AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-10 15:54:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: AS1024:v25.03
Branches Tags
AS1024:master AS1024:develop AS1024:ticket-task-approvals AS1024:duplicate-numbering-racecondition AS1024:undefined-asset-handling AS1024:revert-1176-Whit3XLightning-patch-2 AS1024:Before-Multi-Company-Removal
AS1024:v26.02 AS1024:v25.12 AS1024:v25.11 AS1024:v25.10 AS1024:v25.09 AS1024:v25.06 AS1024:v25.05 AS1024:v25.03 AS1024:v25.02.4 AS1024:v25.02.3 AS1024:v25.02.1 AS1024:v25.02 AS1024:v25.01.3 AS1024:v25.02.2 AS1024:v25.01.2 AS1024:v25.01
..
compare: AS1024:v25.09
Branches Tags
AS1024:develop AS1024:master AS1024:ticket-task-approvals AS1024:duplicate-numbering-racecondition AS1024:undefined-asset-handling AS1024:revert-1176-Whit3XLightning-patch-2 AS1024:Before-Multi-Company-Removal
AS1024:v26.02 AS1024:v25.12 AS1024:v25.11 AS1024:v25.10 AS1024:v25.09 AS1024:v25.06 AS1024:v25.05 AS1024:v25.03 AS1024:v25.02.4 AS1024:v25.02.3 AS1024:v25.02.1 AS1024:v25.02 AS1024:v25.01.3 AS1024:v25.02.2 AS1024:v25.01.2 AS1024:v25.01

