AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,727 Commits 6 Branches 15 Tags 166 MiB
Commit Graph

49 Commits

Author SHA1 Message Date
Marcus Hill ba0917e142 Logins JS Cleanup 
- Remove old JS
- Standardize generate password JS style to match existing
- Move JS functions to own files
 2024-01-22 21:25:21 +00:00
johnnyq 0cdf49f69a Update/Fix Mail Functions in POST/user.php and ajax.php - sanitize POST vars instead the whole mail subject and body which prevents having a mixed of confusing redundant escaped and unescaped vars 2024-01-20 20:31:46 -05:00
Andrew Malsbury 10b04c79d0
Merge branch 'v0.1.2' into Readable-Passwords 2023-12-22 11:31:36 -06:00
johnnyq d6660bff04 Fix sending mail on item sharing 2023-12-21 02:02:40 -05:00
johnnyq e8a53cbd6a Update new mail queue function to use the proper mail from name and mail from email 2023-12-21 01:37:21 -05:00
o-psi 98f731b4d4 Remove any "Send Single Email" declarations except in mail queue. 
All emails go through the mail queue, using the addToMailQueue() function.
 2023-12-19 23:02:05 +00:00
o-psi 43d7f86d90 Readable Password Ajax 2023-12-18 17:34:11 +00:00
johnnyq a8ee791d64 Allow to set quick notes under asset details 2023-11-06 14:25:55 -05:00
Marcus Hill d6cf04b8f2 Codesmell 2023-10-28 14:40:27 +01:00
Marcus Hill e88d0b1e23 Add ability to edit contact on a scheduled ticket 2023-10-28 14:32:15 +01:00
o-psi 53c11edc8c Update constructs to not have parenthesis. 2023-10-20 15:25:52 -05:00
Marcus Hill 041fcb5613 Client logins/passwords - Ajax change + logging 
A few changes to the credential manager TOTP function:

