AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-14 09:44:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: AS1024:v25.06
Branches Tags
AS1024:master AS1024:develop AS1024:ticket-task-approvals AS1024:duplicate-numbering-racecondition AS1024:undefined-asset-handling AS1024:revert-1176-Whit3XLightning-patch-2 AS1024:Before-Multi-Company-Removal
AS1024:v26.02 AS1024:v25.12 AS1024:v25.11 AS1024:v25.10 AS1024:v25.09 AS1024:v25.06 AS1024:v25.05 AS1024:v25.03 AS1024:v25.02.4 AS1024:v25.02.3 AS1024:v25.02.1 AS1024:v25.02 AS1024:v25.01.3 AS1024:v25.02.2 AS1024:v25.01.2 AS1024:v25.01
..
compare: AS1024:revert-1176-Whit3XLightning-patch-2
Branches Tags
AS1024:develop AS1024:master AS1024:ticket-task-approvals AS1024:duplicate-numbering-racecondition AS1024:undefined-asset-handling AS1024:revert-1176-Whit3XLightning-patch-2 AS1024:Before-Multi-Company-Removal
AS1024:v26.02 AS1024:v25.12 AS1024:v25.11 AS1024:v25.10 AS1024:v25.09 AS1024:v25.06 AS1024:v25.05 AS1024:v25.03 AS1024:v25.02.4 AS1024:v25.02.3 AS1024:v25.02.1 AS1024:v25.02 AS1024:v25.01.3 AS1024:v25.02.2 AS1024:v25.01.2 AS1024:v25.01

1 Commits
v25.06 ... revert-117

Author SHA1 Message Date
Johnny
16ab6144f9 Revert "Update folder_create_modal.php" 2025-03-01 12:12:44 -05:00
1294 changed files with 18026 additions and 144320 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -26,4 +26,3 @@ xcustom/*
!xcustom/readme.php !xcustom/readme.php
post/xcustom post/xcustom
!post/xcustom/readme.php !post/xcustom/readme.php
.zed

281
CHANGELOG.md
View File

@@ -2,280 +2,31 @@
This file documents all notable changes made to ITFlow. This file documents all notable changes made to ITFlow.
## [25.06]
### Breaking CHANGES
- Old Document Verions will be deleted due to the major backend rewrite how document versions work.
### Added / Changed
- Improved function for retrieving remote IP address for logging purposes.
- Ticket categories are now sorted alphabetically.
- Visiting a deleted invoice or recurring invoice now redirects to the listing page; delete option added to invoice details page.
- Added "Mark as Sent" and "Make Payment" actions directly on the invoice listing page.
- Introduced Ticket Category UI for recurring tickets.
- In Project Details, bulk actions and sorting are now available for tickets.
- Updated ticket details UI to use full card stacks with edit icons for stackable items (e.g., asset, watchers, contact).
- Added a new setting to toggle AutoStart Timer in ticket details (disabled by default).
- Applied gray accent theme in the client section to visually distinguish from the global view.
- Introduced Ticket Due Date functionality (currently supports add/edit only; more updates coming next release).
- Added settings option to display Company Tax ID on invoices.
- Client overview now displays badge counts for all entities.
- Overhauled UI for Invoice, Quote, and Recurring Invoice details; switched PDF generation to TCPDF PHP from PDFMake JS.
- Document versioning has been moved to a separate backend table to resolve permanent link issues -- SEE Breaking CHANGES.
- Migrated Document Templates, Vendor Templates, and Software/License Templates to dedicated tables.
- Added functionality to mark all tasks in a ticket as complete or incomplete.
- Asset CSV import now supports a purchase date field.
- Recurring Payments have been restructured to auto-charge on the invoice due date instead of at generation time.
- Added "Base Template" label for vendor templates when available.
- Backup and restore processes now use a temporary directory; files are cleaned up automatically if operations fail.
- Added confirmation prompt when accepting or declining a quote.
- Other minor code UI/UX cleanups and refactoring throughout the app.
