AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,512 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

2512 Commits

Author SHA1 Message Date
johnnyq 77fb0e008f Stack Contact infosuch as phone, mobile and email for contacts on one column as these don't need tp be sortable and will make room for more detail columns to be sortable 2023-05-15 14:24:11 -04:00
johnnyq 1f580fc638 Updated README to exclude SummerNote and include TinyMCE 2023-05-15 13:33:40 -04:00
johnnyq 0b1b551df5 Remove SummerNote Code we have replaced this with TinyMCE 2023-05-15 13:32:21 -04:00
Johnny 0649931797
Merge pull request #683 from wrongecho/ticket-button-wording 
Ticket.php
 2023-05-15 13:29:15 -04:00
Marcus Hill 02ced0dbbd Fix codesmell 2023-05-14 20:19:07 +01:00
Marcus Hill 1057481039 Ticket.php 
- Change wording of ticket 'Respond' button to 'Add note' if reply is internal
- Fix TinyMCE not loading under certain circumstances
- Correct varname 'prefix' to 'ticket_prefix' in reply alert message
 2023-05-14 20:16:04 +01:00
wrongecho eb4c5cbf34
Merge pull request #682 from wrongecho/master 
Code tidy - ticket.php
 2023-05-14 19:50:14 +01:00
Marcus Hill 40a8c6d723 Tidy 2023-05-14 19:48:29 +01:00
wrongecho 994d2fa5e4
Update README.md 
Bump 1.0 release to July. Clarify security note to match docs.
 2023-05-14 07:57:22 +01:00
Johnny 8861243792
Merge pull request #679 from aftechro/patch-11 
Update ticket.php
 2023-05-14 00:25:21 -04:00
Johnny ee913da18f
Merge pull request #680 from wrongecho/login-get-param 
Add database structure for 'login key' protection concept
 2023-05-14 00:24:16 -04:00
Johnny 9e91066a09
Merge pull request #681 from wrongecho/cron-email-invoice 
Cron - Send invoices to all billing contacts + primary
 2023-05-14 00:23:52 -04:00
AFTECH.RO 4183583ef5
Update ticket.php 
changed the sql for previous ticket to prevent XSS attacks.
 2023-05-13 23:30:33 +01:00
Marcus Hill c2b6591cda Cron - Send invoices to all billing contacts + primary 2023-05-13 23:10:36 +01:00
wrongecho d2d1b25e32
Update guest_pay_invoice_stripe.php 
Rem comment re multi-company
 2023-05-13 22:44:39 +01:00
Marcus Hill 5d6d7e389e Add database structure for 'login key' protection concept 2023-05-13 21:49:09 +01:00
AFTECH.RO ffe4061429
Update ticket.php 
Hide Previous ticket if none exists
 2023-05-13 09:42:48 +01:00
AFTECH.RO 052d418bad
Update ticket.php 
Re-make of Related tickets (total open and closed) and contact card, showing previous ticket and status of it. Also, made the contact mobile and contact phone clickable (tel:$contact_phone)
 2023-05-13 02:30:34 +01:00
Johnny a79baae2a8
Merge pull request #677 from wrongecho/domain-expire-quotes 
Fix domain registrar/webhost update not working
 2023-05-12 18:51:34 -04:00
Marcus Hill b281a19e6b Fix domain registrar/webhost update not working 
- Quote the expiry field when updating a domain
- Better handle no web host being set
 2023-05-12 23:26:39 +01:00
johnnyq e67a75805c Fix: Authenticated users can craft a POST request to delete any file on the webserver. Thank you @ 
bhopkins0
 2023-05-12 15:24:57 -04:00
johnnyq 51ee479130 oops fix replaced the actualy function with nullable 2023-05-11 18:34:06 -04:00
johnnyq 37fb696e63 Replace the remaining php files with nullable_htmlentites() 2023-05-11 18:27:48 -04:00
johnnyq ccf0d3ab77 Replace all instances of htmlentities() with the new function nullable_htmlentities() thanks @bhopkins0 2023-05-11 18:23:36 -04:00
