AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,493 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

2493 Commits

Author SHA1 Message Date
Marcus Hill b281a19e6b Fix domain registrar/webhost update not working 
- Quote the expiry field when updating a domain
- Better handle no web host being set
 2023-05-12 23:26:39 +01:00
johnnyq e67a75805c Fix: Authenticated users can craft a POST request to delete any file on the webserver. Thank you @ 
bhopkins0
 2023-05-12 15:24:57 -04:00
johnnyq 51ee479130 oops fix replaced the actualy function with nullable 2023-05-11 18:34:06 -04:00
johnnyq 37fb696e63 Replace the remaining php files with nullable_htmlentites() 2023-05-11 18:27:48 -04:00
johnnyq ccf0d3ab77 Replace all instances of htmlentities() with the new function nullable_htmlentities() thanks @bhopkins0 2023-05-11 18:23:36 -04:00
Johnny f136a915b4
Merge pull request #676 from bhopkins0/patch-1 
Add function to use htmlentities without deprecated error
 2023-05-11 18:05:12 -04:00
Johnny b1dfbada0c
Merge pull request #675 from bhopkins0/master 
Fixed clients.php blank page
 2023-05-11 18:02:24 -04:00
Brent Hopkins 019050ba82
Add function to use htmlentities without deprecated error 2023-05-11 16:37:21 -05:00
Brent Hopkins cdd2a31217
Update MySQL query 2023-05-11 16:07:05 -05:00
Brent Hopkins 9de9dcd1b3
Add client_tags.client_tag_tag_id to GROUP BY 2023-05-11 02:43:58 -05:00
Johnny 1e9c822033
Merge pull request #674 from bhopkins0/master 
Fix "My Tickets" button CSS
 2023-05-11 01:27:35 -04:00
Brent Hopkins d1fc5c3c99
Change button look 2023-05-10 21:35:48 -05:00
johnnyq 8b89ba31db Fix Raise ticket under client portal another regression when we moved to TinyMCE. Expanded Document view to container width 2023-05-10 11:50:55 -04:00
johnnyq cf0205ba21 Tidy Portal Header 2023-05-09 16:37:32 -04:00
johnnyq 901b51a18e Merge branch 'master' of github.com:itflow-org/itflow 2023-05-09 15:51:15 -04:00
johnnyq 485510a3ce Fix Create Ticket not submitting due to TinyMCE not respecting required fields in the textarea form inputs, removed the required fields for now 2023-05-09 15:50:26 -04:00
wrongecho 0665ec5701
Update bug_report.md 
Add security notice to bug report
 2023-05-09 20:30:07 +01:00
wrongecho ad5743f176
Update support.md 
Adjust security link
 2023-05-09 20:28:29 +01:00
johnnyq 6f6ae476a9 Added comment in pagination_head.php regarding issue #673 2023-05-09 15:22:02 -04:00
johnnyq 8d666abc40 Tidy 2023-05-09 15:13:44 -04:00
johnnyq 163f14e791 Fixed Escaping issue with sortby unfortuantly with order_by mysql_escape is not enough and must also be filtered with a preg_replace Thanks @tdragon6 2023-05-09 15:12:39 -04:00
johnnyq cb0366b9f7 Fix XSS in expenses and trips export CSV modal Thanks @tdragon 2023-05-09 12:11:42 -04:00
johnnyq 09ff8b710b Enable browser spell checker for TinyMCE 2023-05-09 00:31:09 -04:00
johnnyq 043a9cfa0a Fixed Ticket Reply currently an issue where required fields using TinyMCE wont POST looking into it 2023-05-08 22:15:23 -04:00
johnnyq eb3decb4da Enabled TinyMCE for mobile users as well 2023-05-08 21:25:06 -04:00
johnnyq c3a711d75d More TinyMCE in more places 2023-05-08 19:53:42 -04:00
johnnyq 01a37cb1e1 Replace Summernote WYSIWYG with TinyMCE 2023-05-08 18:44:00 -04:00
johnnyq 018f52eb67 Revert for now added HTML Purify to client tickets as well 2023-05-08 14:38:42 -04:00
