diff --git a/post/admin/admin_api.php b/post/admin/admin_api.php
index b5e0a54a..8817b62a 100644
--- a/post/admin/admin_api.php
+++ b/post/admin/admin_api.php
@@ -10,19 +10,19 @@ if (isset($_POST['add_api_key'])) {
$name = sanitizeInput($_POST['name']);
$expire = sanitizeInput($_POST['expire']);
- $client = intval($_POST['client']);
+ $client_id = intval($_POST['client']);
$secret = sanitizeInput($_POST['key']); // API Key
// Credential decryption password
$password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
$apikey_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password']));
- mysqli_query($mysqli,"INSERT INTO api_keys SET api_key_name = '$name', api_key_secret = '$secret', api_key_decrypt_hash = '$apikey_specific_encryption_ciphertext', api_key_expire = '$expire', api_key_client_id = $client");
+ mysqli_query($mysqli,"INSERT INTO api_keys SET api_key_name = '$name', api_key_secret = '$secret', api_key_decrypt_hash = '$apikey_specific_encryption_ciphertext', api_key_expire = '$expire', api_key_client_id = $client_id");
$api_key_id = mysqli_insert_id($mysqli);
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API', log_action = 'Create', log_description = '$session_name created API Key $name set to expire on $expire', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client, log_user_id = $session_user_id, log_entity_id = $api_key_id");
+ logAction("API Key", "Create", "$session_name created API key $name set to expire on $expire", $client_id, $api_key_id);
$_SESSION['alert_message'] = "API Key $name created";
@@ -37,13 +37,14 @@ if (isset($_GET['delete_api_key'])) {
$api_key_id = intval($_GET['delete_api_key']);
// Get API Key Name
- $row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT * FROM api_keys WHERE api_key_id = $api_key_id"));
- $name = sanitizeInput($row['api_key_name']);
+ $row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
+ $api_key_name = sanitizeInput($row['api_key_name']);
+ $client_id = intval($row['api_key_client_id']);
mysqli_query($mysqli,"DELETE FROM api_keys WHERE api_key_id = $api_key_id");
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'API Key', log_action = 'Delete', log_description = '$session_name deleted API key $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $api_key_id");
+ logAction("API Key", "Delete", "$session_name deleted API key $name", $client_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "API Key $name deleted";
@@ -56,25 +57,32 @@ if (isset($_POST['bulk_delete_api_keys'])) {
validateCSRFToken($_POST['csrf_token']);
- $count = 0; // Default 0
- $api_key_ids = $_POST['api_key_ids']; // Get array of API key IDs to be deleted
+ if (isset($_POST['api_key_ids'])) {
- if (!empty($api_key_ids)) {
+ $count = count($_POST['api_key_ids']);
- // Cycle through array and delete each scheduled ticket
- foreach ($api_key_ids as $api_key_id) {
+ // Cycle through array and delete each record
+ foreach ($_POST['api_key_ids'] as $api_key_id) {
$api_key_id = intval($api_key_id);
- mysqli_query($mysqli, "DELETE FROM api_keys WHERE api_key_id = $api_key_id");
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API Key', log_action = 'Delete', log_description = '$session_name deleted API key (bulk)', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $api_key_id");
+
+ // Get API Key Name
+ $row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
+ $api_key_name = sanitizeInput($row['api_key_name']);
+ $client_id = intval($row['api_key_client_id']);
+
+ mysqli_query($mysqli, "DELETE FROM api_keys WHERE api_key_id = $api_key_id");
+
+ // Logging
+ logAction("API Key", "Delete", "$session_name deleted API key $name", $client_id);
- $count++;
}
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'API Key', log_action = 'Delete', log_description = '$session_name bulk deleted $count keys', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("API Key", "Bulk Delete", "$session_name deleted $count API key(s)");
- $_SESSION['alert_message'] = "Deleted $count keys(s)";
+ $_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Deleted $count API keys(s)";
}
diff --git a/post/admin/admin_backup.php b/post/admin/admin_backup.php
index 5ae7cfb4..8649e91d 100644
--- a/post/admin/admin_backup.php
+++ b/post/admin/admin_backup.php
@@ -79,8 +79,8 @@ if (isset($_GET['download_database'])) {
exec('rm ' . $backup_file_name);
}
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Database', log_action = 'Download', log_description = '$session_name downloaded the database', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Database", "Download", "$session_name downloaded the database");
$_SESSION['alert_message'] = "Database downloaded";
}
@@ -92,25 +92,29 @@ if (isset($_POST['backup_master_key'])) {
$password = $_POST['password'];
$sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id");
- $userRow = mysqli_fetch_array($sql);
+ $row = mysqli_fetch_array($sql);
- if (password_verify($password, $userRow['user_password'])) {
- $site_encryption_master_key = decryptUserSpecificKey($userRow['user_specific_encryption_ciphertext'], $password);
-
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Master Key', log_action = 'Download', log_description = '$session_name retrieved the master encryption key', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
- mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Settings', notification = '$session_name retrieved the master encryption key'");
+ if (password_verify($password, $row['user_password'])) {
+ $site_encryption_master_key = decryptUserSpecificKey($row['user_specific_encryption_ciphertext'], $password);
+
+ // Logging
+ logAction("Master Key", "Download", "$session_name retrieved the master encryption key");
+ // App Notify
+ appNotify("Master Key", "$session_name retrieved the master encryption key");
echo "==============================";
echo "
Master encryption key:
";
echo "$site_encryption_master_key";
echo "
==============================";
+
} else {
- //Log the failure
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Master Key', log_action = 'Download', log_description = '$session_name attempted to retrieve the master encryption key (failure)', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Log the failure
+ logAction("Master Key", "Download", "$session_name attempted to retrieve the master encryption key but failed");
+ $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Incorrect password.";
+
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
}
diff --git a/post/admin/admin_bulk_mail.php b/post/admin/admin_bulk_mail.php
index dc26b722..cdbf999f 100644
--- a/post/admin/admin_bulk_mail.php
+++ b/post/admin/admin_bulk_mail.php
@@ -6,7 +6,9 @@
if (isset($_POST['send_bulk_mail_now'])) {
- if ($_POST['contact_ids']) {
+ if (isset($_POST['contact_ids'])) {
+
+ $count = count($_POST['contact_ids']);
$mail_from = sanitizeInput($_POST['mail_from']);
$mail_from_name = sanitizeInput($_POST['mail_from_name']);
@@ -36,15 +38,11 @@ if (isset($_POST['send_bulk_mail_now'])) {
];
}
addToMailQueue($mysqli, $data);
-
- // Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Bulk Mail', log_action = 'Send', log_description = '$session_name sent bulk email', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
- $_SESSION['alert_message'] = "You Sent Bulk Mail";
-
- } else {
-
- $_SESSION['alert_message'] = "NO Bulk Mail SENT";
+ // Logging
+ logAction("Bulk Mail", "Send", "$session_name sent $count messages via bulk mail");
+
+ $_SESSION['alert_message'] = "$count messages queued";
}
diff --git a/post/admin/admin_category.php b/post/admin/admin_category.php
index f89d37bf..c3a97fc2 100644
--- a/post/admin/admin_category.php
+++ b/post/admin/admin_category.php
@@ -10,10 +10,12 @@ if (isset($_POST['add_category'])) {
mysqli_query($mysqli,"INSERT INTO categories SET category_name = '$name', category_type = '$type', category_color = '$color'");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $category_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Category added";
+ // Logging
+ logAction("Category", "Create", "$session_name created category $type $name", 0, $category_id);
+
+ $_SESSION['alert_message'] = "Category $type $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -27,53 +29,75 @@ if (isset($_POST['edit_category'])) {
mysqli_query($mysqli,"UPDATE categories SET category_name = '$name', category_type = '$type', category_color = '$color' WHERE category_id = $category_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Category", "Edit", "$session_name edited category $type $name", 0, $category_id);
- $_SESSION['alert_message'] = "Category modified";
+ $_SESSION['alert_message'] = "Category $type $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['archive_category'])) {
+
$category_id = intval($_GET['archive_category']);
+ // Get Category Name and Type for logging
+ $sql = mysqli_query($mysqli,"SELECT category_name, category_type FROM categories WHERE category_id = $category_id");
+ $row = mysqli_fetch_array($sql);
+ $category_name = sanitizeInput($row['category_name']);
+ $category_type = sanitizeInput($row['category_type']);
+
mysqli_query($mysqli,"UPDATE categories SET category_archived_at = NOW() WHERE category_id = $category_id");
- //logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Archive', log_description = '$category_id'");
+ // Logging
+ logAction("Category", "Archive", "$session_name archived category $type $name", 0, $category_id);
- $_SESSION['alert_message'] = "Category Archived";
+ $_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Category $type $name archived";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['unarchive_category'])) {
+
$category_id = intval($_GET['unarchive_category']);
+ // Get Category Name and Type for logging
+ $sql = mysqli_query($mysqli,"SELECT category_name, category_type FROM categories WHERE category_id = $category_id");
+ $row = mysqli_fetch_array($sql);
+ $category_name = sanitizeInput($row['category_name']);
+ $category_type = sanitizeInput($row['category_type']);
+
mysqli_query($mysqli,"UPDATE categories SET category_archived_at = NULL WHERE category_id = $category_id");
- //logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Unarchive', log_description = '$category_id'");
+ // Logging
+ logAction("Category", "Unarchive", "$session_name unarchived category $type $name", 0, $category_id);
- $_SESSION['alert_message'] = "Category Unarchived";
+ $_SESSION['alert_message'] = "Category $type $name unarchived";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_category'])) {
+
