AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,521 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

2521 Commits

Author SHA1 Message Date
Marcus Hill d0fa30d476 Add regex to remove http:// or https:// from client_website #684 2023-05-20 18:49:21 +01:00
Johnny 0abc6b384c
Merge pull request #686 from bhopkins0/patch-2 
Security enchancement for getIP() function
 2023-05-20 11:30:49 -04:00
wrongecho c63b965807
Merge pull request #687 from wrongecho/fix-leftover-vulnerable-code 
Remove leftover SQL-injection vulnerable code
 2023-05-20 15:36:03 +01:00
Marcus Hill cea954008f Remove SQL-injection vulnerable code in this file that was previously fixed in inc_all_client.php 2023-05-20 15:33:46 +01:00
Brent Hopkins 23f7866c8f
Increased security for getIP() function 2023-05-18 05:41:06 -05:00
johnnyq c403380562 Sort Recurring Next Date ASC instead of DESC, add missing select2 class to select inputs 2023-05-17 12:04:12 -04:00
johnnyq 11eb104383 Fix carriage return and new lines in reply emails see https://forum.itflow.org/d/169-carriage-return-and-line-feeds-showing-in-ticket-email 2023-05-16 11:07:24 -04:00
wrongecho a60a9456f0
Merge pull request #685 from wrongecho/rev-679 
Ticket.php: Revert PR 679
 2023-05-15 21:44:53 +01:00
Marcus Hill 0144132649 Ticket.php: revert PR 679 
- Hide previous ticket count for now as this doesn't work as intended
 2023-05-15 21:40:59 +01:00
johnnyq 77fb0e008f Stack Contact infosuch as phone, mobile and email for contacts on one column as these don't need tp be sortable and will make room for more detail columns to be sortable 2023-05-15 14:24:11 -04:00
johnnyq 1f580fc638 Updated README to exclude SummerNote and include TinyMCE 2023-05-15 13:33:40 -04:00
johnnyq 0b1b551df5 Remove SummerNote Code we have replaced this with TinyMCE 2023-05-15 13:32:21 -04:00
Johnny 0649931797
Merge pull request #683 from wrongecho/ticket-button-wording 
Ticket.php
 2023-05-15 13:29:15 -04:00
Marcus Hill 02ced0dbbd Fix codesmell 2023-05-14 20:19:07 +01:00
Marcus Hill 1057481039 Ticket.php 
- Change wording of ticket 'Respond' button to 'Add note' if reply is internal
- Fix TinyMCE not loading under certain circumstances
- Correct varname 'prefix' to 'ticket_prefix' in reply alert message
 2023-05-14 20:16:04 +01:00
wrongecho eb4c5cbf34
Merge pull request #682 from wrongecho/master 
Code tidy - ticket.php
 2023-05-14 19:50:14 +01:00
Marcus Hill 40a8c6d723 Tidy 2023-05-14 19:48:29 +01:00
wrongecho 994d2fa5e4
Update README.md 
Bump 1.0 release to July. Clarify security note to match docs.
 2023-05-14 07:57:22 +01:00
Johnny 8861243792
Merge pull request #679 from aftechro/patch-11 
Update ticket.php
 2023-05-14 00:25:21 -04:00
Johnny ee913da18f
Merge pull request #680 from wrongecho/login-get-param 
Add database structure for 'login key' protection concept
 2023-05-14 00:24:16 -04:00
Johnny 9e91066a09
Merge pull request #681 from wrongecho/cron-email-invoice 
Cron - Send invoices to all billing contacts + primary
 2023-05-14 00:23:52 -04:00
AFTECH.RO 4183583ef5
Update ticket.php 
changed the sql for previous ticket to prevent XSS attacks.