477 Commits
v25.03 ... v25.09

Author SHA1 Message Date
Johnny
58d43063ec Merge pull request #1233 from itflow-org/develop 
25.09 Release
 2025-09-05 13:24:54 -04:00
johnnyq
6a5ce1dce3 Add note about updating from the webUI 2025-09-05 13:09:02 -04:00
johnnyq
f3c7c0761b Add note about backing up before updating 2025-09-05 13:05:46 -04:00
johnnyq
27b3124f77 Update .gitignore to ignore the new custom/* 2025-09-05 12:57:19 -04:00
johnnyq
aa516529e7 Another attempt at fix automatic recurring payments expense 2025-09-04 17:56:00 -04:00
johnnyq
2283ad0eb2 Fix Adding Expense on recurring stripe payments in cron 2025-09-04 17:44:34 -04:00
johnnyq
cece9ad46c Another attempt to fix reccuring payment migration to match the correct client_id; 2025-09-04 16:29:55 -04:00
johnnyq
d37da2e8ff Fix Recurring Payment Migration for stripe 2025-09-04 16:07:38 -04:00
johnnyq
9d9bfc65d5 Fix Active side nav for api keys 2025-09-03 18:46:01 -04:00
johnnyq
d7d6e4ac6f Fix paths for db and uploads dir in debug 2025-09-03 18:42:32 -04:00
johnnyq
46d93f986e Further enhanced the Saved Payments Section by splitting cards and add card into 2 columns 2025-09-03 17:45:11 -04:00
johnnyq
2549a97a7e Added card icons to Saved Payments in Client Portal and spruced up ui 2025-09-03 17:40:09 -04:00
johnnyq
fc2cca5fdb Added card icon 2025-09-03 17:14:53 -04:00
johnnyq
ef1ec56270 Allow the Client to easily Pay an invoice from the client portal with a saved card 2025-09-03 17:09:17 -04:00
johnnyq
cf63a2e7d1 Fix TinyMCE License in client portal 2025-09-02 14:57:09 -04:00
johnnyq
ed9b99e2f0 Fix unpaid invoices on client portal but also comment it out until ready for next release 2025-09-02 14:52:38 -04:00
johnnyq
33340b80f9 Updated Changelog, Increased app version 2025-09-02 13:14:18 -04:00
johnnyq
ec94bb3d2a Add back Pay Invoice with saved card, currently only pays the full amount, would like to integrate into add payment modal and add payment post eventually 2025-09-01 16:19:33 -04:00
johnnyq
bc2fe2bec8 Fixed stripe Migration table name spelling 2025-08-30 11:19:28 -04:00
Marcus Hill
a87a206c04 Add better error handling for dodgy whois results 2025-08-30 16:16:55 +01:00
Marcus Hill
45083e19b0 Fix if undefined 2025-08-30 15:58:19 +01:00
Marcus Hill
de627c19c5 No csrf for client side, yet 2025-08-30 15:51:14 +01:00
Marcus Hill
595e57dcdd Rewording 2025-08-30 15:51:05 +01:00
Marcus Hill
dadcc69900 Typo 2025-08-30 15:35:31 +01:00
Marcus Hill
2c160d1ac9 Take you back to dashboard rather than a redirect 2025-08-30 15:31:49 +01:00
johnnyq
292b074d8c Remove legacy Stripe Enabled from invoice Commented out Pay Via Saved card this will have to wait for next release 2025-08-29 13:44:22 -04:00
johnnyq
2beff45811 Removed some simple tinyMCE inits and combined AI button into one 2025-08-29 12:51:14 -04:00
johnnyq
469c36da46 Remove AI Enable References through the UI this will be handled differently 2025-08-29 12:26:56 -04:00
johnnyq
8afe2d52a0 Converted and combine ajax add for tags and categories, fixed quick add links 2025-08-28 16:57:08 -04:00
johnnyq
51273e9151 Remove unused / unfinished browser extension from user preferences 2025-08-28 15:39:00 -04:00
johnnyq
1517c96841 Remove Budget from reports as it totally unfinished 2025-08-28 14:38:49 -04:00
johnnyq
b7afbd3500 Revert Bump down fontawesome-free 7.0.0 to 5.15.4, did not like the way the new icons looked with the app at all 2025-08-28 14:25:14 -04:00
johnnyq
39d6c42c71 Bump and Migrate logic chartjs 2.9.4 to 4.5.0, bump stripe-php from 17.2.1 to 17.6.0, fontawesome-free from 5.15.4 to 7.0.0, fullcalendar from 6.1.17 to 6.1.19, TinyMCE from 7.9.1 to 8.0.2, bootsatrap js bundle from 4.6.1 to 4.6.2, DataTables from 2.3.1 to 2.3.3 2025-08-28 13:57:42 -04:00
johnnyq
9f50c9355a Move reports out of the sub directory for now as it broke requires 2025-08-28 11:46:20 -04:00
johnnyq
fd73f132bc Fixed a few table names in Stripe Migration, Removed legacy stripe and AI settings 2025-08-28 11:44:29 -04:00
johnnyq
1f99e592b7 Remove old Autop Pay Logic from recurring Invoices Listing 2025-08-27 20:09:12 -04:00
johnnyq
a90c4eded8 Remove Old Auto Pay Modal for recurring Invoices 2025-08-27 20:05:47 -04:00
johnnyq
1638538fb4 Remove Old Auto Pay from recurring Invoice in favor of the saved cards. 2025-08-27 20:04:49 -04:00
johnnyq
da0892f9e3 Remove Stripe check and add payment provider check in Client Portal Recurring Invoices to create auto payments 2025-08-27 18:23:58 -04:00
johnnyq
66cab6c1ab Fixed Guest Pay removed old stripe vars in place of new payment provider vars 2025-08-27 17:38:41 -04:00
johnnyq
535078b0ab Fix Bad vars in PAyment Providers listing, add check to see if payment provider already exists 2025-08-27 16:27:54 -04:00
johnnyq
d584c6b1e8 Commented out Credit lines as its not ready for next release running into way to many pitfalls will focus more on next release 2025-08-27 16:02:00 -04:00
johnnyq
530a76a9a2 Fix undefined vars in export invoice / quote pdf fix regression company logo path in export invoice / quote 2025-08-27 11:53:58 -04:00
johnnyq
2a0181fd92 Convert Invoice and Quote Guest URL to Copy to Clipboard link instead of open links 2025-08-26 12:17:45 -04:00
johnnyq
86c5b9a55d Removed Budge from the side nav as this was never finished and doesnt really do anything, will work on it at a later date 2025-08-25 23:51:48 -04:00
johnnyq
0a6b890250 Fix broken php start tag 2025-08-25 17:33:40 -04:00
johnnyq
af7f1f30ad Credentials: Fix broken page if no clients exist, which also fixes dont show share modal if GET client_id is not set 2025-08-25 17:32:15 -04:00
johnnyq
f6c0f840fe Asset: Multiple Bug fixes, Fix broken asset list if no assets exist, fix bulk Asset Ticket creation to use the client_id of the associated asset, allow to assign to all open projects. Fix Transfer client where client_id is not defined in client overview section 2025-08-25 16:59:15 -04:00
johnnyq
0e54359db8 Assets: Fix Description not displaying, Fix issue with unitialized OS var, fix client asset uri using asset_uri_2 2025-08-25 14:07:55 -04:00
johnnyq
373f1574bd Update function path for customAction to use the new path /custom and not /xcustom 2025-08-25 12:58:57 -04:00
johnnyq
6f5ffef22f Link Fixes 2025-08-25 12:50:01 -04:00
johnnyq
451206525e Remove function code for old way ajax-modal, moved modals over to modal_header/footer and removed _new 2025-08-25 00:07:51 -04:00
johnnyq
41f957ea3b Migrated admin modals to modals/ENTITY removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-24 23:50:38 -04:00
johnnyq
91b0080428 Finished Consolidating the remaining user modals to modals/ENTITY removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-24 00:38:48 -04:00
johnnyq
170d6dd7e5 Consolidate alot of modals to modals/ENTITY removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-23 18:48:21 -04:00
johnnyq
15ba385398 Consolidate asset modals to modals/asset removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-22 21:54:26 -04:00
johnnyq
0b93d58a32 Consolidate account modals to modals/account removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-22 18:51:39 -04:00
johnnyq
67078c4552 Consolidate product modals to modals/product removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-22 18:22:04 -04:00
johnnyq
ab17de7efd Consolidate client modals to modals/client and use new ajax-modal syntax 2025-08-22 18:06:37 -04:00
johnnyq
1145260619 Consolidate trip modals to modals/trip removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-22 17:49:46 -04:00
johnnyq
066952ed04 Consolidate vendor modals to modals/vendor removed ajax_ and _modal prefixes from file names and use new ajax-modal syntax 2025-08-22 17:36:07 -04:00
johnnyq
6ccf7a0fb8 Set Invoice Credit, Consolidated all expense modals to modals/expense removed ajax_ and _modal prefixes from file name create new modal header and footer to include another parent directory eventually will consolidate all, this was just an example 2025-08-22 16:59:31 -04:00
johnnyq
7f49ecefb1 Flash alert if no comment was entered in a ticket reply via the client portal 2025-08-21 18:35:16 -04:00
johnnyq
43324391ff Fix Regressed See More... in User Activies page 2025-08-21 18:15:28 -04:00
johnnyq
89af8216b8 Fix Ticket Kanban CSS Path and category query 2025-08-21 18:13:31 -04:00
johnnyq
be9e30e6d8 Fix Show Add Payment dropdown if client has credits or saved payment methods 2025-08-21 18:04:49 -04:00
johnnyq
85cfd6fb7c Fix Regression Broken Quick add modals 2025-08-21 17:54:10 -04:00
johnnyq
e694e20025 Use mysqli escape string instead of sanitizeInput on stripe to payment provider migration just incase 2025-08-20 14:18:34 -04:00
johnnyq
7618dd335a Update Stripe to Payment Provider Migration to not transfer over clients with a NULL or blank stripe payment method 2025-08-20 14:12:39 -04:00
johnnyq
eca09253d3 Migrate over Payment Methods from Categories to its own table payment_methods 2025-08-20 13:53:38 -04:00
johnnyq
96c32b3275 Added Stripe Config Migration to a database Update 2025-08-20 13:30:46 -04:00
wrongecho
94a4fec3c6 Fix popping future tickets numbering 2025-08-20 16:43:45 +01:00
Marcus Hill
a8386d3937 Allow reporting on average time to first response 2025-08-16 21:44:17 +01:00
Marcus Hill
4b7aa4bece Powered by 2025-08-16 16:37:24 +01:00
Marcus Hill
4c604f4009 Use HTML for the logo instead of pdf->image; scales much nicer 2025-08-16 16:25:51 +01:00
Marcus Hill
98cf2f7a5a Use freeserif font instead of helvetica to properly display foreign characters 2025-08-16 15:54:28 +01:00
Marcus Hill
804467b1ba Use freeserif font instead of helvetica to properly display foreign characters 2025-08-16 15:52:54 +01:00
Marcus Hill
9fbf775299 Fix file icon in file rename modal 2025-08-16 15:30:10 +01:00
Marcus Hill
5c93753b7e Rm extra unnecessary line in overdue invoice email 2025-08-16 15:17:48 +01:00
Marcus Hill
27016eaa28 Recurring tickets - add ability to bulk recurr 2025-08-16 14:31:36 +01:00
Marcus Hill
859281784a Recurring tickets - fix include path 2025-08-16 14:31:01 +01:00
Marcus Hill
7ae7b8904c Invoice.php - Fix undefined error 2025-08-16 14:30:37 +01:00
Marcus Hill
559e0c6350 Comment direct link to guest pay, we should not encourage agents to do this 2025-08-16 13:47:47 +01:00
Marcus Hill
d942badec8 Fix primary contact text not showing 2025-08-16 13:42:29 +01:00
johnnyq
f443ae9203 convert even more ajax modals to new syntax 2025-08-16 02:06:42 -04:00
johnnyq
d37dc37c2d convert more ajax modals to new syntax 2025-08-16 01:40:40 -04:00
johnnyq
236d895498 Reworked the ajax-modal function to be more simplified and use less data attributes 2025-08-16 01:02:16 -04:00
johnnyq
3bb0ef6f39 Left Align Billing Header 2025-08-15 22:55:40 -04:00
johnnyq
a0ced96d1d Use a WAY MORE Efficient query when filling out filter selection boxes by using EXIST instead of DISTINCT selections 2025-08-15 20:39:23 -04:00
johnnyq
4ef1e91c78 When Show Archived is selected in clients show Drop down filters for them as well in Idustry and Referral 2025-08-15 19:32:09 -04:00
johnnyq
2333fa2d9b Product Category Dropdown Filter only show categories thats are assigned to the products not all the categories 2025-08-15 19:26:42 -04:00
johnnyq
37bef2d824 Check Stock if product type is a product before adding the line item 2025-08-15 19:12:45 -04:00
johnnyq
6427235aec Show Name Description Tax Price and Stock in Product Auto Complete in Invoice 2025-08-15 18:25:23 -04:00
johnnyq
535c8e9f7b Remove Stock if Inventory item is selected and added to an invoice and return stock when Invoice Item related to a product is deleted 2025-08-15 17:32:44 -04:00
johnnyq
890e166d1c Thicken the left border on ticket replies for more prominent type of reply 2025-08-13 13:35:29 -04:00
johnnyq
337ceb7477 Fix Client Net terms displaying default Net terms instead of On Receipt if selected 2025-08-11 21:51:05 -04:00
johnnyq
f82f3e9b8c Allow adding more than 9 stock 2025-08-11 21:40:42 -04:00
johnnyq
3c709955e3 Add UI elements for product location, used logic to seperate product from service, also added the ability to add stock for a product and linking stock to an expense with notation, still need to work on taking away from stock 2025-08-11 21:18:55 -04:00
johnnyq
595e6090c7 Added Stock Ledger to tables and additonal fields for product including type, code and location 2025-08-11 18:19:45 -04:00
johnnyq
1d98eb5160 Update Project Details Header to use card group class and update client ui to not show header button texts in mobile view, added no text wrap to location and contact column 2025-08-08 16:09:46 -04:00
johnnyq
7172c92f02 Update Database updates patch in update_cli 2025-08-08 15:09:03 -04:00
johnnyq
874d9ddbc3 Cleaned up ticket details UI used card Group for top, removed responses in ticket replies section, uncarded the ticket commend editor giving much more room, moved summarize to 3 dots 2025-08-07 20:38:23 -04:00
johnnyq
73b84a9690 Removed dynamic depth path_prefix due to potential security issues with it 2025-08-06 18:12:13 -04:00
johnnyq
c78f50ab8c cap the path_prefix to 3 depth directories max 2025-08-06 18:03:51 -04:00
johnnyq
8407cd3ea5 updated router.php to automatically determine relative path based off directory depth and use var path_prefix instead of prepend_uri var these vars are only used in header and footer php files for now 2025-08-06 18:02:25 -04:00
johnnyq
9caa42975d rename get_settings.php to load_global_settings.php and update all requires 2025-08-06 17:48:23 -04:00
johnnyq
44fdb6c24f Broke up the check_login.php require into several files seperated by function and then required them in the check_login 2025-08-06 17:16:30 -04:00
Johnny
c8984d1bc9 Merge pull request #1231 from itflow-org/ticket-fr 
Implement ticket first response date/time tracking
 2025-08-06 16:19:27 -04:00
johnnyq
be66a1690f Fix setup redirect 2025-08-06 12:52:02 -04:00
wrongecho
13838ec8d6 Implement ticket first response date/time tracking 2025-08-06 10:45:28 +01:00
wrongecho
2d72a6fd12 Implement ticket first response date/time tracking 2025-08-06 10:38:52 +01:00
johnnyq
e24ec04a75 Fix Post errors when repeat and Email Event is not selected 2025-08-05 18:39:24 -04:00
johnnyq
9a0aa9ce97 Fix Calendar not showing when no client is selected 2025-08-05 18:36:23 -04:00
johnnyq
643a4ce666 add router.php to inc_all_client.php 2025-08-05 18:18:46 -04:00
johnnyq
189098541e Remove unused top nav ticket modal 2025-08-05 18:17:14 -04:00
johnnyq
e8a1d4c66c Update mfa enforcement page to use new asset pathes 2025-08-05 14:05:09 -04:00
johnnyq
08dd6147f2 Migrate Dark/light mode to a user settings instead of global setting, created new include called router.php to dynamically prepend ../../ to asset pathes based off currect directory depth 2025-08-05 13:32:19 -04:00
johnnyq
7e55808a05 add some redirect to login.php, fix ticket post 2025-08-04 18:16:13 -04:00
johnnyq
6b39c1a280 Finished moving to the redirect, flash_alert and get_field_by_id and maing sure validate_csrf is on top and some other cleanups for guest and client posts 2025-08-04 18:07:26 -04:00
johnnyq
a38d0054df Finished moving to the redirect, flash_alert and get_field_by_id and maing sure validate_csrf is on top and some other cleanups for user posts 2025-08-04 17:41:32 -04:00
johnnyq
e39072d3bc More work on moving to the redirect, flash_alert and get_field_by_id and maing sure validate_csrf is on top and some other cleanups, along with more work on credits 2025-08-04 17:01:19 -04:00
johnnyq
b4e5e3fda7 Fix injection with role id affecting authenticated admin accounts only 2025-08-04 12:06:05 -04:00
johnnyq
e8af173b4f Fix Client Billing column lweft align the label right align the amounts 2025-08-04 11:36:30 -04:00
johnnyq
fef0d8761f More user post function migration and cleanup 2025-08-04 11:27:24 -04:00
wrongecho
76b48378ab Hide invite contact letter options for now 2025-08-04 11:45:54 +01:00
johnnyq
a7e042b5f4 Removed logging comments as its implied in asset post also if returning 1 field for logging use getFieldById Function flipped it so it validate CSRF before role permission check, replaced header redirect with new redirect function and elimnasted the extra exit() afer redirect as its done in the function, also used the flash_alert function 2025-08-02 12:51:40 -04:00
johnnyq
ab8f51622f Started Removing logging comments as its implied in user posts also if returning 1 field for logging use getFieldById Function flipped it so it validate CSRF before role permission check 2025-08-01 18:30:32 -04:00
johnnyq
fae7e76721 Remove logging comments as its implied in admin also if returning 1 field for logging use getFieldById Function 2025-08-01 18:08:02 -04:00
johnnyq
012b0f1a77 Update Admin posts to use new functions flash_alert and getFieldById which greatly cleans up and reduces the code also removed logging comments as implied by the function logAction 2025-08-01 17:21:35 -04:00
johnnyq
cc5b1c8040 Add new function called flash_alert() to repace the alerting in posts, updated accounts post to use new function 2025-08-01 15:51:29 -04:00
johnnyq
2cf932600e Fix broken link for edit role 2025-08-01 15:32:43 -04:00
johnnyq
d2dac1915d Update admin, user, guest and client post to use new redirect function 2025-08-01 15:25:52 -04:00
johnnyq
5d52b6c4ec Update logic for Apply Credit on invoice Post 2025-08-01 15:17:50 -04:00
johnnyq
7cfba7f2ef Added redirect() function for page redirects and updated credit system fields to include credit_note, credit_invoice_id and type for better reporting 2025-08-01 13:37:23 -04:00
johnnyq
41a8e41463 Move reports back and rename them appropriately update broken links 2025-07-31 18:48:33 -04:00
johnnyq
07e2c41eb7 Fix client uri regression broken asset details page update echos to use php short hand for easier code reading 2025-07-31 16:10:33 -04:00
johnnyq
9fe0d8417b Feature: Added Client URI field to Assets which is exposed in the client portal can be used for remote desktop links etc 2025-07-31 15:54:07 -04:00
johnnyq
905908bcf1 broken link updates 2025-07-30 20:59:20 -04:00
johnnyq
8e87c25de1 Update more broken links from file diretory consolidation and started migrating some js and ajax and css from root to /user /admin etc that pertain to the section 2025-07-30 20:08:28 -04:00
johnnyq
5a76780cd9 Move db.sql back to fix develop platform 2025-07-29 21:40:50 -04:00
johnnyq
10fd911dcc Update links on the setup page as well 2025-07-29 18:59:42 -04:00
johnnyq
2333d81276 Update more broken links from file dirextory consolidation 2025-07-29 18:34:51 -04:00
johnnyq
9ee76213e1 Update more broken links from file dirextory consolidation 2025-07-29 14:32:43 -04:00
johnnyq
4ec1441189 Cleanup some broken links from file dirextory consolidation 2025-07-28 23:29:46 -04:00
johnnyq
38e2e50a29 More progress on consolidating files into user and admin 2025-07-28 22:48:44 -04:00
johnnyq
95950700d8 Moved user items to user directory 2025-07-28 17:57:06 -04:00
johnnyq
0494bfc1cf Moved admin_ to /admin, user_ to user report_ to /reports each have their own post includes modals directories created seperate headers and footer. Also did the same for xcustom, more work to me done 2025-07-28 13:32:28 -04:00
johnnyq
4906e06bf1 Initialized migrating modals into entity folders and modals out of ajax and start working on moving admin items to new admin directory 2025-07-27 21:24:14 -04:00
johnnyq
699546f531 In Client Import Clarify CSV as Primary Contact Name instead of just Contact Name same with Location name use Primary Location Name, makes it much clearer when importing clients 2025-07-25 14:21:55 -04:00
johnnyq
d5ec601d75 add eg info@company.com for further clarification on company setup 2025-07-25 13:36:07 -04:00
johnnyq
5f26f68a04 Clarify Email during company setup, instead of just enter email enter company email for the placeholder https://youtu.be/Ul10HXaPwNk?t=2079 2025-07-25 13:34:05 -04:00
johnnyq
219fe59aa2 Use Badge Pill for rounded Badges in client side nav 2025-07-25 12:44:43 -04:00
johnnyq
d115d57d1a Update sanitize_input Function to handle encoding issues such as Vietnamese. Instead of Blindly just converting to UTF-8 check the input to see if its already UTF-8 2025-07-25 12:35:13 -04:00
johnnyq
6307099bc1 Clarified Importing contacts when inporting clients in the client import modal window 2025-07-25 12:18:17 -04:00
johnnyq
e0a5efdfaf Updated Contact Asset Counts to use more optimied query and added asset counts to client listing 2025-07-24 17:28:10 -04:00
johnnyq
e014e516e6 Beta Support for Dark Mode has been added to the theme options 2025-07-24 14:58:06 -04:00
johnnyq
4d71eb5de0 Remove Credit once Applied, also get total credits applied 2025-07-24 13:24:59 -04:00
johnnyq
0db6853fde Updated Invoice, Quote Recurring Invoice UI to include a table border and added hover effects to line items 2025-07-24 13:02:57 -04:00
johnnyq
197dd9f299 Initial Work on Client Account Credit System, DB Structure, Credit Balance Calculation, added Apply Credit and add Credit with Expire dates, Added DB Structure for Discount Codes, UI Rewrite on client top header now using grouped cards, more dark mode work as well 2025-07-24 11:31:45 -04:00
johnnyq
99aaeefe8e Move the adminlte css to be the last css to fix select2 being white in dark-mode 2025-07-23 17:32:51 -04:00
johnnyq
712804d2a8 Preparing for Dark mode theme: Started Fixing models so they look better in dark mode 2025-07-23 17:02:20 -04:00
johnnyq
a393284acd Remove Building Icon next to company name in main side bar nav 2025-07-23 13:24:48 -04:00
johnnyq
719a0e5efa Also Apply previous commit it editing recurring expenses 2025-07-23 13:20:06 -04:00
johnnyq
6221fd67e1 Fix recurring expense next run date logic for monthly and annual frequencies 2025-07-23 11:47:31 -04:00
johnnyq
56c7c76ac6 Add option to filter footer 500 records per page 2025-07-22 16:15:09 -04:00
johnnyq
a5aae51b1a Fix issue in some of the client overview entities archived will not remain selected after query, fixed issue where clients would not show in overview if in archived 2025-07-22 16:13:04 -04:00
johnnyq
14691fa367 Fix Archived Query for domains to not show archived clients 2025-07-22 15:51:57 -04:00
johnnyq
38b2a94231 Client Overview do not count Archived Clients entities and in services do not show services of archived clients 2025-07-22 15:46:17 -04:00
johnnyq
4c031c8f83 Increase the width for totals on invoices and Quotes PDF Exports 2025-07-21 21:31:39 -04:00
johnnyq
b100498dd7 Add Client Bulk Actions: Edit Tags, Referral, Industry, Set Hourly Rate, Send Bulk Email, Archive. Also added restore option to restore a client 2025-07-21 18:27:31 -04:00
johnnyq
50a8e67917 Commented out deleting old Payment Provider Settings from DB until next release 2025-07-21 13:29:29 -04:00
wrongecho
dfe0a0b1c7 Add default netid for asset int csv import to prevent errors 2025-07-21 09:18:30 +01:00
wrongecho
52dac2252a Add default purchase date for csv import to prevent error when undefined 2025-07-21 08:11:57 +01:00
johnnyq
5aee84e84f Add Credit card icon to the pay button 2025-07-15 18:27:09 -04:00
johnnyq
3e7d7f3801 Make Client Portal Dashboard Cards Linkable, added upaid invoices with ui for option to enter card manually, pay with saved card or pay entire balance 2025-07-15 18:23:20 -04:00
johnnyq
184aba4de4 Finished UI work for AI Providers and Models, AI is set to use the new AI Provider and Models 2025-07-15 16:19:23 -04:00
johnnyq
dd482b246f Use getFallBack function on MAC Address if no MAC is present show a - placeholder 2025-07-15 13:56:54 -04:00
johnnyq
717e6351e7 Add Option for Mac Address in Additonal Column and allow to filter by MAC 2025-07-15 13:54:25 -04:00
johnnyq
c36b1cf50f Added Income Category Filter to Invoices 2025-07-15 13:34:05 -04:00
johnnyq
896da66caf Remove the Archive button from invoices as we dont archive invoices 2025-07-15 13:26:13 -04:00
johnnyq
f72b7763c1 Added Bulk Actions to Invoices Assign Income Category 2025-07-15 13:24:28 -04:00
johnnyq
46c4a62046 Converted add payment to a dropdown under invoice to allow for the standard manaual add payment and to pay with a saved card or by entering a card manully 2025-07-14 17:36:03 -04:00
wrongecho
da3a1d2ce4 Allow linking closed tickets to a project 2025-07-14 15:13:36 +01:00
johnnyq
35d6b51770 use table-sm for tickets to reduce padding and margin and remove ticket_compact_view 2025-07-10 16:11:02 -04:00
johnnyq
35cbfdd736 Rework Categories into a select box for tickets, which now makes it easier to see what category your viewing and one less click as the form auto submits upon selection 2025-07-10 16:04:52 -04:00
johnnyq
a7b2522c87 Fix Invoice Link in ticket details when billed 2025-07-09 20:10:08 -04:00
johnnyq
fe8baf2ca4 Fix pointer not switch to a finger when hovering over add contact in ticket details 2025-07-09 20:06:22 -04:00
johnnyq
300aef413c Fixed Email Notify not showing for recurring invoice 2025-07-09 19:32:24 -04:00
johnnyq
467c681117 Add Saved Payment Options to recurring invoices and details for agents 2025-07-09 19:23:12 -04:00
johnnyq
31a89c0641 Update Recurring Payment Auto pay in cron 2025-07-09 17:05:56 -04:00
johnnyq
5f94543d9b Add Easy Select Auto Pay option in Client Portal Recurring Invoices, fix guest pay 2025-07-09 15:58:13 -04:00
johnnyq
10fd74b4c4 Remove unused model 2025-07-09 01:46:56 -04:00
johnnyq
9bc705bfa1 Updated Guest pay and Client Add Delete Payments, adjustedsetting saved payment per recurring invoice 2025-07-09 01:45:56 -04:00
johnnyq
307d9892b2 No need for a sql delete on recurring payments when deleting a saved payment method as SQL cascadely deletes the recurring payment if saved payment method is deleted 2025-07-08 14:10:27 -04:00
johnnyq
93f4ea51fd Rework Payment Provider AI Provider Tables and logic add cascading deletes 2025-07-08 14:07:10 -04:00
johnnyq
a6f83493f8 Fix Payment Method Additons in setup 2025-07-07 23:22:35 -04:00
johnnyq
7e17fdf851 Add new UI for Saved Payments for payment providers 2025-07-07 18:25:23 -04:00
johnnyq
c76da10747 Add Payment Method to UI and switch Add Payment modals to use the new table 2025-07-07 16:37:51 -04:00
wrongecho
7c558ff842 Add location create endpoint 2025-07-07 13:47:17 +01:00
johnnyq
a011dc4dea POST code for AI and Payment Providers 2025-07-06 17:01:28 -04:00
johnnyq
fa9acef279 Fixed IMAP test button with error details 2025-07-06 12:47:26 -04:00
johnnyq
ed0936059b Convert new lines to brs for contact notes 2025-07-06 11:50:12 -04:00
johnnyq
77597fd7a9 Update wording on Add Payment Processing, we plan on using the income/expense account to be named after provider name and category be processing fees and the vendor named after the provider name if payment processing expense is enabled 2025-07-04 18:07:59 -04:00
johnnyq
8d1bf3d245 UI add modal and listing work on Payment Providers 2025-07-04 17:48:54 -04:00
johnnyq
e7503e8f55 Initial DB work to Generalize Payment Providers, allow multiple payment providers and client payment methods, also to move payment methods to its own table instead of in categories, started work on ai provider ui models 2025-07-04 16:52:30 -04:00
johnnyq
9b6be66623 Initial work on Adding Payment Methods for Online Payments in Client on Agent Side and initial work on AI Providers with multiple model support assigned to various sections and custom prompts 2025-07-04 15:42:26 -04:00
johnnyq
6bc7862232 UI Dashb oard resize some Dashboard cards 2025-07-03 18:14:20 -04:00
Johnny
69a8a9246d Merge pull request #1226 from MydsiIversen/Document-enhancement-clientside 
Enhanced the document function on the client side
 2025-07-03 17:42:24 -04:00
johnnyq
b87b801b04 Fix broken Table header Link buttons in contact details 2025-07-03 16:24:51 -04:00
johnnyq
dba04a407a Fix Table Header Link Buttons in Asset Details 2025-07-03 16:19:55 -04:00
johnnyq
e281a39512 Add title Icon for Bulk Set Status 2025-07-03 16:08:15 -04:00
johnnyq
e0364183e2 Disable Certain Bulk Actions that are directly related to a client in client overview section instead are shown in the client section 2025-07-03 16:03:57 -04:00
Johnny
6af61cbb3c Merge pull request #1225 from itflow-org/bulk-assign-phyloc 
Add physical location modal - not working
 2025-07-03 15:11:42 -04:00
johnnyq
67dc012caa Small wording hints on file uploads instead of upload File its just upload and added the title of the upload modal from upload files to upload file(s) 2025-07-03 14:44:30 -04:00
johnnyq
8753655c9c Do not allow client portal logins with Contact users of a client that is archived 2025-07-03 14:18:14 -04:00
wrongecho
873dc1f76d Fix contact location if not provided in api call 2025-07-01 11:50:20 +01:00
wrongecho
d781130b49 Merge branch 'develop' of https://github.com/itflow-org/itflow into develop 2025-07-01 10:52:05 +01:00
wrongecho
effbf241e6 Fix default rate and net terms if not provided in api call 2025-07-01 10:51:56 +01:00
Mads Iversen
396a67b198 - Enhanced the document retrieval process by including the document description in the SQL query. 
- Implemented file upload capabilities, allowing users to attach files to documents with support for various formats (PDF, Word, text).
- Created modals for adding new documents and uploading files, improving user experience.
- Added functions for formatting file sizes and retrieving appropriate icons based on file extensions.
- Updated the document display logic to handle attached files, providing inline previews for PDFs and images.
 2025-06-30 14:41:12 +02:00
Marcus Hill
1939e06a24 Start using the new modal when creating tickets. This allows us to select both the client and contact, along with a client-specific asset, location and vendor 2025-06-28 17:56:55 +01:00
Marcus Hill
3f21e73b2e Comment ticket collabs, still broken 2025-06-28 15:55:13 +01:00
Marcus Hill
bc9529c488 Client Portal - Allow client choose asset during ticket creation 2025-06-28 15:49:17 +01:00
Marcus Hill
19af05ebee Client Portal - Add company logo to header banner 2025-06-28 14:28:25 +01:00
Marcus Hill
eb11e5b2f8 Bugfix: Company logo not being removed properly from db 2025-06-28 14:27:51 +01:00
Marcus Hill
b85137096d Add physical location modal - not working 2025-06-28 13:42:00 +01:00
Marcus Hill
77e9d72f92 Add physical location modal - not working 2025-06-28 13:37:44 +01:00
Marcus Hill
ec344cbaa7 Allow entering multiple ticket watchers at once 2025-06-28 12:30:42 +01:00
johnnyq
4cb2f42d71 Added Bulk Action Set IP to DHCP in Asset Interface 2025-06-27 01:45:25 -04:00
johnnyq
98723b76cf Added Bulk Actions Set Network, Type and Delete to Asset Interfaces 2025-06-27 01:31:23 -04:00
johnnyq
45ac7f084b Add Bulk Delete Function Also when deletign a ticket delete the watchers and attachments and remove the ticket id from uploads/tickets/ticket_id 2025-06-26 23:16:08 -04:00
johnnyq
3626777bd1 Fix Item name and Description Alignment in PDF Exports 2025-06-26 19:12:25 -04:00
johnnyq
5fb1070567 Show your Assigned Assets on the Client Portal Home Page 2025-06-26 18:45:23 -04:00
johnnyq
f0bcf975b6 Add Assets to the client Portal viewable by Primary and technical Contacts 2025-06-26 18:18:36 -04:00
johnnyq
0ca28dc630 Fix Document API to not insert a new document upon update as we changed the way documents and document versions are handled 2025-06-26 17:30:34 -04:00
johnnyq
8196706538 Ticket API: Allow HTML into ticket Content and allow inserting asset_id 2025-06-26 17:13:27 -04:00
johnnyq
411a6efeb5 Fix Searching Closed Tickets 2025-06-26 17:05:38 -04:00
johnnyq
ffad0cdec9 Fix broken Documents in the Client Portal due to regression with splitting document templates 2025-06-26 16:45:00 -04:00
johnnyq
ca519fe4e1 Fix Adding a vendor from a template and adding country code to vendor template 2025-06-26 16:27:11 -04:00
johnnyq
6b0855cff8 Fix Exports while in Client Overview some were failing due to missing client_id var and some were not logging the client_id if in the client section 2025-06-26 15:49:49 -04:00
wrongecho
e8a3309822 Fix project search not filtering completed projects 2025-06-26 13:13:25 +01:00
wrongecho
ce8c4dfc4c Add debug check for php-zip 2025-06-25 20:40:08 +01:00
wrongecho
a1b99c46c7 Client Portal - Don't allow tech contacts to edit themselves 2025-06-25 09:44:57 +01:00
wrongecho
1ee50fdfde Ticket merging - Hyperlink the new parent ticket in the internal comment for quicker access 2025-06-25 09:23:02 +01:00
wrongecho
05850f61d2 Fix php debug message 2025-06-25 09:11:19 +01:00
johnnyq
12d8c8e959 Fix Overlapping logo with company information in PDF Invoice and Quote 2025-06-23 19:43:41 -04:00
johnnyq
2b4933bd5c Do not Update ticket status when scheduling or cancelling a tickets schedule 2025-06-23 18:15:05 -04:00
Marcus Hill
500e713764 clarify error message wording 2025-06-22 10:01:10 +01:00
Marcus Hill
2ca50776ec Ticket 
- Move ticket metadata/details into their own card (source, category, time, closure details, etc)
- Start adding support for ticket_quote
 2025-06-22 10:00:53 +01:00
Marcus Hill
bd31513e5d Add db fields for ticket_quote 2025-06-22 09:59:23 +01:00
Johnny
6df04390bb Merge pull request #1224 from itflow-org/develop 
25.6.1 Release
 2025-06-22 01:52:33 -04:00
johnnyq
49511276fd Bump Release to 25.06.1 - updated changelog 2025-06-21 18:42:19 -04:00
johnnyq
c4e91df1ed Fix Regression that broke setup, set company currency default to USD if not set 2025-06-21 18:33:48 -04:00
Johnny
ed8a576ac3 Merge pull request #1223 from itflow-org/develop 
25.06 Release
 2025-06-20 15:34:32 -04:00
johnnyq
5c6a7acb7d Fix Updated at date in Documents 2025-06-20 15:25:42 -04:00
johnnyq
850db54a3b Bump ITFlow version to 25.6 and updated changelog 2025-06-20 15:10:46 -04:00
johnnyq
985593b7c2 Add Confirm Modal to Accept Decline Quote 2025-06-19 16:39:22 -04:00
johnnyq
857b5d1bfd Remove redundant php open tag 2025-06-19 00:27:33 -04:00
johnnyq
498e86aa7a Refactor Restore ITFlow Backup code in setup to utilize Sys Temp Directory 2025-06-19 00:26:23 -04:00
johnnyq
79d0fd28b0 Fix Backup function 2025-06-19 00:17:52 -04:00
johnnyq
426ca90515 Add Function to cleanup temp backup files if backup times out or error out 2025-06-19 00:13:56 -04:00
johnnyq
e7328f1be5 Use tmp directory to zip and backup itflow instance 2025-06-19 00:06:54 -04:00
johnnyq
baccc8051e Fix Extra spacing before Contact Name in client listing 2025-06-18 23:13:06 -04:00
johnnyq
f1c7690270 Also add contact_id to the compact ticket listing 2025-06-18 22:34:27 -04:00
johnnyq
d700d1530b Add missing contact_id in ticket listing 2025-06-18 22:32:55 -04:00
johnnyq
b60f44eede Allow the Contact to be clickable in ticket compact listing too 2025-06-18 18:06:59 -04:00
johnnyq
54ab788e93 Allow the Contact to be clickable in ticket listing and direct to the client contact details page 2025-06-18 18:05:28 -04:00
johnnyq
ac2dd04959 Moved Has Base Vendor Template Icon to the the end of the Vendors Table listing 2025-06-18 16:56:40 -04:00
johnnyq
9a449c35ac Fix No content in Edit Recurring Invoice Note Modal 2025-06-18 16:18:01 -04:00
johnnyq
2ff5d2f87c Merge branch 'develop' of github.com:itflow-org/itflow into develop 2025-06-18 15:32:38 -04:00
johnnyq
8f704dade8 Recurring Payments now make the payment on the invoice Due Date instead of when the recurring invoice is generated 2025-06-18 15:32:22 -04:00
wrongecho
3b3e323ce5 Assets - Import CSV now takes purchase date too (MUST be in format YYYY-MM-DD, Excel is annoying and will silently reformat this at random) 2025-06-18 14:48:13 +01:00
wrongecho
43ec144bf0 Fix more debug errors 2025-06-18 14:47:21 +01:00
wrongecho
d5f94819d0 Fix 'Passing null to parameter' debug message 2025-06-18 14:11:18 +01:00
johnnyq
98aa7e4993 Remove url_query_strings_sort var as this functionality has been moved to the filter header that all listing pages share 2025-06-18 01:42:21 -04:00
johnnyq
7c61911dba Added Document Template Delete function 2025-06-18 00:55:57 -04:00
johnnyq
2bb107a5d7 Add Functionality to mark all tasks as complete or incomplete in a ticket 2025-06-18 00:48:18 -04:00
johnnyq
0c4a2aedb7 Show Puzzle Piece Icon if a Vendor has a base vendor template assigned to it 2025-06-18 00:16:19 -04:00
johnnyq
e7e7272002 Migrated Vendor Templates to its own table, lots of code modifications here 2025-06-17 22:44:54 -04:00
johnnyq
f672991089 Remove Document Template field from a few more files 2025-06-17 19:09:43 -04:00
johnnyq
473fa2671d Migrate Document templates to its own table 2025-06-17 19:00:56 -04:00
johnnyq
85e1515080 Move Document Versions to a seperate table much more efficient and allow to reference same document using a link Note this update will delete previous document versions 2025-06-17 17:58:20 -04:00
johnnyq
84437a2732 Bump TCPDF from 6.9.4 to 6.10.0 and TinyMCE from 7.9.0 to 7.9.1 2025-06-17 14:44:06 -04:00
johnnyq
71911f418f Remove Unessesary Code 2025-06-17 14:32:35 -04:00
johnnyq
2741f78bd8 Fully Migrated Quote and Invoice to use TCPDF and elimiated PDFMake 2025-06-17 14:22:57 -04:00
johnnyq
012e54161a Converted PDF Invoice from PDFMake to TCPDF 2025-06-16 18:40:05 -04:00
johnnyq
409084c499 Update UI on Quote, Recurring Invoice and Guest views to match new optimized Invoice UI Layout 2025-06-16 15:49:38 -04:00
johnnyq
27595b2c4a UI Add Ticket to Invoice - Removed Warning about Draf Invoices increase modal size to large and move input to a row to reduce uneessary veritical space being occupied. 2025-06-16 13:13:48 -04:00
johnnyq
62b6535625 UI Invoice make footer text secondary color 2025-06-15 15:42:13 -04:00
johnnyq
e593f438b3 UI Work on Client Overview Increase Quick Notes and Recent Activities width and added contact photos or initials to important contacts 2025-06-15 15:36:54 -04:00
johnnyq
44d46a2cc5 UI Overhaul to invoice Details Page 2025-06-15 15:06:53 -04:00
johnnyq
66e30dd1a8 Added Badge Counts in Client Overview Section 2025-06-13 16:05:49 -04:00
johnnyq
4c74351d21 Added Company Tax ID Field and Option to Show Tax ID on Invoices 2025-06-13 15:51:09 -04:00
johnnyq
5d2b14259c Added Ticket Due Date basic functionality to tickets 2025-06-12 17:13:17 -04:00
johnnyq
878d5444e1 Use Gray Accent color when in client view and use configured theme for Global view, this will help differentiate the view that you are in 2025-06-12 15:00:47 -04:00
johnnyq
ec24ec60c6 Disable Ticket Auto Timer by default 2025-06-12 13:49:11 -04:00
johnnyq
9c096d1f65 Add Setting option to enable or disable ticket autotimer 2025-06-12 13:44:21 -04:00
johnnyq
dba3e895da UI/UX update in ticket details switch to full card stacks with edit icons for the stackable reference items on the right like asset watchers contact etc 2025-06-11 22:28:38 -04:00
johnnyq
07726322df Project Details: Add Bulk Actions to tickets and allow tickets to be sorted 2025-06-11 20:47:27 -04:00
johnnyq
bef18c0d72 Do not Resolved Tickets in Bulk that have Open tasks, display warning and count of ticket not resolved because of open tasks 2025-06-11 18:48:23 -04:00
johnnyq
7c3332570a Add Ticket Category UI for Recurring Tickets 2025-06-11 18:11:08 -04:00
johnnyq
a3d4a52188 Add Mark Sent when invoice is draft to Action Dropdown for invoice listings 2025-06-11 17:29:38 -04:00
johnnyq
5530e89f41 Add one more Non-Billable Check in invoices 2025-06-11 17:18:28 -04:00
johnnyq
a3554b3dfd Add one more Non-Billable Check in invoices 2025-06-11 17:16:03 -04:00
johnnyq
674da36cd1 Do Not calculate Non-Billable Invoices towards a clients balance Convert Add Payment Modal to AJAX and add it as an option from the invoice listing page 2025-06-11 17:12:37 -04:00
johnnyq
18ce12f60d Add Option if visiting a deleted invoice / recurring to return to the listing page and added delete to invoice details page 2025-06-11 15:57:52 -04:00
johnnyq
a462ab36f8 Ticket add / edit / builk sort categories alphabeticaly 2025-06-11 14:56:23 -04:00
Johnny
8aa41edc3e Merge pull request #1222 from itflow-org/functions-ip-addr-leftmost 
Update how functions.php gets the remote IP address for logging
 2025-06-11 14:01:12 -04:00
wrongecho
4e0252553a rm extra ; 2025-06-11 08:18:32 +01:00
johnnyq
8745d09890 Add sanitize the remaining uris that allow uri type:// refactored service details 2025-06-10 12:11:58 -04:00
wrongecho
ac3a02baea Disallow turning on login key without a secret 2025-06-10 09:19:29 +01:00
wrongecho
f2bbc170da Update how functions.php gets the remote IP address for logging 
- Builds on PR #1210 to always get the leftmost IP address
- Cloudflare (HTTP_CF_CONNECTING_IP) must now be explicitly defined, otherwise people could add the HTTP_CF_CONNECTING_IP header to a non-Cloudflare host and spoof IPs
- Tidy up the if/else logic a little
 2025-06-10 09:03:00 +01:00
johnnyq
d79a17adb0 Added sanitize_url function to strip out unsupported URI Schemas schema:// if not on the allow list it will show unsupport://URL 2025-06-09 20:28:10 -04:00
johnnyq
680dbb04ce Fix UI Regression with Indenting Columns in Tickets listing when Open and Closed tickets are filters 2025-06-09 13:30:13 -04:00
johnnyq
6c8403fa09 Move MFA Modal out of the Password Reset Form 2025-06-09 12:52:07 -04:00
johnnyq
fec8eaef70 Remove xml from the allowed upload list, if you must zip it up 2025-06-07 01:28:13 -04:00
johnnyq
5f007029b4 Fix Category 2025-06-07 00:58:56 -04:00
johnnyq
4e76ceaa0f Simplify Category filter logic in tickets catrgory is an int not a string duh 2025-06-07 00:46:11 -04:00
johnnyq
08e467baa9 Encode Page Title 2025-06-06 21:48:24 -04:00
Johnny
f78a2250f1 Merge pull request #1221 from itflow-org/develop 
Develop to Master for 25.05.1 Release
 2025-06-02 14:39:50 -04:00
johnnyq
84e8a459c8 update Changelog 2025-06-02 14:24:52 -04:00
johnnyq
b777f80249 Increment Minor Version and update Changelog 2025-06-02 14:19:04 -04:00
johnnyq
73da203dbb Added Cards for Account Balance, Recurring Monthly for Billing Contacts and Domains Expiring for Technical Contacts to Client Portal 2025-05-31 17:47:08 -04:00
johnnyq
55a31865d0 Updated Client Overview Entities to not show Archived client's Entities even though the entity may not be archived, also added Archive Searching to network and certificates also added unarchive capabilities to them as well 2025-05-30 16:15:12 -04:00
wrongecho
350697869b Fix invoice top banner not showing 2025-05-30 17:31:54 +01:00
Johnny
939b07422d Merge pull request #1220 from itflow-org/develop 
Merge Develop into Master for 25.05 Release
 2025-05-29 14:30:25 -04:00
wrongecho
88369d480a Reword changelog 2025-05-29 18:42:25 +01:00
wrongecho
cf083e94e6 Fix 2025-05-29 18:40:51 +01:00
wrongecho
11e8f5acfc Bump app version 2025-05-29 18:37:39 +01:00
wrongecho
77b3a89eb2 Reword changelog 2025-05-29 18:37:16 +01:00
johnnyq
f572f4265a Updated Changelog 2025-05-29 13:31:40 -04:00
johnnyq
0b66c8e1be Better naming of Indetity Providers instead of Integrations to make way for more Indentity Provider like Google and custom SSO for the future 2025-05-29 13:29:27 -04:00
johnnyq
a8328a3f56 Add more text-nowrap to more table headers 2025-05-29 11:45:45 -04:00
johnnyq
8b42b17121 Added more text no wrap to table headers 2025-05-29 00:18:37 -04:00
johnnyq
db418ce662 Mobile UI/UX - Hide long New Button names and use plus icon only in mobile view, proper form group spacing in mobile as well 2025-05-28 23:39:44 -04:00
johnnyq
96fe566e08 Add location country even when client id uri is not set 2025-05-28 22:03:55 -04:00
johnnyq
a00f26d8a4 UI/UX Draggables now switch to a hand on hover, updated the UI in invoice quote and reccuring invoice so buttons do not wrap and are grouped. Seperated the Dragable button using a button link, did the same for tasks in tickets 2025-05-28 21:22:21 -04:00
johnnyq
eeef63d1c3 Updated Changelog 2025-05-28 19:36:52 -04:00
johnnyq
0b88ea85ae Display Country in Invoices, Quotes, Recurring Invoices, Clients, locations, client top head, and allow searching via country in Locations and Clients 2025-05-28 19:27:11 -04:00
johnnyq
c564118156 Fix Dupe GET VARS in tickets Removed extra Rebuild URL as this has been done in the filter header for some time now 2025-05-28 18:34:50 -04:00
johnnyq
01a7dc2068 Allow both Client and Contact to be sorted in same column in ticket list 2025-05-28 18:29:02 -04:00
johnnyq
bb44ecec3f Trips UI/UX - Move Client at the end column for consistency 2025-05-28 18:13:44 -04:00
johnnyq
b7b24d7de6 UI/UX Expenses - Combined Category and Description Column with secondary text seperation and expanded Truncation of Description from 50 chars to 60 chars 2025-05-28 18:08:08 -04:00
johnnyq
dcca93e34f Only show 8 notifications at a time instead of 10 2025-05-28 17:43:03 -04:00
johnnyq
4124188505 Ticket UI/UX allow the ticket toolbar to be a little more Mobile friendly 2025-05-28 17:39:32 -04:00
johnnyq
eb5d59623b Don't show Checkbox columns when ticket is closed, compact ticket list now matches round pills for status and priority 2025-05-28 17:02:50 -04:00
Marcus Hill
8631c06731 Stripe - Remove the locally stored payment identifiers (expiry/last 4) from the database when the client removes the stripe pm 2025-05-27 19:29:03 +01:00
Marcus Hill
40eb40fd86 Cron mail queue - fix $config_smtp_encryption being set to None in IF statement 2025-05-27 14:46:50 +01:00
Marcus Hill
c486682a0e Cron mail queue - fix app_log_type not being one of available enums 2025-05-27 14:05:09 +01:00
Marcus Hill
336da073f1 Admin mail settings 
- Disable the IMAP test button as it doesn't work yet
- Remove word 'successfully' when testing SMTP as we're only adding the message to the queue, it wasn't sent yet
 2025-05-27 14:00:25 +01:00
Marcus Hill
d2e187a239 Update security supported versions 2025-05-26 20:34:01 +01:00
johnnyq
f69de29353 Get a more accurate count of Tables rows in Debug using count instead of relying on show table status as this is not accurate all the time. 2025-05-24 13:45:27 -04:00
johnnyq
61de8bc792 Redirect to login when itflow restore completes 2025-05-24 13:30:49 -04:00
johnnyq
d31f19707b DB Dump 2025-05-24 13:23:41 -04:00
johnnyq
811312466f If Restore from Backup is chosen show message must configure database first if DB and config dont exist 2025-05-24 13:09:16 -04:00
johnnyq
5ecfb3e962 Update setup to include welcome as an option and do not hide the side nav items if db is already created. 2025-05-24 12:40:33 -04:00
johnnyq
77be5af4e5 Update setup to include restore option but place it in its own nav section for seperation. Also if DB and config is configured skip and do not show checks or database in the side nav 2025-05-24 12:28:34 -04:00
johnnyq
c512a716d2 Fix extra spacing in modal footer in notifications 2025-05-23 19:09:36 -04:00
johnnyq
14f5630caf Fix Invoice Header Button 2025-05-23 18:34:25 -04:00
johnnyq
8532bdc172 More UI updates to Guest Pay 2025-05-23 18:25:09 -04:00
johnnyq
9d74bf8e19 Use cards in Guest Pay Invoice 2025-05-23 17:45:06 -04:00
johnnyq
f75445b4d0 Limit Stripe Payments to just Credit Cards 2025-05-23 17:18:22 -04:00
johnnyq
e04fa1b696 Add stripe_pm_created_at 2025-05-23 17:13:05 -04:00
johnnyq
e07dfb5f67 db structure 2025-05-23 15:42:47 -04:00
johnnyq
3d1af05fc2 Updated DB to store Payment details 2025-05-23 15:41:52 -04:00
johnnyq
0e38925d74 Update Changelog 2025-05-22 18:00:08 -04:00
johnnyq
c0f3343412 Client Portal Add Recurrung Invoices with option to Enable or Disable Auto Pay per recurring Invoice if Stripe is enabled and Client has a payment method. Also when removing saved auto payment methods delete all recurring payments for that client that are Stripe method also added this to the admin settings 2025-05-22 17:58:51 -04:00
johnnyq
6a368840fa Bump stripe-php from 16.4.0 to 17.2.1 2025-05-22 12:37:35 -04:00
johnnyq
5361391b3b Update changelog with the bumps 2025-05-22 12:24:49 -04:00
johnnyq
b80662bb24 Bump FullCalendar from 6.1.15 to 6.1.17 2025-05-22 12:16:16 -04:00
johnnyq
4c272b6b8d Bump DataTables from 2.2.2 to 2.3.1 2025-05-22 12:08:47 -04:00
johnnyq
96abdef3ad Bump TCPDF from 6.8.2 to 6.9.4 2025-05-22 12:04:48 -04:00
johnnyq
0b04bc79e9 Bump tinyMCE from 7.7.1 to 7.9.0 2025-05-22 11:57:54 -04:00
johnnyq
cefbbdc3a8 Bump phpMailer from 6.9.2 to 6.10.0 2025-05-22 11:46:09 -04:00
johnnyq
83ffe05a99 Update Changelog 2025-05-22 11:38:24 -04:00
johnnyq
b6f73083ef SMTP Option Encryption None now works as intended 2025-05-22 11:37:14 -04:00
johnnyq
693736023e Update changelog 2025-05-21 21:02:55 -04:00
johnnyq
fed87c93ab Migrated contact link models to the new ajax models this fixes the issue of the overlapping var contact_name and improves page load and performance in contact details 2025-05-21 12:18:42 -04:00
johnnyq
f53b77b556 Migrated asset link models to the new ajax models this fixes the issue of the overlapping var asset_name and improves page load and performance in asset details 2025-05-21 11:51:18 -04:00
wrongecho
b858d82b0b Show archived categories properly 2025-05-20 14:51:12 +01:00
wrongecho
ccb2af6d17 Fix category name/type logging when archiving/deleting a category 2025-05-20 14:50:27 +01:00
wrongecho
8d937ac8f5 Fix add asset modal icon not showing 2025-05-20 11:39:35 +01:00
wrongecho
2786fb65ed Don't show archived ticket categories in the tickets.php filter options 2025-05-20 11:39:09 +01:00
wrongecho
025532f579 Fix quote top navbar options not showing following perms work 2025-05-20 11:29:26 +01:00
wrongecho
5bd03be1ad Ticket tasks - set maxlength html attribute 2025-05-14 16:05:43 +01:00
wrongecho
40086f1ce0 Quotes / Invoicing - More role/perms enforcement 2025-05-14 11:07:25 +01:00
wrongecho
be66ad9a4c Quotes / Invoicing 
- Ability to manually mark a quote as invoiced (weird css fix for this, we can remove the custom css if we make the parent button just a dropdown, but don't want to introduce extra clicks)
- When converting a quote to an invoice, show the new invoice number in the quote history
- Quotes can now be sent from the main Send dropdown, instead of having to use the send button in the options menu / main quotes.php page
 2025-05-14 10:41:32 +01:00
Marcus Hill
0df5c01bb7 Project - Require CSRF token to delete a project 2025-05-11 12:25:13 +01:00
Marcus Hill
b85fa38b67 Project - Show client abbreviation in open ticket link modal 2025-05-11 12:19:34 +01:00
Marcus Hill
546246d7c5 Project - Allow editing client after creation 2025-05-11 12:14:20 +01:00
Marcus Hill
d5536e78f4 Ajax contacts - Enforce client access restrictions when getting client contacts 2025-05-11 12:01:23 +01:00
Marcus Hill
908738b7ca Ajax active clients - enforce client access restrictions (e.g. when changing ticket client) 2025-05-11 11:57:16 +01:00
Marcus Hill
797e02bffa Hide Credentials in side nav if no perms to view 2025-05-11 11:48:47 +01:00
Marcus Hill
d856685782 Merge branch 'develop' of https://github.com/itflow-org/itflow into develop 2025-05-11 11:46:00 +01:00
Marcus Hill
1400983d8c Projects/Tickets 
- Hide new project button for users that only have support read access
- Hide new ticket button for users that only have support read access
- Enforce client access restrictions for viewing project details based off project client
- Prevent selecting the 'Select tickets' text when linking ticket
 2025-05-11 11:45:47 +01:00
johnnyq
2a43c5d868 Remove DB Check 2025-05-08 16:46:25 -04:00
johnnyq
a67675c649 Remove 500 Records per page option to reduce Resource strain, 100 records per page is max 2025-05-08 16:08:28 -04:00
johnnyq
fc344ef636 add notification paging 2025-05-07 19:23:11 -04:00
johnnyq
2ffb2be083 Update the backup code to be a full backup zip file download of uploads and db dump along with version meta data file. Also allow to restore a single file in setup currently hidden 2025-05-07 15:37:57 -04:00
johnnyq
069772f27d Add Upload uploads.zip file to restore files as well 2025-05-07 14:54:25 -04:00
johnnyq
241ec50802 Add hidden option to restore dumped ITFlow Database during Setup 2025-05-07 14:32:51 -04:00
johnnyq
b943c9cd89 Remove Influencer as a referral 2025-05-06 19:50:51 -04:00
johnnyq
80625f8c3f Remove Unused vars in setup, added jpeg to the allow extension for user avatars 2025-05-06 19:36:31 -04:00
johnnyq
58435d3460 Add Next Button if Database is already configured 2025-05-06 17:18:54 -04:00
johnnyq
7a7ac4a47f Fix Edit Blank Recurring ticket in Asset Details 2025-05-06 13:16:56 -04:00
Marcus Hill
429dfa5ca4 Allow file upload extensions: .bat, .stk 2025-05-04 21:38:11 +01:00
wrongecho
e1f212d30d Start recording ticket source (API, Email, Portal, Agent) 2025-04-28 14:51:38 +01:00
wrongecho
670450bcfb Ticket statuses - Allow ordering from admin settings, this can replace the need to move the Kanban columns 2025-04-23 10:22:33 +01:00
Johnny
83e15e9e4a Merge pull request #1216 from itflow-org/develop 
Develop to Master 25.03.6
 2025-04-21 17:28:14 -04:00
johnnyq
b309081d75 Allow to search by project reference number 2025-04-21 17:16:35 -04:00
johnnyq
f1a7b35aa6 Update Changelog and App Version fix date to 2025-04-21 17:00:32 -04:00
Marcus Hill
469c5ef06d Update client pdf export 
- Fix HTML formatting for the cover div, other div styling is still broken
- Adjust layout of cover info and add MSP logo
- Add software purchase and expiry dates
 2025-04-19 16:30:00 +01:00
Marcus Hill
07cbe561bd Add stupidly bigger update warning to update page. Add reminder note to check ITFlow backup (one in every ten page loads) 2025-04-19 15:14:40 +01:00
Johnny
b69a70cfc3 Merge pull request #1213 from itflow-org/develop 
Develop to Master - 25.03.5 Release
 2025-04-18 19:08:18 -04:00
johnnyq
923001928c Update Changelog and version 2025-04-18 18:08:40 -04:00
johnnyq
75ed461c67 Asset and Contact Links now goto the details page instead of the details modal 2025-04-16 18:51:53 -04:00
johnnyq
691aebce91 Revert Fix 2025-04-13 15:15:18 -04:00
johnnyq
846947ff49 Change the button handlebar class 2025-04-13 15:11:37 -04:00
johnnyq
65e107d154 Totally remove Dragula in Favor of the modern SortableJS library, updated the Kanban 2025-04-13 15:01:52 -04:00
johnnyq
19b809b699 Added SortableJS Library, and updated Invoice, Quote and Recurring to use it. Added Grab Bar Icons next to action buttons. Will now sort in Mobile much more efficiently, update ajax vars for recurring invoice 2025-04-13 13:29:16 -04:00
johnnyq
60fe02bb47 Comment 2025-04-13 11:57:26 -04:00
johnnyq
3e708059c6 Fix not showing File folders instead of Document Folders when creating a document. 2025-04-13 11:55:14 -04:00
johnnyq
424104bb66 Default Date between max date to 9999-12-31 instead of current date for filtered listings, this fixes the issue if you post date an entity it would not show in the listing by default unless you selected a a great to date in the filter 2025-04-12 12:08:30 -04:00
johnnyq
62696b9ebe Fix Mobile Country Code in contact list 2025-04-12 11:58:32 -04:00
Johnny
87403e8c2d Merge pull request #1209 from itflow-org/index-redirect 
Redirect the blank index page to the start page
 2025-04-12 11:54:05 -04:00
wrongecho
7a5a607ff6 Redirect the blank index page to the start page 2025-04-11 14:53:02 +01:00
wrongecho
a195774726 Update README.md 
Add JetBrains to sponsors, as they provide FOSS licenses of PhpStorm to us
 2025-04-11 14:31:01 +01:00
johnnyq
8d0da7b55b Fix Entity Linking in Asset and contact details 2025-04-09 14:00:51 -04:00
Johnny
58c315cd09 Merge pull request #1207 from TamirSlo/fix-dashboard-db-update-1-9-7 
Fix Dashboard following DB Update 1.9.7
 2025-04-08 17:00:40 -04:00
Johnny
dd6c4602db Merge pull request #1194 from ssteeltm/develop 
fix: missing kanban ticket settings
 2025-04-08 16:59:07 -04:00
Tamir Slobodskoy
d413e0c8ff Fix Copy Trip Modal 2025-04-08 05:27:56 +01:00
Tamir Slobodskoy
b356658635 Fix Dashboard following DB Update 1.9.7 2025-04-08 05:02:46 +01:00
Johnny
d92f0fc49b Merge pull request #1206 from itflow-org/develop 
Develop to Master for 25.03.4 Release
 2025-04-07 13:31:20 -04:00
johnnyq
f206a28cf7 Update Changelog and App version to 25.03.4 2025-04-07 13:07:03 -04:00
johnnyq
70cb0ac635 Add the ability to remove additional assets from the ticket details screen 2025-04-07 12:58:55 -04:00
johnnyq
a0ece18876 Allow to remove additional assets in a ticket 2025-04-07 11:59:56 -04:00
wrongecho
4a22b03952 Global search - assets 
When global search returns an asset, include a hyperlink to the asset details as part of the asset name
 2025-04-04 15:12:32 +01:00
wrongecho
5ebf797c90 rm asset_mac - no longer in assets table 2025-04-04 15:08:04 +01:00
wrongecho
a20759f1f2 rm asset_mac - no longer in assets table 2025-04-04 15:07:47 +01:00
wrongecho
c273cab36e Portal - View all ticket bugfix 
View all tickets should display the ticket_number rather than the database ID
 2025-04-04 14:50:36 +01:00
johnnyq
8306a04eda Add Purchase Reference to Copy Asset 2025-04-03 15:07:56 -04:00
johnnyq
f078203136 Fix Database Export, was not properly exporting utf8, html data and such. Also disable foreign key contraint check in the export then renable it in the end. This fixes the issue with importing the database into phpmyadmin or using the mysql command 2025-04-03 15:01:47 -04:00
johnnyq
15e89c3c4e Fix Bulk Assign ticket to only show ITflow users and not client users 2025-04-01 17:23:44 -04:00
Johnny
595c4f1440 Merge pull request #1205 from itflow-org/develop 
Develop to Master for 25.03.3 release
 2025-04-01 11:45:41 -04:00
johnnyq
91a523dc23 Update Changelog 2025-04-01 11:40:24 -04:00
johnnyq
8567c97c09 Merge branch 'develop' of github.com:itflow-org/itflow into develop 2025-04-01 11:33:16 -04:00
johnnyq
3621e99c61 Update Changelog and app version 2025-04-01 11:33:04 -04:00
Johnny
d99b9cbe68 Merge pull request #1204 from itflow-org/fix-assign2 
Ticket assign
 2025-04-01 10:56:56 -04:00
Johnny
e319768fd3 Merge pull request #1203 from itflow-org/fix-bulk-assign 
Tickets - Fix bulk assign
 2025-04-01 10:56:27 -04:00
Johnny
c30ffcf096 Merge pull request #1202 from itflow-org/user-activity 
User activity
 2025-04-01 10:55:17 -04:00
wrongecho
7286248fef Ticket assign 
Remove the role check altogether, its the old way of doing the roles anyway
 2025-04-01 09:12:24 +01:00
wrongecho
dc49f80cc3 Tickets - Fix bulk assign 
Fix bulk assigning tickets to agents
 2025-04-01 09:03:33 +01:00
wrongecho
1ae2da8054 User activity 
Hide the See More button if the user can't actually access the logs due to not being an admin
 2025-04-01 08:46:22 +01:00
johnnyq
090f4cb560 Fix adding location phone extension when addign a client 2025-03-31 19:33:07 -04:00
johnnyq
0914716b8e Allow user to redact client replied tickets 2025-03-31 18:42:56 -04:00
johnnyq
ab463c1773 Tidy Phone Country code add + placeholder 2025-03-31 17:30:33 -04:00
johnnyq
36af4d11fc Few more phone fixes 2025-03-31 16:52:47 -04:00
johnnyq
14d8dc6fa6 Fix php errors thrown when formatPhone is blank 2025-03-31 16:35:36 -04:00
johnnyq
2032b48ad3 DB Update Set Country codes to default to NULL and not 1 Nullify all current country codes 2025-03-31 12:06:36 -04:00
Johnny
2af795f548 Merge pull request #1201 from itflow-org/fix-users 
Fix users
 2025-03-31 11:22:47 -04:00
Johnny
7b4edb2948 Merge pull request #1200 from itflow-org/recurring-invoices 
Recurring invoices
 2025-03-31 11:22:30 -04:00
wrongecho
17a906fd03 Users bugfixes 
- Fix syntax error when adding user, thanks @fleetlognorge
- Fix old reference to scheduled_tickets
 2025-03-31 08:35:42 +01:00
wrongecho
af46a1fd96 Fix syntax error when adding user, thanks @fleetlognorge 2025-03-31 08:32:14 +01:00
wrongecho
393c0b8c11 Recurring invoices 
- Fix the delete link
- Cron should only flag recurring invoices that with a next-run in the past if the recurring invoice is active
 2025-03-31 08:28:22 +01:00
johnnyq
e92f2f714d Fix Ticket Assign to 2025-03-30 20:48:12 -04:00
johnnyq
42606067c0 If no country code is entered display the number only no spaces hyphens or perenthesis 2025-03-30 12:22:43 -04:00
johnnyq
98bb65509d Fix setting country code in company details 2025-03-30 11:45:27 -04:00
johnnyq
a2599e5d43 Fix network location edit 2025-03-30 02:14:06 -04:00
Johnny
0390b1bc2a Merge pull request #1198 from itflow-org/develop 
Develop to Master
 2025-03-29 18:23:37 -04:00
johnnyq
531f3ec741 Update app version and changelog 2025-03-29 18:18:52 -04:00
johnnyq
127afdca0d DB.sql revert 2 2025-03-29 18:16:25 -04:00
johnnyq
c4df5bf988 DB.sql revert 2025-03-29 18:12:32 -04:00
Johnny
30234e044d Merge pull request #1197 from itflow-org/develop 
Merge Develop into Master
 2025-03-29 17:47:08 -04:00
johnnyq
1e98ee8916 Update app version and Changelog hotfix 2025-03-29 17:43:00 -04:00
johnnyq
d5665c2577 Update db.sql to match the mediumtext of the updates 2025-03-29 17:35:53 -04:00
johnnyq
762ec51a19 Fix issue with missing phone numbers 2025-03-29 16:41:40 -04:00
johnnyq
309ad724ec Fix client export to only show licnesed software by the selected client only 2025-03-29 16:22:48 -04:00
ssteeltm
a5f7b7fa9c fix: missing kanban ticket settings 2025-03-28 12:00:48 -03:00
1279 changed files with 32704 additions and 39415 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -25,5 +25,6 @@ plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/*
xcustom/*
!xcustom/readme.php
post/xcustom
custom/*
!post/xcustom/readme.php
.zed

