From 48c2bec919c955f796414007b21af4e63e2b3c00 Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 20 May 2022 16:10:59 +0100 Subject: [PATCH 1/5] Fix td closing tag for stale tickets --- client_overview.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client_overview.php b/client_overview.php index 30c82877..8b578896 100644 --- a/client_overview.php +++ b/client_overview.php @@ -239,7 +239,7 @@ $sql_tickets_stale = mysqli_query($mysqli,"SELECT * FROM tickets ?> - /td> + From 08245c3ef6eb8a890cef868f519142445224943d Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 20 May 2022 16:27:06 +0100 Subject: [PATCH 2/5] Remove unused function --- functions.php | 36 ------------------------------------ 1 file changed, 36 deletions(-) diff --git a/functions.php b/functions.php index 788ae845..91b2c747 100644 --- a/functions.php +++ b/functions.php @@ -186,42 +186,6 @@ function truncate($text, $chars) { return $text; } -function get_otp($secret_seed) { - //TOTP seed (String representation) - $otp = ''; - //number of seconds of otp period - $time_window = 30; - - //time formating to epoch - $exact_time = microtime(true); - $rounded_time = floor($exact_time/$time_window); - - //binary represetation of time without padding - $packed_time = pack("N", $rounded_time); - - //binary representation of time with padding - $padded_packed_time = str_pad($packed_time,8, chr(0), STR_PAD_LEFT); - - //binary representation of seed - $packed_secret_seed = pack("H*", $secret_seed); - - //HMAC SHA1 hash (time + seed) - $hash = hash_hmac ('sha1', $padded_packed_time, $packed_secret_seed, true); - - $offset = ord($hash[19]) & 0xf; - $otp = ( - ((ord($hash[$offset+0]) & 0x7f) << 24 ) | - ((ord($hash[$offset+1]) & 0xff) << 16 ) | - ((ord($hash[$offset+2]) & 0xff) << 8 ) | - (ord($hash[$offset+3]) & 0xff) - ) % pow(10, 6); - - //adding pad to otp, in order to assure a "6" digits - $otp = str_pad($otp, 6, "0", STR_PAD_LEFT); - - return $otp; -} - function formatPhoneNumber($phoneNumber) { $phoneNumber = preg_replace('/[^0-9]/','',$phoneNumber); From 7128f347b4cde7147a836f42e4ce339591c5a204 Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 20 May 2022 16:27:21 +0100 Subject: [PATCH 3/5] Automatically copy share link to clipboard --- share_modal.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/share_modal.php b/share_modal.php index 893283bd..b8876f7e 100644 --- a/share_modal.php +++ b/share_modal.php @@ -27,6 +27,9 @@ document.getElementById("share_link_header").hidden = false; document.getElementById("share_link").hidden = false; document.getElementById("share_link").value = response; + + // Copy link to clipboard + navigator.clipboard.writeText(response); } ); } From 96b7578d211ac4b641485566f26606fc327066c2 Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 20 May 2022 16:36:12 +0100 Subject: [PATCH 4/5] Add internal note to ticket when invoice is created --- post.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/post.php b/post.php index 13f833b9..2cffdc99 100644 --- a/post.php +++ b/post.php @@ -6611,8 +6611,11 @@ if(isset($_POST['add_invoice_from_ticket'])){ mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = '$new_invoice_amount' WHERE invoice_id = $invoice_id AND company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Draft', history_description = 'Invoice created from Ticket $ticket_prefix$ticket_number', history_invoice_id = $invoice_id, company_id = $session_company_id"); - - //Logging + + // Add internal note to ticket + mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = 'Created invoice $config_invoice_prefix$invoice_number for this ticket.', ticket_reply_type = 'Internal', ticket_reply_time_worked = '00:01:00', ticket_reply_by = $session_user_id, ticket_reply_ticket_id = $ticket_id, company_id = $session_company_id"); + + // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Create', log_description = '$config_invoice_prefix$invoice_number created from Ticket $ticket_prefix$ticket_number', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); $_SESSION['alert_message'] = "Invoice created from ticket"; From 17cd82dbf415131b830597f87780579975a3824e Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 20 May 2022 17:06:35 +0100 Subject: [PATCH 5/5] Send e-mail when new user (tech) is created containing login credentials --- post.php | 38 ++++++++++++++++++++++++++++++++++++-- user_add_modal.php | 10 +++++++++- users.php | 5 +++++ 3 files changed, 50 insertions(+), 3 deletions(-) diff --git a/post.php b/post.php index 2cffdc99..7533d99b 100644 --- a/post.php +++ b/post.php @@ -120,10 +120,44 @@ if(isset($_POST['add_user'])){ //Create Company Access Permissions mysqli_query($mysqli,"INSERT INTO user_companies SET user_id = $user_id, company_id = $default_company"); + // Send user e-mail, if specified + // Send e-mail to client if public update & email is setup + if(isset($_POST['send_email']) && !empty($config_smtp_host)){ + + $mail = new PHPMailer(true); + + try{ + //Mail Server Settings + $mail->SMTPDebug = 2; // Enable verbose debug output + $mail->isSMTP(); // Set mailer to use SMTP + $mail->Host = $config_smtp_host; // Specify main and backup SMTP servers + $mail->SMTPAuth = true; // Enable SMTP authentication + $mail->Username = $config_smtp_username; // SMTP username + $mail->Password = $config_smtp_password; // SMTP password + $mail->SMTPSecure = $config_smtp_encryption; // Enable TLS encryption, `ssl` also accepted + $mail->Port = $config_smtp_port; // TCP port to connect to + + //Recipients + $mail->setFrom($config_ticket_from_email, $config_ticket_from_name); + $mail->addAddress("$email", "$name"); // Add a recipient + + // Content + $mail->isHTML(true); // Set email format to HTML + + $mail->Subject = "Your new $session_company_name ITFlow account"; + $mail->Body = "Hello, $name

An ITFlow account has been setup for you. Please change your password upon login.

Username: $email
Password: $_POST[password]
Login URL: $config_base_url

~
$session_company_name
Support Department
$config_ticket_from_email"; + $mail->send(); + } + catch(Exception $e){ + echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}"; + } + } + //End Mail IF Try-Catch + //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Create', log_description = '$session_name created user $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, company_id = $session_company_id"); - $_SESSION['alert_message'] = "User $user_name created"; + $_SESSION['alert_message'] = "User $name created"; header("Location: users.php"); @@ -6327,7 +6361,7 @@ if(isset($_POST['add_ticket_reply'])){ validateTechRole(); - // HTML Purifier + // HTML Purifier require("plugins/htmlpurifier/HTMLPurifier.standalone.php"); $purifier_config = HTMLPurifier_Config::createDefault(); $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); diff --git a/user_add_modal.php b/user_add_modal.php index 87ca612f..2e9c00ec 100644 --- a/user_add_modal.php +++ b/user_add_modal.php @@ -37,10 +37,13 @@
- +
+
+ +
@@ -88,6 +91,11 @@ +
+ + +
+
diff --git a/users.php b/users.php index cd60c733..64fbd3c6 100644 --- a/users.php +++ b/users.php @@ -142,6 +142,11 @@
+