$category_id = intval($_GET['delete_category']);
+ // Get Category Name and Type for logging
+ $sql = mysqli_query($mysqli,"SELECT category_name, category_type FROM categories WHERE category_id = $category_id");
+ $row = mysqli_fetch_array($sql);
+ $category_name = sanitizeInput($row['category_name']);
+ $category_type = sanitizeInput($row['category_type']);
+
mysqli_query($mysqli,"DELETE FROM categories WHERE category_id = $category_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Category', log_action = 'Delete', log_description = '$category_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Category", "Delete", "$session_name deleted category $type $name");
- $_SESSION['alert_message'] = "Category deleted";
$_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Category $type $name deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_custom_field.php b/post/admin/admin_custom_field.php
index 00c1769d..85f2a739 100644
--- a/post/admin/admin_custom_field.php
+++ b/post/admin/admin_custom_field.php
@@ -12,10 +12,12 @@ if(isset($_POST['create_custom_field'])){
mysqli_query($mysqli,"INSERT INTO custom_fields SET custom_field_table = '$table', custom_field_label = '$label', custom_field_type = '$type'");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Field', log_action = 'Create', log_description = '$label', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $custom_field_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Custom field created";
+ // Logging
+ logAction("Custom Field", "Create", "$session_name created custom field $label", 0, $custom_field_id);
+
+ $_SESSION['alert_message'] = "Custom field $label created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -29,10 +31,10 @@ if(isset($_POST['edit_custom_field'])){
mysqli_query($mysqli,"UPDATE custom_fields SET custom_field_label = '$label', custom_field_type = '$type' WHERE custom_field_id = $custom_field_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Field', log_action = 'Edit', log_description = '$label', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Custom Field", "Edit", "$session_name edited custom field $label", 0, $custom_field_id);
- $_SESSION['alert_message'] = "You edited the custom field";
+ $_SESSION['alert_message'] = "Custom field $label edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -41,13 +43,18 @@ if(isset($_POST['edit_custom_field'])){
if(isset($_GET['delete_custom_field'])){
$custom_field_id = intval($_GET['delete_custom_field']);
+ // Get Custom Field Label for logging
+ $sql = mysqli_query($mysqli,"SELECT custom_field_label FROM custom_fields WHERE custom_field_id = $custom_field_id");
+ $row = mysqli_fetch_array($sql);
+ $custom_field_label = sanitizeInput($row['custom_field_label']);
+
mysqli_query($mysqli,"DELETE FROM custom_fields WHERE custom_field_id = $custom_field_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Fields', log_action = 'Delete', log_description = '$custom_field_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Custom Field", "Delete", "$session_name deleted custom field $label");
- $_SESSION['alert_message'] = "You deleted custom field";
$_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Custom field $label deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_custom_link.php b/post/admin/admin_custom_link.php
index 5a84be51..a49c2975 100644
--- a/post/admin/admin_custom_link.php
+++ b/post/admin/admin_custom_link.php
@@ -15,10 +15,12 @@ if (isset($_POST['add_custom_link'])) {
mysqli_query($mysqli,"INSERT INTO custom_links SET custom_link_name = '$name', custom_link_uri = '$uri', custom_link_new_tab = $new_tab, custom_link_icon = '$icon', custom_link_order = $order, custom_link_location = $location");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Link', log_action = 'Create', log_description = '$session_name created custom link $name --> $uri', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $custom_link_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Custom link successfully created!";
+ // Logging
+ logAction("Custom Link", "Create", "$session_name created custom link $name -> $uri", 0, $custom_link_id);
+
+ $_SESSION['alert_message'] = "Custom link $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -36,10 +38,10 @@ if (isset($_POST['edit_custom_link'])) {
mysqli_query($mysqli,"UPDATE custom_links SET custom_link_name = '$name', custom_link_uri = '$uri', custom_link_new_tab = $new_tab, custom_link_icon = '$icon', custom_link_order = $order, custom_link_location = $location WHERE custom_link_id = $custom_link_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Link', log_action = 'Modify', log_description = '$session_name edited the custom link $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Custom Link", "Edit", "$session_name edited custom link $name -> $uri", 0, $custom_link_id);
- $_SESSION['alert_message'] = "Custom Link modified";
+ $_SESSION['alert_message'] = "Custom Link $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -48,13 +50,19 @@ if (isset($_POST['edit_custom_link'])) {
if (isset($_GET['delete_custom_link'])) {
$custom_link_id = intval($_GET['delete_custom_link']);
+ // Get Custom Link name and uri for logging
+ $sql = mysqli_query($mysqli,"SELECT custom_link_name, custom_link_uri FROM custom_links WHERE custom_link_id = $custom_link_id");