234
CHANGELOG.md
View File

@@ -2,6 +2,238 @@
This file documents all notable changes made to ITFlow.
## [25.09]
***BACK UP*** before updating.
---
### Breaking Changes and Notes
- We strongly recommend updating from the command line, however if performed via the webui and after performed it will return a 404. thats normal as the directory structure has changed, just close your browser then log back in then go back to update to perform the many database updates.
- This is a major release with significant changes. While the community has done a great job identifying bugs, some may still remain — continued testing is encouraged.
- All AI settings will be **reset** and must be reconfigured using the new AI provider backend.
- The `xcustom` directory has been renamed to `custom`. All custom libraries and post-processing scripts should now be placed here.
---
### Added / Changed
- Numerous UI improvements and refinements across the application.
- Enhanced visual clarity by thickening the left border on ticket comments to help identify comment types.
- Ticket details UI redesigned to use less space at the top of the screen.
- Introduced tracking for the **first response date/time** on tickets.
- New reporting feature: **Average time to first response** on tickets.
- Stripe integration rebuilt using the new **payment provider backend**.
- Clients can now save and manage **multiple payment methods**.
- Support for selecting saved cards for **recurring invoices** in both the client and agent portals.
- Initial database structure and logic added for **credit management** (feature not yet enabled).
- Major **backend directory restructuring**.
- Introduced **stock/inventory management**, including a stock ledger backend.
- Stock quantities now update automatically when invoice items are added or removed.
- Invoice autocomplete now includes: **name, description, price, tax, stock levels**, and links `product_id` to `item_id`.
- Added a **category filter** to invoices.
- Linked stock to related expenses.
- New product fields: **location, code, and type**.
- Products now separated into two types: **Service** and **Product**.
- **Dark mode** introduced.
- Projects: Now support linking **closed tickets**.
- Clients: Added bulk actions for tags, referral source, industry, hourly rate, email, archive, and restore.
- Invoices: Bulk action added to **assign categories**.
- Assets: New `client_uri` field, visible in both the agent and client portals.
- Client Portal: Clients can now **select an asset** during ticket creation.
- Client Portal: Company logo now **displays in the header**.
- Client Portal: Dashboard cards are now **clickable** for more detail.
- Assets: Option added to include **MAC Address** in additional columns.
- Asset Interface: Bulk actions added — set DHCP, network type, and delete.
- API:
- Added `/location` endpoint.
- Ticket content now supports **HTML formatting**.
- New option to filter and display **500 records per page** in the footer.
- Payment methods are now treated as a **separate entity** instead of being grouped under categories.
- Updated libraries:
- **TinyMCE**
- **Chart.js** (major upgrade)
- **DataTables**
- **Bootstrap**
- **FullCalendar**
- **php-stripe**
---
### Fixed
- Several security vulnerabilities patched.
- Ticket status is no longer updated when scheduling.
- Client Portal: Tech contacts can no longer edit their own details.
- Fixed overlapping logo issue in Invoice/Quote PDF exports.
- Refactored `check_login.php` into multiple files for modular login functionality.
- Removed redundant logging comments for redirects.
- Renamed `get_settings.php` to `load_global_settings.php`.
- Simplified syntax for `ajax-modal` and updated usage throughout the app.
- Fixed issue where primary contact text wasnt displaying.
- Corrected client **Net Terms** display.
- Fixed logic for recurring expense **next run date**.
- Resolved broken **IMAP test button**.
- Archived clients can no longer log into the portal.
- Searching closed tickets no longer reverts to open tickets.
- Fixed project search filter not showing completed projects.
- Fixed issue where company logo was not being removed correctly.
- Resolved API bugs:
- Default rate and net terms.
- Contact location.
- Document endpoint.
---
### Developer Updates
- Replaced legacy code with newer functions like `redirect()`, `getFieldById()`, and `flash_alert()`.
- Significantly improved performance of queries used for filter selection boxes.
## [25.06.1]
### Fixed
- Fixed a regression in setup causing it to crash and never complete, due to missing default for currency.
## [25.06]
### Breaking CHANGES
- Old Document Verions will be deleted due to the major backend rewrite how document versions work.
### Added / Changed
- Improved function for retrieving remote IP address for logging purposes.
- Ticket categories are now sorted alphabetically.
- Visiting a deleted invoice or recurring invoice now redirects to the listing page; delete option added to invoice details page.
- Added "Mark as Sent" and "Make Payment" actions directly on the invoice listing page.
- Introduced Ticket Category UI for recurring tickets.
- In Project Details, bulk actions and sorting are now available for tickets.
- Updated ticket details UI to use full card stacks with edit icons for stackable items (e.g., asset, watchers, contact).
- Added a new setting to toggle AutoStart Timer in ticket details (disabled by default).
- Applied gray accent theme in the client section to visually distinguish from the global view.
- Introduced Ticket Due Date functionality (currently supports add/edit only; more updates coming next release).
- Added settings option to display Company Tax ID on invoices.
- Client overview now displays badge counts for all entities.
- Overhauled UI for Invoice, Quote, and Recurring Invoice details; switched PDF generation to TCPDF PHP from PDFMake JS.
- Document versioning has been moved to a separate backend table to resolve permanent link issues -- SEE Breaking CHANGES.
- Migrated Document Templates, Vendor Templates, and Software/License Templates to dedicated tables.
- Added functionality to mark all tasks in a ticket as complete or incomplete.
- Asset CSV import now supports a purchase date field.
- Recurring Payments have been restructured to auto-charge on the invoice due date instead of at generation time.
- Added "Base Template" label for vendor templates when available.
- Backup and restore processes now use a temporary directory; files are cleaned up automatically if operations fail.
- Added confirmation prompt when accepting or declining a quote.
- Other minor code UI/UX cleanups and refactoring throughout the app.
### Fixed
- Resolved issue with enabling MFA.
- Fixed UI regression where ticket listing columns would misalign.
- Non-billable invoices are no longer included in calculations.
- Addressed multiple minor reported security vulnerabilities.
- Tickets with open tasks are no longer resolved in bulk; a warning is shown along with a count of affected tickets.
## [25.05.1]
### Added / Changed
- Added Domain Expiring Card to Client Portal Dashboard for Primary and Technical Users.
- Added Balance and Monthly Recurring Amount to Client Portal Dahboard for Primary and Technical Users.
- Added Archive Searching to network and certificates also added unarchive capabilities to them as well.
### Fixed
- Add Payment not showing in Invoice.
- Updated Client Overview Entities to not show archived client's Entities even though the entity may not be archived.
## [25.05]
### Added / Changed
- Expanded file upload allow-list to include .bat and .stk file types.
- Added full backup/restore functionality. Backup downloads a zip that includes the SQL dump and uploads folder, setup now has option to restore from zip backup.
- Migrated Asset and Contact Links to modals to resolve variable overlap issue.
- Added Pagination to Notification Modal.
- Removed 500 Records Per Page option.
- Removed unused old DB checks in the top nav.
- Clients can now use the portal to setup Stripe automatic payments themselves for recurring invoices
- Automatic payments are now disabled for all recurring invoices if the saved payment method is removed
- Added Card Details and Payment added to Client Stripe.
- UI / UX updates to guest pay Make use of cards.
- Don't show Checkbox columns when ticket is closed, compact ticket list now matches round pills for status and priority.
- Ticket UI/UX update allow the ticket toolbar to be a little more mobile-friendly
- UI / UX Updates to Expenses - Combine Category and Description into 1 column.
- Country information is now displayed in Invoices, Quotes, Recurring Invoices, Clients, Locations, and the client top header.
- Added country-based search filters in Locations and Clients sections.
- Changed the settings name from Integrations to Identity Providers to make room for future iDPs (e.g. Google).
- Bump FullCalendar from 6.1.15 to 6.1.17.
- Bump DataTables from 2.2.2 to 2.3.1.
- Bump TCPDF from 6.8.2 to 6.9.4.
- Bump tinyMCE from 7.7.1 to 7.9.0.
- Bump phpMailer from 6.9.2 to 6.10.0.
- Bump stripe-php from 16.4.0 to 17.2.1.
### Fixed
- "None" option for SMTP encryption now functions correctly.
- Debug table row counts now reflect actual counts instead of relying on SHOW TABLE STATUS.
- Archived Categories now display properly.
- Stripe saved payment methods are now limited to credit/debit cards only.
## [25.03.6]
### Fixed
- Set default to date to 2035-12-31 as 9999-12-31 and 2999-12-31 broke certain browsers.
- Update Client PDF Export, add header added company logo.
- Present Larger clearer Warning about updates on update page.
- Allow to search by project reference.
## [25.03.5]
### Fixed
- Fixed the user listing issue when copying a trip.
- Corrected the display of recurring invoice amounts on the dashboard.
- Fixed the linking of entities with assets and contacts.
- Resolved the issue with displaying the correct mobile country code in the contact listing.
- Set the default date to `9999-12-31` to ensure future items (like invoices) are displayed by default.
- Fixed the display issue where file folders were not showing properly during document creation.
- Migrated from Dragula to SortableJS for a more modern, mobile-friendly solution.
- Added Handlebars icons for drag-and-drop items.
- Changed behavior to open Contact and Asset Details pages directly instead of using a modal.
## [25.03.4]
### Fixed
- Ability to remove additional assets from the ticket details screen.
- Fix the ability to remove assets from edit ticket not working when only 1 asset exists.
- Fix Database Backup corruption.
- Client Portal - show ticket number instead of ticket id in ticket listing.
- Add Purchase Reference to copy asset.
- Add Link to asset details from the global search.
- Fix Bulk assign ticket only showing contacts instead of ITFlow users.
## [25.03.3]
### Fixed
- Fix adding ITFlow user.
- Do not alert on inactive recurring invoices.
- Fix ticket user assignment including bulk assignment.
- Fix adding a location phone extension.
- Do not default to +1 Country code, instead default to null.
- Do not format numbers unless a country code is entered.
- Fix editing network location.
- Fix ticket redaction on client replies.
- Remove more from user activity as it requires admin privledges.
- Fix MFA Enforcement page.
## [25.03.2]
### Fixed
- Revert DB.sql change
## [25.03.1]
### Fixed
- Phone number missing in various sections.
- Match Database.
- Client Export Only display licenses users and assets from the selected client only.
## [25.03]
### Fixed
@@ -221,4 +453,4 @@ This file documents all notable changes made to ITFlow.
## [24.12]
### Added / Changed
- Introduced versioned releases for the first time!
- Introduced versioned releases for the first time!

1
README.md
View File

@@ -93,6 +93,7 @@ If you want to improve ITFlow, feel free to fork the repo and create a pull requ
Were incredibly grateful to the organizations and individuals who support the project - a big thank you to:
- CompuMatter
- F1 for HELP
- JetBrains (PhpStorm)
## License
ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details.

6
SECURITY.md
View File

@@ -12,10 +12,8 @@
We operate a rolling release model. Any bug fixes will be released into latest version of ITFlow, so you must stay up-to-date.
| Version | Supported |
| ------- | ------------------ |
| Beta | :x: |
| 24.12 | :white_check_mark: |
| 25.1 | :white_check_mark: (When released) |
|---------| ------------------ |
| 25.05 | :white_check_mark: |
## Reporting a Vulnerability via GitHub Security Advisories

108
admin/ai_model.php Normal file
View File

@@ -0,0 +1,108 @@
<?php
// Default Column Sortby Filter
$sort = "ai_model_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM ai_models LEFT JOIN ai_providers ON ai_model_ai_provider_id = ai_provider_id ORDER BY $sort $order");
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-robot mr-2"></i>AI Models</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAIModelModal"><i class="fas fa-plus mr-2"></i>Add Model</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_model_name&order=<?php echo $disp; ?>">
Model <?php if ($sort == 'ai_model_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'ai_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_model_use_case&order=<?php echo $disp; ?>">
Use Case<?php if ($sort == 'ai_model_use_case') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark">Prompt</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$provider_id = intval($row['ai_provider_id']);
$provider_name = nullable_htmlentities($row['ai_provider_name']);
$model_id = intval($row['ai_model_id']);
$model_name = nullable_htmlentities($row['ai_model_name']);
$use_case = nullable_htmlentities($row['ai_model_use_case']);
$prompt = nl2br(nullable_htmlentities($row['ai_model_prompt']));
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/ai/ai_model_edit.php?id=<?= $model_id ?>">
<?php echo $model_name; ?>
</a>
</td>
<td><?php echo $provider_name; ?></td>
<td><?php echo $use_case; ?></td>
<td><?php echo $prompt; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/ai/ai_model_edit.php?id=<?= $model_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_ai_model=<?php echo $model_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/ai/ai_model_add.php";
require_once "../includes/footer.php";

109
admin/ai_provider.php Normal file
View File

@@ -0,0 +1,109 @@
<?php
// Default Column Sortby Filter
$sort = "ai_provider_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM ai_providers ORDER BY $sort $order");
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-robot mr-2"></i>AI Providers</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAIProviderModal"><i class="fas fa-plus mr-2"></i>Add Provider</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'ai_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_api_url&order=<?php echo $disp; ?>">
URL <?php if ($sort == 'ai_provider_api_url') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_api_key&order=<?php echo $disp; ?>">
Key <?php if ($sort == 'ai_provider_api_key') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark">Models</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$provider_id = intval($row['ai_provider_id']);
$provider_name = nullable_htmlentities($row['ai_provider_name']);
$url = nullable_htmlentities($row['ai_provider_api_url']);
$key = nullable_htmlentities($row['ai_provider_api_key']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ai_model_id') AS ai_model_count FROM ai_models WHERE ai_model_ai_provider_id = $provider_id"));
$ai_model_count = intval($row['ai_model_count']);
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/ai/ai_provider_edit.php?id=<?= $provider_id ?>">
<?php echo $provider_name; ?>
</a>
</td>
<td><?php echo $url; ?></td>
<td><?php echo $key; ?></td>
<td><?php echo $ai_model_count; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/ai/ai_provider_edit.php?id=<?= $provider_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_ai_provider=<?php echo $provider_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/ai/ai_provider_add.php";
require_once "../includes/footer.php";

12
admin_api.php → admin/api_keys.php
View File

@@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM api_keys
@@ -166,15 +162,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</form>
</div>
<?php require_once "includes/filter_footer.php";
<?php require_once "../includes/filter_footer.php";
?>
</div>
</div>
<script src="js/bulk_actions.js"></script>
<script src="../js/bulk_actions.js"></script>
<?php
require_once "modals/admin_api_key_add_modal.php";
require_once "modals/api/api_key_add.php";
require_once "includes/footer.php";
require_once "../includes/footer.php";

21
admin_app_log.php → admin/app_log.php
View File

@@ -26,9 +26,6 @@ if (isset($_GET['category']) & !empty($_GET['catergory'])) {
$category_filter = '';
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM app_logs
@@ -48,14 +45,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<h3 class="card-title"><i class="fas fa-fw fa-history mr-2"></i>App Logs</h3>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<form autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search app logs">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
<div class="form-group">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search app logs">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
</div>
@@ -184,10 +183,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "includes/filter_footer.php";
<?php require_once "../includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "includes/footer.php";
require_once "../includes/footer.php";

21
admin_audit_log.php → admin/audit_log.php
View File

@@ -46,9 +46,6 @@ if (isset($_GET['action']) & !empty($_GET['action'])) {
$action_filter = '';
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs
@@ -75,7 +72,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<div class="input-group mb-3 mb-md-0">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search audit logs">
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
@@ -85,7 +82,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
<div class="col-sm-2">
<div class="form-group">
<div class="input-group mb-3 mb-md-0">
<select class="form-control select2" name="client" onchange="this.form.submit()">
<option value="">- All Clients -</option>
@@ -105,7 +102,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
<div class="col-sm-2">
<div class="form-group">
<div class="input-group mb-3 mb-md-0">
<select class="form-control select2" name="user" onchange="this.form.submit()">
<option value="">- All Users -</option>
@@ -125,7 +122,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
<div class="col-sm-2">
<div class="form-group">
<div class="input-group mb-3 mb-md-0">
<select class="form-control select2" name="type" onchange="this.form.submit()">
<option value="">- All Types -</option>
@@ -144,7 +141,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
<div class="col-sm-2">
<div class="form-group">
<div class="input-group mb-3 mb-md-0">
<select class="form-control select2" name="action" onchange="this.form.submit()">
<option value="">- All Actions -</option>
@@ -198,7 +195,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<hr>
<div class="table-responsive-sm">
<table class="table table-sm table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?> text-nowrap">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=log_created_at&order=<?php echo $disp; ?>">
@@ -269,7 +266,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (empty($client_name)) {
$client_name_display = "-";
} else {
$client_name_display = "<a href='client_overview.php?client_id=$client_id'>$client_name</a>";
$client_name_display = "<a href='../user/client_overview.php?client_id=$client_id'>$client_name</a>";
}
$log_entity_id = intval($row['log_entity_id']);
@@ -295,11 +292,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "includes/filter_footer.php";
<?php require_once "../includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "includes/footer.php";
require_once "../includes/footer.php";

14
admin_backup.php → admin/backup.php
View File

@@ -8,7 +8,7 @@ require_once "includes/inc_all_admin.php";
</div>
<div class="card-body" style="text-align: center;">
<div class="alert alert-secondary">If you are unable to back up the entire VM, you'll need to back up the files & database individually. There is no built-in restore. See the <a href="https://docs.itflow.org/backups" target="_blank">docs here</a>.</div>
<a class="btn btn-primary btn-lg p-3" href="post.php?download_database&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"><i class="fas fa-fw fa-4x fa-download"></i><br><br>Download database</a>
<a class="btn btn-primary btn-lg p-3" href="post.php?download_backup&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"><i class="fas fa-fw fa-4x fa-download"></i><br><br>Download Backup</a>
</div>
</div>
@@ -20,12 +20,12 @@ require_once "includes/inc_all_admin.php";
<div class="card-body">
<form action="post.php" method="POST">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="row d-flex justify-content-center">
<div class="input-group col-4">
<div class="input-group-prepend">
<input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required>
<div class="d-flex justify-content-center">
<div class="input-group col-sm-4">
<input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required>
<div class="input-group-append">
<button class="btn btn-primary" type="submit" name="backup_master_key"><i class="fas fa-key"></i></button>
</div>
<button class="btn btn-primary" type="submit" name="backup_master_key"><i class="fas fa-fw fa-key mr-2"></i>Get Master Key</button>
</div>
</div>
</form>
@@ -34,5 +34,5 @@ require_once "includes/inc_all_admin.php";
</div>
<?php
require_once "includes/footer.php";
require_once "../includes/footer.php";

40
admin_category.php → admin/category.php
View File

@@ -13,10 +13,6 @@ if (isset($_GET['category'])) {
$category = "Expense";
}
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM categories
@@ -27,10 +23,6 @@ $sql = mysqli_query(
);
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (isset($_GET['archived'])) {
$category = "Archived";
}
?>
<div class="card card-dark">
@@ -42,7 +34,7 @@ if (isset($_GET['archived'])) {
if (!isset($_GET['archived'])) {
?>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCategoryModal"><i
<button type="button" class="btn btn-primary ajax-modal" data-modal-url="modals/category/category_add.php?category=<?= nullable_htmlentities($category) ?>"><i
class="fas fa-plus mr-2"></i>New <?php echo nullable_htmlentities($category); ?> Category</button>
</div>
<?php
@@ -85,20 +77,13 @@ if (isset($_GET['archived'])) {
} else {
echo 'btn-default';
} ?>">Referral</a>
<a href="?category=Payment Method"
class="btn <?php if ($category == 'Payment Method') {
echo 'btn-primary';
} else {
echo 'btn-default';
} ?>">Payment
Method</a>
<a href="?category=Ticket"
class="btn <?php if ($category == 'Ticket') {
echo 'btn-primary';
} else {
echo 'btn-default';
} ?>">Ticket</a>
<a href="?archived=1"
<a href="?<?php echo $url_query_strings_sort ?>&archived=1"
class="btn <?php if (isset($_GET['archived'])) {
echo 'btn-primary';
} else {
@@ -134,11 +119,8 @@ if (isset($_GET['archived'])) {
?>
<tr>
<td>
<a class="text-dark" href="#"
data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_category_edit.php"
data-ajax-id="<?php echo $category_id; ?>"
>
<a class="text-dark ajax-modal" href="#"
data-modal-url="modals/category/category_edit.php?id=<?= $category_id ?>">
<?php echo $category_name; ?>
</a>
</td>
@@ -150,7 +132,7 @@ if (isset($_GET['archived'])) {
</button>
<div class="dropdown-menu">
<?php
if ($category == "Archived") {
if ($archived) {
?>
<a class="dropdown-item text-success confirm-link"
href="post.php?unarchive_category=<?php echo $category_id; ?>">
@@ -163,11 +145,8 @@ if (isset($_GET['archived'])) {
<?php
} else {
?>
<a class="dropdown-item" href="#"
data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_category_edit.php"
data-ajax-id="<?php echo $category_id; ?>"
>
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/category/category_edit.php?id=<?= $category_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<a class="dropdown-item text-danger confirm-link"
@@ -191,11 +170,10 @@ if (isset($_GET['archived'])) {
</tbody>
</table>
</div>
<?php require_once "includes/filter_footer.php";
<?php require_once "../includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "modals/admin_category_add_modal.php";
require_once "includes/footer.php";
require_once "../includes/footer.php";