### Fixed
- Resolved issue with enabling MFA.
- Fixed UI regression where ticket listing columns would misalign.
- Non-billable invoices are no longer included in calculations.
- Addressed multiple minor reported security vulnerabilities.
- Tickets with open tasks are no longer resolved in bulk; a warning is shown along with a count of affected tickets.
## [25.05.1]
### Added / Changed
- Added Domain Expiring Card to Client Portal Dashboard for Primary and Technical Users.
- Added Balance and Monthly Recurring Amount to Client Portal Dahboard for Primary and Technical Users.
- Added Archive Searching to network and certificates also added unarchive capabilities to them as well.
### Fixed
- Add Payment not showing in Invoice.
- Updated Client Overview Entities to not show archived client's Entities even though the entity may not be archived.
## [25.05]
### Added / Changed
- Expanded file upload allow-list to include .bat and .stk file types.
- Added full backup/restore functionality. Backup downloads a zip that includes the SQL dump and uploads folder, setup now has option to restore from zip backup.
- Migrated Asset and Contact Links to modals to resolve variable overlap issue.
- Added Pagination to Notification Modal.
- Removed 500 Records Per Page option.
- Removed unused old DB checks in the top nav.
- Clients can now use the portal to setup Stripe automatic payments themselves for recurring invoices
- Automatic payments are now disabled for all recurring invoices if the saved payment method is removed
- Added Card Details and Payment added to Client Stripe.
- UI / UX updates to guest pay Make use of cards.
- Don't show Checkbox columns when ticket is closed, compact ticket list now matches round pills for status and priority.
- Ticket UI/UX update allow the ticket toolbar to be a little more mobile-friendly
- UI / UX Updates to Expenses - Combine Category and Description into 1 column.
- Country information is now displayed in Invoices, Quotes, Recurring Invoices, Clients, Locations, and the client top header.
- Added country-based search filters in Locations and Clients sections.
- Changed the settings name from Integrations to Identity Providers to make room for future iDPs (e.g. Google).
- Bump FullCalendar from 6.1.15 to 6.1.17.
- Bump DataTables from 2.2.2 to 2.3.1.
- Bump TCPDF from 6.8.2 to 6.9.4.
- Bump tinyMCE from 7.7.1 to 7.9.0.
- Bump phpMailer from 6.9.2 to 6.10.0.
- Bump stripe-php from 16.4.0 to 17.2.1.
### Fixed
- "None" option for SMTP encryption now functions correctly.
- Debug table row counts now reflect actual counts instead of relying on SHOW TABLE STATUS.
- Archived Categories now display properly.
- Stripe saved payment methods are now limited to credit/debit cards only.
## [25.03.6]
### Fixed
- Set default to date to 2035-12-31 as 9999-12-31 and 2999-12-31 broke certain browsers.
- Update Client PDF Export, add header added company logo.
- Present Larger clearer Warning about updates on update page.
- Allow to search by project reference.
## [25.03.5]
### Fixed
- Fixed the user listing issue when copying a trip.
- Corrected the display of recurring invoice amounts on the dashboard.
- Fixed the linking of entities with assets and contacts.
- Resolved the issue with displaying the correct mobile country code in the contact listing.
- Set the default date to `9999-12-31` to ensure future items (like invoices) are displayed by default.
- Fixed the display issue where file folders were not showing properly during document creation.
- Migrated from Dragula to SortableJS for a more modern, mobile-friendly solution.
- Added Handlebars icons for drag-and-drop items.
- Changed behavior to open Contact and Asset Details pages directly instead of using a modal.
## [25.03.4]
### Fixed
- Ability to remove additional assets from the ticket details screen.
- Fix the ability to remove assets from edit ticket not working when only 1 asset exists.
- Fix Database Backup corruption.
- Client Portal - show ticket number instead of ticket id in ticket listing.
- Add Purchase Reference to copy asset.
- Add Link to asset details from the global search.
- Fix Bulk assign ticket only showing contacts instead of ITFlow users.
