total_revenues']);
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = floatval($row['total_expenses']);
$account_balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?>
value="<?php echo $account_id; ?>">
<?php echo $account_name; ?> [$<?php echo number_format($account_balance, 2); ?>]
</option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Payment Method <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-money-check-alt"></i></span>
</div>
<select class="form-control select2" name="payment_method" required>
<option value="">- Method of Payment -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_name = nullable_htmlentities($row['category_name']);
?>
<option <?php if ($config_default_payment_method == $category_name) {
echo "selected";
} ?>><?php echo $category_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-file-alt"></i></span>
</div>
<input type="text" class="form-control" name="reference" placeholder="Check #, Trans #, etc" maxlength="200">
</div>
</div>
<?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
<div class="form-group">
<label>Email Receipt</label>
<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="customControlAutosizing" name="email_receipt" value="1" checked>
<label class="custom-control-label" for="customControlAutosizing"><?php echo $contact_email; ?></label>
</div>
</div>
<?php } ?>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="add_payment" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Pay</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

2
modals/recurring_expense_create_modal.php
View File

@ -125,7 +125,7 @@
<option value="">- Vendor -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);

2
modals/recurring_invoice_note_modal.php
View File

@ -11,7 +11,7 @@
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<textarea class="form-control" rows="8" name="note" placeholder="Enter some notes"><?php echo $recurring_note; ?></textarea>
<textarea class="form-control" rows="8" name="note" placeholder="Enter some notes"><?php echo $recurring_invoice_note; ?></textarea>
</div>
</div>
<div class="modal-footer bg-white">

58
modals/recurring_ticket_add_modal.php
View File

@ -50,18 +50,56 @@
<textarea class="form-control tinymceTicket<?php if($config_ai_enable) { echo "AI"; } ?>" name="details"></textarea>
</div>
<div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
<div class="row">
<div class="col">
<div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
</div>
<select class="form-control select2" name="priority" required>
<option>Low</option>
<option>Medium</option>
<option>High</option>
</select>
</div>
</div>
<select class="form-control select2" name="priority" required>
<option>Low</option>
<option>Medium</option>
<option>High</option>
</select>
</div>
<div class="col">
<div class="form-group">
<label>Category</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-layer-group"></i></span>
</div>
<select class="form-control select2" name="category">
<option value="0">- Not Categorized -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php } ?>
</select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Ticket">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div>
</div>
</div>
</div>
<div class="form-group">

2
modals/service_add_modal.php
View File

@ -145,7 +145,7 @@
<label for="vendors">Select related vendors</label>
<select class="form-control select2" id="vendors" name="vendors[]" multiple>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 0 AND vendor_archived_at IS NULL AND vendor_client_id = $client_id");
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id");
while ($row = mysqli_fetch_array($sql)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);

6
modals/software_add_from_template_modal.php
View File

@ -20,10 +20,10 @@
<select class="form-control" name="software_template_id" required>
<option value="">- Select Template -</option>
<?php
$sql_software_templates = mysqli_query($mysqli, "SELECT * FROM software WHERE software_template = 1 AND software_archived_at IS NULL ORDER BY software_name ASC");
$sql_software_templates = mysqli_query($mysqli, "SELECT * FROM software_templates WHERE software_template_archived_at IS NULL ORDER BY software_template_name ASC");
while ($row = mysqli_fetch_array($sql_software_templates)) {
$software_template_id = intval($row['software_id']);
$software_template_name = nullable_htmlentities($row['software_name']);
$software_template_id = intval($row['software_template_id']);
$software_template_name = nullable_htmlentities($row['software_template_name']);
?>
<option value="<?php echo $software_template_id ?>"><?php echo $software_template_name; ?></option>