johnnyq eb9a8000b1 Fix Rendering issues with tickets editing because ticket client_tickets and ticket all share the same edit modal which already uses htmlentites to prevent xss but so it doesnt conflict with htmlpurify in ticket details we decided to split the vars to ticket_details and ticket_details_edit which is unfilter initially but gets filtered in the modals 2023-05-08 13:52:43 -04:00
johnnyq 9887fc4a19 Removed HTML Purify on tickets.php and use htmlentities instead to mimic client_tickets.php was causing some rendering issues when you goto edit a ticket under client tickets tested for XSS all tests came back clean 2023-05-08 13:24:43 -04:00
johnnyq 5ee78ef1f3 When deleting quote from the client or global list view redirect quote delete back to the correct corresponsing list view also make Delete Quote Functional on quote details 2023-05-08 12:37:05 -04:00
Johnny 53e0ebdbf6
Merge pull request #672 from wrongecho/portal-modules 
Client Portal - quotes & docs
 2023-05-08 11:35:34 -04:00
Johnny 226d3ffeb2
Merge pull request #671 from wrongecho/ticket-auto-close-2 
Ticket autoclose:
 2023-05-08 11:35:14 -04:00
Marcus Hill db6b88edd3 Codesmell 2023-05-08 10:54:40 +01:00
Marcus Hill 0e062081cb Client Portal 
- Allow primary + accounting/billing contacts to see quotes
- Allow primary + technical contacts to see docs
 2023-05-08 10:50:53 +01:00
Marcus Hill 3a83a701b5 Ticket autoclose: Clarify auto-close help wording; only show as ticket status option if enabled 2023-05-08 09:43:46 +01:00
johnnyq 03e0dd8f5e Initial DB Structure for Projects and Tasks with Ticket and Client Linkage 2023-05-07 21:43:20 -04:00
johnnyq 93d4f3ebce You can now set the number of hours before a ticket is automatically closed if autoclose is set 2023-05-07 21:09:18 -04:00
johnnyq 37b375c1d9 Remove cruft 2023-05-07 20:47:15 -04:00
johnnyq 78695208b7 Fix custom Fields DB Structure Remove Unique Indexes change defaut type TEXT to text Added Add edit Delete Read for custom fields 2023-05-07 20:46:09 -04:00
johnnyq 0f758c5901 Finished DB Structure for the coming new feature custom fields 2023-05-07 19:45:55 -04:00
johnnyq ac51f0cb72 Add Quick link to docs.itflow.org on the top bar 2023-05-02 14:58:35 -04:00
johnnyq 072c2f9e14 Fix cron stating cron key is always invalid 2023-05-02 13:45:23 -04:00
johnnyq a0da341114 Updated initial db structure for installation 2023-05-02 12:36:18 -04:00
johnnyq 3f2f663b7b Check to see if args is set 2023-05-01 16:56:29 -04:00
johnnyq f7ee489293 BREAKING CRON CHANGES: must generate a cron key before using cron. Cron will need updated like so php /full/path/to/cron.php [KEY] and same with cron_ticket_parse.php 2023-05-01 16:51:20 -04:00
Johnny 8110b0ffa7
Merge pull request #668 from wrongecho/portal-rem-company 
Remove reference to non-existent company_id field in contacts table
 2023-05-01 11:52:33 -04:00
Johnny 07ac69a528
Merge pull request #667 from wrongecho/ticket-auto-close 
Add auto close ticket feature
 2023-05-01 11:52:20 -04:00
Johnny fc1eb4cd69
Merge pull request #666 from wrongecho/email-invoice 
Send invoices to all billing contacts + primary
 2023-05-01 11:51:13 -04:00
Marcus Hill bf45c58ed1 Remove reference to non-existent company_id field in contacts table 2023-05-01 14:01:23 +01:00