AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,309 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

229 Commits

Author SHA1 Message Date
johnnyq 62fb73875b Updated addToMailQueue Function to allow specifing an optional queue time to schedule outbound mail 2024-01-21 15:27:15 -05:00
johnnyq e07fb9ce50 Expanded timeAgo function to incoude time ahead, added this functionality to client overview 2024-01-15 22:59:39 -05:00
Andrew Malsbury 10b04c79d0
Merge branch 'v0.1.2' into Readable-Passwords 2023-12-22 11:31:36 -06:00
o-psi f1516b06ee Refactor calculateInvoiceBalance function to sanitizr 
This commit refactors the calculateInvoiceBalance function in functions.php. The invoice_id parameter is now properly sanitized using intval() to prevent SQL injection attacks. Additionally, the SQL query for retrieving the invoice and payments data has been formatted for better readability.
 2023-12-21 14:37:19 +00:00
johnnyq e8a53cbd6a Update new mail queue function to use the proper mail from name and mail from email 2023-12-21 01:37:21 -05:00
johnnyq cdaca0e06b Update a few var names for the new mail addToMailQueue function 2023-12-21 01:05:59 -05:00
o-psi 999c8ddb40 Add sanitations 
Forgot to add in the sanitations.
 2023-12-19 23:11:50 +00:00
o-psi 4e142b26e9 Missing "}" after confict resolution 2023-12-19 23:05:56 +00:00
Andrew Malsbury ae1496adae
Merge branch 'master' into ticket_notifications 2023-12-19 17:04:05 -06:00
o-psi 8b4beacf0e Update MailQueue to use function 2023-12-19 22:36:51 +00:00
o-psi e0c8b0c30d Readable Password Function 2023-12-18 17:34:22 +00:00
o-psi 7004d9217d Convert account_id and invoice_id to integers in calculateAccountBalance and calculateInvoiceBalance functions 2023-12-17 20:34:39 +00:00
o-psi 5be0f9f934 add calculate invoice balance function 2023-12-13 16:10:08 +00:00
Eduard Stehlík f47c5cca84 Fix domain edit for .eu and other domains. 2023-12-04 18:40:53 +01:00
Andrew Malsbury 230e649e2c Redo Balance Sheet Report 2023-11-21 16:04:41 +00:00
Andrew Malsbury 5cfae2520e Add functions for retrieving setting values and 
calculating taxes
 2023-11-17 21:43:37 +00:00
Marcus Hill 218cdcdc4c Allow contacts to upload attachments when adding ticket replies in portal 
- Adds the ability for contacts to add file attachments when posting a ticket reply
- Enhancements to checkFileUpload(): Adjust file reference name generation & bad extension handling
 2023-10-21 15:24:15 +01:00
o-psi 53c11edc8c Update constructs to not have parenthesis. 2023-10-20 15:25:52 -05:00
Marcus Hill 4ac7841882 Email parsing for all domains registered under a client 
- Add support for email parsing/contact creation for all domains registered under a client in the domains module, rather than just the client main website.

- Additionally fix domain_created_at bug and move the new ticket auto-reply message to the email queue instead

Future work: Make ticket parsing work with HTML emails (HTML emails break agent notifs)
 2023-10-07 15:51:58 +01:00
johnnyq 375d5af974 Fix issue with roundToNearest15 Function would break php if the time worked was empty 2023-09-27 16:01:44 -04:00
johnnyq 8ebe7eda03 Changed roundUpTo15 function to just round to the closest 15 2023-09-26 17:59:11 -04:00
johnnyq 61c9c0c8b9 Feature: Automatically calculate tickert to invoice based off time worked rounded up to the near 15 min mark multiplied by Client Rate, Changed all Price, cost fields to use text field with numeric patterns instead of number fields, set pricing to always display 2 decimal spots 2023-09-22 15:19:05 -04:00
johnnyq f897705135 Fix 3 Letter Client Abbrevation function to remove htmlentity characters to fix ' being replace with a 0 2023-09-19 16:24:41 -04:00
johnnyq 827b880b28 Fixed edit scheduled ticket updated shoertenClient function to be even more intelligent 2023-09-17 20:08:41 -04:00
johnnyq 1b90a005e4 Added a php function to intelligently shorten a clients name to 3 characters 2023-09-17 19:49:09 -04:00
johnnyq 3f5c1c270a Fix Certificate Renewals 2023-09-11 18:20:59 -04:00
johnnyq 9028f219b9 Moved get Cert Expiry date to functions.php 2023-09-11 15:31:43 -04:00
johnnyq 6cb3d8f9d0 Truncate Client Name on client side nav 2023-09-08 01:51:29 -04:00
Marcus Hill b7108436fd Add notify by email function when a new ticket is created 2023-08-27 12:24:15 +01:00