## [25.03.3]
### Fixed
- Fix adding ITFlow user.
- Do not alert on inactive recurring invoices.
- Fix ticket user assignment including bulk assignment.
- Fix adding a location phone extension.
- Do not default to +1 Country code, instead default to null.
- Do not format numbers unless a country code is entered.
- Fix editing network location.
- Fix ticket redaction on client replies.
- Remove more from user activity as it requires admin privledges.
- Fix MFA Enforcement page.
## [25.03.2]
### Fixed
- Revert DB.sql change
## [25.03.1]
### Fixed
- Phone number missing in various sections.
- Match Database.
- Client Export Only display licenses users and assets from the selected client only.
## [25.03]
### Fixed
- Resolved missing attachments in ticket replies processed via the email parser.
- Fixed issue where the top half of portrait image uploads appeared cut off at the bottom.
- Ensured all tables and fields use `CHARACTER SET utf8mb4` and `COLLATE utf8mb4_general_ci` for updates and new installations.
- Converted `service_domains` table to use InnoDB instead of MyISAM.
- Fixed the initials function to properly handle UTF-8 characters, preventing contact-related issues.
- Interfaces can now start with `0`.
- Adjusted AI prompt handling to focus solely on content, avoiding unnecessary additions.
### Added / Changed
- Introduced bulk delete functionality for assets.
- Added the ability to redact ticket replies after a ticket is closed.
- Added support for redacting specific text while a ticket is open.
- Switched file upload hashing from SHA256 to MD5 to significantly improve performance.
- Enabled assigning multiple assets to a single ticket.
- Updated all many-to-many tables to support cascading deletes using foreign key associations, improving efficiency, performance, and data integrity.
- Enabled caching for AJAX modals to reduce repeated reloads and enhance browser performance.
- Upgraded DataTables from 2.2.1 to 2.2.2.
- Upgraded TinyMCE from 7.6.1 to 7.7.1, providing a significant performance boost.
- Added “Copy Credentials to Clipboard” button in AJAX asset and contact views.
- Renamed and reorganized several tables.
- Improved theme color organization by grouping primary colors and their related shades.
- Displayed a user icon next to contacts who have user accounts.
- New image uploads are now converted to optimized `.webp` format by default; original files are no longer saved. Existing images remain unchanged.
- Added international phone number support throughout the system.
- Introduced user signatures in preferences, which are now appended to all ticket replies.
- Optimized search filters to only display defined tags.
- Added “Projects” to the client-side navigation.
- Enabled “Create New Ticket” from within project details.
- Reintroduced batch payment functionality in client invoices.
- Included client abbreviations in both client and global search options.
- Added assigned software license details (User/Asset) to the client PDF export.
- Replaced client-side `pdfMake` with the PHP-based `TCPDF` library for generating client export runbooks.
- Introduced the ability to download documents as PDFs.
- Added a “Reference” field to tickets and invoices generated from recurring templates (not yet in active use).
### Breaking Changes
> **Important:** To update to this version, you **must** run the following commands from the command line from the scripts directory:
>
> ```bash
> php update_cli.php
> php update_cli.php --db_update
> ```
>
> Repeat `--db_update` until no further updates are found.
>
> **Back up your system before upgrading.**
> This version includes numerous backend changes critical for future development.
## [25.02.4]
### Fixed
- Resolved issue preventing the addition or editing of licenses when no vendor was selected.
- Fixed several undeclared variables in AJAX contact details.
- Corrected the contact ticket count display.
- Addressed an issue where clicking "More Details" in AJAX contact/asset details failed to include the `client_id` in the URL.
- Fixed an issue with recurring invoices in the client URL: clicking "Inactive" or "Active" would unexpectedly navigate away from the client section.
- Added new php function getFieldById() to return a record using just an id and sanitized as well.
## [25.02.3]
### Fixed
- Fixed notifications being reversed as dismissed notifications.
## [25.02.2]
### Fixed
- Corrected some edit modals not showing notes correctly.