+ $row = mysqli_fetch_array($sql);
+ $custom_link_name = sanitizeInput($row['custom_link_name']);
+ $custom_link_uri = sanitizeInput($row['custom_link_uri']);
+
mysqli_query($mysqli,"DELETE FROM custom_links WHERE custom_link_id = $custom_link_id");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Link', log_action = 'Delete', log_description = '$session_name deleted a custom link', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Custom Link", "Delete", "$session_name deleted custom link $custom_link_name -> $custom_link_uri");
- $_SESSION['alert_message'] = "Custom Link deleted!";
$_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Custom Link $name deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_document_template.php b/post/admin/admin_document_template.php
index cb2431ed..40cdd2e9 100644
--- a/post/admin/admin_document_template.php
+++ b/post/admin/admin_document_template.php
@@ -14,12 +14,13 @@ if (isset($_POST['add_document_template'])) {
$content_raw = sanitizeInput($_POST['name'] . " " . str_replace("<", " <", $_POST['content']));
// Content Raw is used for FULL INDEX searching. Adding a space before HTML tags to allow spaces between newlines, bulletpoints, etc. for searching.
- // Document add query
- $add_document = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 1, document_folder_id = 0, document_created_by = $session_user_id, document_client_id = 0");
+ // Document create query
+ mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 1, document_folder_id = 0, document_created_by = $session_user_id, document_client_id = 0");
+
$document_id = mysqli_insert_id($mysqli);
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Document Template', log_action = 'Create', log_description = '$session_name created document template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $document_id");
+ logAction("Document Template", "Create", "$session_name created document template $name", $client_id, $document_id);
$_SESSION['alert_message'] = "Document template $name created";
diff --git a/post/admin/admin_mail_queue.php b/post/admin/admin_mail_queue.php
index b6210f64..f178dc5c 100644
--- a/post/admin/admin_mail_queue.php
+++ b/post/admin/admin_mail_queue.php
@@ -7,7 +7,7 @@ if (isset($_GET['send_failed_mail'])) {
mysqli_query($mysqli,"UPDATE email_queue SET email_status = 0, email_attempts = 3 WHERE email_id = $email_id");
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Email', log_action = 'Send', log_description = '$session_name attempted to force send email queue id: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $email_id");
+ logAction("Email", "Send", "$session_name attempted to force send email id: $email_id in the mail queue", 0, $email_id);
$_SESSION['alert_message'] = "Email Force Sent, give it a minute to resend";
@@ -22,8 +22,9 @@ if (isset($_GET['cancel_mail'])) {
mysqli_query($mysqli,"UPDATE email_queue SET email_status = 2, email_attempts = 99, email_failed_at = NOW() WHERE email_id = $email_id");
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Email', log_action = 'Cancel', log_description = '$session_name canceled send email queue id: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $email_id");
+ logAction("Email", "Send", "$session_name canceled send email id: $email_id in the mail queue", 0, $email_id);
+ $_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Email cancelled and marked as failed.";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -34,24 +35,25 @@ if (isset($_POST['bulk_cancel_emails'])) {
validateCSRFToken($_POST['csrf_token']);
- $count = 0; // Default 0
- $email_ids = $_POST['email_ids']; // Get array of email IDs to be cancelled
+ if (isset($_POST['email_ids'])) {
- if (!empty($email_ids)) {
+ $count = count($_POST['email_ids']);
// Cycle through array and mark each email as failed
- foreach ($email_ids as $email_id) {
+ foreach ($_POST['email_ids'] as $email_id) {
$email_id = intval($email_id);
mysqli_query($mysqli,"UPDATE email_queue SET email_status = 2, email_attempts = 99, email_failed_at = NOW() WHERE email_id = $email_id");
- $count++;
+ // Logging
+ logAction("Email", "Cancel", "$session_name cancelled email id: $email_id in the mail queue", 0, $email_id);
+
}
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Email', log_action = 'Cancel', log_description = '$session_name bulk cancelled $count emails from the mail Queue', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("Email", "Bulk Cancel", "$session_name cancelled $count email(s) in the mail queue");
- $_SESSION['alert_message'] = "Cancelled $count email(s)";
+ $_SESSION['alert_message'] = "Cancelled $count email(s)";
}
@@ -62,25 +64,26 @@ if (isset($_POST['bulk_delete_emails'])) {
validateCSRFToken($_POST['csrf_token']);
- $count = 0; // Default 0
- $email_ids = $_POST['email_ids']; // Get array of email IDs to be deleted
+ if (isset($_POST['email_ids'])) {
- if (!empty($email_ids)) {
+ $count = count($_POST['email_ids']);
// Cycle through array and delete each email
- foreach ($email_ids as $email_id) {
+ foreach ($_POST['email_ids'] as $email_id) {
$email_id = intval($email_id);
mysqli_query($mysqli,"DELETE FROM email_queue WHERE email_id = $email_id");
- $count++;
+ // Logging