Johnny f136a915b4
Merge pull request #676 from bhopkins0/patch-1 
Add function to use htmlentities without deprecated error
 2023-05-11 18:05:12 -04:00
Johnny b1dfbada0c
Merge pull request #675 from bhopkins0/master 
Fixed clients.php blank page
 2023-05-11 18:02:24 -04:00
Brent Hopkins 019050ba82
Add function to use htmlentities without deprecated error 2023-05-11 16:37:21 -05:00
Brent Hopkins cdd2a31217
Update MySQL query 2023-05-11 16:07:05 -05:00
Brent Hopkins 9de9dcd1b3
Add client_tags.client_tag_tag_id to GROUP BY 2023-05-11 02:43:58 -05:00
Johnny 1e9c822033
Merge pull request #674 from bhopkins0/master 
Fix "My Tickets" button CSS
 2023-05-11 01:27:35 -04:00
Brent Hopkins d1fc5c3c99
Change button look 2023-05-10 21:35:48 -05:00
johnnyq 8b89ba31db Fix Raise ticket under client portal another regression when we moved to TinyMCE. Expanded Document view to container width 2023-05-10 11:50:55 -04:00
johnnyq cf0205ba21 Tidy Portal Header 2023-05-09 16:37:32 -04:00
johnnyq 901b51a18e Merge branch 'master' of github.com:itflow-org/itflow 2023-05-09 15:51:15 -04:00
johnnyq 485510a3ce Fix Create Ticket not submitting due to TinyMCE not respecting required fields in the textarea form inputs, removed the required fields for now 2023-05-09 15:50:26 -04:00
wrongecho 0665ec5701
Update bug_report.md 
Add security notice to bug report
 2023-05-09 20:30:07 +01:00
wrongecho ad5743f176
Update support.md 
Adjust security link
 2023-05-09 20:28:29 +01:00
johnnyq 6f6ae476a9 Added comment in pagination_head.php regarding issue #673 2023-05-09 15:22:02 -04:00
johnnyq 8d666abc40 Tidy 2023-05-09 15:13:44 -04:00
johnnyq 163f14e791 Fixed Escaping issue with sortby unfortuantly with order_by mysql_escape is not enough and must also be filtered with a preg_replace Thanks @tdragon6 2023-05-09 15:12:39 -04:00
johnnyq cb0366b9f7 Fix XSS in expenses and trips export CSV modal Thanks @tdragon 2023-05-09 12:11:42 -04:00
johnnyq 09ff8b710b Enable browser spell checker for TinyMCE 2023-05-09 00:31:09 -04:00
johnnyq 043a9cfa0a Fixed Ticket Reply currently an issue where required fields using TinyMCE wont POST looking into it 2023-05-08 22:15:23 -04:00
johnnyq eb3decb4da Enabled TinyMCE for mobile users as well 2023-05-08 21:25:06 -04:00
johnnyq c3a711d75d More TinyMCE in more places 2023-05-08 19:53:42 -04:00
johnnyq 01a37cb1e1 Replace Summernote WYSIWYG with TinyMCE 2023-05-08 18:44:00 -04:00
johnnyq 018f52eb67 Revert for now added HTML Purify to client tickets as well 2023-05-08 14:38:42 -04:00
johnnyq eb9a8000b1 Fix Rendering issues with tickets editing because ticket client_tickets and ticket all share the same edit modal which already uses htmlentites to prevent xss but so it doesnt conflict with htmlpurify in ticket details we decided to split the vars to ticket_details and ticket_details_edit which is unfilter initially but gets filtered in the modals 2023-05-08 13:52:43 -04:00
johnnyq 9887fc4a19 Removed HTML Purify on tickets.php and use htmlentities instead to mimic client_tickets.php was causing some rendering issues when you goto edit a ticket under client tickets tested for XSS all tests came back clean 2023-05-08 13:24:43 -04:00
johnnyq 5ee78ef1f3 When deleting quote from the client or global list view redirect quote delete back to the correct corresponsing list view also make Delete Quote Functional on quote details 2023-05-08 12:37:05 -04:00