 2023-05-13 23:30:33 +01:00
Marcus Hill c2b6591cda Cron - Send invoices to all billing contacts + primary 2023-05-13 23:10:36 +01:00
wrongecho d2d1b25e32
Update guest_pay_invoice_stripe.php 
Rem comment re multi-company
 2023-05-13 22:44:39 +01:00
Marcus Hill 5d6d7e389e Add database structure for 'login key' protection concept 2023-05-13 21:49:09 +01:00
AFTECH.RO ffe4061429
Update ticket.php 
Hide Previous ticket if none exists
 2023-05-13 09:42:48 +01:00
AFTECH.RO 052d418bad
Update ticket.php 
Re-make of Related tickets (total open and closed) and contact card, showing previous ticket and status of it. Also, made the contact mobile and contact phone clickable (tel:$contact_phone)
 2023-05-13 02:30:34 +01:00
Johnny a79baae2a8
Merge pull request #677 from wrongecho/domain-expire-quotes 
Fix domain registrar/webhost update not working
 2023-05-12 18:51:34 -04:00
Marcus Hill b281a19e6b Fix domain registrar/webhost update not working 
- Quote the expiry field when updating a domain
- Better handle no web host being set
 2023-05-12 23:26:39 +01:00
johnnyq e67a75805c Fix: Authenticated users can craft a POST request to delete any file on the webserver. Thank you @ 
bhopkins0
 2023-05-12 15:24:57 -04:00
johnnyq 51ee479130 oops fix replaced the actualy function with nullable 2023-05-11 18:34:06 -04:00
johnnyq 37fb696e63 Replace the remaining php files with nullable_htmlentites() 2023-05-11 18:27:48 -04:00
johnnyq ccf0d3ab77 Replace all instances of htmlentities() with the new function nullable_htmlentities() thanks @bhopkins0 2023-05-11 18:23:36 -04:00
Johnny f136a915b4
Merge pull request #676 from bhopkins0/patch-1 
Add function to use htmlentities without deprecated error
 2023-05-11 18:05:12 -04:00
Johnny b1dfbada0c
Merge pull request #675 from bhopkins0/master 
Fixed clients.php blank page
 2023-05-11 18:02:24 -04:00
Brent Hopkins 019050ba82
Add function to use htmlentities without deprecated error 2023-05-11 16:37:21 -05:00
Brent Hopkins cdd2a31217
Update MySQL query 2023-05-11 16:07:05 -05:00
Brent Hopkins 9de9dcd1b3
Add client_tags.client_tag_tag_id to GROUP BY 2023-05-11 02:43:58 -05:00
Johnny 1e9c822033
Merge pull request #674 from bhopkins0/master 
Fix "My Tickets" button CSS
 2023-05-11 01:27:35 -04:00
Brent Hopkins d1fc5c3c99
Change button look 2023-05-10 21:35:48 -05:00
johnnyq 8b89ba31db Fix Raise ticket under client portal another regression when we moved to TinyMCE. Expanded Document view to container width 2023-05-10 11:50:55 -04:00
johnnyq cf0205ba21 Tidy Portal Header 2023-05-09 16:37:32 -04:00
johnnyq 901b51a18e Merge branch 'master' of github.com:itflow-org/itflow 2023-05-09 15:51:15 -04:00
johnnyq 485510a3ce Fix Create Ticket not submitting due to TinyMCE not respecting required fields in the textarea form inputs, removed the required fields for now 2023-05-09 15:50:26 -04:00
wrongecho 0665ec5701
Update bug_report.md 
Add security notice to bug report
 2023-05-09 20:30:07 +01:00
wrongecho ad5743f176
Update support.md 
Adjust security link
 2023-05-09 20:28:29 +01:00
johnnyq 6f6ae476a9 Added comment in pagination_head.php regarding issue #673 2023-05-09 15:22:02 -04:00
johnnyq 8d666abc40 Tidy 2023-05-09 15:13:44 -04:00
johnnyq 163f14e791 Fixed Escaping issue with sortby unfortuantly with order_by mysql_escape is not enough and must also be filtered with a preg_replace Thanks @tdragon6 2023-05-09 15:12:39 -04:00
johnnyq cb0366b9f7 Fix XSS in expenses and trips export CSV modal Thanks @tdragon 2023-05-09 12:11:42 -04:00