67
modals/ticket_add_modal.php
View File

@ -148,7 +148,7 @@
<select class="form-control select2" name="category">
<option value="0">- Not Categorized -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL");
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
@ -172,31 +172,46 @@
</div>
<div class="form-group">
<label>Assign to</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-check"></i></span>
</div>
<select class="form-control select2" name="assigned_to">
<option value="0">Not Assigned</option>
<?php
<div class="row">
<div class="col">
<div class="form-group">
<label>Assign to</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-check"></i></span>
</div>
<select class="form-control select2" name="assigned_to">
<option value="0">Not Assigned</option>
<?php
$sql = mysqli_query(
$mysqli,
"SELECT user_id, user_name FROM users
WHERE user_role_id > 1
AND user_type = 1
AND user_status = 1
AND user_archived_at IS NULL
ORDER BY user_name ASC"
);
while ($row = mysqli_fetch_array($sql)) {
$user_id = intval($row['user_id']);
$user_name = nullable_htmlentities($row['user_name']); ?>
<option <?php if ($session_user_id == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php } ?>
</select>
$sql = mysqli_query(
$mysqli,
"SELECT user_id, user_name FROM users
WHERE user_role_id > 1
AND user_type = 1
AND user_status = 1
AND user_archived_at IS NULL
ORDER BY user_name ASC"
);
while ($row = mysqli_fetch_array($sql)) {
$user_id = intval($row['user_id']);
$user_name = nullable_htmlentities($row['user_name']); ?>
<option <?php if ($session_user_id == $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php } ?>
</select>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Due</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar-check"></i></span>
</div>
<input type="datetime-local" class="form-control" name="due">
</div>
</div>
</div>
</div>
@ -378,7 +393,7 @@
<option value="0">- None -</option>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); ?>

2
modals/ticket_bulk_edit_category_modal.php
View File

@ -18,7 +18,7 @@
<select class="form-control select2" name="bulk_category">
<option value="0">- Uncategorized -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL");
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);

2
modals/ticket_edit_vendor_modal.php
View File

@ -21,7 +21,7 @@
<option value="0">- None -</option>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);

73
modals/ticket_invoice_add_modal.php
View File

@ -4,7 +4,7 @@ $sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_stat
?>
<div class="modal" id="addInvoiceFromTicketModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-invoice-dollar mr-2"></i>Invoice ticket</h5>
@ -24,10 +24,6 @@ $sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_stat
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-add-to-invoice"><i class="fa fa-fw fa-plus mr-2"></i>Add to Existing Invoice</a>
</li>
<?php } else { ?>
<div class="alert alert-warning" role="alert">
<i class="fa fa-fw fa-exclamation-triangle mr-2"></i>No draft invoices found. Please create a new invoice first.
</div>
<?php } ?>
</ul>
@ -37,39 +33,46 @@ $sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_stat
<div class="tab-pane fade show active" id="pills-create-invoice">
<div class="form-group">
<label>Invoice Date <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label>Invoice Date <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="date" class="form-control" name="date" max="2999-12-31" value="<?php echo date("Y-m-d"); ?>">
</div>
</div>
<input type="date" class="form-control" name="date" max="2999-12-31" value="<?php echo date("Y-m-d"); ?>">
</div>
</div>
<div class="col-sm-6">
<div class="form-group">
<label>Invoice Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
</div>
<select class="form-control select2" name="category">
<option value="">- Category -</option>
<?php
<div class="form-group">
<label>Invoice Category <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
</div>
<select class="form-control select2" name="category">
<option value="">- Category -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
<?php
}
?>
</select>
<div class="input-group-append">
<button type="button" class="btn btn-secondary" data-toggle="modal" data-target="#addQuickCategoryIncomeModal"><i class="fas fa-fw fa-plus"></i></button>
</div>
</div>
</div>
</div>
</div>
@ -91,7 +94,7 @@ $sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_stat
if (mysqli_num_rows($sql_invoices) > 0) { ?>
<div class="tab-pane fade show active" id="pills-add-to-invoice">
<div class="tab-pane fade" id="pills-add-to-invoice">
<div class="form-group">
<label>Invoice</label>
<div class="input-group">