19
admin_custom_link.php → admin/custom_link.php
View File

@@ -6,10 +6,6 @@ $order = "ASC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_links
@@ -105,11 +101,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<tr>
<td>
<a href="#"
data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_custom_link_edit.php"
data-ajax-id="<?php echo $custom_link_id; ?>"
>
<a class="ajax-modal" href="#"
data-modal-url="modals/custom_link/custom_link_edit.php?id=<?= $custom_link_id ?>">
<i class="fa fa-fw fa-<?php echo $custom_link_icon; ?> mr-2"></i><?php echo $custom_link_name;?>
</a>
</td>
@@ -122,7 +115,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_custom_link_edit.php" data-ajax-id="<?php echo $custom_link_id; ?>">
<a class="dropdown-item ajax-modal" href="#" data-modal-url="modals/custom_link/custom_link_edit.php?id=<?= $custom_link_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
@@ -142,11 +135,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php require_once "includes/filter_footer.php";
<?php require_once "../includes/filter_footer.php";
?>
</div>
</div>
<?php
require_once "modals/admin_custom_link_add_modal.php";
require_once "includes/footer.php";
require_once "modals/custom_link/custom_link_add.php";
require_once "../includes/footer.php";

568
database_updates.php → admin/database_updates.php
View File

@@ -2776,7 +2776,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
//Dropping patch panel as a patch panel can be documented as an asset with interfaces.
mysqli_query($mysqli, "DROP TABLE `patch_panel_ports`");
mysqli_query($mysqli, "DROP TABLE `patch_panels`");
mysqli_query($mysqli, "RENAME TABLE `events` TO `calendar_events`");
mysqli_query($mysqli, "RENAME TABLE `event_attendees` TO `calendar_event_attendees`");
@@ -2957,7 +2957,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
ALTER TABLE `calendar_events`
ADD FOREIGN KEY (`event_calendar_id`) REFERENCES `calendars`(`calendar_id`) ON DELETE CASCADE
");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.0.3'");
}
@@ -2974,7 +2974,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
ALTER TABLE `certificate_history`
ADD FOREIGN KEY (`certificate_history_certificate_id`) REFERENCES `certificates`(`certificate_id`) ON DELETE CASCADE
");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.0.4'");
}
@@ -3335,14 +3335,14 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
ADD FOREIGN KEY (`vendor_id`) REFERENCES `vendors`(`vendor_id`) ON DELETE CASCADE,
ADD FOREIGN KEY (`file_id`) REFERENCES `files`(`file_id`) ON DELETE CASCADE
");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.0.5'");
}
if (CURRENT_DATABASE_VERSION == '2.0.5') {
// CONVERT All tables TO CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci
$tables = [
'accounts', 'api_keys', 'app_logs', 'asset_credentials', 'asset_custom', 'asset_documents',
'asset_files', 'asset_history', 'asset_interface_links', 'asset_interfaces', 'asset_notes', 'assets',
@@ -3381,14 +3381,14 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
}
if (CURRENT_DATABASE_VERSION == '2.0.7') {
mysqli_query($mysqli, "ALTER TABLE `files` DROP `file_hash`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.0.8'");
}
if (CURRENT_DATABASE_VERSION == '2.0.8') {
mysqli_query($mysqli, "ALTER TABLE `files` DROP `file_has_thumbnail`");
mysqli_query($mysqli, "ALTER TABLE `files` DROP `file_has_preview`");
mysqli_query($mysqli, "ALTER TABLE `files` DROP `file_asset_id`");
@@ -3397,7 +3397,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
}
if (CURRENT_DATABASE_VERSION == '2.0.9') {
mysqli_query($mysqli, "ALTER TABLE `contacts` ADD `contact_phone_country_code` VARCHAR(10) DEFAULT 1 AFTER `contact_email`");
mysqli_query($mysqli, "ALTER TABLE `contacts` ADD `contact_mobile_country_code` VARCHAR(10) DEFAULT 1 AFTER `contact_extension`");
@@ -3424,13 +3424,557 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.2'");
}
// if (CURRENT_DATABASE_VERSION == '2.1.2') {
// // Insert queries here required to update to DB version 2.1.3
if (CURRENT_DATABASE_VERSION == '2.1.2') {
// Update country_code to NULL for `contacts` table
mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_phone_country_code` VARCHAR(10) DEFAULT NULL");
mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_mobile_country_code` VARCHAR(10) DEFAULT NULL");
// Update country_code to NULL for `locations` table
mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_phone_country_code` VARCHAR(10) DEFAULT NULL");
mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_fax_country_code` VARCHAR(10) DEFAULT NULL");
// Update country_code to NULL for `vendors` table
mysqli_query($mysqli, "ALTER TABLE `vendors` MODIFY `vendor_phone_country_code` VARCHAR(10) DEFAULT NULL");
// Update country_code to NULL for `companies` table
mysqli_query($mysqli, "ALTER TABLE `companies` MODIFY `company_phone_country_code` VARCHAR(10) DEFAULT NULL");
// Set country_code to NULL for `contacts` table
mysqli_query($mysqli, "UPDATE `contacts` SET `contact_phone_country_code` = NULL");
mysqli_query($mysqli, "UPDATE `contacts` SET `contact_mobile_country_code` = NULL");
// Set country_code to NULL for `locations` table
mysqli_query($mysqli, "UPDATE `locations` SET `location_phone_country_code` = NULL");
mysqli_query($mysqli, "UPDATE `locations` SET `location_fax_country_code` = NULL");
// Set country_code to NULL for `vendors` table
mysqli_query($mysqli, "UPDATE `vendors` SET `vendor_phone_country_code` = NULL");
// Set country_code to NULL for `companies` table
mysqli_query($mysqli, "UPDATE `companies` SET `company_phone_country_code` = NULL");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'");
}
if (CURRENT_DATABASE_VERSION == '2.1.3') {
mysqli_query($mysqli, "ALTER TABLE `client_stripe` ADD `stripe_pm_details` VARCHAR(200) DEFAULT NULL AFTER `stripe_pm`");
mysqli_query($mysqli, "ALTER TABLE `client_stripe` ADD `stripe_pm_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP AFTER `stripe_pm_details`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.4'");
}
if (CURRENT_DATABASE_VERSION == '2.1.4') {
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_ticket_timer_autostart` TINYINT(1) NOT NULL DEFAULT '0' AFTER `config_ticket_default_billable`");
mysqli_query($mysqli, "ALTER TABLE `tickets` ADD `ticket_due_at` DATETIME DEFAULT NULL AFTER `ticket_updated_at`");
mysqli_query($mysqli, "ALTER TABLE `companies` ADD `company_tax_id` VARCHAR(200) DEFAULT NULL AFTER `company_currency`");
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_invoice_show_tax_id` TINYINT(1) NOT NULL DEFAULT '0' AFTER `config_invoice_paid_notification_email`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.5'");
}
if (CURRENT_DATABASE_VERSION == '2.1.5') {
mysqli_query($mysqli, "CREATE TABLE `document_versions` (
`document_version_id` INT(11) NOT NULL AUTO_INCREMENT,
`document_version_name` VARCHAR(200) NOT NULL,
`document_version_description` TEXT DEFAULT NULL,
`document_version_content` LONGTEXT NOT NULL,
`document_version_created_by` INT(11) DEFAULT 0,
`document_version_created_at` DATETIME NOT NULL,
`document_version_document_id` INT(11) NOT NULL,
PRIMARY KEY (`document_version_id`)
)");
// Delete all Current Document Versions
mysqli_query($mysqli, "
DELETE FROM `documents`
WHERE `document_parent` > 0 AND `document_parent` != `document_id`
");
mysqli_query($mysqli, "ALTER TABLE `documents` DROP `document_parent`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.6'");
}
if (CURRENT_DATABASE_VERSION == '2.1.6') {
mysqli_query($mysqli, "CREATE TABLE `document_templates` (
`document_template_id` INT(11) NOT NULL AUTO_INCREMENT,
`document_template_name` VARCHAR(200) NOT NULL,
`document_template_description` TEXT DEFAULT NULL,
`document_template_content` LONGTEXT NOT NULL,
`document_template_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`document_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`document_template_archived_at` DATETIME NULL DEFAULT NULL,
`document_template_created_by` INT(11) NOT NULL DEFAULT 0,
`document_template_updated_by` INT(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`document_template_id`)
)");
// Copy Document Templates over to new document templates table
mysqli_query($mysqli, "
INSERT INTO document_templates (
document_template_name,
document_template_description,
document_template_content,
document_template_created_at,
document_template_updated_at,
document_template_archived_at,
document_template_created_by,
document_template_updated_by
)
SELECT
document_name,
document_description,
document_content,
document_created_at,
document_updated_at,
document_archived_at,
document_created_by,
document_updated_by
FROM
documents
WHERE
document_template = 1
");
mysqli_query($mysqli, "DELETE FROM documents WHERE document_template = 1");
mysqli_query($mysqli, "ALTER TABLE `documents` DROP `document_template`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.7'");
}
if (CURRENT_DATABASE_VERSION == '2.1.7') {
mysqli_query($mysqli, "CREATE TABLE `software_templates` (
`software_template_id` INT(11) NOT NULL AUTO_INCREMENT,
`software_template_name` VARCHAR(200) NOT NULL,
`software_template_description` TEXT DEFAULT NULL,
`software_template_version` VARCHAR(200) DEFAULT NULL,
`software_template_type` VARCHAR(200) NOT NULL,
`software_template_license_type` VARCHAR(200) DEFAULT NULL,
`software_template_notes` TEXT DEFAULT NULL,
`software_template_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`software_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`software_template_archived_at` DATETIME NULL DEFAULT NULL,
PRIMARY KEY (`software_template_id`)
)");
// Copy software Templates over to new software templates table
mysqli_query($mysqli, "
INSERT INTO software_templates (
software_template_name,
software_template_description,
software_template_version,
software_template_type,
software_template_license_type,
software_template_notes,
software_template_created_at,
software_template_updated_at,
software_template_archived_at
)
SELECT
software_name,
software_description,
software_version,
software_type,
software_license_type,
software_notes,
software_created_at,
software_updated_at,
software_archived_at
FROM
software
WHERE
software_template = 1
");
mysqli_query($mysqli, "DELETE FROM software WHERE software_template = 1");
mysqli_query($mysqli, "ALTER TABLE `software` DROP `software_template`");
mysqli_query($mysqli, "ALTER TABLE `software` DROP `software_template_id`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.8'");
}
if (CURRENT_DATABASE_VERSION == '2.1.8') {
mysqli_query($mysqli, "CREATE TABLE `vendor_templates` (
`vendor_template_id` INT(11) NOT NULL AUTO_INCREMENT,
`vendor_template_name` VARCHAR(200) NOT NULL,
`vendor_template_description` VARCHAR(200) DEFAULT NULL,
`vendor_template_contact_name` VARCHAR(200) DEFAULT NULL,
`vendor_template_phone_country_code` VARCHAR(10) DEFAULT NULL,
`vendor_template_phone` VARCHAR(200) DEFAULT NULL,
`vendor_template_extension` VARCHAR(200) DEFAULT NULL,
`vendor_template_email` VARCHAR(200) DEFAULT NULL,
`vendor_template_website` VARCHAR(200) DEFAULT NULL,
`vendor_template_hours` VARCHAR(200) DEFAULT NULL,
`vendor_template_sla` VARCHAR(200) DEFAULT NULL,
`vendor_template_code` VARCHAR(200) DEFAULT NULL,
`vendor_template_account_number` VARCHAR(200) DEFAULT NULL,
`vendor_template_notes` TEXT DEFAULT NULL,
`vendor_template_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`vendor_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`vendor_template_archived_at` DATETIME NULL DEFAULT NULL,
PRIMARY KEY (`vendor_template_id`)
)");
// Copy Vendor Templates over to new vendor templates table
mysqli_query($mysqli, "
INSERT INTO vendor_templates (
vendor_template_name,
vendor_template_description,
vendor_template_contact_name,
vendor_template_phone_country_code,
vendor_template_phone,
vendor_template_extension,
vendor_template_email,
vendor_template_website,
vendor_template_hours,
vendor_template_sla,
vendor_template_code,
vendor_template_account_number,
vendor_template_notes,
vendor_template_created_at,
vendor_template_updated_at,
vendor_template_archived_at
)
SELECT
vendor_name,
vendor_description,
vendor_contact_name,
vendor_phone_country_code,
vendor_phone,
vendor_extension,
vendor_email,
vendor_website,
vendor_hours,
vendor_sla,
vendor_code,
vendor_account_number,
vendor_notes,
vendor_created_at,
vendor_updated_at,
vendor_archived_at
FROM
vendors
WHERE
vendor_template = 1
");
mysqli_query($mysqli, "DELETE FROM vendors WHERE vendor_template = 1");
mysqli_query($mysqli, "ALTER TABLE `vendors` DROP `vendor_template`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.9'");
}
if (CURRENT_DATABASE_VERSION == '2.1.9') {
mysqli_query($mysqli, "ALTER TABLE `companies` MODIFY `company_currency` VARCHAR(200) DEFAULT 'USD'");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.0'");
}
if (CURRENT_DATABASE_VERSION == '2.2.0') {
mysqli_query($mysqli, "ALTER TABLE `tickets` ADD `ticket_quote_id` INT(11) NOT NULL DEFAULT 0 AFTER `ticket_asset_id`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.1'");
}
if (CURRENT_DATABASE_VERSION == '2.2.1') {
mysqli_query($mysqli, "CREATE TABLE `ai_providers` (
`ai_provider_id` INT(11) NOT NULL AUTO_INCREMENT,
`ai_provider_name` VARCHAR(200) NOT NULL,
`ai_provider_api_url` VARCHAR(200) NOT NULL,
`ai_provider_api_key` VARCHAR(200) DEFAULT NULL,
`ai_provider_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`ai_provider_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`ai_provider_id`)
)");
mysqli_query($mysqli, "
CREATE TABLE `ai_models` (
`ai_model_id` INT(11) NOT NULL AUTO_INCREMENT,
`ai_model_name` VARCHAR(200) NOT NULL,
`ai_model_prompt` TEXT DEFAULT NULL,
`ai_model_use_case` VARCHAR(200) DEFAULT NULL,
`ai_model_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`ai_model_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`ai_model_ai_provider_id` INT(11) NOT NULL,
PRIMARY KEY (`ai_model_id`),
FOREIGN KEY (`ai_model_ai_provider_id`)
REFERENCES `ai_providers`(`ai_provider_id`)
ON DELETE CASCADE
)
");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.2'");
}
if (CURRENT_DATABASE_VERSION == '2.2.2') {
mysqli_query($mysqli, "CREATE TABLE `payment_methods` (
`payment_method_id` INT(11) NOT NULL AUTO_INCREMENT,
`payment_method_name` VARCHAR(200) NOT NULL,
`payment_method_description` VARCHAR(250) DEFAULT NULL,
`payment_method_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`payment_method_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`payment_method_id`)
)");
mysqli_query($mysqli, "CREATE TABLE `payment_providers` (
`payment_provider_id` INT(11) NOT NULL AUTO_INCREMENT,
`payment_provider_name` VARCHAR(200) NOT NULL,
`payment_provider_description` VARCHAR(250) DEFAULT NULL,
`payment_provider_public_key` VARCHAR(250) DEFAULT NULL,
`payment_provider_private_key` VARCHAR(250) DEFAULT NULL,
`payment_provider_threshold` DECIMAL(15,2) DEFAULT NULL,
`payment_provider_active` TINYINT(1) NOT NULL DEFAULT 1,
`payment_provider_account` INT(11) NOT NULL,
`payment_provider_expense_vendor` INT(11) NOT NULL DEFAULT 0,
`payment_provider_expense_category` INT(11) NOT NULL DEFAULT 0,
`payment_provider_expense_percentage_fee` DECIMAL(4,4) DEFAULT NULL,
`payment_provider_expense_flat_fee` DECIMAL(15,2) DEFAULT NULL,
`payment_provider_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`payment_provider_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`payment_provider_id`)
)");
mysqli_query($mysqli, "CREATE TABLE `client_saved_payment_methods` (
`saved_payment_id` INT(11) NOT NULL AUTO_INCREMENT,
`saved_payment_provider_method` VARCHAR(200) NOT NULL,
`saved_payment_description` VARCHAR(200) DEFAULT NULL,
`saved_payment_client_id` INT(11) NOT NULL,
`saved_payment_provider_id` INT(11) NOT NULL,
`saved_payment_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`saved_payment_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`saved_payment_id`),
FOREIGN KEY (`saved_payment_client_id`) REFERENCES clients(`client_id`) ON DELETE CASCADE,
FOREIGN KEY (`saved_payment_provider_id`) REFERENCES payment_providers(`payment_provider_id`) ON DELETE CASCADE
)");
mysqli_query($mysqli, "CREATE TABLE `client_payment_provider` (
`client_id` INT(11) NOT NULL,
`payment_provider_id` INT(11) NOT NULL,
`payment_provider_client` VARCHAR(200) NOT NULL,
`client_payment_provider_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`client_id`, `payment_provider_id`),
FOREIGN KEY (`client_id`) REFERENCES clients(`client_id`) ON DELETE CASCADE,
FOREIGN KEY (`payment_provider_id`) REFERENCES payment_providers(`payment_provider_id`) ON DELETE CASCADE
)");
mysqli_query($mysqli, "ALTER TABLE `recurring_payments` ADD `recurring_payment_saved_payment_id` INT(11) DEFAULT NULL AFTER `recurring_payment_recurring_invoice_id`");
mysqli_query($mysqli, "ALTER TABLE `recurring_payments` ADD CONSTRAINT `fk_recurring_saved_payment` FOREIGN KEY (`recurring_payment_saved_payment_id`) REFERENCES `client_saved_payment_methods`(`saved_payment_id`) ON DELETE CASCADE");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.3'");
}
if (CURRENT_DATABASE_VERSION == '2.2.3') {
mysqli_query($mysqli, "CREATE TABLE `credits` (
`credit_id` INT(11) NOT NULL AUTO_INCREMENT,
`credit_amount` DECIMAL(15,2) NOT NULL,
`credit_reference` VARCHAR(250) DEFAULT NULL,
`credit_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP(),
`credit_created_by` INT(11) NOT NULL,
`credit_expire_at` DATE DEFAULT NULL,
`credit_client_id` INT(11) NOT NULL,
PRIMARY KEY (`credit_id`)
)");
mysqli_query($mysqli, "ALTER TABLE `invoices` ADD `invoice_credit_amount` DECIMAL(15,2) NOT NULL DEFAULT 0.00 AFTER `invoice_discount_amount`");
mysqli_query($mysqli, "CREATE TABLE `discount_codes` (
`discount_code_id` INT(11) NOT NULL AUTO_INCREMENT,
`discount_code_description` VARCHAR(250) DEFAULT NULL,
`discount_code_amount` DECIMAL(15,2) NOT NULL,
`discount_code` VARCHAR(200) NOT NULL,
`discount_code_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP(),
`discount_code_created_by` INT(11) NOT NULL,
`discount_code_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
`discount_code_archived_at` DATETIME NULL DEFAULT NULL,
`discount_code_expire_at` DATE DEFAULT NULL,
PRIMARY KEY (`discount_code_id`)
)");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.4'");
}
if (CURRENT_DATABASE_VERSION == '2.2.4') {
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_theme_dark` TINYINT(1) NOT NULL DEFAULT 0 AFTER `config_theme`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.5'");
}
if (CURRENT_DATABASE_VERSION == '2.2.5') {
mysqli_query($mysqli, "ALTER TABLE `assets` ADD `asset_uri_client` VARCHAR(500) NULL DEFAULT NULL AFTER `asset_uri_2`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.6'");
}
if (CURRENT_DATABASE_VERSION == '2.2.6') {
mysqli_query($mysqli, "ALTER TABLE `credits` DROP `credit_reference`");
mysqli_query($mysqli, "ALTER TABLE `credits` ADD `credit_type` ENUM('prepaid', 'manual', 'refund', 'promotion', 'usage') NOT NULL DEFAULT 'manual' AFTER `credit_amount`");
mysqli_query($mysqli, "ALTER TABLE `credits` ADD `credit_note` TEXT NULL DEFAULT NULL AFTER `credit_type`");
mysqli_query($mysqli, "ALTER TABLE `credits` ADD `credit_invoice_id` INT(11) NULL DEFAULT NULL AFTER `credit_expire_at`");
mysqli_query($mysqli, "ALTER TABLE `credits` ADD INDEX (`credit_client_id`)");
mysqli_query($mysqli, "ALTER TABLE `credits` ADD INDEX (`credit_invoice_id`)");
mysqli_query($mysqli, "ALTER TABLE `credits` ADD INDEX (`credit_created_at`)");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.7'");
}
if (CURRENT_DATABASE_VERSION == '2.2.7') {
mysqli_query($mysqli, "ALTER TABLE `user_settings` ADD `user_config_theme_dark` TINYINT(1) NOT NULL DEFAULT 0 AFTER `user_config_signature`");
mysqli_query($mysqli, "ALTER TABLE `settings` DROP `config_theme_dark`");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.8'");
}
if (CURRENT_DATABASE_VERSION == '2.2.8') {
mysqli_query($mysqli, "ALTER TABLE `products` ADD `product_type` ENUM('service', 'product') NOT NULL DEFAULT 'service' AFTER `product_name`");
mysqli_query($mysqli, "ALTER TABLE `products` ADD `product_code` VARCHAR(200) DEFAULT NULL AFTER `product_description`");
mysqli_query($mysqli, "ALTER TABLE `products` ADD `product_location` VARCHAR(250) DEFAULT NULL AFTER `product_code`");
mysqli_query($mysqli, "CREATE TABLE `product_stock` (
`stock_id` INT(11) NOT NULL AUTO_INCREMENT,
`stock_qty` INT(11) NOT NULL,
`stock_note` TEXT DEFAULT NULL,
`stock_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP(),
`stock_expense_id` INT(11) DEFAULT NULL,
`stock_item_id` INT(11) DEFAULT NULL,
`stock_product_id` INT(11) NOT NULL,
PRIMARY KEY (`stock_id`)
)");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.9'");
}
if (CURRENT_DATABASE_VERSION == '2.2.9') {
// Migrate Stripe Settings over to new Tables
// Get Current Stripe Settings
$sql_stripe_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
$row = mysqli_fetch_array($sql_stripe_settings);
$config_stripe_enable = intval($row['config_stripe_enable']);
if ($config_stripe_enable === 1) {
$config_stripe_publishable = mysqli_real_escape_string($mysqli, $row['config_stripe_publishable']);
$config_stripe_secret = mysqli_real_escape_string($mysqli, $row['config_stripe_secret']);
$config_stripe_account = intval($row['config_stripe_account']);
$config_stripe_expense_vendor = intval($row['config_stripe_expense_vendor']);
$config_stripe_expense_category = intval($row['config_stripe_expense_category']);
$config_stripe_percentage_fee = floatval($row['config_stripe_percentage_fee']);
$config_stripe_flat_fee = floatval($row['config_stripe_flat_fee']);
mysqli_query($mysqli,"INSERT INTO payment_providers SET
payment_provider_name = 'Stripe',
payment_provider_public_key = '$config_stripe_publishable',
payment_provider_private_key = '$config_stripe_secret',
payment_provider_account = $config_stripe_account,
payment_provider_expense_vendor = $config_stripe_expense_vendor,
payment_provider_expense_category = $config_stripe_expense_category,
payment_provider_expense_percentage_fee = $config_stripe_percentage_fee,
payment_provider_expense_flat_fee = $config_stripe_flat_fee"
);
$provider_id = mysqli_insert_id($mysqli);
// Migrate Clients and Payment Method over
$sql_stripe_clients = mysqli_query($mysqli, "SELECT * FROM client_stripe WHERE stripe_pm IS NOT NULL AND stripe_pm != ''");
while ($row = mysqli_fetch_array($sql_stripe_clients)) {
$client_id = intval($row['client_id']);
$stripe_id = mysqli_real_escape_string($mysqli, $row['stripe_id']);
$stripe_pm = mysqli_real_escape_string($mysqli, $row['stripe_pm']);
$stripe_pm_details = mysqli_real_escape_string($mysqli, $row['stripe_pm_details'] ?? 'Saved Card');
mysqli_query($mysqli,"INSERT INTO client_payment_provider SET
client_id = $client_id,
payment_provider_id = $provider_id,
payment_provider_client = '$stripe_id'"
);
mysqli_query($mysqli,"INSERT INTO client_saved_payment_methods SET
saved_payment_provider_method = '$stripe_pm',
saved_payment_description = '$stripe_pm_details',
saved_payment_client_id = $client_id,
saved_payment_provider_id = $provider_id"
);
}
}
// Get Stripe provider id
$res = mysqli_query($mysqli, "
SELECT payment_provider_id
FROM payment_providers
WHERE payment_provider_name = 'Stripe'
ORDER BY payment_provider_id DESC
LIMIT 1
");
$stripe = mysqli_fetch_assoc($res);
$stripe_provider_id = intval($stripe['payment_provider_id']);
// Correct mapping: RP -> Recurring Invoice -> Client -> Client's Stripe saved method
mysqli_query($mysqli, "
UPDATE recurring_payments rp
INNER JOIN recurring_invoices ri
ON ri.recurring_invoice_id = rp.recurring_payment_recurring_invoice_id
INNER JOIN client_saved_payment_methods spm
ON spm.saved_payment_client_id = ri.recurring_invoice_client_id
AND spm.saved_payment_provider_id = $stripe_provider_id
SET
rp.recurring_payment_method = 'Credit Card',
rp.recurring_payment_saved_payment_id = spm.saved_payment_id
WHERE rp.recurring_payment_method = 'Stripe'
");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.0'");
}
if (CURRENT_DATABASE_VERSION == '2.3.0') {
// Migrate Payment Methods from Categories Table to new payment_methods table
$sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_name != 'Stripe' AND category_archived_at IS NULL");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_name = sanitizeInput($row['category_name']);
mysqli_query($mysqli,"INSERT INTO payment_methods SET payment_method_name = '$category_name'");
}
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.1'");
}
if (CURRENT_DATABASE_VERSION == '2.3.1') {
// Delete all Recurring Payments that are Stripe
mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe'");
// Delete Stripe Specific ITFlow Client Stripe Client Relationship Table
mysqli_query($mysqli, "DROP TABLE client_stripe");
// Delete Unused Stripe and AI Settings now in their own tables
mysqli_query($mysqli, "ALTER TABLE `settings`
DROP `config_stripe_enable`,
DROP `config_stripe_publishable`,
DROP `config_stripe_secret`,
DROP `config_stripe_account`,
DROP `config_stripe_expense_vendor`,
DROP `config_stripe_expense_category`,
DROP `config_stripe_percentage_fee`,
DROP `config_stripe_flat_fee`,
DROP `config_ai_enable`,
DROP `config_ai_provider`,
DROP `config_ai_model`,
DROP `config_ai_url`,
DROP `config_ai_api_key`
");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.2'");
}
// if (CURRENT_DATABASE_VERSION == '2.3.2') {
// // Insert queries here required to update to DB version 2.3.3
// // Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'");
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.3'");
// }
} else {
// Up-to-date
}