+ logAction("Email", "Delete", "$session_name deleted email id: $email_id from the mail queue");
+
}
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Email', log_action = 'Delete', log_description = '$session_name bulk deleted $count emails from the mail Queue', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("Email", "Bulk Delete", "$session_name deleted $count email(s) from the mail queue");
- $_SESSION['alert_type'] = "danger";
- $_SESSION['alert_message'] = "Deleted $count email(s)";
+ $_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Deleted $count email(s)";
}
diff --git a/post/admin/admin_project_template.php b/post/admin/admin_project_template.php
index f9bf373b..790828a7 100644
--- a/post/admin/admin_project_template.php
+++ b/post/admin/admin_project_template.php
@@ -2,7 +2,6 @@
if (isset($_POST['add_project_template'])) {
- validateTechRole();
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
@@ -11,9 +10,9 @@ if (isset($_POST['add_project_template'])) {
$project_template_id = mysqli_insert_id($mysqli);
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project Template', log_action = 'Create', log_description = '$session_name created project template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $project_template_id");
+ logAction("Project Template", "Create", "$session_name created project template $name", 0, $project_template_id);
- $_SESSION['alert_message'] = "You created Project Template $name";
+ $_SESSION['alert_message'] = "Project Template $name created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -21,7 +20,6 @@ if (isset($_POST['add_project_template'])) {
if (isset($_POST['edit_project_template'])) {
- validateTechRole();
$project_template_id = intval($_POST['project_template_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
@@ -29,16 +27,15 @@ if (isset($_POST['edit_project_template'])) {
mysqli_query($mysqli, "UPDATE project_templates SET project_template_name = '$name', project_template_description = '$description' WHERE project_template_id = $project_template_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project Template', log_action = 'Edit', log_description = '$session_name edited Project template $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $project_template_id");
+ logAction("Project Template", "Edit", "$session_name edited project template $name", 0, $project_template_id);
- $_SESSION['alert_message'] = "You edited Project Template $name";
+ $_SESSION['alert_message'] = "Project Template $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['edit_ticket_template_order'])) {
- validateTechRole();
$ticket_template_id = intval($_POST['ticket_template_id']);
$project_template_id = intval($_POST['project_template_id']);
$order = intval($_POST['order']);
@@ -50,7 +47,6 @@ if (isset($_POST['edit_ticket_template_order'])) {
if (isset($_POST['add_ticket_template_to_project_template'])) {
- validateTechRole();
$project_template_id = intval($_POST['project_template_id']);
$ticket_template_id = intval($_POST['ticket_template_id']);
$order = intval($_POST['order']);
@@ -58,9 +54,9 @@ if (isset($_POST['add_ticket_template_to_project_template'])) {
mysqli_query($mysqli, "INSERT INTO project_template_ticket_templates SET project_template_id = $project_template_id, ticket_template_id = $ticket_template_id, ticket_template_order = $order");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project Template', log_action = 'Edit', log_description = '$session_name added a ticket template to project template', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $project_template_id");
+ logAction("Project Template", "Edit", "$session_name added ticket template to project_template", 0, $project_template_id);
- $_SESSION['alert_message'] = "You added a ticket template to the project template";
+ $_SESSION['alert_message'] = "Ticket template added";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
@@ -74,17 +70,16 @@ if (isset($_POST['remove_ticket_template_from_project_template'])) {
mysqli_query($mysqli, "DELETE FROM project_template_ticket_templates WHERE project_template_id = $project_template_id AND ticket_template_id = $ticket_template_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project Template', log_action = 'Edit', log_description = '$session_name removed a ticket template from a project template', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $project_template_id");
+ logAction("Project Template", "Edit", "$session_name removed ticket template from project template", 0, $project_template_id);
- $_SESSION['alert_message'] = "You removed ticket template from the project template";
+ $_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "Ticket template removed";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_project_template'])) {
- validateTechRole();
-
$project_template_id = intval($_GET['delete_project_template']);
// Get project template name
@@ -98,10 +93,10 @@ if (isset($_GET['delete_project_template'])) {
mysqli_query($mysqli, "DELETE FROM project_template_ticket_templates WHERE project_template_id = $project_template_id");
// Logging
- mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Project Template', log_action = 'Delete', log_description = '$session_name deleted ticket template $project_template_name and its associated ticket templates and its tasks', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $project_template_id");
