AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #465 from wrongecho/misc 

Misc changes
This commit is contained in:
Johnny 2022-05-22 12:22:59 -04:00 committed by GitHub
parent 7a190a28e7 17cd82dbf4
commit f9a78e7ef7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 59 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
client_overview.php
View File

@ -239,7 +239,7 @@ $sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets
?>
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id?>"><?php echo "$ticket_prefix$ticket_number"; ?></a>/td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id?>"><?php echo "$ticket_prefix$ticket_number"; ?></a></td>
<td><?php echo $ticket_subject; ?></td>
<td class="text-danger"><?php echo $ticket_created_at; ?></td>
</tr>

36
functions.php
View File

@ -186,42 +186,6 @@ function truncate($text, $chars) {
return $text;
}
function get_otp($secret_seed) {
//TOTP seed (String representation)
$otp = '';
//number of seconds of otp period
$time_window = 30;
//time formating to epoch
$exact_time = microtime(true);
$rounded_time = floor($exact_time/$time_window);
//binary represetation of time without padding
$packed_time = pack("N", $rounded_time);
//binary representation of time with padding
$padded_packed_time = str_pad($packed_time,8, chr(0), STR_PAD_LEFT);
//binary representation of seed
$packed_secret_seed = pack("H*", $secret_seed);
//HMAC SHA1 hash (time + seed)
$hash = hash_hmac ('sha1', $padded_packed_time, $packed_secret_seed, true);
$offset = ord($hash[19]) & 0xf;
$otp = (
((ord($hash[$offset+0]) & 0x7f) << 24 ) |
((ord($hash[$offset+1]) & 0xff) << 16 ) |
((ord($hash[$offset+2]) & 0xff) << 8 ) |
(ord($hash[$offset+3]) & 0xff)
) % pow(10, 6);
//adding pad to otp, in order to assure a "6" digits
$otp = str_pad($otp, 6, "0", STR_PAD_LEFT);
return $otp;
}
function formatPhoneNumber($phoneNumber) {
$phoneNumber = preg_replace('/[^0-9]/','',$phoneNumber);

45
post.php
View File

@ -120,10 +120,44 @@ if(isset($_POST['add_user'])){
//Create Company Access Permissions
mysqli_query($mysqli,"INSERT INTO user_companies SET user_id = $user_id, company_id = $default_company");
// Send user e-mail, if specified
// Send e-mail to client if public update & email is setup
if(isset($_POST['send_email']) && !empty($config_smtp_host)){
$mail = new PHPMailer(true);
try{
//Mail Server Settings
$mail->SMTPDebug = 2; // Enable verbose debug output
$mail->isSMTP(); // Set mailer to use SMTP
$mail->Host = $config_smtp_host; // Specify main and backup SMTP servers
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = $config_smtp_username; // SMTP username
$mail->Password = $config_smtp_password; // SMTP password
$mail->SMTPSecure = $config_smtp_encryption; // Enable TLS encryption, `ssl` also accepted
$mail->Port = $config_smtp_port; // TCP port to connect to
//Recipients
$mail->setFrom($config_ticket_from_email, $config_ticket_from_name);
$mail->addAddress("$email", "$name"); // Add a recipient
// Content
$mail->isHTML(true); // Set email format to HTML
$mail->Subject = "Your new $session_company_name ITFlow account";
$mail->Body = "Hello, $name<br><br>An ITFlow account has been setup for you. Please change your password upon login. <br><br>Username: $email <br>Password: $_POST[password]<br>Login URL: $config_base_url<br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email";
$mail->send();
}
catch(Exception $e){
echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
}
}
//End Mail IF Try-Catch
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Create', log_description = '$session_name created user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "User <strong>$user_name</strong> created";
$_SESSION['alert_message'] = "User <strong>$name</strong> created";
header("Location: users.php");
@ -6327,7 +6361,7 @@ if(isset($_POST['add_ticket_reply'])){
validateTechRole();
// HTML Purifier
// HTML Purifier
require("plugins/htmlpurifier/HTMLPurifier.standalone.php");
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
@ -6611,8 +6645,11 @@ if(isset($_POST['add_invoice_from_ticket'])){
mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount' WHERE invoice_id = $invoice_id AND company_id = $session_company_id");
mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'Invoice created from Ticket $ticket_prefix$ticket_number', history_invoice_id = $invoice_id, company_id = $session_company_id");
//Logging
// Add internal note to ticket
mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = 'Created invoice $config_invoice_prefix$invoice_number for this ticket.', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id, company_id = $session_company_id");
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = '$config_invoice_prefix$invoice_number created from Ticket $ticket_prefix$ticket_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id");
$_SESSION['alert_message'] = "Invoice created from ticket";

3
share_modal.php
View File

@ -27,6 +27,9 @@
document.getElementById("share_link_header").hidden = false;
document.getElementById("share_link").hidden = false;
document.getElementById("share_link").value = response;
// Copy link to clipboard
navigator.clipboard.writeText(response);
}
);
}

10
user_add_modal.php
View File

@ -37,10 +37,13 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" data-toggle="password" name="password" placeholder="Enter a Password" autocomplete="new-password" required>
<input type="password" class="form-control" data-toggle="password" name="password" id="password" placeholder="Enter a Password" autocomplete="new-password" required>
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<div class="input-group-append">
<span class="btn btn-default"><i class="fa fa-fw fa-question" onclick="generatePassword()"></i></span>
</div>
</div>
</div>
@ -88,6 +91,11 @@
<input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
</div>
<div class="form-check">
<input type="checkbox" class="form-check-input" name="send_email" value="" checked/>
<label class="form-check-label">Send user e-mail with login details?</label>
</div>
</div>
<div class="modal-footer bg-white">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>

5
users.php
View File

@ -142,6 +142,11 @@
<?php include("pagination.php"); ?>
</div>
</div>
<script>
function generatePassword(){
document.getElementById("password").value = "<?php echo keygen() ?>"
}
</script>
<?php