411
admin_debug.php → admin/debug.php
View File

@@ -1,8 +1,8 @@
<?php
require_once "includes/inc_all_admin.php";
require_once "includes/database_version.php";
require_once "config.php";
require_once "../includes/database_version.php";
require_once "../config.php";
$checks = [];
@@ -53,6 +53,7 @@ $extensions = [
'php-curl' => 'curl',
'php-mbstring' => 'mbstring',
'php-gd' => 'gd',
'php-zip' => 'zip',
];
foreach ($extensions as $name => $ext) {
@@ -245,7 +246,7 @@ $filePermissions[] = [
$uploadsStats = [];
// Define the uploads directory path
$uploadsDir = __DIR__ . '/uploads'; // Adjust the path if needed
$uploadsDir = __DIR__ . '/../uploads'; // Adjust the path if needed
if (is_dir($uploadsDir)) {
// Function to recursively count files and calculate total size
@@ -296,7 +297,13 @@ if ($tablesResult) {
while ($table = $tablesResult->fetch_assoc()) {
$tableName = $table['Name'];
$tableRows = $table['Rows'];
// Accurate row count
$countResult = $mysqli->query("SELECT COUNT(*) AS cnt FROM `$tableName`");
$countRow = $countResult->fetch_assoc();
$tableRows = $countRow['cnt'];
$countResult->free();
$dataLength = $table['Data_length'];
$indexLength = $table['Index_length'];
$tableSize = ($dataLength + $indexLength) / (1024 * 1024); // Size in MB
@@ -336,18 +343,13 @@ if ($tablesResult) {
'name' => 'Total database size (MB)',
'value' => round($totalSize, 2) . ' MB',
];
} else {
$databaseStats[] = [
'name' => 'Database connection error',
'value' => $mysqli->error,
];
}
// Section: Database Structure Comparison
$dbComparison = [];
// Path to the db.sql file
$dbSqlFile = __DIR__ . '/db.sql';
$dbSqlFile = __DIR__ . '/../db.sql';
if (file_exists($dbSqlFile)) {
// Read the db.sql file
@@ -518,24 +520,26 @@ $mysqli->close();
</ul>
<hr>
<table class="table table-bordered mb-3">
<tr>
<th>ITFlow release version</th>
<th><?php echo APP_VERSION; ?></th>
</tr>
<tr>
<td>Current DB Version</td>
<td><?php echo CURRENT_DATABASE_VERSION; ?></td>
</tr>
<tr>
<td>Current Code Commit</td>
<td><?php echo $commitHash; ?></td>
</tr>
<tr>
<td>Current Branch</td>
<td><?php echo $gitBranch; ?></td>
</tr>
</table>
<div class="table-responsive">
<table class="table table-bordered mb-3">
<tr>
<th>ITFlow release version</th>
<th><?php echo APP_VERSION; ?></th>
</tr>
<tr>
<td>Current DB Version</td>
<td><?php echo CURRENT_DATABASE_VERSION; ?></td>
</tr>
<tr>
<td>Current Code Commit</td>
<td><?php echo $commitHash; ?></td>
</tr>
<tr>
<td>Current Branch</td>
<td><?php echo $gitBranch; ?></td>
</tr>
</table>
</div>
<!-- System Information Table -->
<h3>System Information</h3>
@@ -552,200 +556,209 @@ $mysqli->close();
<!-- PHP Extensions and Configuration Table -->
<h3 class="mt-3">PHP Extensions and Configuration</h3>
<table class="table table-sm table-bordered">
<!-- PHP Extensions Section -->
<thead>
<tr class="table-secondary">
<th colspan="3">PHP Extensions</th>
</tr>
</thead>
<tbody>
<?php foreach ($phpExtensions as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
<div class="table-responsive">
<table class="table table-sm table-bordered">
<!-- PHP Extensions Section -->
<thead>
<tr class="table-secondary">
<th colspan="3">PHP Extensions</th>
</tr>
<?php endforeach; ?>
</tbody>
<!-- PHP Configuration Section -->
<thead>
<tr class="table-secondary">
<th colspan="3">PHP Configuration</th>
</tr>
</thead>
<tbody>
<?php foreach ($phpConfig as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</thead>
<tbody>
<?php foreach ($phpExtensions as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
<!-- PHP Configuration Section -->
<thead>
<tr class="table-secondary">
<th colspan="3">PHP Configuration</th>
</tr>
<?php endforeach; ?>
</tbody>
<thead>
<tr class="table-secondary">
<th colspan="3">Shell Commands</th>
</tr>
</thead>
<tbody>
<?php foreach ($shellCommands as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</thead>
<tbody>
<?php foreach ($phpConfig as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
<thead>
<tr class="table-secondary">
<th colspan="3">Shell Commands</th>
</tr>
<?php endforeach; ?>
</tbody>
<thead>
<tr class="table-secondary">
<th colspan="3">SSL Checks</th>
</tr>
</thead>
<tbody>
<?php foreach ($sslChecks as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</thead>
<tbody>
<?php foreach ($shellCommands as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
<thead>
<tr class="table-secondary">
<th colspan="3">SSL Checks</th>
</tr>
<?php endforeach; ?>
</tbody>
<thead>
<tr class="table-secondary">
<th colspan="3">Domain Checks</th>
</tr>
</thead>
<tbody>
<?php foreach ($domainChecks as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</thead>
<tbody>
<?php foreach ($sslChecks as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
<thead>
<tr class="table-secondary">
<th colspan="3">Domain Checks</th>
</tr>
<?php endforeach; ?>
</tbody>
</thead>
<tbody>
<?php foreach ($domainChecks as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
<!-- File Permissions Table -->
<thead>
<tr class="table-secondary">
<th colspan="3">File Permissions</th>
</tr>
</thead>
<tbody>
<?php foreach ($filePermissions as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
<!-- File Permissions Table -->
<thead>
<tr class="table-secondary">
<th colspan="3">File Permissions</th>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</thead>
<tbody>
<?php foreach ($filePermissions as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<!-- Database Structure Comparison Table -->
<h3 class="mt-3">Database Structure Comparison</h3>
<table class="table table-sm table-bordered">
<tbody>
<?php if (!empty($dbComparison)): ?>
<?php foreach ($dbComparison as $issue): ?>
<div class="table-responsive">
<table class="table table-sm table-bordered">
<tbody>
<?php if (!empty($dbComparison)): ?>
<?php foreach ($dbComparison as $issue): ?>
<tr>
<td><?= htmlspecialchars($issue['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($issue['status']); ?></td>
</tr>
<?php endforeach; ?>
<?php else: ?>
<tr>
<td><?= htmlspecialchars($issue['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($issue['status']); ?></td>
<td colspan="3">No discrepancies found between the database and db.sql file.</td>
</tr>
<?php endforeach; ?>
<?php else: ?>
<tr>
<td colspan="3">No discrepancies found between the database and db.sql file.</td>
</tr>
<?php endif; ?>
</tbody>
</table>
<?php endif; ?>
</tbody>
</table>
</div>
<!-- Uploads Directory Stats Table -->
<h3 class="mt-3">Uploads Directory Stats</h3>
<table class="table table-sm table-bordered">
<tbody>
<?php foreach ($uploadsStats as $stat): ?>
<tr>
<td><?= htmlspecialchars($stat['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($stat['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<div class="table-responsive">
<table class="table table-sm table-bordered">
<tbody>
<?php foreach ($uploadsStats as $stat): ?>
<tr>
<td><?= htmlspecialchars($stat['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($stat['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<!-- Database Stats Table -->
<h3 class="mt-3">Database Stats</h3>
<table class="table table-sm table-bordered">
<tbody>
<?php foreach ($databaseStats as $stat): ?>
<tr>
<td><?= htmlspecialchars($stat['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($stat['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<div class="table-responsive">
<table class="table table-sm table-bordered">
<tbody>
<?php foreach ($databaseStats as $stat): ?>
<tr>
<td><?= htmlspecialchars($stat['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($stat['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<!-- Table Stats Table -->
<h3 class="mt-3">Table Stats</h3>
<table class="table table-sm table-bordered">
<thead>
<tr>
<th>Table Name</th>
<th>Fields / Rows</th>
<th>Size (MB)</th>
</tr>
</thead>
<tbody>
<?php foreach ($tableDetails as $table): ?>
<div class="table-responsive">
<table class="table table-sm table-bordered">
<thead>
<tr>
<td><?= htmlspecialchars($table['name']); ?></td>
<td><?= htmlspecialchars("Fields: {$table['fields']}, Rows: {$table['rows']}"); ?></td>
<td><?= htmlspecialchars($table['size'] . ' MB'); ?></td>
<th>Table Name</th>
<th>Fields / Rows</th>
<th>Size (MB)</th>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</thead>
<tbody>
<?php foreach ($tableDetails as $table): ?>
<tr>
<td><?= htmlspecialchars($table['name']); ?></td>
<td><?= htmlspecialchars("Fields: {$table['fields']}, Rows: {$table['rows']}"); ?></td>
<td><?= htmlspecialchars($table['size'] . ' MB'); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
@@ -753,5 +766,5 @@ $mysqli->close();
<?php
require_once "includes/footer.php";
require_once "../includes/footer.php";

71
admin_document_template.php → admin/document_template.php
View File

@@ -1,27 +1,16 @@
<?php
// Default Column Sort by Filter
$sort = "document_name";
$sort = "document_template_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
// Search query SQL snippet
if (!empty($q)) {
$query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q') OR document_name LIKE '%$q%')";
} else {
$query_snippet = ""; // empty
}
// Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM documents
LEFT JOIN users ON document_created_by = user_id
WHERE document_template = 1
$query_snippet
"SELECT SQL_CALC_FOUND_ROWS * FROM document_templates
LEFT JOIN users ON document_template_created_by = user_id
WHERE user_name LIKE '%$q%' OR document_template_name LIKE '%$q%'
ORDER BY $sort $order LIMIT $record_from, $record_to"
);
@@ -55,18 +44,18 @@
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">
Template Name <?php if ($sort == 'document_name') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_name&order=<?php echo $disp; ?>">
Template Name <?php if ($sort == 'document_template_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'document_created_at') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'document_template_created_at') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">
Updated <?php if ($sort == 'document_updated_at') { echo $order_icon; } ?>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_updated_at&order=<?php echo $disp; ?>">
Updated <?php if ($sort == 'document_template_updated_at') { echo $order_icon; } ?>
</a>
</th>
<th class="text-center">
@@ -78,43 +67,39 @@
<?php
while ($row = mysqli_fetch_array($sql)) {
$document_id = intval($row['document_id']);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']);
$document_created_by_name = nullable_htmlentities($row['user_name']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
$document_template_id = intval($row['document_template_id']);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']);
$document_template_created_by_name = nullable_htmlentities($row['user_name']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
?>
<tr>
<td>
<a class="text-bold" href="admin_document_template_details.php?document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_name; ?></a>
<div class="mt-1 text-secondary"><?php echo $document_description; ?></div>
<a class="text-bold" href="document_template_details.php?document_template_id=<?php echo $document_template_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_template_name; ?></a>
<div class="mt-1 text-secondary"><?php echo $document_template_description; ?></div>
</td>
<td>
<?php echo $document_created_at; ?>
<div class="text-secondary"><?php echo $document_created_by_name; ?></div>
<?php echo $document_template_created_at; ?>
<div class="text-secondary"><?php echo $document_template_created_by_name; ?></div>
</td>
<td><?php echo $document_updated_at; ?></td>
<td><?php echo $document_template_updated_at; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle="ajax-modal"
<a class="dropdown-item ajax-modal" href="#"
data-modal-size="xl"
data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_id; ?>"
>
data-modal-url="modals/document_template/document_template_edit.php?id=<?= $document_template_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document_template=<?php echo $document_template_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
@@ -132,12 +117,12 @@
</table>
<br>
</div>
<?php require_once "includes/filter_footer.php"; ?>
<?php require_once "../includes/filter_footer.php"; ?>
</div>
</div>
<?php require_once "modals/admin_document_template_add_modal.php"; ?>
<?php require_once "includes/footer.php"; ?>
<?php require_once "modals/document_template/document_template_add.php"; ?>
<?php require_once "../includes/footer.php"; ?>
<script>
$(document).ready(function(){

64
admin/document_template_details.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['document_template_id'])) {
$document_template_id = intval($_GET['document_template_id']);
}
$sql_document = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id");
$row = mysqli_fetch_array($sql_document);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = $purifier->purify($row['document_template_content']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
?>
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="../">Home</a>
</li>
<li class="breadcrumb-item">
<a href="users.php">Admin</a>
</li>
<li class="breadcrumb-item">
<a href="document_template.php">Document Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_template_name; ?></li>
</ol>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_template_name; ?></h3>
<div class="card-tools">
<button type="button" class="btn btn-primary ajax-modal"
data-modal-size="xl"
data-modal-url="modals/document_template/document_template_edit.php?id=<?= $document_template_id ?>">
<i class="fas fa-edit mr-2"></i>Edit
</button>
</div>
</div>
<div class="card-body prettyContent">
<?php echo $document_template_content; ?>
</div>
</div>
<script src="../js/pretty_content.js"></script>
<?php
require_once "../includes/footer.php";

23
admin_settings_integration.php → admin/identity_provider.php
View File

@@ -4,13 +4,29 @@ require_once "includes/inc_all_admin.php";
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-plug mr-2"></i>Integration Settings</h3>
<h3 class="card-title"><i class="fas fa-fw fa-fingerprint mr-2"></i>Identity Providers</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<h4>Client Portal SSO via Microsoft Entra</h4>
<div class="form-group">
<label>Identity Provider <small class='text-secondary'>(Currently only works with Microsoft Entra ID/AAD)</small></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fingerprint"></i></span>
</div>
<select class="form-control select2" readonly>
<option <?php if (empty($config_azure_client_id)) { echo "selected"; } ?>>Disabled</option>
<option <?php if ($config_azure_client_id) { echo "selected"; } ?>>Microsoft Entra</option>
<option>Google (WIP)</option>
<option>Custom SSO (WIP)</option>
</select>
</div>
</div>
<div class="form-group">
<label>MS Entra OAuth App (Client) ID</label>
<div class="input-group">
@@ -33,11 +49,10 @@ require_once "includes/inc_all_admin.php";
<hr>
<button type="submit" name="edit_integrations_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="submit" name="edit_identity_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
</form>
</div>
</div>
<?php require_once "includes/footer.php";
<?php require_once "../includes/footer.php";

17
admin/includes/inc_all_admin.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
require_once "../config.php";
require_once "../functions.php";
require_once "../includes/router.php";
require_once "../includes/check_login.php";
require_once "../includes/page_title.php";
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
require_once "../includes/header.php";
require_once "../includes/top_nav.php";
require_once "includes/side_nav.php";
require_once "../includes/inc_wrapper.php";
require_once "../includes/inc_alert_feedback.php";
require_once "../includes/filter_header.php";
require_once "../includes/app_version.php";

124
includes/admin_side_nav.php → admin/includes/side_nav.php
View File

@@ -1,6 +1,6 @@
<!-- Main Sidebar Container -->
<aside class="main-sidebar sidebar-dark-<?php echo nullable_htmlentities($config_theme); ?> d-print-none">
<a class="brand-link pb-1 mt-1" href="clients.php">
<a class="brand-link pb-1 mt-1" href="../user/dashboard.php">
<p class="h6">
<i class="nav-icon fas fa-arrow-left ml-3 mr-2"></i>
<span class="brand-text">
@@ -16,19 +16,19 @@
<ul class="nav nav-pills nav-sidebar flex-column mt-2" data-widget="treeview" data-accordion="false">
<!-- ACCESS Section -->
<li class="nav-item">
<a href="admin_user.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "admin_user.php") {echo "active";} ?>">
<a href="users.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "users.php") {echo "active";} ?>">
<i class="nav-icon fas fa-users"></i>
<p>Users</p>
</a>
</li>
<li class="nav-item">
<a href="admin_role.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "admin_role.php") {echo "active";} ?>">
<a href="roles.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "roles.php") {echo "active";} ?>">
<i class="nav-icon fas fa-user-shield"></i>
<p>Roles</p>
</a>
</li>
<li class="nav-item">
<a href="admin_api.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "admin_api.php") {echo "active";} ?>">
<a href="api_keys.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "api_keys.php") {echo "active";} ?>">
<i class="nav-icon fas fa-key"></i>
<p>API Keys</p>
</a>
@@ -36,35 +36,65 @@
<li class="nav-header">TAGS & CATEGORIES</li>
<li class="nav-item">
<a href="admin_tag.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_tag.php' ? 'active' : ''); ?>">
<a href="tag.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'tag.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-tags"></i>
<p>Tags</p>
</a>
</li>
<li class="nav-item">
<a href="admin_category.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_category.php' ? 'active' : ''); ?>">
<a href="category.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'category.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-list-ul"></i>
<p>Categories</p>
</a>
</li>
<?php if ($config_module_enable_accounting) { ?>
<li class="nav-item">
<a href="admin_tax.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_tax.php' ? 'active' : ''); ?>">
<a href="tax.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'tax.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-balance-scale"></i>
<p>Taxes</p>
</a>
</li>
<li class="nav-item">
<a href="payment_method.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'payment_method.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-hand-holding-usd"></i>
<p>Payment Methods</p>
</a>
</li>
<li class="nav-item">
<a href="payment_provider.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'payment_provider.php' ? 'active' : ''); ?>">
<i class="nav-icon far fa-credit-card"></i>
<p>Payment Providers</p>
</a>
</li>
<li class="nav-item">
<a href="saved_payment_method.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'saved_payment_method.php' ? 'active' : ''); ?>">
<i class="nav-icon far fa-credit-card"></i>
<p>Saved Payments</p>
</a>
</li>
<li class="nav-item">
<a href="ai_provider.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'ai_provider.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-robot"></i>
<p>AI Providers</p>
</a>
</li>
<li class="nav-item">
<a href="ai_model.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'ai_model.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-robot"></i>
<p>AI Models</p>
</a>
</li>
<?php } ?>
<?php if ($config_module_enable_ticketing) { ?>
<li class="nav-item">
<a href="admin_ticket_status.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_ticket_status.php' ? 'active' : ''); ?>">
<a href="ticket_status.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'ticket_status.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-info-circle"></i>
<p>Ticket Statuses</p>
</a>
</li>
<?php } ?>
<li class="nav-item">
<a href="admin_custom_link.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_custom_link.php' ? 'active' : ''); ?>">
<a href="custom_link.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'custom_link.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-external-link-alt"></i>
<p>Custom Links</p>
</a>
@@ -74,31 +104,31 @@
<li class="nav-header">TEMPLATES</li>
<li class="nav-item">
<a href="admin_project_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['admin_project_template.php', 'admin_project_template_details.php']) ? 'active' : ''); ?>">
<a href="project_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['project_template.php', 'project_template_details.php']) ? 'active' : ''); ?>">
<i class="nav-icon fas fa-project-diagram"></i>
<p>Project Templates</p>
</a>
</li>
<li class="nav-item">
<a href="admin_ticket_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['admin_ticket_template.php', 'admin_ticket_template_details.php']) ? 'active' : ''); ?>">
<a href="ticket_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['ticket_template.php', 'ticket_template_details.php']) ? 'active' : ''); ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>Ticket Templates</p>
</a>
</li>
<li class="nav-item">
<a href="admin_vendor_template.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_vendor_template.php' ? 'active' : ''); ?>">
<a href="vendor_template.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'vendor_template.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-building"></i>
<p>Vendor Templates</p>
</a>
</li>
<li class="nav-item">
<a href="admin_software_template.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_software_template.php' ? 'active' : ''); ?>">
<a href="software_template.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'software_template.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-rocket"></i>
<p>License Templates</p>
</a>
</li>
<li class="nav-item">
<a href="admin_document_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['admin_document_template.php', 'admin_document_template_details.php']) ? 'active' : ''); ?>">
<a href="document_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['document_template.php', 'document_template_details.php']) ? 'active' : ''); ?>">
<i class="nav-icon fas fa-file"></i>
<p>Document Templates</p>
</a>
@@ -108,44 +138,44 @@
<li class="nav-header">MAINTENANCE</li>
<li class="nav-item">
<a href="admin_mail_queue.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_mail_queue.php' ? 'active' : ''); ?>">
<a href="mail_queue.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'mail_queue.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-mail-bulk"></i>
<p>Mail Queue</p>
</a>
</li>
<li class="nav-item">
<a href="admin_audit_log.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_audit_log.php' ? 'active' : ''); ?>">
<a href="audit_log.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'audit_log.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-history"></i>
<p>Audit Logs</p>
</a>
</li>
<li class="nav-item">
<a href="admin_app_log.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_app_log.php' ? 'active' : ''); ?>">
<a href="app_log.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'app_log.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-history"></i>
<p>App Logs</p>
</a>
</li>
<li class="nav-item">
<a href="admin_backup.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_backup.php' ? 'active' : ''); ?>">
<a href="backup.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'backup.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-cloud-upload-alt"></i>
<p>Backup</p>
</a>
</li>
<li class="nav-item">
<a href="admin_debug.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_debug.php' ? 'active' : ''); ?>">
<a href="debug.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'debug.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-bug"></i>
<p>Debug</p>
</a>
</li>
<li class="nav-item">
<a href="admin_update.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_update.php' ? 'active' : ''); ?>">
<a href="update.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'update.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-download"></i>
<p>Update</p>
</a>
</li>
<!-- SETTINGS Section -->
<li class="nav-item has-treeview mt-2 <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['admin_settings_company.php', 'admin_settings_localization.php', 'admin_settings_theme.php', 'admin_settings_security.php', 'admin_settings_mail.php', 'admin_settings_notification.php', 'admin_settings_default.php', 'admin_settings_invoice.php', 'admin_settings_quote.php', 'admin_settings_online_payment.php', 'admin_settings_online_payment_clients.php', 'admin_settings_project.php', 'admin_settings_ticket.php', 'admin_settings_ai.php', 'admin_settings_integration.php', 'admin_settings_telemetry.php', 'admin_settings_module.php']) ? 'menu-open' : ''); ?>">
<li class="nav-item has-treeview mt-2 <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['settings_company.php', 'settings_localization.php', 'settings_theme.php', 'settings_security.php', 'settings_mail.php', 'settings_notification.php', 'settings_default.php', 'settings_invoice.php', 'settings_quote.php', 'settings_online_payment.php', 'settings_online_payment_clients.php', 'settings_project.php', 'settings_ticket.php', 'settings_ai.php', 'identity_provider.php', 'settings_telemetry.php', 'settings_module.php']) ? 'menu-open' : ''); ?>">
<a href="#" class="nav-link">
<p>
SETTINGS
@@ -154,112 +184,92 @@
</a>
<ul class="nav nav-treeview">
<li class="nav-item">
<a href="admin_settings_company.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_company.php' ? 'active' : ''); ?>">
<a href="settings_company.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_company.php' ? 'active' : ''); ?>">
<i class="nav-icon fa fa-briefcase"></i>
<p>Company Details</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_localization.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_localization.php' ? 'active' : ''); ?>">
<a href="settings_localization.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_localization.php' ? 'active' : ''); ?>">
<i class="nav-icon fa fa-globe"></i>
<p>Localization</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_theme.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_theme.php' ? 'active' : ''); ?>">
<a href="settings_theme.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_theme.php' ? 'active' : ''); ?>">
<i class="nav-icon fa fa-paint-brush"></i>
<p>Theme</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_security.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_security.php' ? 'active' : ''); ?>">
<a href="settings_security.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_security.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-shield-alt"></i>
<p>Security</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_mail.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_mail.php' ? 'active' : ''); ?>">
<a href="settings_mail.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_mail.php' ? 'active' : ''); ?>">
<i class="nav-icon far fa-envelope"></i>
<p>Mail</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_notification.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_notification.php' ? 'active' : ''); ?>">
<a href="settings_notification.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_notification.php' ? 'active' : ''); ?>">
<i class="nav-icon far fa-bell"></i>
<p>Notifications</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_default.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_default.php' ? 'active' : ''); ?>">
<a href="settings_default.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_default.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-cogs"></i>
<p>Defaults</p>
</a>
</li>
<?php if ($config_module_enable_accounting) { ?>
<li class="nav-item">
<a href="admin_settings_invoice.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_invoice.php' ? 'active' : ''); ?>">
<a href="settings_invoice.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_invoice.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-file-invoice"></i>
<p>Invoice</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_quote.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_quote.php' ? 'active' : ''); ?>">
<a href="settings_quote.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_quote.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-comment-dollar"></i>
<p>Quote</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_online_payment.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_online_payment.php' ? 'active' : ''); ?>">
<i class="nav-icon far fa-credit-card"></i>
<p>Online Payment</p>
</a>
</li>
<?php if ($config_stripe_enable) { ?>
<li class="nav-item">
<a href="admin_settings_online_payment_clients.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_online_payment_clients.php' ? 'active' : ''); ?>">
<i class="nav-icon far fa-credit-card"></i>
<p>Payment/Stripe Clients</p>
</a>
</li>
<?php } ?>
<?php } ?>
<?php if ($config_module_enable_ticketing) { ?>
<li class="nav-item">
<a href="admin_settings_project.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_project.php' ? 'active' : ''); ?>">
<a href="settings_project.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_project.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-project-diagram"></i>
<p>Project</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_ticket.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_ticket.php' ? 'active' : ''); ?>">
<a href="settings_ticket.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_ticket.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-life-ring"></i>
<p>Ticket</p>
</a>
</li>
<?php } ?>
<li class="nav-item">
<a href="admin_settings_ai.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_ai.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-robot"></i>
<p>AI</p>
</a>
</li>
<!-- Currently the only integration is the client portal SSO -->
<?php if ($config_client_portal_enable) { ?>
<li class="nav-item">
<a href="admin_settings_integration.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_integration.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-plug"></i>
<p>Integrations</p>
<a href="identity_provider.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'identity_provider.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-fingerprint"></i>
<p>Identity Provider</p>
</a>
</li>
<?php } ?>
<li class="nav-item">
<a href="admin_settings_telemetry.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_telemetry.php' ? 'active' : ''); ?>">
<a href="settings_telemetry.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_telemetry.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-satellite-dish"></i>
<p>Telemetry</p>
</a>
</li>
<li class="nav-item">
<a href="admin_settings_module.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'admin_settings_module.php' ? 'active' : ''); ?>">
<a href="settings_module.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'settings_module.php' ? 'active' : ''); ?>">
<i class="nav-icon fas fa-cube"></i>
<p>Modules</p>
</a>

4
admin/index.php Normal file
View File

@@ -0,0 +1,4 @@
<?php
header('Location: users.php');

18
admin_mail_queue.php → admin/mail_queue.php
View File

@@ -6,9 +6,6 @@ $order = "DESC";
require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM email_queue
@@ -177,12 +174,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<td><?php echo $email_status_display; ?></td>
<td><?php echo $email_attempts; ?></td>
<td class="text-center">
<a class="btn btn-sm btn-secondary" href="#"
data-toggle = "ajax-modal"
data-modal-size = "lg"
data-ajax-url = "ajax/ajax_admin_mail_queue_message_view.php"
data-ajax-id = "<?php echo $email_id; ?>"
>
<a class="btn btn-sm btn-secondary ajax-modal" href="#"
data-modal-size="lg"
data-modal-url="modals/mail_queue/mail_queue_message_view.php?id=<?= $email_id ?>">
<i class="fas fa-fw fa-eye"></i>
</a>
@@ -208,11 +202,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div>
</form>
<?php require_once "includes/filter_footer.php"; ?>
<?php require_once "../includes/filter_footer.php"; ?>
</div>
</div>
<script src="js/bulk_actions.js"></script>
<script src="../js/bulk_actions.js"></script>
<?php
require_once "includes/footer.php";
require_once "../includes/footer.php";

73
admin/modals/ai/ai_model_add.php Normal file
View File

@@ -0,0 +1,73 @@
<div class="form-group">
<div class="modal" id="addAIModelModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>Add AI Model</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<select class="form-control select2" name="provider" required>
<option value="">- Select an AI Provider -</option>
<?php
$sql_ai_providers = mysqli_query($mysqli, "SELECT * FROM ai_providers");
while ($row = mysqli_fetch_array($sql_ai_providers)) {
$ai_provider_id = intval($row['ai_provider_id']);
$ai_provider_name = nullable_htmlentities($row['ai_provider_name']);
?>
<option value="<?php echo $ai_provider_id; ?>"><?php echo $ai_provider_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Model Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="model" placeholder="ex gpt-4">
</div>
</div>
<div class="form-group">
<label>Use Case <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-th-list"></i></span>
</div>
<select class="form-control select2" name="use_case">
<option>General</option>
<option>Tickets</option>
<option>Documentation</option>
</select>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="8" name="prompt" placeholder="Enter a model prompt:"></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_ai_model" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

90
admin/modals/ai/ai_model_edit.php Normal file
View File

@@ -0,0 +1,90 @@
<?php
require_once '../../../includes/modal_header.php';
$model_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM ai_models WHERE ai_model_id = $model_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$ai_model_ai_provider_id = intval($row['ai_model_ai_provider_id']);
$model_id = intval($row['ai_model_id']);
$model_name = nullable_htmlentities($row['ai_model_name']);
$use_case = nullable_htmlentities($row['ai_model_use_case']);
$prompt = nullable_htmlentities($row['ai_model_prompt']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>Editing: <strong><?php echo $model_name; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="model_id" value="<?php echo $model_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<select class="form-control select2" name="provider" required>
<option value="">- Select an AI Provider -</option>
<?php
$sql_ai_providers = mysqli_query($mysqli, "SELECT * FROM ai_providers");
while ($row = mysqli_fetch_array($sql_ai_providers)) {
$ai_provider_id = intval($row['ai_provider_id']);
$ai_provider_name = nullable_htmlentities($row['ai_provider_name']);
?>
<option <?php if ($ai_provider_id = $ai_model_ai_provider_id) { echo "selected"; } ?> value="<?php echo $ai_provider_id; ?>"><?php echo $ai_provider_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Model Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="model" value="<?php echo $model_name; ?>" placeholder="ex gpt-4">
</div>
</div>
<div class="form-group">
<label>Use Case <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-th-list"></i></span>
</div>
<select class="form-control select2" name="use_case">
<option <?php if ($use_case == 'General') { echo "selected"; } ?>>General</option>
<option <?php if ($use_case == 'Tickets') { echo "selected"; } ?>>Tickets</option>
<option <?php if ($use_case == 'Documentation') { echo "selected"; } ?>>Documentation</option>
</select>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="8" name="prompt" placeholder="Enter a model prompt:"><?php echo $prompt; ?></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_ai_model" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

54
admin/modals/ai/ai_provider_add.php Normal file
View File

@@ -0,0 +1,54 @@
<div class="form-group">
<div class="modal" id="addAIProviderModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>New AI Provider</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="provider" placeholder="ex OpenAI">
</div>
</div>
<div class="form-group">
<label>URL <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="url" class="form-control" name="url" placeholder="ex https://ai.company.ext/api">
</div>
</div>
<div class="form-group">
<label>API Key</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="api_key" placeholder="Enter API key here">
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_ai_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

69
admin/modals/ai/ai_provider_edit.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
require_once '../../../includes/modal_header.php';
$provider_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM ai_providers WHERE ai_provider_id = $provider_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$provider_name = nullable_htmlentities($row['ai_provider_name']);
$url = nullable_htmlentities($row['ai_provider_api_url']);
$key = nullable_htmlentities($row['ai_provider_api_key']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>Editing: <strong><?php echo $provider_name; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="provider_id" value="<?php echo $provider_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="provider" value="<?php echo $provider_name; ?>" placeholder="ex OpenAI">
</div>
</div>
<div class="form-group">
<label>URL <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="url" class="form-control" name="url" value="<?php echo $url; ?>" placeholder="ex https://ai.company.ext/api">
</div>
</div>
<div class="form-group">
<label>API Key</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="api_key" value="<?php echo $key; ?>" placeholder="Enter API key here">
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_ai_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

8
modals/admin_api_key_add_modal.php → admin/modals/api/api_key_add.php
View File

