AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
819 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

312 Commits

Author SHA1 Message Date
johnnyq 3de0ef51ec Small fix when I tryed to resolve a merge conflict 2022-01-07 14:47:47 -05:00
Johnny 00a7fdb6f7
Merge pull request #252 from wrongecho/files 
File uploads
 2022-01-07 14:39:41 -05:00
Johnny 96510364e2
Merge branch 'master' into asset-csv 2022-01-07 14:38:04 -05:00
johnnyq adf1dbe76e Cleanups 2022-01-07 14:25:35 -05:00
Marcus Hill d0483f2472 Allow csv file upload 2022-01-07 18:36:55 +00:00
Marcus Hill c5e976d995 Add index.php files to upload directories to prevent file traversal 2022-01-07 18:35:23 +00:00
Marcus Hill 3eff9e3d48 Add count to asset import via csv 2022-01-07 16:01:30 +00:00
Marcus Hill 5dc9eb4d1d Add basic asset import functionality 2022-01-07 00:58:38 +00:00
Marcus Hill d37dd77637 Update ticket status in database after a ticket reply. 2022-01-06 22:59:23 +00:00
Marcus Hill 77d7e7ba0d Add tag functionality to documents 2022-01-05 21:58:10 +00:00
Marcus Hill f6900ae993 Allow linking of asset to a ticket via edit modal 2022-01-04 20:22:27 +00:00
Marcus Hill ae98902a96 Add support for storing client certificate public key 2022-01-04 03:32:50 +00:00
johnnyq de883f9ff5 Fixed Add Recurring and Edit Recurring Invoices going to a blank screen after submit this was due to a missing history_status var, Removed Activate and Deactivate from recurring list and the buttons from recurring details as this can be modified using edit recurring, Removed Redundant Force Send action on recurring list views, this can be accessed by going to the recurring details. 2022-01-02 13:39:25 -05:00
johnnyq 5ecac729a8 Fixed add ticket logging 2022-01-02 01:43:44 -05:00
johnnyq 466b7a51e4 removed logging client id key for global vendor 2022-01-02 00:58:50 -05:00
johnnyq b2cef73dad Removed Old Logging function under edit vendor 2022-01-02 00:56:28 -05:00
johnnyq ebb37c0f06 Fix Spelling mistake 2022-01-02 00:28:38 -05:00
johnnyq cf3c0a6410 Fixed a vulnerability in the setup.php file and other code cleanups. Thanks to the person that wishes to remain anonymous for reporting and providing a patch Also added a notice to readme to not use this web app during beta for production use 2022-01-01 17:02:31 -05:00
johnnyq a70105e731 Started Adding Detailed Assets more alert and audit logging work 2022-01-01 15:26:31 -05:00
johnnyq ff0ce6077a Removed Redundant Contact and location under edit client. 2021-12-31 16:24:28 -05:00
johnnyq e978cd142e More Audit Logging work, fixed a bunch of small bugs along the way 2021-12-31 15:33:41 -05:00
johnnyq cd7ecc9593 More Audit Logging and alerts cleanup 2021-12-28 22:13:53 -05:00
johnnyq 119e491865 Added Refferal Datasets on new company 2021-12-28 20:54:17 -05:00
johnnyq 05702c4a1b More Audit logging fixes and added proper permissions and added common datasets when a company is added 2021-12-28 18:53:48 -05:00
johnnyq 33400894d5 Updates and Fixings to Audit Logs, added client tag selection for mass email campaigns 2021-12-28 18:16:54 -05:00
johnnyq c04353f284 Added not bull on db structure update for tag_type 2021-12-27 12:14:56 -05:00
johnnyq 484d4fff82 Added Tag Type to allow expansion of tagging support for other entities in the future 2021-12-27 12:06:37 -05:00
johnnyq d23d455cd9 DB update The long awaited Client Tag support is finally complete along with icon support and color badges this has replaced the user maintenance field to allow further customization, fixed tickets as it was using the old permission system. 2021-12-27 11:42:13 -05:00
johnnyq 25b5cb3d40 Moved Functions above check login so that check login can use some of the functions, Moved Fingerprinting to check login instead of in functions as its a more appropriate place 2021-12-22 17:24:54 -05:00
johnnyq 610eeca0a1 DB Update More work on client tags 2021-12-22 14:34:45 -05:00
johnnyq 40c3587789 Remove Outdated DB Changes upon update as ITFlow requires a full reinstallation as of 12-22-2021 will add more as code changes 2021-12-22 14:10:52 -05:00
johnnyq ba584a57e0 BREAKING CHANGES - Many DB Updates - NOT POSSIBLE TO EASILY UPGRADE TO THIS - Completely reworked User Company Access Permssions, started working on Client Role so Clients can access their data and a bunch of other small fixes 2021-12-22 13:08:24 -05:00
johnnyq 4604280efe This Update will break your login as we updated the password hash from MD5 to a salted hash using hash_password and password_verify techniques, fixed an unauthenticated persistent XSS Vulnerbility which would affect if someone spoofed their IP with a javascript code and then a logged in read the logs. The flaw was discovered by @bambilol #214 also fixed some other bugs. 2021-12-13 12:21:55 -05:00
johnnyq cf0946439e Broked it now fixed it 2021-12-12 16:16:58 -05:00
johnnyq 17833fb6dd More Code Fixups and blips to resolve continuing to comb through the code 2021-12-12 16:09:51 -05:00
johnnyq b3b1a44228 Forgot the SQL Connection 2021-12-12 01:27:35 -05:00
johnnyq 9e9bb50db0 Fixed a SQL injection could only work if you had a login thanks disclosure5 for pointing this out from reddit/r/msp 2021-12-12 01:22:39 -05:00
johnnyq efb6372190 Fix #210 Password output under client logins 2021-12-10 13:35:48 -05:00
johnnyq f02e94d585 Started adding IP and User agent to audit logs, log when a user logs out, Merged logout into post.php 2021-12-09 16:12:57 -05:00
johnnyq a5a8fbc319 Fix a bunch of PHP Errors regarding various variable issues non existent vars, cleaned up client export documentation and export assets etc 2021-12-09 15:26:21 -05:00
johnnyq d78a24f3a5 Added git ids to the db structure update under updates 2021-12-09 11:15:19 -05:00
johnnyq 610875a3b3 Fix Alter Query Syntax for updating Table structure 2021-12-09 11:11:50 -05:00
johnnyq 16447709d8 added DB Structure changes during update 2021-12-09 11:07:54 -05:00
johnnyq c88e6b851a DB Structure Change - Removed the useless Low Account Balance alert 2021-12-08 22:32:05 -05:00
johnnyq 85cdc42d0f DB Structure update, Hide Passwords under client logins until eyeball is clicked to reveal password, prevent the looking over your shoulder type attack, Added Install Date to Assets, reworked client assets listing to include Operating System and Install Date 2021-12-08 22:15:20 -05:00
johnnyq c8d83ca09c Fixed broken Client Print, added option to export client documentation with and without password 2021-12-04 12:12:14 -05:00
johnnyq c9065e8348 Added Array Tagging to Add Client also added Tag Icon Field 2021-11-24 22:56:55 -05:00
johnnyq ee1230e18a Added Tags CRUD and added to Side Menu 2021-11-24 21:53:21 -05:00
johnnyq f939ca41aa More work on Campaign Mailing List, started adding space in between Currency symbol and number 2021-11-21 12:24:40 -05:00
johnnyq 627edc92b1 Added Update Successful message and auto redirect back 2021-11-20 16:45:50 -05:00