6
modals/vendor_add_from_template_modal.php
View File

@ -22,10 +22,10 @@
<select class="form-control" name="vendor_template_id" required>
<option value="">- Select Template -</option>
<?php
$sql_vendor_templates = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 1 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
$sql_vendor_templates = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_archived_at IS NULL ORDER BY vendor_template_name ASC");
while ($row = mysqli_fetch_array($sql_vendor_templates)) {
$vendor_template_id = intval($row['vendor_id']);
$vendor_template_name = nullable_htmlentities($row['vendor_name']);
$vendor_template_id = intval($row['vendor_template_id']);
$vendor_template_name = nullable_htmlentities($row['vendor_template_name']);
?>
<option value="<?php echo $vendor_template_id ?>"><?php echo $vendor_template_name; ?></option>

9
plugins/TCPDF/CHANGELOG.TXT
View File

@ -1,3 +1,12 @@
6.10.0 (2025-05-27)
- Embedded files support (Factur-X 1.07 / ZUGFeRD 2.3) #789
6.9.5 (2025-05-27)
- Automatically add destinations from HTML code #804
- Wrong default value when $table_el['old_cell_padding'] is missing #807
- Fixed PHP warning when empty hash link for image exists in HTML #809
- Fix for application of alpha component to SVG RGBA fills #810
6.9.4 (2025-05-13)
- Update donation link.

2
plugins/TCPDF/VERSION
View File

@ -1 +1 @@
6.9.4
6.10.0

2
plugins/TCPDF/composer.json
View File

@ -12,7 +12,7 @@
"barcodes"
],
"homepage": "http://www.tcpdf.org/",
"version": "6.9.4",
"version": "6.10.0",
"license": "LGPL-3.0-or-later",
"authors": [
{

24
plugins/TCPDF/include/tcpdf_colors.php
View File

@ -275,7 +275,7 @@ class TCPDF_COLORS {
$color = strtolower($color);
// check for javascript color array syntax
if (strpos($color, '[') !== false) {
if (preg_match('/[\[][\"\'](t|g|rgb|cmyk)[\"\'][\,]?([0-9\.]*+)[\,]?([0-9\.]*+)[\,]?([0-9\.]*+)[\,]?([0-9\.]*+)[\]]/', $color, $m) > 0) {
if (preg_match('/[\[][\"\'](t|g|rgba|rgb|cmyk)[\"\'][\,]?([0-9\.]*+)[\,]?([0-9\.]*+)[\,]?([0-9\.]*+)[\,]?([0-9\.]*+)[\]]/', $color, $m) > 0) {
$returncolor = array();
switch ($m[1]) {
case 'cmyk': {
@ -286,7 +286,8 @@ class TCPDF_COLORS {
$returncolor['K'] = max(0, min(100, (floatval($m[5]) * 100)));
break;
}
case 'rgb': {
case 'rgb':
case 'rgba': {
// RGB
$returncolor['R'] = max(0, min(255, (floatval($m[2]) * 255)));
$returncolor['G'] = max(0, min(255, (floatval($m[3]) * 255)));
@ -317,6 +318,25 @@ class TCPDF_COLORS {
if (strlen($color) == 0) {
return $defcol;
}
// RGBA ARRAY
if (substr($color, 0, 4) == 'rgba') {
$codes = substr($color, 5);
$codes = str_replace(')', '', $codes);
$returncolor = explode(',', $codes);
// remove alpha component
array_pop($returncolor);
foreach ($returncolor as $key => $val) {
if (strpos($val, '%') > 0) {
// percentage
$returncolor[$key] = (255 * intval($val) / 100);
} else {
$returncolor[$key] = intval($val); /* floatize */
}
// normalize value
$returncolor[$key] = max(0, min(255, $returncolor[$key]));
}
return $returncolor;
}
// RGB ARRAY
if (substr($color, 0, 3) == 'rgb') {
$codes = substr($color, 4);

2
plugins/TCPDF/include/tcpdf_static.php
View File

@ -55,7 +55,7 @@ class TCPDF_STATIC {
* Current TCPDF version.
* @private static
*/
private static $tcpdf_version = '6.9.4';
private static $tcpdf_version = '6.10.0';
/**
* String alias for total number of pages.

Some files were not shown because too many files have changed in this diff Show More