@@ -4,15 +4,15 @@ $decryptPW = randomString(160);
?>
<div class="modal" id="addApiKeyModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-key mr-2"></i>New Key</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
@@ -111,7 +111,7 @@ $decryptPW = randomString(160);
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_api_key" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

48
admin/modals/category/category_add.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
require_once '../../../includes/modal_header.php';
$category = nullable_htmlentities($_GET['category']);
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-list-ul mr-2"></i>New <strong><?= nullable_htmlentities($category) ?></strong> Category</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo ($category); ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list-ul"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Category name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<label>Color <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-paint-brush"></i></span>
</div>
<input type="color" class="form-control col-3" name="color" required>
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

10
ajax/ajax_category_edit.php → admin/modals/category/category_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$category_id = intval($_GET['id']);
@@ -14,7 +14,7 @@ $category_type = nullable_htmlentities($row['category_type']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-list-ul mr-2"></i>Editing category: <strong><?php echo $category_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -23,7 +23,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="category_id" value="<?php echo $category_id; ?>">
<input type="hidden" name="type" value="<?php echo $category_type; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -46,11 +46,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

8
modals/custom_field_create_modal.php → admin/modals/custom_field/custom_field_create.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="createCustomFieldModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-th-list mr-2"></i>Create <?php echo nullable_htmlentities($table); ?> field</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -10,7 +10,7 @@
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="table" value="<?php echo nullable_htmlentities($table); ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Label <strong class="text-danger">*</strong></label>
@@ -31,7 +31,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="create_custom_field" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

8
modals/custom_field_edit_modal.php → admin/modals/custom_field/custom_field_edit.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="editCustomFieldModal<?php echo $custom_field_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-th-list mr-2"></i>Editing custom field: <strong><?php echo $custom_field_label; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="custom_field_id" value="<?php echo $custom_field_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Label <strong class="text-danger">*</strong></label>
@@ -30,7 +30,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_custom_field" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

8
modals/admin_custom_link_add_modal.php → admin/modals/custom_link/custom_link_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addLinkModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-external-link-alt mr-2"></i>New Custom Link</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -71,7 +71,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_custom_link" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

10
ajax/ajax_custom_link_edit.php → admin/modals/custom_link/custom_link_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$custom_link_id = intval($_GET['id']);
@@ -17,7 +17,7 @@ $custom_link_location = intval($row['custom_link_location']);
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-external-link-alt mr-2"></i>Editing link: <strong><?php echo $custom_link_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -27,7 +27,7 @@ ob_start();
<input type="hidden" name="custom_link_id" value="<?php echo $custom_link_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -89,11 +89,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_custom_link" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

8
modals/admin_document_template_add_modal.php → admin/modals/document_template/document_template_add.php
View File

@@ -1,14 +1,14 @@
<div class="modal" id="addDocumentTemplateModal" tabindex="-1">
<div class="modal-dialog modal-xl">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Creating Document Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<input type="text" class="form-control" name="name" placeholder="Template name" maxlength="200">
@@ -40,7 +40,7 @@
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_document_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>

47
admin/modals/document_template/document_template_edit.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
require_once '../../../includes/modal_header.php';
$document_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_template_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_template_id" value="<?php echo $document_template_id; ?>">
<div class="modal-body">
<div class="form-group">
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_template_name; ?>" placeholder="Name" required>
</div>
<div class="form-group">
<textarea class="form-control tinymce" name="content"><?php echo $document_template_content; ?></textarea>
</div>
<div class="form-group">
<input type="text" class="form-control" name="description" value="<?php echo $document_template_description; ?>" placeholder="Short summary">
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_document_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

14
ajax/ajax_admin_mail_queue_message_view.php → admin/modals/mail_queue/mail_queue_message_view.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
@@ -9,7 +9,7 @@ if (!isset($session_is_admin) || !$session_is_admin) {
$email_id = intval($_GET['id']);
//Initialize the HTML Purifier to prevent XSS
require "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
require "../../../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
@@ -43,13 +43,13 @@ if ($email_status == 0) {
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class='fas fa-fw fa-envelope-open mr-2'></i><strong><?php echo $email_subject; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<button type="button" class="close text-light" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white">
<div class="modal-body">
<div class="row">
<div class="col-md-1">
<span class="text-secondary">From:</span>
@@ -73,7 +73,7 @@ ob_start();
</div>
</div>
<script src="../js/pretty_content.js"></script>
<script src="../../js/pretty_content.js"></script>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

37
admin/modals/payment_method/payment_method_add.php Normal file
View File

@@ -0,0 +1,37 @@
<div class="modal" id="addPaymentMethodModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Creating: <strong>Payment Method</strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Payment method name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="3" name="description" placeholder="Enter a description..."></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_payment_method" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

51
admin/modals/payment_method/payment_method_edit.php Normal file
View File

@@ -0,0 +1,51 @@
<?php
require_once '../../../includes/modal_header.php';
$payment_method_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM payment_methods WHERE payment_method_id = $payment_method_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$payment_method_id = intval($row['payment_method_id']);
$payment_method_name = nullable_htmlentities($row['payment_method_name']);
$payment_method_description = nullable_htmlentities($row['payment_method_description']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Editing: <strong><?php echo $payment_method_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
</div>
<input type="text" class="form-control" name="name" value="<?php echo $payment_method_name; ?>" placeholder="Payment method name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="3" name="description" placeholder="Enter a description..."><?php echo $payment_method_description; ?></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_payment_method" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

103
admin/modals/payment_provider/payment_provider_add.php Normal file
View File

@@ -0,0 +1,103 @@
<div class="form-group">
<div class="modal" id="addPaymentProviderModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Add Payment Provider</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="alert alert-info">
An income account named after the provider will always be created and used for income of paid invoices.<br>
If "Enable Expense" option is enabled, a matching vendor will also be automatically created for expense tracking. Additionally, an expense category named "Payment Processing" will be created.
</div>
<div class="form-group">
<label>Provider <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
</div>
<select class="form-control select2" name="provider">
<option>Stripe</option>
</select>
</div>
</div>
<div class="form-group">
<label>Publishable key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)">
</div>
</div>
<div class="form-group">
<label>Secret key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)">
</div>
</div>
<div class="form-group">
<label>Threshold</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="threshold" placeholder="1000.00">
</div>
<small class="form-text text-muted">Will not show as an option at Checkout if above this number</small>
</div>
<hr>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="enable_expense" checked value="1" id="enableExpenseSwitch">
<label class="custom-control-label" for="enableExpenseSwitch">Enable Expense</label>
</div>
</div>
<div class="form-group">
<label>Percentage Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" placeholder="Enter Percentage">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
<div class="form-group">
<label>Flat Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" placeholder="0.030">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_payment_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Add</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

107
admin/modals/payment_provider/payment_provider_edit.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
require_once '../../../includes/modal_header.php';
$provider_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM payment_providers WHERE payment_provider_id = $provider_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$provider_name = nullable_htmlentities($row['payment_provider_name']);
$public_key = nullable_htmlentities($row['payment_provider_public_key']);
$private_key = nullable_htmlentities($row['payment_provider_private_key']);
$account_id = nullable_htmlentities($row['payment_provider_account']);
$threshold = floatval($row['payment_provider_threshold']);
$vendor_id = nullable_htmlentities($row['payment_provider_expense_vendor']);
$category_id = nullable_htmlentities($row['payment_provider_expense_category']);
$percent_fee = floatval($row['payment_provider_expense_percentage_fee']) * 100;
$flat_fee = floatval($row['payment_provider_expense_flat_fee']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Editing: <strong><?php echo $provider_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="provider_id" value="<?php echo $provider_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Publishable key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)" value="<?php echo $public_key; ?>">
</div>
</div>
<div class="form-group">
<label>Secret key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)" value="<?php echo $private_key; ?>">
</div>
</div>
<div class="form-group">
<label>Threshold</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="Threshold" placeholder="1000.00" value="<?php echo $threshold; ?>">
</div>
<small class="form-text text-muted">Will not show as an option at Checkout if above this number</small>
</div>
<hr>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="enable_expense" <?php if ($vendor_id) { echo "checked"; } ?> value="1" id="enableEditExpenseSwitch">
<label class="custom-control-label" for="enableEditExpenseSwitch">Enable Expense</label>
</div>
<small>(Category: Payment Processing -- Vendor: <?php echo $provider_name; ?></small>
</div>
<div class="form-group">
<label>Percentage Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" value="<?php echo $percent_fee; ?>" placeholder="Enter Percentage">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
<div class="form-group">
<label>Flat Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" value="<?php echo $flat_fee; ?>" placeholder="0.030">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_payment_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

8
modals/admin_project_template_add_modal.php → admin/modals/project_template/project_template_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addProjectTemplateModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-project-diagram mr-2"></i>Creating Project Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Project Template Name <strong class="text-danger">*</strong></label>
<div class="input-group">
@@ -31,7 +31,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_project_template" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

8
modals/admin_project_template_edit_modal.php → admin/modals/project_template/project_template_edit.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="editProjectTemplateModal<?php echo $project_template_id; ?>" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-project-diagram mr-2"></i>Editing Project Template: <strong><?php echo $project_template_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -10,7 +10,7 @@
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="project_template_id" value="<?php echo $project_template_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Project Template Name <strong class="text-danger">*</strong></label>
<div class="input-group">
@@ -33,7 +33,7 @@
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_project_template" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

8
modals/admin_project_template_ticket_template_add_modal.php → admin/modals/project_template/project_template_ticket_template_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addProjectTemplateTicketTemplateModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-life-ring mr-2"></i>Adding Ticket Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="project_template_id" value="<?php echo $project_template_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Ticket Template <strong class="text-danger">*</strong></label>
@@ -54,7 +54,7 @@
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_ticket_template_to_project_template" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Add</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

8
modals/admin_role_add_modal.php → admin/modals/role/role_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addRoleModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-shield mr-2"></i>Add new role</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="tab-content">
<div class="form-group">
@@ -48,7 +48,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_role" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

10
ajax/ajax_role_edit.php → admin/modals/role/role_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$role_id = intval($_GET['id']);
@@ -35,7 +35,7 @@ if (empty($user_names_string)) {
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-shield mr-2"></i>Editing role:
<strong><?php echo $role_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
@@ -45,7 +45,7 @@ ob_start();
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="role_id" value="<?php echo $role_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
@@ -143,11 +143,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_role" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

8
modals/admin_software_template_add_modal.php → admin/modals/software_template/software_template_add.php
View File

@@ -1,14 +1,14 @@
<div class="modal" id="addSoftwareTemplateModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-cube mr-2"></i>New License Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Template Name <strong class="text-danger">*</strong></label>
@@ -73,7 +73,7 @@
<textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"></textarea>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_software_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

28
ajax/ajax_software_template_edit.php → admin/modals/software_template/software_template_edit.php
View File

@@ -1,31 +1,31 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$software_id = intval($_GET['id']);
$software_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = $software_id LIMIT 1");
$sql = mysqli_query($mysqli, "SELECT * FROM software_templates WHERE software_template_id = $software_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$software_name = nullable_htmlentities($row['software_name']);
$software_version = nullable_htmlentities($row['software_version']);
$software_description = nullable_htmlentities($row['software_description']);
$software_type = nullable_htmlentities($row['software_type']);
$software_license_type = nullable_htmlentities($row['software_license_type']);
$software_notes = nullable_htmlentities($row['software_notes']);
$software_name = nullable_htmlentities($row['software_template_name']);
$software_version = nullable_htmlentities($row['software_template_version']);
$software_description = nullable_htmlentities($row['software_template_description']);
$software_type = nullable_htmlentities($row['software_template_type']);
$software_license_type = nullable_htmlentities($row['software_template_license_type']);
$software_notes = nullable_htmlentities($row['software_template_notes']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-cube mr-2"></i>Editing template: <strong><?php echo $software_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="software_id" value="<?php echo $software_id; ?>">
<div class="modal-body bg-white">
<input type="hidden" name="software_template_id" value="<?php echo $software_template_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Template Name <strong class="text-danger">*</strong></label>
@@ -89,11 +89,11 @@ ob_start();
<textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"><?php echo $software_notes; ?></textarea>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_software_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

94
admin/modals/tag/tag_add.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
require_once '../../../includes/modal_header.php';
$type_display = '';
if (isset($_GET['type'])) {
$type = intval($_GET['type']);
if ($type === 1) {
$type_display = "Client";
} elseif($type === 2) {
$type_display = "Location";
} elseif ($type === 3) {
$type_display = "Contact";
} elseif ($type === 4) {
$type_display = "Credential";
}
}
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-tag mr-2"></i>New <strong><?= $type_display ?></strong> Tag</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo $type; ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Tag name" maxlength="200" required autofocus>
</div>
</div>
<?php if (isset($_GET['type'])) { ?>
<input type="hidden" name="type" value="<?= $type ?>">
<?php } else { ?>
<div class="form-group">
<label>Type <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-th"></i></span>
</div>
<select class="form-control select2" name="type" required>
<option value="">- Type -</option>
<option value="1">Client Tag</option>
<option value="2">Location Tag</option>
<option value="3">Contact Tag</option>
<option value="4">Credential Tag</option>
</select>
</div>
</div>
<?php } ?>
<div class="form-group">
<label>Color <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-paint-brush"></i></span>
</div>
<input type="color" class="form-control col-3" name="color" required>
</div>
</div>
<div class="form-group">
<label>Icon</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-image"></i></span>
</div>
<input type="text" class="form-control" name="icon" placeholder="Icon ex handshake">
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

10
ajax/ajax_tag_edit.php → admin/modals/tag/tag_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$tag_id = intval($_GET['id']);
@@ -15,7 +15,7 @@ $tag_icon = nullable_htmlentities($row['tag_icon']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-tag mr-2"></i>Editing tag: <strong><?php echo $tag_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -23,7 +23,7 @@ ob_start();
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="tag_id" value="<?php echo $tag_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -72,11 +72,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

8
modals/admin_tax_add_modal.php → admin/modals/tax/tax_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addTaxModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header text-white">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-balance-scale mr-2"></i>New Tax</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span aria-hidden="true">&times;</span>
@@ -10,7 +10,7 @@
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<input type="text" class="form-control" name="name" placeholder="Tax name" maxlength="200" required autofocus>
@@ -20,7 +20,7 @@
<input type="number" min="0" step="any" class="form-control col-md-4" name="percent">
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_tax" class="btn btn-primary text-bold"><i class="fa fa-check mr- 2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

10
ajax/ajax_tax_edit.php → admin/modals/tax/tax_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$tax_id = intval($_GET['id']);
@@ -13,7 +13,7 @@ $tax_percent = floatval($row['tax_percent']);
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-balance-scale mr-2"></i>Editing tax: <strong><?php echo $tax_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -23,7 +23,7 @@ ob_start();
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="tax_id" value="<?php echo $tax_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -36,11 +36,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_tax" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

8
modals/admin_ticket_status_add_modal.php → admin/modals/ticket_status/ticket_status_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addTicketStatusModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-info-circle mr-2"></i>New Ticket Status</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -32,7 +32,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_ticket_status" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

25
ajax/ajax_custom_ticket_status_edit.php → admin/modals/ticket_status/ticket_status_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$ticket_status_id = intval($_GET['id']);
@@ -8,13 +8,14 @@ $sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_
$row = mysqli_fetch_array($sql);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_status_order = intval($row['ticket_status_order']);
$ticket_status_active = intval($row['ticket_status_active']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-info-circle mr-2"></i>Editing Ticket Status: <strong><?php echo $ticket_status_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -22,7 +23,7 @@ ob_start();
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_status_id" value="<?php echo $ticket_status_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -30,7 +31,7 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $ticket_status_name; ?>" required>
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $ticket_status_name; ?>" required <?php if ($ticket_status_id <= 5) { echo "readonly"; } ?>>
</div>
</div>
@@ -44,6 +45,16 @@ ob_start();
</div>
</div>
<div class="form-group">
<label>Order</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-sort-numeric-down"></i></span>
</div>
<input type="number" class="form-control" name="order" placeholder="Leave blank for no order" value="<?php echo $ticket_status_order; ?>">
</div>
</div>
<div class="form-group">
<label>Status <strong class="text-danger">*</strong></label>
<div class="input-group">
@@ -52,17 +63,17 @@ ob_start();
</div>
<select class="form-control select2" name="status" required>
<option <?php if ($ticket_status_active == 1) { echo "selected"; } ?> value="1">Active</option>
<option <?php if ($ticket_status_active == 0) { echo "selected"; } ?> value="0">Disabled</option>
<option <?php if ($ticket_status_active == 0) { echo "selected"; } ?> value="0" <?php if ($ticket_status_id <= 5) { echo "disabled"; } ?>>Inactive</option>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_ticket_status" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

10
modals/admin_ticket_template_add_modal.php → admin/modals/ticket_template/ticket_template_add.php
View File

@@ -1,14 +1,14 @@
<div class="modal" id="addTicketTemplateModal" tabindex="-1">
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>Creating Ticket Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Template Name <strong class="text-danger">*</strong></label>
@@ -31,7 +31,7 @@
</div>
<div class="form-group">
<textarea class="form-control tinymceTicket<?php if($config_ai_enable) { echo "AI"; } ?>" name="details"></textarea>
<textarea class="form-control tinymceTicket" name="details"></textarea>
</div>
<div class="form-group">
@@ -65,7 +65,7 @@
</div>
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_ticket_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

10
modals/admin_ticket_template_edit_modal.php → admin/modals/ticket_template/ticket_template_edit.php
View File

@@ -1,8 +1,8 @@
<div class="modal" id="editTicketTemplateModal" tabindex="-1">
<div class="modal-dialog modal-lg">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>Editing Ticket Template: <?php echo $ticket_template_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -10,7 +10,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_template_id" value="<?php echo $ticket_template_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Template Name <strong class="text-danger">*</strong></label>
@@ -33,7 +33,7 @@
</div>
<div class="form-group">
<textarea class="form-control tinymceTicket<?php if($config_ai_enable) { echo "AI"; } ?>" name="details"><?php echo $ticket_template_details; ?></textarea>
<textarea class="form-control tinymceTicket" name="details"><?php echo $ticket_template_details; ?></textarea>
</div>
<div class="form-group">
@@ -47,7 +47,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_ticket_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

12
ajax/ajax_ticket_template_task_edit.php → admin/modals/ticket_template/ticket_template_task_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$task_template_id = intval($_GET['id']);
@@ -10,14 +10,14 @@ $row = mysqli_fetch_array($sql);
$task_template_name = nullable_htmlentities($row['task_template_name']);
$task_template_order = intval($row['task_template_order']);
$task_template_completion_estimate = intval($row['task_template_completion_estimate']);
$task_template_description = nullable_htmlentities($row['task_template_description']);
//$task_template_description = nullable_htmlentities($row['task_template_description']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-tasks mr-2"></i>Editing task</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -26,7 +26,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="task_template_id" value="<?php echo $task_template_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
@@ -50,7 +50,7 @@ ob_start();
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_ticket_template_task" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
@@ -59,4 +59,4 @@ ob_start();
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

10
ajax/ajax_user_edit.php → admin/modals/user/ajax_user_edit.php
View File

@@ -1,6 +1,6 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../includes/modal_header.php';
$user_id = intval($_GET['id']);
@@ -28,7 +28,7 @@ while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-edit mr-2"></i>Editing user:
<strong><?php echo $user_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
@@ -38,7 +38,7 @@ ob_start();
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
@@ -194,11 +194,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="edit_user" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../includes/modal_footer.php';

8
modals/admin_user_add_modal.php → admin/modals/user/user_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addUserModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-plus mr-2"></i>New User</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
@@ -146,7 +146,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_user" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

0
modals/admin_user_all_reset_password_modal.php → admin/modals/user/user_all_reset_password.php
View File

0
modals/admin_user_archive_modal.php → admin/modals/user/user_archive.php
View File

204
admin/modals/user/user_edit.php Normal file
View File

@@ -0,0 +1,204 @@
<?php
require_once '../../../includes/modal_header.php';
$user_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM users
LEFT JOIN user_settings ON users.user_id = user_settings.user_id
WHERE users.user_id = $user_id LIMIT 1"
);
$row = mysqli_fetch_array($sql);
$user_name = nullable_htmlentities($row['user_name']);
$user_email = nullable_htmlentities($row['user_email']);
$user_avatar = nullable_htmlentities($row['user_avatar']);
$user_token = nullable_htmlentities($row['user_token']);
$user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_role_id = intval($row['user_role_id']);
$user_initials = nullable_htmlentities(initials($user_name));
// Get User Client Access Permissions
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_client_permissions WHERE user_id = $user_id");
$client_access_array = [];
while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
$client_access_array[] = intval($row['client_id']);
}
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-edit mr-2"></i>Editing user:
<strong><?php echo $user_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-user-details<?php echo $user_id; ?>">Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-user-access<?php echo $user_id; ?>">Restrict Access</a>
</li>
</ul>
<hr>
<div class="tab-content">
<div class="tab-pane fade show active" id="pills-user-details<?php echo $user_id; ?>">
<center class="mb-3">
<?php if (!empty($user_avatar)) { ?>
<img class="img-fluid" src="<?php echo "uploads/users/$user_id/$user_avatar"; ?>">
<?php } else { ?>
<span class="fa-stack fa-4x">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $user_initials; ?></span>
</span>
<?php } ?>
</center>
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Full Name" maxlength="200"
value="<?php echo $user_name; ?>" required>
</div>
</div>
<div class="form-group">
<label>Email <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
</div>
<input type="email" class="form-control" name="email" placeholder="Email Address" maxlength="200"
value="<?php echo $user_email; ?>" required>
</div>
</div>
<div class="form-group">
<label>New Password</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" data-toggle="password" name="new_password"
placeholder="Leave Blank For No Password Change" autocomplete="new-password">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>
<div class="form-group">
<label>Role <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
</div>
<select class="form-control select2" name="role" required>
<?php
$sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_archived_at IS NULL");
while ($row = mysqli_fetch_array($sql_user_roles)) {
$role_id = intval($row['role_id']);
$role_name = nullable_htmlentities($row['role_name']);
?>
<option <?php if ($role_id == $user_role_id) {echo "selected";} ?> value="<?php echo $role_id; ?>"><?php echo $role_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Avatar</label>
<input type="file" class="form-control-file" accept="image/*" name="file">
</div>
<div class="form-group">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="forceMFACheckBox<?php echo $user_id; ?>" name="force_mfa" value="1" <?php if($user_config_force_mfa == 1){ echo "checked"; } ?>>
<label for="forceMFACheckBox<?php echo $user_id; ?>" class="custom-control-label">
Force MFA
</label>
</div>
</div>
<?php if (!empty($user_token)) { ?>
<div class="form-group">
<label>2FA</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-id-card"></i></span>
</div>
<select class="form-control" name="2fa">
<option value="">Keep enabled</option>
<option value="disable">Disable</option>
</select>
</div>
</div>
<?php } ?>
</div>
<div class="tab-pane fade" id="pills-user-access<?php echo $user_id; ?>">
<div class="alert alert-info">
Check boxes to authorize user client access. No boxes grant full client access. Admin users are unaffected.
</div>
<ul class="list-group">
<li class="list-group-item bg-dark">
<div class="form-check">
<input type="checkbox" class="form-check-input" onclick="this.closest('.tab-pane').querySelectorAll('.client-checkbox').forEach(checkbox => checkbox.checked = this.checked);">
<label class="form-check-label ml-3"><strong>Restrict Access to Clients</strong></label>
</div>
</li>
<?php
$sql_client_select = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql_client_select)) {
$client_id_select = intval($row['client_id']);
$client_name_select = nullable_htmlentities($row['client_name']);
?>
<li class="list-group-item">
<div class="form-check">
<input type="checkbox" class="form-check-input client-checkbox" name="clients[]" value="<?php echo $client_id_select; ?>" <?php if (in_array($client_id_select, $client_access_array)) { echo "checked"; } ?>>
<label class="form-check-label ml-2"><?php echo $client_name_select; ?></label>
</div>
</li>
<?php } ?>
</ul>
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_user" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../../../includes/modal_footer_new.php";

8
modals/admin_user_export_modal.php → admin/modals/user/user_export.php
View File

@@ -1,17 +1,17 @@
<div class="modal" id="exportUserModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-download mr-2"></i>Export Users to CSV</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<div class="modal-body bg-white">
<div class="modal-body">
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="export_users_csv" class="btn btn-primary text-bold"><i class="fas fa-fw fa-download mr-2"></i>Download CSV</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>

8
modals/admin_user_invite_modal.php → admin/modals/user/user_invite.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="userInviteModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-plus"></i>Invite User</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -9,7 +9,7 @@
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<div class="form-group">
<label>Email <strong class="text-danger">*</strong></label>
@@ -35,7 +35,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="invite_user" class="btn btn-primary text-bold"><i class="fas fa-paper-plane mr-2"></i>Send Invite</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

21
modals/admin_vendor_template_add_modal.php → admin/modals/vendor_template/vendor_template_add.php
View File

@@ -1,7 +1,7 @@
<div class="modal" id="addVendorTemplateModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content bg-dark">
<div class="modal-header">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-building mr-2"></i>New Vendor Template</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
@@ -11,7 +11,7 @@
<input type="hidden" name="client_id" value="<?php if (isset($_GET['client_id'])) { echo $client_id; } else { echo 0; } ?>">
<div class="modal-body bg-white">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
@@ -75,20 +75,23 @@
<div class="tab-pane fade" id="pills-support">
<label>Support Phone</label>
<label>Support Phone / <span class="text-secondary">Extension</span></label>
<div class="form-row">
<div class="col-8">
<div class="col-9">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
<input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
</div>
<div class="col-4">
<input type="text" class="form-control" name="extension" placeholder="Prompts" maxlength="200">
<div class="col-3">
<div class="form-group">
<input type="text" class="form-control" name="extension" placeholder="ext." maxlength="200">
</div>
</div>
</div>
@@ -155,7 +158,7 @@
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" name="add_vendor_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create Template</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>

73
ajax/ajax_vendor_template_edit.php → admin/modals/vendor_template/vendor_template_edit.php
View File

@@ -1,48 +1,48 @@
<?php
require_once '../includes/ajax_header.php';
require_once '../../../includes/modal_header.php';
$vendor_id = intval($_GET['id']);
$vendor_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_id = $vendor_id LIMIT 1");
$sql = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_id = $vendor_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_description = nullable_htmlentities($row['vendor_description']);
$vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
$vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_website = nullable_htmlentities($row['vendor_website']);
$vendor_hours = nullable_htmlentities($row['vendor_hours']);
$vendor_sla = nullable_htmlentities($row['vendor_sla']);
$vendor_code = nullable_htmlentities($row['vendor_code']);
$vendor_notes = nullable_htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
$vendor_name = nullable_htmlentities($row['vendor_template_name']);
$vendor_description = nullable_htmlentities($row['vendor_template_description']);
$vendor_account_number = nullable_htmlentities($row['vendor_template_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_template_contact_name']);
$vendor_phone_country_code = intval($row['vendor_template_phone_country_code']);
$vendor_phone = formatPhoneNumber($row['vendor_template_phone'], $vendor_phone_country_code);
$vendor_extension = nullable_htmlentities($row['vendor_template_extension']);
$vendor_email = nullable_htmlentities($row['vendor_template_email']);
$vendor_website = nullable_htmlentities($row['vendor_template_website']);
$vendor_hours = nullable_htmlentities($row['vendor_template_hours']);
$vendor_sla = nullable_htmlentities($row['vendor_template_sla']);
$vendor_code = nullable_htmlentities($row['vendor_template_code']);
$vendor_notes = nullable_htmlentities($row['vendor_template_notes']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-building mr-2"></i>Editing vendor template: <strong><?php echo $vendor_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="vendor_id" value="<?php echo $vendor_id; ?>">
<div class="modal-body bg-white">
<input type="hidden" name="vendor_template_id" value="<?php echo $vendor_template_id; ?>">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $vendor_id; ?>">Details</a>
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $vendor_template_id; ?>">Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-support<?php echo $vendor_id; ?>">Support</a>
<a class="nav-link" data-toggle="pill" href="#pills-support<?php echo $vendor_template_id; ?>">Support</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $vendor_id; ?>">Notes</a>
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $vendor_template_id; ?>">Notes</a>
</li>
</ul>
@@ -52,7 +52,7 @@ ob_start();
<div class="tab-content">
<div class="tab-pane fade show active" id="pills-details<?php echo $vendor_id; ?>">
<div class="tab-pane fade show active" id="pills-details<?php echo $vendor_template_id; ?>">
<div class="form-group">
@@ -117,14 +117,14 @@ ob_start();
<div class="form-group">
<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="updateVendorsCheckbox<?php echo $vendor_id; ?>" name="update_base_vendors" value="1" >
<label class="custom-control-label" for="updateVendorsCheckbox<?php echo $vendor_id; ?>">Update All Base Vendors</label>
<input type="checkbox" class="custom-control-input" id="updateVendorsCheckbox<?php echo $vendor_template_id; ?>" name="update_base_vendors" value="1" >
<label class="custom-control-label" for="updateVendorsCheckbox<?php echo $vendor_template_id; ?>">Update All Base Vendors</label>
</div>
</div>
</div>
<div class="tab-pane fade" id="pills-support<?php echo $vendor_id; ?>">
<div class="tab-pane fade" id="pills-support<?php echo $vendor_template_id; ?>">
<label>Support Phone</label>
<div class="form-row">
@@ -134,17 +134,20 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4" value="<?php echo $vendor_phone_country_code; ?>">
<input type="tel" class="form-control" name="phone" value="<?php echo $vendor_phone; ?>">
<div class="input-group-append">
<div class="input-group-text">
<input type="checkbox" name="global_update_vendor_phone" value="1">
</div>
</div>
</div>
</div>
</div>
<div class="col-4">
<input type="text" class="form-control" name="extension" placeholder="Prompts" maxlength="200" value="<?php echo $vendor_extension; ?>">
<div class="input-group">
<input type="text" class="form-control" name="extension" placeholder="Prompts" maxlength="200" value="<?php echo $vendor_extension; ?>">
<div class="input-group-append">
<div class="input-group-text">
<input type="checkbox" name="global_update_vendor_phone" value="1">
</div>
</div>
</div>
</div>
</div>
@@ -225,7 +228,7 @@ ob_start();
</div>
<div class="tab-pane fade" id="pills-notes<?php echo $vendor_id; ?>">
<div class="tab-pane fade" id="pills-notes<?php echo $vendor_template_id; ?>">
<div class="form-group">
<textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"><?php echo $vendor_notes; ?></textarea>
@@ -241,11 +244,11 @@ ob_start();
</div>
</div>
<div class="modal-footer bg-white">
<div class="modal-footer">
<button type="submit" class="btn btn-primary text-bold" name="edit_vendor_template"><i class="fa fa-check mr-2"></i>Update Template</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
require_once '../../../includes/modal_footer.php';