+ logAction("Project Template", "Delete", "$session_name deleted project template $project_template_name and its associated ticket templates and tasks");
$_SESSION['alert_type'] = "error";
- $_SESSION['alert_message'] = "You Deleted Project Template $project_template_name and its associated ticket templates and tasks";
+ $_SESSION['alert_message'] = "Project Template $project_template_name and its associated ticket templates and tasks deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin/admin_role.php b/post/admin/admin_role.php
index 33e10985..54471a12 100644
--- a/post/admin/admin_role.php
+++ b/post/admin/admin_role.php
@@ -14,9 +14,12 @@ if (isset($_POST['add_role'])) {
mysqli_query($mysqli, "INSERT INTO user_roles SET user_role_name = '$name', user_role_description = '$description', user_role_is_admin = $admin");
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Role', log_action = 'Create', log_description = '$session_name created the $name role', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ $user_role_id = mysqli_insert_id($mysqli);
- $_SESSION['alert_message'] = "Role $name created";
+ // Logging
+ logAction("User Role", "Create", "$session_name created user role $name", 0, $user_role_id);
+
+ $_SESSION['alert_message'] = "User Role created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@@ -31,6 +34,7 @@ if (isset($_POST['edit_role'])) {
$name = sanitizeInput($_POST['role_name']);
$description = sanitizeInput($_POST['role_description']);
$admin = intval($_POST['role_is_admin']);
+
mysqli_query($mysqli, "UPDATE user_roles SET user_role_name = '$name', user_role_description = '$description', user_role_is_admin = $admin WHERE user_role_id = $role_id");
// Update role access levels
@@ -48,9 +52,10 @@ if (isset($_POST['edit_role'])) {
}
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Role', log_action = 'Modify', log_description = '$session_name updated the $name role', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("User Role", "Edit", "$session_name edited user role $name", 0, $role_id);
- $_SESSION['alert_message'] = "Role $name updated";
+ $_SESSION['alert_message'] = "User Role $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin/admin_settings_ai.php b/post/admin/admin_settings_ai.php
index e11ae7d4..ad7dac98 100644
--- a/post/admin/admin_settings_ai.php
+++ b/post/admin/admin_settings_ai.php
@@ -16,10 +16,10 @@ if (isset($_POST['edit_ai_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_ai_enable = $ai_enable, config_ai_provider = '$provider', config_ai_model = '$model', config_ai_url = '$url', config_ai_api_key = '$api_key' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Edit', log_description = '$session_name edited AI settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited AI settings");
- $_SESSION['alert_message'] = "You updated the AI Settings";
+ $_SESSION['alert_message'] = "AI Settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_settings_company.php b/post/admin/admin_settings_company.php
index a1d3bcc7..6ec33b45 100644
--- a/post/admin/admin_settings_company.php
+++ b/post/admin/admin_settings_company.php
@@ -45,10 +45,10 @@ if (isset($_POST['edit_company'])) {
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Modify', log_description = '$session_name modified company $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited company details");
- $_SESSION['alert_message'] = "Company $name updated";
+ $_SESSION['alert_message'] = "Company $name edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_settings_default.php b/post/admin/admin_settings_default.php
index d717a06a..ba4746d8 100644
--- a/post/admin/admin_settings_default.php
+++ b/post/admin/admin_settings_default.php
@@ -18,10 +18,10 @@ if (isset($_POST['edit_default_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$start_page', config_default_expense_account = $expense_account, config_default_payment_account = $payment_account, config_default_payment_method = '$payment_method', config_default_expense_payment_method = '$expense_payment_method', config_default_transfer_from_account = $transfer_from_account, config_default_transfer_to_account = $transfer_to_account, config_default_calendar = $calendar, config_default_net_terms = $net_terms, config_default_hourly_rate = $hourly_rate, config_phone_mask = $phone_mask WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified default settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited default settings");
- $_SESSION['alert_message'] = "Default settings updated";
+ $_SESSION['alert_message'] = "Default settings edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin/admin_settings_integration.php b/post/admin/admin_settings_integration.php
index 4d9f72ae..2a8fa844 100644
--- a/post/admin/admin_settings_integration.php
+++ b/post/admin/admin_settings_integration.php
@@ -9,8 +9,8 @@ if (isset($_POST['edit_integrations_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_azure_client_id = '$azure_client_id', config_azure_client_secret = '$azure_client_secret' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified integrations settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited integrations settings");