johnnyq a95b32a57e Upon upload the file contents are not hashed in Sha256 and used for the reference file in the DB 2023-08-23 16:10:15 -04:00
johnnyq 2633477575 Added Commented code to has the file contents itself instead of the name 2023-08-23 16:04:42 -04:00
johnnyq 4ec7c686c3 Updated the checkFileUpload fucntion to use SHA256 instead of MD5 for file reference and check file ext before checking size, also adding some error returns 2023-08-23 15:59:10 -04:00
johnnyq 2fa442028a Updated sendSingleEmail function to allow for authless email sending 2023-08-21 10:44:54 -04:00
johnnyq 43f016f70f Allow Extra file extentions to be uploaded, increased file upload hard limit in code from 20MB to 500MB 2023-08-09 16:38:53 -04:00
Marcus Hill 2c53faddd4 Add curly braces around if statement, adjust to exit for consistency 2023-06-13 20:36:32 +01:00
johnnyq f64ab630fd Added TimeAgo Function to convert mysql DataTime to a human readable time like 2 weeks ago similar to other apps like facebook do it. Added to function to Recent Activity under client overview 2023-06-05 12:25:39 -04:00
wrongecho 7d3f4fefbf
Update functions.php 
Tidy spacing
 2023-05-20 20:27:37 +01:00
Brent Hopkins 23f7866c8f
Increased security for getIP() function 2023-05-18 05:41:06 -05:00
johnnyq 51ee479130 oops fix replaced the actualy function with nullable 2023-05-11 18:34:06 -04:00
johnnyq 37fb696e63 Replace the remaining php files with nullable_htmlentites() 2023-05-11 18:27:48 -04:00
Brent Hopkins 019050ba82
Add function to use htmlentities without deprecated error 2023-05-11 16:37:21 -05:00
johnnyq 3202bceddd Set File Size to 20MB 2023-03-21 13:00:50 -04:00
johnnyq 035be88e72 Moved the remaining upload logics to use the checkFileUpload() Function 2023-03-21 12:53:01 -04:00
johnnyq 48fe49cf77 BREAKING CHANGES - MAKE FULL BACKUP BEFORE PROCEEDING - Requires Manual Intervention on files see Forum Post Make sure you run the Database update directly after update. This Removes Multi-Company Functionality. Fixes issues with Reponsive tables and bunch of other UI and small Fixes 2023-03-11 16:16:46 -05:00
johnnyq e42095a85e Tidy code 2023-03-01 16:26:41 -05:00
johnnyq 84b32ec807 Added Santize for Email function 2023-02-16 16:56:45 -05:00
johnnyq 995121e532 Fixed function santizeInput to trim tags first then trim trailing white space because if you added a tag at the end it would create a space more 2023-02-16 15:08:06 -05:00
johnnyq dc80894dd9 Added inputSantize function to trim SQL escape and Strip Tags when string enter the database and to tidy up the code 2023-02-16 14:38:23 -05:00
Marcus Hill 135c4d0b5c Move upload checking to a function 2023-02-12 16:51:24 +00:00
Marcus Hill 615f317d2b General cleanup/formatting 2023-02-09 12:29:12 +00:00
Marcus Hill b36719eb99 General cleanup/tidying 2023-02-09 11:32:40 +00:00
Marcus Hill e16cd2aae2 Strip www. from domain names when performing whois lookups 2023-02-08 19:32:03 +00:00
Marcus Hill 827c9dcd65 Stripe - tidy 2023-02-07 21:43:55 +00:00
Marcus Hill b8af5a148b Stripe comments 2023-02-07 20:57:02 +00:00
Marcus Hill f3caeff3bb Set email charset to make symbols display properly 2023-02-07 18:29:19 +00:00
Marcus Hill f1180aa9fe Add initial Stripe Payment integration for invoices 2023-02-07 18:05:52 +00:00
Marcus Hill f92dc108e2 Tidy 
- Move some scripts to their own js files
- Move some duplicate code blocks to functions
- General tidy & spacing cleanups (#538)
 2023-02-04 22:09:56 +00:00
Marcus Hill e79ba696bd Add comments to role validation functions for clarity 2023-02-01 21:27:44 +00:00
johnnyq ce11899ecd Limit Initials to only 2 characters so it doesnt cause Graphic distorions when displaying in a circle 2023-01-27 20:20:22 -05:00
Johnny 4fd6d752c6
Merge pull request #580 from wrongecho/function-standardise 
Convert custom function names to camelCase
 2023-01-26 18:20:33 -05:00
Marcus Hill 531bd25f27 Convert custom function names to camelCase 2023-01-26 22:03:31 +00:00
Marcus Hill 10362f86ef Convert custom function names to camelCase 2023-01-26 21:58:27 +00:00
Marcus Hill 2570bdc6af Tidy remaining files to randomString() 2023-01-26 21:46:58 +00:00
Marcus Hill 23e3a2e8fc - Create custom function (randomString()) for generating cryptographically (and URL) safe strings. 