102
admin/payment_method.php Normal file
View File

@@ -0,0 +1,102 @@
<?php
// Default Column Sortby Filter
$sort = "payment_method_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM payment_methods ORDER BY $sort $order");
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-credit-card mr-2"></i>Payment Methods</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addPaymentMethodModal"><i class="fas fa-plus mr-2"></i>Add Payment Method</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_method_name&order=<?php echo $disp; ?>">
Method <?php if ($sort == 'payment_method_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_method_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'payment_method_description') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_method_created_at&order=<?php echo $disp; ?>">
Created at <?php if ($sort == 'payment_method_created_at') { echo $order_icon; } ?>
</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$payment_method_id = intval($row['payment_method_id']);
$payment_method_name = nullable_htmlentities($row['payment_method_name']);
$payment_method_description = nullable_htmlentities($row['payment_method_description']);
$payment_method_created_at = nullable_htmlentities($row['payment_method_created_at']);
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/payment_method/payment_method_edit.php?id=<?= $payment_method_id ?>">
<?php echo $payment_method_name; ?>
</a>
</td>
<td><?php echo $payment_method_description; ?></td>
<td><?php echo $payment_method_created_at; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/payment_method/payment_method_edit.php?id=<?= $payment_method_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_payment_method=<?php echo $payment_method_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/payment_method/payment_method_add.php";
require_once "../includes/footer.php";

136
admin/payment_provider.php Normal file
View File

@@ -0,0 +1,136 @@
<?php
// Default Column Sortby Filter
$sort = "payment_provider_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM payment_providers
LEFT JOIN accounts ON payment_provider_account = account_id
LEFT JOIN vendors ON payment_provider_expense_vendor = vendor_id
LEFT JOIN categories ON payment_provider_expense_category = category_id
ORDER BY $sort $order"
);
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-credit-card mr-2"></i>Payment Providers</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addPaymentProviderModal"><i class="fas fa-plus mr-2"></i>Add Provider</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'payment_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=account_name&order=<?php echo $disp; ?>">
Expense / Income Account <?php if ($sort == 'account_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_provider_threshold&order=<?php echo $disp; ?>">
Threshold <?php if ($sort == 'payment_provider_threshold') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">
Expense Vendor <?php if ($sort == 'vendor_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=category_name&order=<?php echo $disp; ?>">
Expense Category <?php if ($sort == 'category_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark">Fee</a>
</th>
<th>
<a class="text-dark">Saved Payment Methods</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$provider_id = intval($row['payment_provider_id']);
$provider_name = nullable_htmlentities($row['payment_provider_name']);
$provider_description = nullable_htmlentities($row['payment_provider_description']);
$account_name = nullable_htmlentities($row['account_name']);
$threshold = floatval($row['payment_provider_threshold']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
$category = nullable_htmlentities($row['category_name']);
$percent_fee = floatval($row['payment_provider_expense_percentage_fee']) * 100;
$flat_fee = floatval($row['payment_provider_expense_flat_fee']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('saved_payment_id') AS saved_payment_count FROM client_saved_payment_methods WHERE saved_payment_provider_id = $provider_id"));
$saved_payment_count = intval($row['saved_payment_count']);
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/payment_provider/payment_provider_edit.php?id=<?= $provider_id ?>">
<?php echo $provider_name; ?>
</a>
<span class="text-secondary"><?php echo $provider_description; ?></span>
</td>
<td><?php echo $account_name; ?></td>
<td><?php echo numfmt_format_currency($currency_format, $threshold, $session_company_currency); ?></td>
<td><?php echo $vendor_name; ?></td>
<td><?php echo $category; ?></td>
<td><?php echo $percent_fee; ?> + <?php echo numfmt_format_currency($currency_format, $flat_fee, $session_company_currency); ?></td>
<td><?php echo $saved_payment_count; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/payment_provider/payment_provider_edit.php?id=<?= $provider_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?disable_payment_provicer=<?php echo $provider_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-thumbs-down mr-2"></i>Disable
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/payment_provider/payment_provider_add.php";
require_once "../includes/footer.php";

42
admin/post.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
/*
* ITFlow - Admin GET/POST request handler
*/
require_once "../config.php";
require_once "../functions.php";
require_once "../includes/check_login.php";
// Define a variable that we can use to only allow running post files via inclusion (prevents people/bots poking them)
define('FROM_POST_HANDLER', true);
// Determine which files we should load
// Parse URL & get the path
$path = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH);
// Get the base name (the page name)
$module = explode(".", basename($path))[0];
// Strip off any _details bits
$module = str_ireplace('_details', '', $module);
// Dynamically load admin-related module POST logic
if (isset($session_is_admin) && $session_is_admin) {
// As (almost) every admin setting is only changed from 1 page, we can dynamically load the relevant logic inside this single admin check IF statement
// To add a new admin POST request handler, add a file named after the admin page
// e.g. changes made on the page http://itflow/admin_ticket_statues.php will load the page admin/post/admin_ticket_statues.php to handle the changes
include_once "post/$module.php";
}
// Logout is the same for user and admin
require_once "../post/logout.php";
// TODO: Find a home for these
require_once "../post/ai.php";
require_once "../post/misc.php";

65
admin/post/ai_model.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Models ('ai_model')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_ai_model'])) {
validateCSRFToken($_POST['csrf_token']);
$provider_id = intval($_POST['provider']);
$model = sanitizeInput($_POST['model']);
$prompt = sanitizeInput($_POST['prompt']);
$use_case = sanitizeInput($_POST['use_case']);
mysqli_query($mysqli,"INSERT INTO ai_models SET ai_model_name = '$model', ai_model_prompt = '$prompt', ai_model_use_case = '$use_case', ai_model_ai_provider_id = $provider_id");
$ai_model_id = mysqli_insert_id($mysqli);
logAction("AI Model", "Create", "$session_name created AI Model $model");
flash_alert("AI Model <strong>$model</strong> created");
redirect();
}
if (isset($_POST['edit_ai_model'])) {
validateCSRFToken($_POST['csrf_token']);
$model_id = intval($_POST['model_id']);
$model = sanitizeInput($_POST['model']);
$prompt = sanitizeInput($_POST['prompt']);
$use_case = sanitizeInput($_POST['use_case']);
mysqli_query($mysqli,"UPDATE ai_models SET ai_model_name = '$model', ai_model_prompt = '$prompt', ai_model_use_case = '$use_case' WHERE ai_model_id = $model_id");
logAction("AI Model", "Edit", "$session_name edited AI Model $model");
flash_alert("AI Model <strong>$model</strong> edited");
redirect();
}
if (isset($_GET['delete_ai_model'])) {
validateCSRFToken($_GET['csrf_token']);
$model_id = intval($_GET['delete_ai_model']);
$model_name = sanitizeInput(getFieldById('ai_models', $model_id, 'ai_model_name'));
mysqli_query($mysqli,"DELETE FROM ai_models WHERE ai_model_id = $model_id");
logAction("AI Model", "Delete", "$session_name deleted AI Model $model_name");
flash_alert("AI Model <strong>$model_name</strong> deleted", 'error');
redirect();
}

65
admin/post/ai_provider.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Providers ('ai_provider')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_ai_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider = sanitizeInput($_POST['provider']);
$url = sanitizeInput($_POST['url']);
$model = sanitizeInput($_POST['model']);
$api_key = sanitizeInput($_POST['api_key']);
mysqli_query($mysqli,"INSERT INTO ai_providers SET ai_provider_name = '$provider', ai_provider_api_url = '$url', ai_provider_api_key = '$api_key'");
$ai_provider_id = mysqli_insert_id($mysqli);
logAction("AI Provider", "Create", "$session_name created AI Provider $provider");
flash_alert("AI Model <strong>$provider</strong> created");
redirect();
}
if (isset($_POST['edit_ai_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider_id = intval($_POST['provider_id']);
$provider = sanitizeInput($_POST['provider']);
$url = sanitizeInput($_POST['url']);
$api_key = sanitizeInput($_POST['api_key']);
mysqli_query($mysqli,"UPDATE ai_providers SET ai_provider_name = '$provider', ai_provider_api_url = '$url', ai_provider_api_key = '$api_key' WHERE ai_provider_id = $provider_id");
logAction("AI Provider", "Edit", "$session_name edited AI Provider $provider");
flash_alert("AI Model <strong>$provider</strong> edited");
redirect();
}
if (isset($_GET['delete_ai_provider'])) {
validateCSRFToken($_GET['csrf_token']);
$provider_id = intval($_GET['delete_ai_provider']);
$provider_name = sanitizeInput(getFieldById('ai_providers', $provider_id, 'ai_provider_name'));
mysqli_query($mysqli,"DELETE FROM ai_providers WHERE ai_provider_id = $provider_id");
logAction("AI Provider", "Delete", "$session_name deleted AI Provider $provider_name", 'error');
flash_alert("AI Provider <strong>$provider_name</strong> deleted", 'error');
redirect();
}

19
post/admin/admin_api.php → admin/post/api_keys.php
View File

@@ -23,12 +23,11 @@ if (isset($_POST['add_api_key'])) {
$api_key_id = mysqli_insert_id($mysqli);
// Logging
logAction("API Key", "Create", "$session_name created API key $name set to expire on $expire", $client_id, $api_key_id);
$_SESSION['alert_message'] = "API Key <strong>$name</strong> created";
flash_alert("API Key <strong>$name</strong> created");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -45,13 +44,11 @@ if (isset($_GET['delete_api_key'])) {
mysqli_query($mysqli,"DELETE FROM api_keys WHERE api_key_id = $api_key_id");
// Logging
logAction("API Key", "Delete", "$session_name deleted API key $name", $client_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "API Key <strong>$name</strong> deleted";
flash_alert("API Key <strong>$name</strong> deleted", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -75,18 +72,16 @@ if (isset($_POST['bulk_delete_api_keys'])) {
mysqli_query($mysqli, "DELETE FROM api_keys WHERE api_key_id = $api_key_id");
// Logging
logAction("API Key", "Delete", "$session_name deleted API key $name", $client_id);
}
// Logging
logAction("API Key", "Bulk Delete", "$session_name deleted $count API key(s)");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Deleted <strong>$count</strong> API keys(s)";
flash_alert("Deleted <strong>$count</strong> API keys(s)", 'error');
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

213
admin/post/backup.php Normal file
View File

@@ -0,0 +1,213 @@
<?php
/*
* ITFlow - GET/POST request handler for DB / master key backup
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
require_once "../includes/app_version.php";
if (isset($_GET['download_backup'])) {
validateCSRFToken($_GET['csrf_token']);
$timestamp = date('YmdHis');
$baseName = "itflow_$timestamp";
// === 0. Scoped cleanup ===
$cleanupFiles = [];
$registerTempFileForCleanup = function ($file) use (&$cleanupFiles) {
$cleanupFiles[] = $file;
};
register_shutdown_function(function () use (&$cleanupFiles) {
foreach ($cleanupFiles as $file) {
if (is_file($file)) {
@unlink($file);
}
}
});
// === 1. Local helper function: zipFolder
$zipFolder = function ($folderPath, $zipFilePath) {
$zip = new ZipArchive();
if ($zip->open($zipFilePath, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== TRUE) {
error_log("Failed to open zip file: $zipFilePath");
http_response_code(500);
exit("Internal Server Error: Cannot open zip archive.");
}
$folderPath = realpath($folderPath);
if (!$folderPath) {
error_log("Invalid folder path: $folderPath");
http_response_code(500);
exit("Internal Server Error: Invalid folder path.");
}
$files = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($folderPath),
RecursiveIteratorIterator::LEAVES_ONLY
);
foreach ($files as $file) {
if (!$file->isDir()) {
$filePath = $file->getRealPath();
$relativePath = substr($filePath, strlen($folderPath) + 1);
$zip->addFile($filePath, $relativePath);
}
}
$zip->close();
};
// === 2. Create all temp files
$sqlFile = tempnam(sys_get_temp_dir(), $baseName . "_sql_");
$uploadsZip = tempnam(sys_get_temp_dir(), $baseName . "_uploads_");
$versionFile = tempnam(sys_get_temp_dir(), $baseName . "_version_");
$finalZip = tempnam(sys_get_temp_dir(), $baseName . "_backup_");
foreach ([$sqlFile, $uploadsZip, $versionFile, $finalZip] as $f) {
$registerTempFileForCleanup($f);
chmod($f, 0600);
}
// === 3. Generate SQL Dump
$sqlContent = "-- UTF-8 + Foreign Key Safe Dump\n";
$sqlContent .= "SET NAMES 'utf8mb4';\n";
$sqlContent .= "SET foreign_key_checks = 0;\n\n";
$tables = [];
$res = $mysqli->query("SHOW TABLES");
if (!$res) {
error_log("MySQL Error: " . $mysqli->error);
exit("Error retrieving tables.");
}
while ($row = $res->fetch_row()) {
$tables[] = $row[0];
}
foreach ($tables as $table) {
$createRes = $mysqli->query("SHOW CREATE TABLE `$table`");
if (!$createRes) {
error_log("MySQL Error: " . $mysqli->error);
continue;
}
$createRow = $createRes->fetch_assoc();
$createSQL = array_values($createRow)[1];
$sqlContent .= "\n-- ----------------------------\n";
$sqlContent .= "-- Table structure for `$table`\n";
$sqlContent .= "-- ----------------------------\n";
$sqlContent .= "DROP TABLE IF EXISTS `$table`;\n";
$sqlContent .= $createSQL . ";\n\n";
$dataRes = $mysqli->query("SELECT * FROM `$table`");
if ($dataRes && $dataRes->num_rows > 0) {
$sqlContent .= "-- Dumping data for table `$table`\n";
while ($row = $dataRes->fetch_assoc()) {
$columns = array_map(fn($col) => '`' . $mysqli->real_escape_string($col) . '`', array_keys($row));
$values = array_map(function ($val) use ($mysqli) {
return is_null($val) ? "NULL" : "'" . $mysqli->real_escape_string($val) . "'";
}, array_values($row));
$sqlContent .= "INSERT INTO `$table` (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $values) . ");\n";
}
$sqlContent .= "\n";
}
}
$sqlContent .= "SET foreign_key_checks = 1;\n";
file_put_contents($sqlFile, $sqlContent);
// === 4. Zip the uploads folder
$zipFolder("../uploads", $uploadsZip);
// === 5. Create version.txt
$commitHash = trim(shell_exec('git log -1 --format=%H')) ?: 'N/A';
$gitBranch = trim(shell_exec('git rev-parse --abbrev-ref HEAD')) ?: 'N/A';
$versionContent = "ITFlow Backup Metadata\n";
$versionContent .= "-----------------------------\n";
$versionContent .= "Generated: " . date('Y-m-d H:i:s') . "\n";
$versionContent .= "Backup File: " . basename($finalZip) . "\n";
$versionContent .= "Generated By: $session_name\n";
$versionContent .= "Host: " . gethostname() . "\n";
$versionContent .= "Git Branch: $gitBranch\n";
$versionContent .= "Git Commit: $commitHash\n";
$versionContent .= "ITFlow Version: " . (defined('APP_VERSION') ? APP_VERSION : 'Unknown') . "\n";
$versionContent .= "Database Version: " . (defined('CURRENT_DATABASE_VERSION') ? CURRENT_DATABASE_VERSION : 'Unknown') . "\n";
$versionContent .= "Checksum (SHA256): \n";
file_put_contents($versionFile, $versionContent);
// === 6. Build final ZIP
$final = new ZipArchive();
if ($final->open($finalZip, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== TRUE) {
error_log("Failed to create final zip: $finalZip");
http_response_code(500);
exit("Internal Server Error: Unable to create backup archive.");
}
$final->addFile($sqlFile, "db.sql");
$final->addFile($uploadsZip, "uploads.zip");
$final->addFile($versionFile, "version.txt");
$final->close();
chmod($finalZip, 0600);
$checksum = hash_file('sha256', $finalZip);
file_put_contents($versionFile, $versionContent . "$checksum\n");
// === 7. Serve final ZIP
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename="' . basename($finalZip) . '"');
header('Content-Length: ' . filesize($finalZip));
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Content-Transfer-Encoding: binary');
flush();
$fp = fopen($finalZip, 'rb');
fpassthru($fp);
fclose($fp);
logAction("System", "Backup Download", "$session_name downloaded full backup.");
flash_alert("Full backup downloaded.");
exit;
}
if (isset($_POST['backup_master_key'])) {
validateCSRFToken($_POST['csrf_token']);
$password = $_POST['password'];
$sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id");
$row = mysqli_fetch_array($sql);
if (password_verify($password, $row['user_password'])) {
$site_encryption_master_key = decryptUserSpecificKey($row['user_specific_encryption_ciphertext'], $password);
logAction("Master Key", "Download", "$session_name retrieved the master encryption key");
appNotify("Master Key", "$session_name retrieved the master encryption key");
echo "==============================";
echo "<br>Master encryption key:<br>";
echo "<b>$site_encryption_master_key</b>";
echo "<br>==============================";
} else {
logAction("Master Key", "Download", "$session_name attempted to retrieve the master encryption key but failed");
flash_alert("Incorrect password.", 'error');
redirect();
}
}

37
post/admin/admin_category.php → admin/post/category.php
View File

@@ -8,35 +8,33 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_category'])) {
require_once 'post/admin/admin_category_model.php';
require_once 'category_model.php';
mysqli_query($mysqli,"INSERT INTO categories SET category_name = '$name', category_type = '$type', category_color = '$color'");
$category_id = mysqli_insert_id($mysqli);
// Logging
logAction("Category", "Create", "$session_name created category $type $name", 0, $category_id);
$_SESSION['alert_message'] = "Category $type <strong>$name</strong> created";
flash_alert("Category $type <strong>$name</strong> created");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
if (isset($_POST['edit_category'])) {
require_once 'post/admin/admin_category_model.php';
require_once 'category_model.php';
$category_id = intval($_POST['category_id']);
mysqli_query($mysqli,"UPDATE categories SET category_name = '$name', category_type = '$type', category_color = '$color' WHERE category_id = $category_id");
// Logging
logAction("Category", "Edit", "$session_name edited category $type $name", 0, $category_id);
$_SESSION['alert_message'] = "Category $type <strong>$name</strong> edited";
flash_alert("Category $type <strong>$name</strong> edited");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -52,13 +50,11 @@ if (isset($_GET['archive_category'])) {
mysqli_query($mysqli,"UPDATE categories SET category_archived_at = NOW() WHERE category_id = $category_id");
// Logging
logAction("Category", "Archive", "$session_name archived category $type $name", 0, $category_id);
logAction("Category", "Archive", "$session_name archived category $category_type $category_name", 0, $category_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Category $type <strong>$name</strong> archived";
flash_alert("Category $category_type <strong>$category_name</strong> archived", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -74,12 +70,11 @@ if (isset($_GET['unarchive_category'])) {
mysqli_query($mysqli,"UPDATE categories SET category_archived_at = NULL WHERE category_id = $category_id");
// Logging
logAction("Category", "Unarchive", "$session_name unarchived category $type $name", 0, $category_id);
logAction("Category", "Unarchive", "$session_name unarchived category $category_type $category_name", 0, $category_id);
$_SESSION['alert_message'] = "Category $type <strong>$name</strong> unarchived";
flash_alert("Category $category_type <strong>$category_name</strong> unarchived");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -95,12 +90,10 @@ if (isset($_GET['delete_category'])) {
mysqli_query($mysqli,"DELETE FROM categories WHERE category_id = $category_id");
// Logging
logAction("Category", "Delete", "$session_name deleted category $type $name");
logAction("Category", "Delete", "$session_name deleted category $category_type $category_name");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Category $type <strong>$name</strong> deleted";
flash_alert("Category $category_type <strong>$category_name</strong> deleted", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

0
post/user/category_model.php → admin/post/category_model.php
View File

26
post/admin/admin_custom_field.php → admin/post/custom_field.php
View File

@@ -8,7 +8,7 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if(isset($_POST['create_custom_field'])){
require_once 'post/admin/admin_custom_field_model.php';
require_once 'custom_field_model.php';
$table = sanitizeInput($_POST['table']);
@@ -16,48 +16,42 @@ if(isset($_POST['create_custom_field'])){
$custom_field_id = mysqli_insert_id($mysqli);
// Logging
logAction("Custom Field", "Create", "$session_name created custom field $label", 0, $custom_field_id);
$_SESSION['alert_message'] = "Custom field <strong>$label</strong> created";
flash_alert("Custom field <strong>$label</strong> created");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
if(isset($_POST['edit_custom_field'])){
require_once 'post/admin/admin_custom_field_model.php';
require_once 'custom_field_model.php';
$custom_field_id = intval($_POST['custom_field_id']);
mysqli_query($mysqli,"UPDATE custom_fields SET custom_field_label = '$label', custom_field_type = '$type' WHERE custom_field_id = $custom_field_id");
// Logging
logAction("Custom Field", "Edit", "$session_name edited custom field $label", 0, $custom_field_id);
$_SESSION['alert_message'] = "Custom field <strong>$label</strong> edited";
flash_alert("Custom field <strong>$label</strong> edited");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
if(isset($_GET['delete_custom_field'])){
$custom_field_id = intval($_GET['delete_custom_field']);
// Get Custom Field Label for logging
$sql = mysqli_query($mysqli,"SELECT custom_field_label FROM custom_fields WHERE custom_field_id = $custom_field_id");
$row = mysqli_fetch_array($sql);
$custom_field_label = sanitizeInput($row['custom_field_label']);
$label = sanitizeInput(getFieldById('custom_fields', $custom_field_id, 'custom_field_label'));
mysqli_query($mysqli,"DELETE FROM custom_fields WHERE custom_field_id = $custom_field_id");
// Logging
logAction("Custom Field", "Delete", "$session_name deleted custom field $label");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Custom field <strong>$label</strong> deleted";
flash_alert("Custom field <strong>$label</strong> deleted", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

0
post/admin/admin_custom_field_model.php → admin/post/custom_field_model.php
View File

17
post/admin/admin_custom_link.php → admin/post/custom_link.php
View File

@@ -19,12 +19,11 @@ if (isset($_POST['add_custom_link'])) {
$custom_link_id = mysqli_insert_id($mysqli);
// Logging
logAction("Custom Link", "Create", "$session_name created custom link $name -> $uri", 0, $custom_link_id);
$_SESSION['alert_message'] = "Custom link <strong>$name</strong> created";
flash_alert("Custom link <strong>$name</strong> created");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -40,16 +39,16 @@ if (isset($_POST['edit_custom_link'])) {
mysqli_query($mysqli,"UPDATE custom_links SET custom_link_name = '$name', custom_link_uri = '$uri', custom_link_new_tab = $new_tab, custom_link_icon = '$icon', custom_link_order = $order, custom_link_location = $location WHERE custom_link_id = $custom_link_id");
// Logging
logAction("Custom Link", "Edit", "$session_name edited custom link $name -> $uri", 0, $custom_link_id);
$_SESSION['alert_message'] = "Custom Link <strong>$name</strong> edited";
flash_alert("Custom Link <strong>$name</strong> edited");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
if (isset($_GET['delete_custom_link'])) {
$custom_link_id = intval($_GET['delete_custom_link']);
// Get Custom Link name and uri for logging
@@ -60,12 +59,10 @@ if (isset($_GET['delete_custom_link'])) {
mysqli_query($mysqli,"DELETE FROM custom_links WHERE custom_link_id = $custom_link_id");
// Logging
logAction("Custom Link", "Delete", "$session_name deleted custom link $custom_link_name -> $custom_link_uri");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Custom Link <strong>$name</strong> deleted";
flash_alert("Custom Link <strong>$name</strong> deleted", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

57
admin/post/document_template.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
// Doc Templates
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_document_template'])) {
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
mysqli_query($mysqli,"INSERT INTO document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$content', document_template_created_by = $session_user_id");
$document_template_id = mysqli_insert_id($mysqli);
logAction("Document Template", "Create", "$session_name created document template $name", 0, $document_template_id);
flash_alert("Document template <strong>$name</strong> created");
redirect();
}
if (isset($_POST['edit_document_template'])) {
$document_template_id = intval($_POST['document_template_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
// Document edit query
mysqli_query($mysqli,"UPDATE document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$content', document_template_updated_by = $session_user_id WHERE document_template_id = $document_template_id");
logAction("Document Template", "Edit", "$session_name edited document template $name", 0, $document_template_id);
flash_alert("Document Template <strong>$name</strong> edited");
redirect();
}
if (isset($_GET['delete_document_template'])) {
$document_template_id = intval($_GET['delete_document_template']);
$document_template_name = sanitizeInput(getFieldById('document_templates', $document_template_id, 'document_template_name'));
mysqli_query($mysqli,"DELETE FROM document_templates WHERE document_template_id = $document_template_id");
logAction("Document Template", "Delete", "$session_name deleted document template $document_template_name");
flash_alert("Document Template <strong>$document_template_name</strong> deleted", 'error');
redirect();
}

9
post/admin/admin_settings_integration.php → admin/post/identity_provider.php
View File

@@ -2,7 +2,7 @@
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['edit_integrations_settings'])) {
if (isset($_POST['edit_identity_provider'])) {
validateCSRFToken($_POST['csrf_token']);
@@ -11,11 +11,10 @@ if (isset($_POST['edit_integrations_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_azure_client_id = '$azure_client_id', config_azure_client_secret = '$azure_client_secret' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited integrations settings");
logAction("Settings", "Edit", "$session_name edited identity provider settings");
$_SESSION['alert_message'] = "Integrations Settings updated";
flash_alert("Identity Provider Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

26
post/admin/admin_mail_queue.php → admin/post/mail_queue.php
View File

@@ -8,12 +8,11 @@ if (isset($_GET['send_failed_mail'])) {
mysqli_query($mysqli,"UPDATE email_queue SET email_status = 0, email_attempts = 3 WHERE email_id = $email_id");
// Logging
logAction("Email", "Send", "$session_name attempted to force send email id: $email_id in the mail queue", 0, $email_id);
$_SESSION['alert_message'] = "Email Force Sent, give it a minute to resend";
flash_alert("Email Force Sent, give it a minute to resend");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -23,13 +22,11 @@ if (isset($_GET['cancel_mail'])) {
mysqli_query($mysqli,"UPDATE email_queue SET email_status = 2, email_attempts = 99, email_failed_at = NOW() WHERE email_id = $email_id");
// Logging
logAction("Email", "Send", "$session_name canceled send email id: $email_id in the mail queue", 0, $email_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Email cancelled and marked as failed.";
flash_alert("Email cancelled and marked as failed.", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -47,19 +44,18 @@ if (isset($_POST['bulk_cancel_emails'])) {
$email_id = intval($email_id);
mysqli_query($mysqli,"UPDATE email_queue SET email_status = 2, email_attempts = 99, email_failed_at = NOW() WHERE email_id = $email_id");
// Logging
logAction("Email", "Cancel", "$session_name cancelled email id: $email_id in the mail queue", 0, $email_id);
}
// Logging
logAction("Email", "Bulk Cancel", "$session_name cancelled $count email(s) in the mail queue");
$_SESSION['alert_message'] = "Cancelled <strong>$count</strong> email(s)";
flash_alert("Cancelled <strong>$count</strong> email(s)", 'error');
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
if (isset($_POST['bulk_delete_emails'])) {
@@ -76,18 +72,16 @@ if (isset($_POST['bulk_delete_emails'])) {
$email_id = intval($email_id);
mysqli_query($mysqli,"DELETE FROM email_queue WHERE email_id = $email_id");
// Logging
logAction("Email", "Delete", "$session_name deleted email id: $email_id from the mail queue");
}
// Logging
logAction("Email", "Bulk Delete", "$session_name deleted $count email(s) from the mail queue");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Deleted <strong>$count</strong> email(s)";
flash_alert("Deleted <strong>$count</strong> email(s)", 'error');
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

58
admin/post/payment_method.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Providers ('ai_providers')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_payment_method'])) {
validateCSRFToken($_POST['csrf_token']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
mysqli_query($mysqli,"INSERT INTO payment_methods SET payment_method_name = '$name', payment_method_description = '$description'");
logAction("Payment Method", "Create", "$session_name created Payment Method $name");
flash_alert("Payment Method <strong>$name</strong> created");
redirect();
}
if (isset($_POST['edit_payment_method'])) {
validateCSRFToken($_POST['csrf_token']);
$payment_method_id = intval($_POST['payment_method_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
mysqli_query($mysqli,"UPDATE payment_methods SET payment_method_name = '$name', payment_method_description = '$description' WHERE payment_method_id = $payment_method_id");
logAction("Payment Method", "Edit", "$session_name edited Payment Method $name");
flash_alert("Payment Method <strong>$name</strong> edited");
redirect();
}
if (isset($_GET['delete_payment_method'])) {
$payment_method_id = intval($_GET['delete_payment_method']);
$payment_method_name = sanitizeInput(getFieldById('payment_methods', $payment_method_is, 'payment_method_name'));
mysqli_query($mysqli,"DELETE FROM payment_methods WHERE payment_method_id = $payment_method_id");
logAction("Payment Method", "Delete", "$session_name deleted Payment Method $payment_method_name");
flash_alert("Payment Method <strong>$payment_method_name</strong> deleted", 'error');
redirect();
}