$_SESSION['alert_message'] = "Integrations Settings updated";
diff --git a/post/admin/admin_settings_invoice.php b/post/admin/admin_settings_invoice.php
index 34501741..2cf4c690 100644
--- a/post/admin/admin_settings_invoice.php
+++ b/post/admin/admin_settings_invoice.php
@@ -16,11 +16,10 @@ if (isset($_POST['edit_invoice_settings'])) {
$config_invoice_paid_notification_email = sanitizeInput($_POST['config_invoice_paid_notification_email']);
}
-
mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_invoice_footer = '$config_invoice_footer', config_invoice_late_fee_enable = $config_invoice_late_fee_enable, config_invoice_late_fee_percent = $config_invoice_late_fee_percent, config_invoice_paid_notification_email = '$config_invoice_paid_notification_email', config_recurring_prefix = '$config_recurring_prefix', config_recurring_next_number = $config_recurring_next_number WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Edit', log_description = '$session_name edited invoice settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited invoice settings");
$_SESSION['alert_message'] = "Invoice Settings edited";
diff --git a/post/admin/admin_settings_localization.php b/post/admin/admin_settings_localization.php
index bf918e77..7f4996a4 100644
--- a/post/admin/admin_settings_localization.php
+++ b/post/admin/admin_settings_localization.php
@@ -12,8 +12,8 @@ if (isset($_POST['edit_localization'])) {
mysqli_query($mysqli,"UPDATE settings SET config_timezone = '$timezone' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Edit', log_description = '$session_name edited company localization settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited localization settings");
$_SESSION['alert_message'] = "Company localization updated";
diff --git a/post/admin/admin_settings_mail.php b/post/admin/admin_settings_mail.php
index d09bea38..800ddc6d 100644
--- a/post/admin/admin_settings_mail.php
+++ b/post/admin/admin_settings_mail.php
@@ -14,7 +14,7 @@ if (isset($_POST['edit_mail_smtp_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_encryption = '$config_smtp_encryption', config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password' WHERE company_id = 1");
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified SMTP mail settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("Settings", "Edit", "$session_name edited SMTP mail settings");
$_SESSION['alert_message'] = "SMTP Mail Settings updated";
@@ -36,7 +36,7 @@ if (isset($_POST['edit_mail_imap_settings'])) {
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified IMAP mail settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("Settings", "Edit", "$session_name edited IMAP mail settings");
$_SESSION['alert_message'] = "IMAP Mail Settings updated";
@@ -63,7 +63,7 @@ if (isset($_POST['edit_mail_from_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_from_email = '$config_invoice_from_email', config_invoice_from_name = '$config_invoice_from_name', config_quote_from_email = '$config_quote_from_email', config_quote_from_name = '$config_quote_from_name', config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name' WHERE company_id = 1");
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified Mail From settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("Settings", "Edit", "$session_name edited mail from settings");
$_SESSION['alert_message'] = "Mail From Settings updated";
diff --git a/post/admin/admin_settings_module.php b/post/admin/admin_settings_module.php
index 4d231c0a..4df41c9a 100644
--- a/post/admin/admin_settings_module.php
+++ b/post/admin/admin_settings_module.php
@@ -17,8 +17,8 @@ if (isset($_POST['edit_module_settings'])) {
mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 0, config_whitelabel_key = '' WHERE company_id = 1");
}
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified module settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited module settings");
$_SESSION['alert_message'] = "Module Settings updated";
diff --git a/post/admin/admin_settings_notification.php b/post/admin/admin_settings_notification.php
index ea833ae0..10e9e196 100644
--- a/post/admin/admin_settings_notification.php
+++ b/post/admin/admin_settings_notification.php
@@ -13,8 +13,8 @@ if (isset($_POST['edit_notification_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_recurring_auto_send_invoice = $config_recurring_auto_send_invoice, config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire, config_ticket_client_general_notifications = $config_ticket_client_general_notifications WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified notification settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited notification settings");
$_SESSION['alert_message'] = "Notification Settings updated";
@@ -28,10 +28,10 @@ if (isset($_GET['generate_cron_key'])) {
mysqli_query($mysqli,"UPDATE settings SET config_cron_key = '$key' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name regenerated cron key', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name regenerated the cron key");
- $_SESSION['alert_message'] = "Cron key regenerated!";
+ $_SESSION['alert_message'] = "Cron key regenerated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_settings_online_payment.php b/post/admin/admin_settings_online_payment.php