- Replace usages of keygen and bin2hex(random_bytes()) with this function.
 2023-01-26 21:35:06 +00:00
Marcus Hill 39a3ea89c4 Move roundUpToNearestMultiple function used in multiple files to functions.php 2023-01-26 12:30:25 +00:00
Marcus Hill 10f12b17f6 Revert php mailer back to isHTML true - the default is text, despite what PHPStorm thinks! 2023-01-23 20:30:38 +00:00
wrongecho 4e2b8a86c3
Update functions.php 
Tidy spacing
 2023-01-23 19:25:00 +00:00
wrongecho b19c7a6f49
Merge branch 'master' into code-tidy 2023-01-23 19:21:43 +00:00
johnnyq 144697ccc0 Hide Full User Agent string from Logs 2023-01-21 14:26:19 -05:00
Marcus Hill a270e3a42c Remove redundant closing PHP tags 2023-01-21 17:30:51 +00:00
Marcus Hill bdffacca6b Remove unnecessary variables (return the result direct) 2023-01-21 17:29:01 +00:00
Marcus Hill 2c7a704b6b Remove redundant (default) arguments 2023-01-21 17:26:06 +00:00
Marcus Hill d73b3cb960 Correct typos 2023-01-21 17:22:27 +00:00
Marcus Hill 2c3ebb3bbb Tidy codestyle - spaces between parenthesis and curly braces 2023-01-21 17:09:39 +00:00
johnnyq 7f3ec8ccda Fixed where os and browser would return the os and browser of the currently logged in user for every row 2023-01-20 21:27:55 -05:00
johnnyq 0a570fe37c Cleaned up the UI of user profile. The user agent is now decoded to display OS and Browser under logs 2023-01-20 16:49:42 -05:00
johnnyq 29a9d6ef8f Generate longer more secure Key for logins 2022-12-29 18:23:11 -05:00
Marcus Hill 1ea081a175 Move email sending to a function for better error handling and code-deduplication 2022-12-18 14:24:47 +00:00
Marcus Hill a0233c77ec Only attempt to show initials if not empty 2022-12-11 01:32:14 +00:00
Marcus Hill 21e641d128 Change domain expiration lookup service from Heroku to ITFlow 2022-12-08 20:30:23 +00:00
jcpit 42c2d8109d
Update functions.php 
Return IP if running from behind Cloudflare.
 2022-08-04 15:02:13 +10:00
Marcus Hill cf6bf88e4f Add TXT records under domain records 2022-07-07 20:17:16 +01:00
Marcus Hill c02ea0ee94 Automatically add domain/certificate info during client creation, if domain is specified 2022-05-25 22:16:06 +01:00
Marcus Hill 6a463f312d - Move domain expiry/whois/DNS info to a function for better modularity. 
- Improve additional domain name validation & ensure data returned fits into database
 2022-05-24 22:03:56 +01:00
Marcus Hill 08245c3ef6 Remove unused function 2022-05-20 16:27:06 +01:00
johnnyq 5c1eafede8 Updated strto_AZaz0-9 function 2022-05-13 15:03:17 -04:00
johnnyq 08a669e3bb Added location import capability, cleaned up some import wording, renamed clean_file_name function to just strto_AZaz09 and clean export and sample csv client names 2022-05-13 13:29:03 -04:00
Marcus Hill 7bb68a36d9 Add user role in PHP Session to remove dependency on check_login - will require you to logout & back in to take effect after the update 2022-05-07 17:44:04 +01:00
Marcus Hill 5cbd0fad0d Move role validation to functions.php 2022-05-07 17:25:30 +01:00
Marcus Hill fd6051646c Fix merge conflict 2022-05-01 18:51:53 +01:00
Marcus Hill 705060d1df Add clean_file_name function to fix merge conflict 2022-05-01 18:46:45 +01:00
Marcus Hill 61777116a9 CSRF Token 
Upon login, issue the user a CSRF token (in their session). This token should be provided when completing sensitive actions (e.g. deleting companies/clients, changing their password, etc.)