- The "hover to view" function now sends the login_id to ajax.php, rather than the TOTP secret
- Viewing the TOTP code is now audited in the logs under Login/View TOTP
 2023-10-01 16:32:57 +01:00
Marcus Hill ff161ab47b Small wording edits 
- Ajax: Make link sharing text clearer/friendlier, include company name in subject and shared item description in body to help legitimise the message from spam
- Client doc details: Make edit summary text smaller
- Update: Enhance git fetch error wording, mention forum for support
 2023-09-30 13:41:41 +01:00
johnnyq cd27decb37 Fix issue when sending shared links it was using the ticket_from_email_address instead of the generic Email address programmed in settings > Mail > SMTP > Mail from Email 2023-08-18 16:11:57 -04:00
johnnyq 850c3f7942 Fix grammar on share link email 2023-08-07 15:28:03 -04:00
johnnyq d3281ecd18 Updated Share Model to have an Expire selection instead of selecting a date and time, also share link will now email a chosen contact that has a valid email with the secure link, along with notifications when link is clicked. The Link now adds the https:// in the beginning for easy copy paste 2023-05-25 17:35:09 -04:00
wrongecho 54911769c6
Update ajax.php 
Tidy spacing
 2023-05-20 19:50:48 +01:00
johnnyq ccf0d3ab77 Replace all instances of htmlentities() with the new function nullable_htmlentities() thanks @bhopkins0 2023-05-11 18:23:36 -04:00
Marcus Hill 1aa33585a0 Ticketing - add ability to change client 2023-04-10 18:52:23 +01:00
Marcus Hill 5f79931787 Dynamic modals: codesmell 2023-04-09 20:14:15 +01:00
Marcus Hill bdf74e77ba Convert quote edit modal to be dynamically populated 2023-04-09 20:10:19 +01:00
root 67c72400f8 Fixed logic incompatibility between AJAX handler and base32 object usage convention. 2023-03-28 17:30:19 -05:00
johnnyq 4a2d76b056 Fix https://forum.itflow.org/d/111-umlauts-are-replaced-in-the-subjects - Removed array_map htmlentities which wasnt needed since we are passing AJAX data over which is already formated properly 2023-03-18 12:29:23 -04:00
johnnyq 48fe49cf77 BREAKING CHANGES - MAKE FULL BACKUP BEFORE PROCEEDING - Requires Manual Intervention on files see Forum Post Make sure you run the Database update directly after update. This Removes Multi-Company Functionality. Fixes issues with Reponsive tables and bunch of other UI and small Fixes 2023-03-11 16:16:46 -05:00
johnnyq 95f190c89d More UI work and santitizeInput migrations 2023-02-20 22:02:39 -05:00
johnnyq 32743e629d Fix issue when updating contact notes via contact details it overwrite every contacts notes more logging and alerting 2023-02-14 14:36:56 -05:00
Marcus Hill 615f317d2b General cleanup/formatting 2023-02-09 12:29:12 +00:00
Marcus Hill 64417d6fb4 Add column to shared_items to store the encrypted username, adjust logic to support encrypting/decrypting the login shared username 2023-01-28 21:20:11 +00:00
Marcus Hill 23e3a2e8fc - Create custom function (randomString()) for generating cryptographically (and URL) safe strings. 
- Replace usages of keygen and bin2hex(random_bytes()) with this function.
 2023-01-26 21:35:06 +00:00
Marcus Hill 503b10d38c Tidy 2023-01-25 23:14:13 +00:00
johnnyq 27d1d2a592 Added Software Licenses, Tickets and notes under contact details as well as fix the contact edit by moving the modal just below the edit button so it does not conflict with other tables that have the contact_id var 2023-01-25 11:16:36 -05:00
Marcus Hill 2454961389 Escape special characters in a shared doc/file/login name to prevent potentially breaking the ajax sharing log query 2023-01-02 14:14:30 +00:00
Marcus Hill b37778b7a1 Escape potential HTML and limit output from SQL query to required fields when calling merge ticket details ajax query 2023-01-02 14:00:37 +00:00
Marcus Hill 79dc34da92 Escape potential HTML characters in usernames (ticket collision detection) 2023-01-02 13:48:16 +00:00
Marcus Hill 6746edda1a Misc tidying code spacing & formatting in accordance with SonarCloud/PSR 2023-01-01 15:41:21 +00:00
johnnyq 29a9d6ef8f Generate longer more secure Key for logins 2022-12-29 18:23:11 -05:00
johnnyq d6d908f0b8 Generate longer more secure Keys for shareable URLs using best practice 2022-12-29 16:50:57 -05:00
Marcus Hill 5cbd0fad0d Move role validation to functions.php 2022-05-07 17:25:30 +01:00
Marcus Hill d900a7d341 Show shared item (doc/file/login) name in logs when generating a share link 2022-05-07 17:08:05 +01:00
Marcus Hill fda40055f8 Adjust RFC6283 getTokenCode to only show one token at a time. 
Remove the tokens from client_logins.php and replace with a mouseover/hover to show mechanism using ajax.php
 2022-04-24 13:48:27 +01:00
Marcus Hill fca1627c33 Remove delete user post.php code. Deleting users means we'll lose all tickets/replies which isn't great. 
Correct user archive behaviour so when users are archived they can no longer login. Need to add ability for quick disable/enable of user accounts, as using archive as permanent.
Refactor "You are not permitted to do that!" wording into a constant instead.
 2022-04-15 13:29:27 +01:00
Marcus Hill cc4c2e6bf7 - Enforce role check when editing/deleting scheduled tickets 
- Add scheduled tickets to client view
- Add search and pagination to scheduled tickets
- Populate scheduled ticket edit modals dynamically
- Minor typos
 2022-04-10 13:42:47 +01:00
Marcus Hill cab2cc923a Improve share features: default modal to 1, cleanup expired/used links 2022-04-02 15:37:17 +01:00
Marcus Hill 42d917a0f4 Comments 2022-03-26 18:11:03 +00:00
Marcus Hill fb4da53026 Show who else is viewing the same open ticket as you 2022-03-26 18:05:20 +00:00
Marcus Hill bdef68ddf5 Add notes to client overview 2022-03-13 11:27:23 +00:00
Marcus Hill e1a419ea11 Refactor domains modals so they are dyanmically populated. Implement basic NS, MX and WHOIS scraping for domains on add/edit 2022-03-07 22:31:19 +00:00
Marcus Hill 3f65bc5993 Text 2022-02-26 11:18:33 +00:00
Marcus Hill 0fac1f3039 Move ajax logic to ajax.php 2022-02-26 11:16:53 +00:00