AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,421 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

6421 Commits

Author SHA1 Message Date
Marcus Hill 9a183774cb Escape server http host/uri submitted to database during setup 2022-03-28 20:47:12 +01:00
Marcus Hill 4ba313f752 Fix potential sql injection in delete_file if param add_location was also specified - post.php 2022-03-28 20:45:31 +01:00
Marcus Hill d83906508d Fix potential sql injection in add_company - post.php 2022-03-28 20:39:35 +01:00
Johnny e1e3ffd786
Merge pull request #413 from wrongecho/misc 
Misc small changes/fixes
 2022-03-28 10:43:08 -04:00
johnnyq c4fb8cf4d2 Added Red text to login message to show error has occurred to client portal login 2022-03-28 10:42:29 -04:00
johnnyq 42f47e948d Cleanup Client Login page and correct indentation of code structure 2022-03-28 10:30:48 -04:00
Johnny dd160f6ae6
Merge pull request #415 from aftechro/patch-8 
Updated login.php
 2022-03-28 10:16:16 -04:00
AFTECH.RO 8555b032fe
Updated ticket.php 
small UI changes, as well added close ticket to contact
@wrongecho or @johnnyq please have a look at the close button functionality, so the contacts can close the ticket too
 2022-03-27 23:32:11 +01:00
AFTECH.RO c784774162
Updated login.php 
Changed login page - same UI as admin logo
 2022-03-27 23:29:53 +01:00
AFTECH.RO 8f3cb64158
Updated index.php 
small changes to UI
 2022-03-27 23:28:15 +01:00
Marcus Hill bba68f4d17 Name uploaded files with provided name, if specified 2022-03-27 23:00:45 +01:00
Marcus Hill 9040fdf847 Misc small changes/fixes 2022-03-27 22:26:22 +01:00
Johnny aafb6a677f
Merge pull request #412 from wrongecho/misc 
Misc incl SQL Injection / XSS fixes
 2022-03-27 15:05:07 -04:00
Marcus Hill 816ba87485 SQL Injection / XSS fixes 2022-03-27 20:02:16 +01:00
johnnyq ee97c479bf Change to PHP Default tmp Path for checking DB changes on update. This prevents data being written to a common /tmp path on shared hosting environments 2022-03-27 14:54:13 -04:00
Johnny 974cac0e86
Merge pull request #411 from wrongecho/perms 
Role-based access permissions
 2022-03-27 14:44:29 -04:00
Johnny f4d25a79b6
Merge pull request #410 from wrongecho/ticket-collision-detection 
Show who else is viewing the same open ticket as you
 2022-03-27 14:42:32 -04:00
Marcus Hill 4650947241 Fix client portal priority 2022-03-27 19:00:43 +01:00
wrongecho e2142ec444
Minor readme edits 2022-03-27 17:06:33 +01:00
Marcus Hill c3fadfab3b Add role based access for API functions 2022-03-27 16:03:41 +01:00
Marcus Hill 747baf5548 Add role-based access control 2022-03-27 15:47:30 +01:00
Marcus Hill a6a7bf1f30 Restrict user (agent) create/edit/delete actions to admins only 2022-03-27 15:39:27 +01:00
Marcus Hill e6a314d233 Prevent tech/accountant from performing certain tasks as per access matrix 2022-03-27 15:32:40 +01:00
Marcus Hill 42d917a0f4 Comments 2022-03-26 18:11:03 +00:00
Marcus Hill fb4da53026 Show who else is viewing the same open ticket as you 2022-03-26 18:05:20 +00:00
johnnyq 139bb6fd73 Set item_view to 0 when sharing a link 2022-03-26 11:10:27 -04:00
johnnyq 25f973d3a5 Additional Standardization of logging actions use Upload instead of Uploaded same with Download and Email 2022-03-26 10:27:11 -04:00
Johnny 057c5bb1f0
Merge pull request #409 from wrongecho/api 
API
 2022-03-26 10:15:26 -04:00
johnnyq 5f451dceef Standardize logging actions use Create instead of Created same with Modify and Delete 2022-03-26 10:12:40 -04:00
Marcus Hill 09b4eab1c3 Correct insert ID for create endpoint. Add contact create API endpoint 2022-03-26 13:39:43 +00:00
johnnyq 5db7ab3d73 Fix recurring broken breadcrumb links under recurring invoice 2022-03-25 20:26:37 -04:00
Johnny 1e8638818b
Merge pull request #405 from wrongecho/delete-client 
Delete client - post.php
 2022-03-25 16:09:15 -04:00
Johnny 6f6920ce59 Merge pull request #406 from wrongecho/ticket-ui 
Hide edit/delete buttons for closed tickets
 2022-03-25 16:07:17 -04:00
Marcus Hill 3019f6a5d4 Hide edit/delete buttons for closed tickets 2022-03-24 21:04:20 +00:00
Marcus Hill e4d2d0c699 Prevent deletion of client unless user role is 3 (admin) 2022-03-24 20:52:26 +00:00
Marcus Hill fd589c53fa Delete scheduled tickets when client is deleted 2022-03-24 20:45:58 +00:00
Marcus Hill a598e9d42e Remove non-existant delete query that prevents client being deleted properly on some installs 2022-03-24 20:41:26 +00:00
Johnny 7874acaa65
Merge pull request #404 from jlcfly/master 
Just a few minor fixes
 2022-03-22 17:32:43 -04:00
Joe Clark 654b7adf6c Initialize variable to avoid PHP undefined error 2022-03-22 13:07:11 -07:00
Joe Clark 9a04ff5341 Check if path exists before attempting to remove 2022-03-22 13:06:39 -07:00
Joe Clark e54eae13a7 Fix bug with initializing variable name 2022-03-22 13:06:14 -07:00
Johnny 66d4ebc482
Merge pull request #402 from aftechro/patch-6 
Update calendar_events.php
 2022-03-22 14:55:46 -04:00
Johnny b9b1fd6c76
Merge pull request #401 from wrongecho/contact-auth 
Client Portal small edits
 2022-03-22 14:54:39 -04:00
AFTECH.RO 5b57f415f7
Update calendar_events.php 
Added clickable URL to events
 2022-03-21 21:47:01 +00:00
Marcus Hill 61cf50cad0 Make ticket assigned to filter select2 to make filterable 2022-03-21 21:41:33 +00:00
Marcus Hill 9378b3eec4 Remove bad reference to session user id for portal post new ticket logging 2022-03-21 21:25:03 +00:00
Marcus Hill c974251e93 Fix new ticket link 2022-03-21 21:17:50 +00:00
Marcus Hill 4b149edfd9 Fix client portal link 2022-03-21 21:12:57 +00:00
Marcus Hill d937d0ccec Add fields for contact portal auth 2022-03-21 21:05:08 +00:00
Johnny 9b542726a6
Merge pull request #400 from wrongecho/portal 
Client portal updates
 2022-03-20 22:34:27 -04:00