index 9d1a72d1..06f1498a 100644
--- a/post/admin/admin_settings_online_payment.php
+++ b/post/admin/admin_settings_online_payment.php
@@ -15,8 +15,8 @@ if (isset($_POST['edit_online_payment_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account, config_stripe_expense_vendor = $config_stripe_expense_vendor, config_stripe_expense_category = $config_stripe_expense_category, config_stripe_percentage_fee = $config_stripe_percentage_fee, config_stripe_flat_fee = $config_stripe_flat_fee WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified online payment settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited online payment settings");
$_SESSION['alert_message'] = "Online Payment Settings updated";
diff --git a/post/admin/admin_settings_project.php b/post/admin/admin_settings_project.php
index a35d5d9d..f2b42fda 100644
--- a/post/admin/admin_settings_project.php
+++ b/post/admin/admin_settings_project.php
@@ -9,8 +9,8 @@ if (isset($_POST['edit_project_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_project_prefix = '$config_project_prefix', config_project_next_number = $config_project_next_number WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified project settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited project settings");
$_SESSION['alert_message'] = "Project Settings updated";
diff --git a/post/admin/admin_settings_quote.php b/post/admin/admin_settings_quote.php
index f85de889..99df3d08 100644
--- a/post/admin/admin_settings_quote.php
+++ b/post/admin/admin_settings_quote.php
@@ -14,8 +14,8 @@ if (isset($_POST['edit_quote_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer', config_quote_notification_email = '$config_quote_notification_email' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified quote settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited Quote settings");
$_SESSION['alert_message'] = "Quote Settings updated";
diff --git a/post/admin/admin_settings_security.php b/post/admin/admin_settings_security.php
index d18b14a5..e0b388ee 100644
--- a/post/admin/admin_settings_security.php
+++ b/post/admin/admin_settings_security.php
@@ -13,9 +13,9 @@ if (isset($_POST['edit_security_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_login_message = '$config_login_message', config_login_key_required = '$config_login_key_required', config_login_key_secret = '$config_login_key_secret', config_login_remember_me_expire = $config_login_remember_me_expire, config_log_retention = $config_log_retention WHERE company_id = 1");
// Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified login key settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ logAction("Settings", "Edit", "$session_name edited security settings");
- $_SESSION['alert_message'] = "Login key settings updated";
+ $_SESSION['alert_message'] = "Security settings updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
diff --git a/post/admin/admin_settings_telemetry.php b/post/admin/admin_settings_telemetry.php
index 9eb312c7..59fc0c5f 100644
--- a/post/admin/admin_settings_telemetry.php
+++ b/post/admin/admin_settings_telemetry.php
@@ -8,8 +8,8 @@ if (isset($_POST['edit_telemetry_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_telemetry = $config_telemetry WHERE company_id = 1");
- // Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified telemetry settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited telemetry settings");
$_SESSION['alert_message'] = "Telemetry Settings updated";
diff --git a/post/admin/admin_settings_theme.php b/post/admin/admin_settings_theme.php
index 461f4ce6..0f341353 100644
--- a/post/admin/admin_settings_theme.php
+++ b/post/admin/admin_settings_theme.php
@@ -8,8 +8,8 @@ if (isset($_POST['edit_theme_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_theme = '$theme' WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified theme settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited theme settings");
$_SESSION['alert_message'] = "Changed theme to $theme";
@@ -45,10 +45,10 @@ if (isset($_POST['edit_favicon_settings'])) {
}
}
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name updated the favicon', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name changed the favicon");
- $_SESSION['alert_message'] = "You updated the favicon";
+ $_SESSION['alert_message'] = "Favicon Updated";
header("Location: " . $_SERVER["HTTP_REFERER"]);
diff --git a/post/admin/admin_settings_ticket.php b/post/admin/admin_settings_ticket.php
index 72492184..d59523d4 100644
--- a/post/admin/admin_settings_ticket.php
+++ b/post/admin/admin_settings_ticket.php
@@ -15,8 +15,8 @@ if (isset($_POST['edit_ticket_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_email_parse = $config_ticket_email_parse, config_ticket_email_parse_unknown_senders = $config_ticket_email_parse_unknown_senders, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email', config_ticket_default_billable = $config_ticket_default_billable WHERE company_id = 1");
- //Logging
- mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified ticket settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
+ // Logging
+ logAction("Settings", "Edit", "$session_name edited ticket settings");
$_SESSION['alert_message'] = "Ticket Settings updated";