Ref: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
 2022-05-01 18:43:53 +01:00
Marcus Hill 6f4a2d0385 Tidy 2022-04-24 11:50:27 +01:00
wrongecho 6091d373bc
Remove redundant jump/return 2022-04-16 12:13:18 +01:00
Marcus Hill ca629801af Change all "AND" / "OR" to && / || 2022-04-14 18:40:51 +01:00
Marcus Hill a3ca268fcf Small code cleanups 2022-04-14 07:54:40 +01:00
Marcus Hill be70883551 Refactor WHOIS lookups to use hosted heroku app 2022-04-02 12:19:35 +01:00
Joe Clark 9a04ff5341 Check if path exists before attempting to remove 2022-03-22 13:06:39 -07:00
Marcus Hill e09ea58bd4 Default get_ip to REMOTE_ADDR, option to set it to 2022-03-20 07:51:42 +00:00
johnnyq a9346845ab Refactored Currency Display using PHP numfmt_format_currency() function as this is best practice and will put the right currency symbol in the right place based off locale and currency type 2022-02-17 22:20:59 -05:00
Marcus Hill c8c26562f5 Adjust cookie setting to samesite none for encryption session key 2022-01-15 22:25:49 +00:00
Marcus Hill 2a4d42de09 Encryption changes 2022-01-11 20:42:46 +00:00
Marcus Hill 0382dbbfb2 Small change re https 2022-01-11 20:14:29 +00:00
Marcus Hill 2742410e4b http/https encryption cookie 2022-01-11 19:44:21 +00:00
Marcus Hill 951b03f712 Allow for encryption scheme upgrade 2022-01-11 14:03:34 +00:00
Marcus Hill bbe689fb33 Remove comments as this is complete 2022-01-11 00:40:15 +00:00
Marcus Hill aac50bdfdb More changes re encryption 2022-01-10 22:55:08 +00:00
Marcus Hill 49d895040a Add per-user password encryption using master key 2022-01-10 22:07:26 +00:00
johnnyq cf3c0a6410 Fixed a vulnerability in the setup.php file and other code cleanups. Thanks to the person that wishes to remain anonymous for reporting and providing a patch Also added a notice to readme to not use this web app during beta for production use 2022-01-01 17:02:31 -05:00
johnnyq 33400894d5 Updates and Fixings to Audit Logs, added client tag selection for mass email campaigns 2021-12-28 18:16:54 -05:00
johnnyq 997b07c822 Temp Removed Session User agent login vars from functions as its breaking Setup.php because of the reliance on an active mysql connection 2021-12-22 13:20:22 -05:00
johnnyq 4604280efe This Update will break your login as we updated the password hash from MD5 to a salted hash using hash_password and password_verify techniques, fixed an unauthenticated persistent XSS Vulnerbility which would affect if someone spoofed their IP with a javascript code and then a logged in read the logs. The flaw was discovered by @bambilol #214 also fixed some other bugs. 2021-12-13 12:21:55 -05:00
johnnyq aaf65db6f3 Renamed MacOS X to just MacOS for user agent detection 2021-12-12 02:01:30 -05:00
johnnyq f02e94d585 Started adding IP and User agent to audit logs, log when a user logs out, Merged logout into post.php 2021-12-09 16:12:57 -05:00
johnnyq cdae4ecfb6 Set Currency Symbols to Company's Default Currentcy Setting 2021-11-19 20:04:03 -05:00
johnnyq 3ca92cd252 Added Truncated Description to Expense listing #203 2021-11-18 17:56:02 -05:00
johnnyq 2e5e1aee52 Phone numbers are all now formatted correctly per their length 2021-09-11 22:41:50 -04:00
johnnyq e9336c1866 Fix Recent Logins Log front not updating due to VAR name 2021-08-31 13:24:33 -04:00
johnnyq cdcd22ae6f Added TOTP Key 2FA Function to client logins 2021-08-18 22:29:22 -04:00
johnnyq f409e22a60 Started adding currency symbols and starting with invoice 2021-08-18 20:41:19 -04:00
johnny@pittpc.com f8166bdc81 Fixed more php errors empty vars updated more ui search headers 2021-02-04 17:42:21 -05:00
johnny@pittpc.com 6e5a65ecb1 Added PHP Truncate Function to functions.php 2020-09-25 17:16:02 -04:00
johnny@pittpc.com 7f3cdd975f Added a no records placeholder to all tables 2019-09-01 21:49:13 -04:00
johnny@pittpc.com 0e451056b4 Added get OS Browser Device and IP functions, added these functions to guest view invoice, also added invoice view alert and other minor fixes 2019-08-28 21:47:40 -04:00
root e247ad4ee4 Implemented 2FA TOTP with Google Authenticator 2019-06-16 22:33:55 -04:00
root 709f88e1ee Added remove directory function 2019-05-27 13:49:13 -04:00
root 889a749d88 Added alert feedback boxes, little ui fixes for quote invoice and recurring added rejected instead of cancelled for quotes, and other little ui cleanups 2019-05-25 21:14:08 -04:00
root b559b58f34 Fixed add invoice, quote, recurring under client area, added alternative contact photo if one is not present using fontawesome stacked circle with contact initials inside 2019-05-18 23:27:15 -04:00
root 1f02a1d287 Quotes fully work now, including PDF, Email, Approval, Cancel, Edit, Copy, Copy to Invoice, also added quote_footer config to settings 2019-05-17 22:43:51 -04:00