108
admin/post/payment_provider.php Normal file
View File

@@ -0,0 +1,108 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Providers ('ai_providers')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_payment_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider = sanitizeInput($_POST['provider']);
$public_key = sanitizeInput($_POST['public_key']);
$private_key = sanitizeInput($_POST['private_key']);
$threshold = floatval($_POST['threshold']);
$enable_expense = intval($_POST['enable_expense'] ?? 0);
$percentage_fee = floatval($_POST['percentage_fee']) / 100;
$flat_fee = floatval($_POST['flat_fee']);
// Check to make sure Provider isnt added Twice
$sql = "SELECT 1 FROM payment_providers WHERE payment_provider_name = '$provider' LIMIT 1";
$result = mysqli_query($mysqli, $sql);
if (mysqli_num_rows($result) > 0) {
flash_alert("Payment Provider <strong>$provider</strong> already exists", 'error');
redirect();
}
// Check for Stripe Account if not create it
$sql_account = mysqli_query($mysqli,"SELECT account_id FROM accounts WHERE account_name = '$provider' AND account_archived_at IS NULL LIMIT 1");
if (mysqli_num_rows($sql_account) == 0) {
$account_id = mysqli_insert_id($mysqli);
} else {
$row = mysqli_fetch_array($sql_account);
$account_id = intval($row['account_id']);
}
if ($enable_expense) {
// Category
$sql_category = mysqli_query($mysqli,"SELECT category_id FROM categories WHERE category_name = 'Payment Processing' AND category_type = 'Expense' AND category_archived_at IS NULL LIMIT 1");
if (mysqli_num_rows($sql_category) == 0) {
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Processing Fee', category_type = 'Payment Processing', category_color = 'gray'");
$category_id = mysqli_insert_id($mysqli);
} else {
$row = mysqli_fetch_array($sql_category);
$category_id = intval($row['category_id']);
}
//Vendor
$sql_vendor = mysqli_query($mysqli,"SELECT vendor_id FROM vendors WHERE vendor_name = '$provider' AND vendor_client_id = 0 AND vendor_archived_at IS NULL LIMIT 1");
if (mysqli_num_rows($sql_vendor) == 0) {
mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$provider', vendor_descripion = 'Payment Processor Provider', vendor_client_id = 0");
$vendor_id = mysqli_insert_id($mysqli);
} else {
$row = mysqli_fetch_array($sql_vendor);
$vendor_id = intval($row['vendor_id']);
}
}
mysqli_query($mysqli,"INSERT INTO payment_providers SET payment_provider_name = '$provider', payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_account = $account_id, payment_provider_expense_vendor = $vendor_id, payment_provider_expense_category = $category_id, payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee");
$provider_id = mysqli_insert_id($mysqli);
logAction("Payment Provider", "Create", "$session_name created AI Provider $provider");
flash_alert("Payment provider <strong>$provider</strong> created");
redirect();
}
if (isset($_POST['edit_payment_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider_id = intval($_POST['provider_id']);
$description = sanitizeInput($_POST['description']);
$public_key = sanitizeInput($_POST['public_key']);
$private_key = sanitizeInput($_POST['private_key']);
$threshold = floatval($_POST['threshold']);
$enable_expense = intval($_POST['enable_expense'] ?? 0);
$percentage_fee = floatval($_POST['percentage_fee']) / 100;
$flat_fee = floatval($_POST['flat_fee']);
mysqli_query($mysqli,"UPDATE payment_providers SET payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee WHERE payment_provider_id = $provider_id");
logAction("Payment Provider", "Edit", "$session_name edited Payment Provider $provider");
flash_alert("Payment Provider <strong>$provider</strong> edited");
redirect();
}
if (isset($_GET['delete_payment_provider'])) {
$provider_id = intval($_GET['delete_payment_provider']);
$provider_name = sanitizeInput(getFieldById('provider_providers', $provider_id, 'provider_name'));
mysqli_query($mysqli,"DELETE FROM payment_providers WHERE payment_provider_id = $provider_id");
logAction("Payment Provider", "Delete", "$session_name deleted Payment Provider $provider_name");
flash_alert("Payment Provider <strong>$provider_name</strong> deleted", 'error');
redirect();
}

39
post/admin/admin_project_template.php → admin/post/project_template.php
View File

@@ -11,12 +11,11 @@ if (isset($_POST['add_project_template'])) {
$project_template_id = mysqli_insert_id($mysqli);
// Logging
logAction("Project Template", "Create", "$session_name created project template $name", 0, $project_template_id);
$_SESSION['alert_message'] = "Project Template <strong>$name</strong> created";
flash_alert("Project Template <strong>$name</strong> created");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -28,12 +27,12 @@ if (isset($_POST['edit_project_template'])) {
mysqli_query($mysqli, "UPDATE project_templates SET project_template_name = '$name', project_template_description = '$description' WHERE project_template_id = $project_template_id");
// Logging
logAction("Project Template", "Edit", "$session_name edited project template $name", 0, $project_template_id);
$_SESSION['alert_message'] = "Project Template <strong>$name</strong> edited";
flash_alert("Project Template <strong>$name</strong> edited");
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['edit_ticket_template_order'])) {
@@ -44,7 +43,8 @@ if (isset($_POST['edit_ticket_template_order'])) {
mysqli_query($mysqli, "UPDATE project_template_ticket_templates SET ticket_template_order = $order WHERE ticket_template_id = $ticket_template_id AND project_template_id = $project_template_id");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
if (isset($_POST['add_ticket_template_to_project_template'])) {
@@ -55,12 +55,12 @@ if (isset($_POST['add_ticket_template_to_project_template'])) {
mysqli_query($mysqli, "INSERT INTO project_template_ticket_templates SET project_template_id = $project_template_id, ticket_template_id = $ticket_template_id, ticket_template_order = $order");
// Logging
logAction("Project Template", "Edit", "$session_name added ticket template to project_template", 0, $project_template_id);
$_SESSION['alert_message'] = "Ticket template added";
flash_alert("Ticket template added");
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['remove_ticket_template_from_project_template'])) {
@@ -71,34 +71,29 @@ if (isset($_POST['remove_ticket_template_from_project_template'])) {
mysqli_query($mysqli, "DELETE FROM project_template_ticket_templates WHERE project_template_id = $project_template_id AND ticket_template_id = $ticket_template_id");
// Logging
logAction("Project Template", "Edit", "$session_name removed ticket template from project template", 0, $project_template_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Ticket template removed";
flash_alert("Ticket template removed", 'error');
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_project_template'])) {
$project_template_id = intval($_GET['delete_project_template']);
// Get project template name
$sql = mysqli_query($mysqli, "SELECT * FROM project_templates WHERE project_template_id = $project_template_id");
$row = mysqli_fetch_array($sql);
$project_template_name = sanitizeInput($row['project_template_name']);
$project_template_name = sanitizeInput(getFieldById('project_templates', $project_template_id, 'project_template_name'));
mysqli_query($mysqli, "DELETE FROM project_templates WHERE project_template_id = $project_template_id");
// Remove Associated Ticket Templates
mysqli_query($mysqli, "DELETE FROM project_template_ticket_templates WHERE project_template_id = $project_template_id");
// Logging
logAction("Project Template", "Delete", "$session_name deleted project template $project_template_name and its associated ticket templates and tasks");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Project Template <strong>$project_template_name</strong> and its associated ticket templates and tasks deleted";
flash_alert("Project Template <strong>$project_template_name</strong> and its associated ticket templates and tasks deleted", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

32
post/admin/admin_role.php → admin/post/roles.php
View File

@@ -18,12 +18,11 @@ if (isset($_POST['add_role'])) {
$role_id = mysqli_insert_id($mysqli);
// Logging
logAction("User Role", "Create", "$session_name created user role $name", 0, $role_id);
$_SESSION['alert_message'] = "User Role <strong$name</strong> created";
flash_alert("User Role <strong$name</strong> created");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -31,8 +30,7 @@ if (isset($_POST['edit_role'])) {
validateCSRFToken($_POST['csrf_token']);
// Update role metadata
$role_id = sanitizeInput($_POST['role_id']);
$role_id = intval($_POST['role_id']);
$name = sanitizeInput($_POST['role_name']);
$description = sanitizeInput($_POST['role_description']);
$admin = intval($_POST['role_is_admin']);
@@ -53,12 +51,12 @@ if (isset($_POST['edit_role'])) {
}
// Logging
logAction("User Role", "Edit", "$session_name edited user role $name", 0, $role_id);
$_SESSION['alert_message'] = "User Role <strong>$name</strong> edited";
flash_alert("User Role <strong>$name</strong> edited");
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['archive_role'])) {
@@ -71,19 +69,19 @@ if (isset($_GET['archive_role'])) {
$sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(user_id) FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL");
$role_user_count = mysqli_fetch_row($sql_role_user_count)[0];
if ($role_user_count != 0) {
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Role must not in use to archive it";
header("Location: " . $_SERVER["HTTP_REFERER"]);
exit();
flash_alert("Role must not in use to archive it", 'error');
redirect();
}
mysqli_query($mysqli, "UPDATE user_roles SET role_archived_at = NOW() WHERE role_id = $role_id");
// Logging
$role_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT role_name FROM user_roles WHERE role_id = $role_id LIMIT 1"));
$role_name = sanitizeInput($role_details['role_name']);
$role_name = sanitizeInput(getFieldById('roles', $role_id, 'role_name'));
logAction("User Role", "Archive", "$session_name archived user role $role_name", 0, $role_id);
$_SESSION['alert_message'] = "User Role archived";
header("Location: " . $_SERVER["HTTP_REFERER"]);
flash_alert("User Role <strong>$role_name</strong> archived", 'error');
redirect();
}

70
admin/post/saved_payment_method.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_GET['delete_saved_payment'])) {
validateCSRFToken($_GET['csrf_token']);
$saved_payment_id = intval($_GET['delete_saved_payment']);
$sql = mysqli_query($mysqli, "
SELECT
client_saved_payment_methods.saved_payment_id,
client_saved_payment_methods.saved_payment_client_id,
client_saved_payment_methods.saved_payment_provider_id,
client_saved_payment_methods.saved_payment_provider_method,
client_saved_payment_methods.saved_payment_description,
client_payment_provider.payment_provider_client,
payment_providers.payment_provider_name,
payment_providers.payment_provider_private_key
FROM client_saved_payment_methods
LEFT JOIN client_payment_provider
ON client_payment_provider.client_id = client_saved_payment_methods.saved_payment_client_id
AND client_payment_provider.payment_provider_id = client_saved_payment_methods.saved_payment_provider_id
LEFT JOIN payment_providers
ON payment_providers.payment_provider_id = client_saved_payment_methods.saved_payment_provider_id
WHERE client_saved_payment_methods.saved_payment_id = $saved_payment_id"
);
$row = mysqli_fetch_array($sql);
$client_id = intval($row['saved_payment_client_id']);
$provider_id = intval($row['saved_payment_provider_id']);
$payment_provider_name = nullable_htmlentities($row['payment_provider_name']);
$saved_payment_description = nullable_htmlentities($row['saved_payment_description']);
$provider_client = nullable_htmlentities($row['payment_provider_client']);
$payment_method = $row['saved_payment_provider_method'];
$private_key = $row['payment_provider_private_key'];
// Seperate logic for each Payment Provider
if ($payment_provider_name == 'Stripe') {
try {
// Initialize stripe
require_once 'plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($private_key);
// Detach PM
$stripe->paymentMethods->detach($payment_method, []);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when removing payment method info for $payment_method: $error");
logApp("Stripe", "error", "Exception removing payment method for $payment_method: $error");
}
}
// Remove payment method from ITFlow
mysqli_query($mysqli, "DELETE FROM client_saved_payment_methods WHERE saved_payment_id = $saved_payment_id");
// SQL Cascade delete will Remove All Associated Auto Payment Methods on recurring invoices in the recurring payments table.
logAction("Payment Provider", "Update", "$session_name deleted saved payment method $saved_payment_description (PM: $payment_method)", $client_id);
flash_alert("Payment method <strong>$saved_payment_description</strong> removed", 'error');
redirect();
}

5
post/admin/admin_settings_ai.php → admin/post/settings_ai.php
View File

@@ -18,11 +18,10 @@ if (isset($_POST['edit_ai_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_ai_enable = $ai_enable, config_ai_provider = '$provider', config_ai_model = '$model', config_ai_url = '$url', config_ai_api_key = '$api_key' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited AI settings");
$_SESSION['alert_message'] = "AI Settings updated";
flash_alert("AI Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

23
post/admin/admin_settings_company.php → admin/post/settings_company.php
View File

@@ -12,9 +12,11 @@ if (isset($_POST['edit_company'])) {
$state = sanitizeInput($_POST['state']);
$zip = sanitizeInput($_POST['zip']);
$country = sanitizeInput($_POST['country']);
$phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']);
$phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
$email = sanitizeInput($_POST['email']);
$website = sanitizeInput($_POST['website']);
$tax_id = sanitizeInput($_POST['tax_id']);
$sql = mysqli_query($mysqli,"SELECT company_logo FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql);
@@ -26,13 +28,13 @@ if (isset($_POST['edit_company'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// directory in which the uploaded file will be moved
$upload_file_dir = "uploads/settings/";
$upload_file_dir = "../uploads/settings/";
$dest_path = $upload_file_dir . $new_file_name;
move_uploaded_file($file_tmp_path, $dest_path);
// Delete old file
unlink("uploads/settings/$existing_file_name");
unlink("../uploads/settings/$existing_file_name");
// Set Logo
mysqli_query($mysqli,"UPDATE companies SET company_logo = '$new_file_name' WHERE company_id = 1");
@@ -40,14 +42,13 @@ if (isset($_POST['edit_company'])) {
}
}
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone_country_code = '$phone_country_code', company_phone = '$phone', company_email = '$email', company_website = '$website', company_tax_id = '$tax_id' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited company details");
$_SESSION['alert_message'] = "Company <strong>$name</strong> edited";
flash_alert("Company <strong>$name</strong> edited");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -57,14 +58,14 @@ if (isset($_GET['remove_company_logo'])) {
$row = mysqli_fetch_array($sql);
$company_logo = $row['company_logo']; // FileSystem Operation Logo is already sanitized
unlink("uploads/settings/$company_logo");
unlink("../uploads/settings/$company_logo");
mysqli_query($mysqli,"UPDATE companies SET company_logo = NULL WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name deleted company logo");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Removed company logo";
flash_alert("Removed company logo", 'error');
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

6
post/admin/admin_settings_default.php → admin/post/settings_default.php
View File

@@ -19,10 +19,10 @@ if (isset($_POST['edit_default_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$start_page', config_default_expense_account = $expense_account, config_default_payment_account = $payment_account, config_default_payment_method = '$payment_method', config_default_expense_payment_method = '$expense_payment_method', config_default_transfer_from_account = $transfer_from_account, config_default_transfer_to_account = $transfer_to_account, config_default_calendar = $calendar, config_default_net_terms = $net_terms, config_default_hourly_rate = $hourly_rate WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited default settings");
$_SESSION['alert_message'] = "Default settings edited";
flash_alert("Default settings edited");
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}

8
post/admin/admin_settings_invoice.php → admin/post/settings_invoice.php
View File

@@ -9,6 +9,7 @@ if (isset($_POST['edit_invoice_settings'])) {
$config_invoice_prefix = sanitizeInput($_POST['config_invoice_prefix']);
$config_invoice_next_number = intval($_POST['config_invoice_next_number']);
$config_invoice_footer = sanitizeInput($_POST['config_invoice_footer']);
$config_invoice_show_tax_id = intval($_POST['config_invoice_show_tax_id'] ?? 0);
$config_invoice_late_fee_enable = intval($_POST['config_invoice_late_fee_enable'] ?? 0);
$config_invoice_late_fee_percent = floatval($_POST['config_invoice_late_fee_percent']);
$config_recurring_invoice_prefix = sanitizeInput($_POST['config_recurring_invoice_prefix']);
@@ -18,13 +19,12 @@ if (isset($_POST['edit_invoice_settings'])) {
$config_invoice_paid_notification_email = sanitizeInput($_POST['config_invoice_paid_notification_email']);
}
mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_invoice_footer = '$config_invoice_footer', config_invoice_late_fee_enable = $config_invoice_late_fee_enable, config_invoice_late_fee_percent = $config_invoice_late_fee_percent, config_invoice_paid_notification_email = '$config_invoice_paid_notification_email', config_recurring_invoice_prefix = '$config_recurring_invoice_prefix', config_recurring_invoice_next_number = $config_recurring_invoice_next_number WHERE company_id = 1");
mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_invoice_footer = '$config_invoice_footer', config_invoice_show_tax_id = $config_invoice_show_tax_id, config_invoice_late_fee_enable = $config_invoice_late_fee_enable, config_invoice_late_fee_percent = $config_invoice_late_fee_percent, config_invoice_paid_notification_email = '$config_invoice_paid_notification_email', config_recurring_invoice_prefix = '$config_recurring_invoice_prefix', config_recurring_invoice_next_number = $config_recurring_invoice_next_number WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited invoice settings");
$_SESSION['alert_message'] = "Invoice Settings edited";
flash_alert("Invoice Settings edited");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

5
post/admin/admin_settings_localization.php → admin/post/settings_localization.php
View File

@@ -14,11 +14,10 @@ if (isset($_POST['edit_localization'])) {
mysqli_query($mysqli,"UPDATE settings SET config_timezone = '$timezone' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited localization settings");
$_SESSION['alert_message'] = "Company localization updated";
flash_alert("Company localization updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

74
post/admin/admin_settings_mail.php → admin/post/settings_mail.php
View File

@@ -14,12 +14,11 @@ if (isset($_POST['edit_mail_smtp_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_encryption = '$config_smtp_encryption', config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited SMTP mail settings");
$_SESSION['alert_message'] = "SMTP Mail Settings updated";
flash_alert("SMTP Mail Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -35,13 +34,11 @@ if (isset($_POST['edit_mail_imap_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_imap_host = '$config_imap_host', config_imap_port = $config_imap_port, config_imap_encryption = '$config_imap_encryption', config_imap_username = '$config_imap_username', config_imap_password = '$config_imap_password' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited IMAP mail settings");
$_SESSION['alert_message'] = "IMAP Mail Settings updated";
flash_alert("IMAP Mail Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -63,12 +60,11 @@ if (isset($_POST['edit_mail_from_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_from_email = '$config_invoice_from_email', config_invoice_from_name = '$config_invoice_from_name', config_quote_from_email = '$config_quote_from_email', config_quote_from_name = '$config_quote_from_name', config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited mail from settings");
$_SESSION['alert_message'] = "Mail From Settings updated";
flash_alert("Mail From Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
@@ -77,6 +73,7 @@ if (isset($_POST['test_email_smtp'])) {
validateCSRFToken($_POST['csrf_token']);
$test_email = intval($_POST['test_email']);
if($test_email == 1) {
$email_from = sanitizeInput($config_mail_from_email);
$email_from_name = sanitizeInput($config_mail_from_name);
@@ -105,54 +102,41 @@ if (isset($_POST['test_email_smtp'])) {
'body' => $body
]
];
$mail = addToMailQueue($data);
if ($mail === true) {
$_SESSION['alert_message'] = "Test email queued successfully! <a class='text-bold text-light' href='admin_mail_queue.php'>Check Admin > Mail queue</a>";
flash_alert("Test email queued! <a class='text-bold text-light' href='admin_mail_queue.php'>Check Admin > Mail queue</a>");
} else {
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Failed to add test mail to queue";
flash_alert("Failed to add test mail to queue", 'error');
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
// Test IMAP
// Autoload Composer dependencies
// require_once __DIR__ . '/../plugins/php-imap/vendor/autoload.php';
// Webklex PHP-IMAP
//use Webklex\PHPIMAP\ClientManager;
if (isset($_POST['test_email_imap'])) {
/*
validateCSRFToken($_POST['csrf_token']);
validateCSRFToken($_POST['csrf_token']);
try {
// Initialize the client manager and create the client
$clientManager = new ClientManager();
$client = $clientManager->make([
'host' => $config_imap_host,
'port' => $config_imap_port,
'encryption' => $config_imap_encryption,
'validate_cert' => true,
'username' => $config_imap_username,
'password' => $config_imap_password,
'protocol' => 'imap'
]);
// Setup your IMAP connection parameters
$hostname = "{" . $config_imap_host . ":" . $config_imap_port . "/" . $config_imap_encryption . "/novalidate-cert}INBOX";
$username = $config_imap_username;
$password = $config_imap_password;
// Connect to the IMAP server
$client->connect();
try {
$inbox = @imap_open($hostname, $username, $password);
$_SESSION['alert_message'] = "Connected successfully";
} catch (Exception $e) {
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Test IMAP connection failed: " . $e->getMessage();
if ($inbox) {
imap_close($inbox);
flash_alert("Connected successfully");
} else {
throw new Exception(imap_last_error());
}
*/
$_SESSION['alert_message'] = "Test is Work In Progress";
} catch (Exception $e) {
flash_alert("<strong>IMAP connection failed:</strong> " . $e->getMessage(), 'error');
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

5
post/admin/admin_settings_module.php → admin/post/settings_module.php
View File

@@ -19,11 +19,10 @@ if (isset($_POST['edit_module_settings'])) {
mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 0, config_whitelabel_key = '' WHERE company_id = 1");
}
// Logging
logAction("Settings", "Edit", "$session_name edited module settings");
$_SESSION['alert_message'] = "Module Settings updated";
flash_alert("Module Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

5
post/admin/admin_settings_notification.php → admin/post/settings_notification.php
View File

@@ -14,11 +14,10 @@ if (isset($_POST['edit_notification_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_recurring_auto_send_invoice = $config_recurring_auto_send_invoice, config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire, config_ticket_client_general_notifications = $config_ticket_client_general_notifications WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited notification settings");
$_SESSION['alert_message'] = "Notification Settings updated";
flash_alert("Notification Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

9
post/admin/admin_settings_online_payment.php → admin/post/settings_online_payment.php
View File

@@ -17,15 +17,14 @@ if (isset($_POST['edit_online_payment_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account, config_stripe_expense_vendor = $config_stripe_expense_vendor, config_stripe_expense_category = $config_stripe_expense_category, config_stripe_percentage_fee = $config_stripe_percentage_fee, config_stripe_flat_fee = $config_stripe_flat_fee WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited online payment settings");
if ($config_stripe_enable && $config_stripe_account == 0) {
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Stripe payment account must be specified!";
flash_alert("Stripe payment account must be specified!", 'error');
} else {
$_SESSION['alert_message'] = "Online Payment Settings updated";
flash_alert("Online Payment Settings updated");
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

41
post/admin/admin_settings_online_payment_clients.php → admin/post/settings_online_payment_clients.php
View File

@@ -3,12 +3,12 @@
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_GET['stripe_remove_pm'])) {
validateCSRFToken($_GET['csrf_token']);
if (!$config_stripe_enable) {
$_SESSION['alert_message'] = "Stripe not enabled";
header("Location: " . $_SERVER["HTTP_REFERER"]);
exit();
flash_alert("Stripe not enabled", 'error');
redirect();
}
$client_id = intval($_GET['client_id']);
@@ -16,7 +16,7 @@ if (isset($_GET['stripe_remove_pm'])) {
try {
// Initialize stripe
require_once 'plugins/stripe-php/init.php';
require_once '../plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($config_stripe_secret);
// Detach PM
@@ -31,14 +31,24 @@ if (isset($_GET['stripe_remove_pm'])) {
// Remove payment method from ITFlow
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = NULL WHERE client_id = $client_id LIMIT 1");
// Logging & Redirect
// Remove Auto Pay on recurring invoices that are stripe
$sql_recurring_invoices = mysqli_query($mysqli, "SELECT recurring_invoice_id FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id");
while ($row = mysqli_fetch_array($sql_recurring_invoices)) {
$recurring_invoice_id = intval($row['recurring_invoice_id']);
mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe' AND recurring_payment_recurring_invoice_id = $recurring_invoice_id");
}
logAction("Stripe", "Update", "$session_name deleted saved Stripe payment method (PM: $payment_method)", $client_id);
$_SESSION['alert_message'] = "Payment method removed";
header("Location: " . $_SERVER["HTTP_REFERER"]);
flash_alert("Payment method removed", 'error');
redirect();
}
if (isset($_GET['stripe_reset_customer'])) {
validateCSRFToken($_GET['csrf_token']);
$client_id = intval($_GET['client_id']);
@@ -46,9 +56,18 @@ if (isset($_GET['stripe_reset_customer'])) {
// Delete the customer id and payment method id stored in ITFlow, allowing the client to set these up again
mysqli_query($mysqli, "DELETE FROM client_stripe WHERE client_id = $client_id");
// Logging
// Remove Auto Pay on recurring invoices that are stripe
$sql_recurring_invoices = mysqli_query($mysqli, "SELECT recurring_invoice_id FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id");
while ($row = mysqli_fetch_array($sql_recurring_invoices)) {
$recurring_invoice_id = intval($row['recurring_invoice_id']);
mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe' AND recurring_payment_recurring_invoice_id = $recurring_invoice_id");
}
logAction("Stripe", "Delete", "$session_name reset Stripe settings for client", $client_id);
$_SESSION['alert_message'] = "Reset client Stripe settings";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
flash_alert("Reset client Stripe settings", 'error');
redirect();
}

5
post/admin/admin_settings_project.php → admin/post/settings_project.php
View File

@@ -11,11 +11,10 @@ if (isset($_POST['edit_project_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_project_prefix = '$config_project_prefix', config_project_next_number = $config_project_next_number WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited project settings");
$_SESSION['alert_message'] = "Project Settings updated";
flash_alert("Project Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

5
post/admin/admin_settings_quote.php → admin/post/settings_quote.php
View File

@@ -16,11 +16,10 @@ if (isset($_POST['edit_quote_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer', config_quote_notification_email = '$config_quote_notification_email' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited Quote settings");
$_SESSION['alert_message'] = "Quote Settings updated";
flash_alert("Quote Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

11
post/admin/admin_settings_security.php → admin/post/settings_security.php
View File

@@ -12,12 +12,17 @@ if (isset($_POST['edit_security_settings'])) {
$config_login_remember_me_expire = intval($_POST['config_login_remember_me_expire']);
$config_log_retention = intval($_POST['config_log_retention']);
// Disallow turning on login key without a secret
if (empty($config_login_key_secret)) {
$config_login_key_required = 0;
}
mysqli_query($mysqli,"UPDATE settings SET config_login_message = '$config_login_message', config_login_key_required = '$config_login_key_required', config_login_key_secret = '$config_login_key_secret', config_login_remember_me_expire = $config_login_remember_me_expire, config_log_retention = $config_log_retention WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited security settings");
$_SESSION['alert_message'] = "Security settings updated";
flash_alert("Security settings updated");
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}

5
post/admin/admin_settings_telemetry.php → admin/post/settings_telemetry.php
View File

@@ -10,11 +10,10 @@ if (isset($_POST['edit_telemetry_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_telemetry = $config_telemetry WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited telemetry settings");
$_SESSION['alert_message'] = "Telemetry Settings updated";
flash_alert("Telemetry Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

19
post/admin/admin_settings_theme.php → admin/post/settings_theme.php
View File

@@ -10,12 +10,12 @@ if (isset($_POST['edit_theme_settings'])) {
mysqli_query($mysqli,"UPDATE settings SET config_theme = '$theme' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited theme settings");
logAction("Settings", "Edit", "$session_name edited theme settings $dark_mode");
$_SESSION['alert_message'] = "Changed theme to <strong>$theme</strong>";
flash_alert("Changed theme to <strong>$theme</strong>");
redirect();
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['edit_favicon_settings'])) {
@@ -28,12 +28,12 @@ if (isset($_POST['edit_favicon_settings'])) {
$file_tmp_path = $_FILES['file']['tmp_name'];
// Delete old file
if(file_exists("uploads/favicon.ico")) {
unlink("uploads/favicon.ico");
if(file_exists("../uploads/favicon.ico")) {
unlink("../uploads/favicon.ico");
}
// directory in which the uploaded file will be moved
$upload_file_dir = "uploads/";
$upload_file_dir = "../uploads/";
//Force File Name
$new_file_name = "favicon.ico";
$dest_path = $upload_file_dir . $new_file_name;
@@ -42,11 +42,10 @@ if (isset($_POST['edit_favicon_settings'])) {
}
}
// Logging
logAction("Settings", "Edit", "$session_name changed the favicon");
$_SESSION['alert_message'] = "Favicon Updated";
flash_alert("Favicon Updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}

10
post/admin/admin_settings_ticket.php → admin/post/settings_ticket.php
View File

@@ -17,14 +17,14 @@ if (isset($_POST['edit_ticket_settings'])) {
$config_ticket_default_view = intval($_POST['config_ticket_default_view']);
$config_ticket_moving_columns = intval($_POST['config_ticket_moving_columns']);
$config_ticket_ordering = intval($_POST['config_ticket_ordering']);
$config_ticket_timer_autostart = intval($_POST['config_ticket_timer_autostart']);
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_email_parse = $config_ticket_email_parse, config_ticket_email_parse_unknown_senders = $config_ticket_email_parse_unknown_senders, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email', config_ticket_default_billable = $config_ticket_default_billable, config_ticket_default_view = $config_ticket_default_view, config_ticket_moving_columns = $config_ticket_moving_columns, config_ticket_ordering = $config_ticket_ordering WHERE company_id = 1");
mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_email_parse = $config_ticket_email_parse, config_ticket_email_parse_unknown_senders = $config_ticket_email_parse_unknown_senders, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email', config_ticket_default_billable = $config_ticket_default_billable, config_ticket_default_view = $config_ticket_default_view, config_ticket_moving_columns = $config_ticket_moving_columns, config_ticket_ordering = $config_ticket_ordering, config_ticket_timer_autostart = $config_ticket_timer_autostart WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited ticket settings");
$_SESSION['alert_message'] = "Ticket Settings updated";
flash_alert("Ticket Settings updated");
header("Location: " . $_SERVER["HTTP_REFERER"]);
redirect();
}
}

Some files were not shown because too many files have changed in this diff Show More