- Bugfix: When exporting to CSV, the first asset wasn't being shown.
- Fix broken create / edit credentials.
- Fixed missing Notificatons link.
- Fixed a few dead links.
- Fixed Overdue count also counting Non-Billable Invoices.
- Fix Edit Client Notes.
### Added / Changed
- Implemented SSL certificate history tracking.
- Added Inactive / Active Filter to Recurring Invoices.
- Merged Dismissed notifications and notification in one.
- Added Link Button to addd / edit Document WYSIWYG.
- Added Physical location to the asset export / import.
## [25.02.1]
### Fixed
- Resolved broken links in the client overview, project and client listings, and rack details.
- Corrected asset transfer functionality to clients.
- Fixed the ticket scheduling redirect.
- Corrected the ticket link in the Scheduled Ticket Agent Notification email.
- Addressed issues with credentials and ticket actions in the Contact Detail Modal.
- Fixed text wrapping in notifications.
- Adjusted notifications so that they are sorted with the newest first.
- Fixed drag-and-drop functionality for tickets in the Kanban view on mobile devices.
- Resolved a weird issue with TinyMCE that prevented using links referencing your ITFlow instance url.
- Corrected image orientation issues during upload and the preview optimization process.
### Added / Changed
- Introduced entity link indicator icons and counts in the contacts and credentials section.
- Implemented a fade animation for the new AJAX modal.
- Removed the Client Overview Expire Day Select and replaced it with simplified 1, 7, or 45-day options.
- Added the ability to link and unlink entities within asset details.
- Introduced quick tag/category creation across the app.
- Added a Vendor Quick Details Modal.
- Enabled vendor linking and added a License Purchase Reference in the Software Licenses section.
- Added download original, optimized and thumbnail option for images.
- Added Paid status to the top corner of Invoice PDFs.
## [25.02] ## [25.02]
### Fixed ### Fixed
- Migrated several reports to the new permissions/roles system. - Migrated several reports to the new permissions/roles system
- Resolved issue with empty task box showing for closed/resolved tickets. - Resolved issue with empty task box showing for closed/resolved tickets
- Corrected ticket priority sorting. - Corrected ticket priority sorting
- Cloned asset interfaces when transferring assets between clients. - Cloned asset interfaces when transferring assets between clients
### Added / Changed ### Added / Changed
- Restored max number of records per page option back to 500 since we dont have repeating modals. - Restored max number of records per page option back to 500 since we dont have repeating modals.
- Bulk Categorize Tickets feature. - Bulk Categorize Tickets feature
- Renamed "Interface port" to "Interface Description." "Interface Name" should now refer to port name and/or number. - Renamed "Interface port" to "Interface Description." "Interface Name" should now refer to port name and/or number
- Changed "Transfer Asset to Client" from a single action to a bulk action. - Changed "Transfer Asset to Client" from a single action to a bulk action
- Updated Filter Footer UI to show "Showing x to x of x records" instead of just the total records. - Updated Filter Footer UI to show "Showing x to x of x records" instead of just the total records
- Added Client Overview section to view client assets, contacts, licenses, credentials, etc. - Added Client Overview section to view client assets, contacts, licenses, credentials, etc.
- Introduced Quick Peek for asset details, contact information, and document viewing throughout the ITFlow App, all made possible by AJAX. - Introduced Quick Peek for asset details, contact information, and document viewing throughout the ITFlow App, all made possible by AJAX
- Enabled Simple Drag-and-Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks, and Ticket Template Tasks. - Enabled Simple Drag-and-Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks, and Ticket Template Tasks
- Added new Ticket View options: Kanban and Simple View. - Added new Ticket View options: Kanban and Simple View
- Migrated all repeating modals to the new AJAX modal function for faster loading times and quicker development. - Migrated all repeating modals to the new AJAX modal function for faster loading times and quicker development
- Allowed clients to upload PDF documents to accepted quotes. - Allowed clients to upload PDF documents to accepted quotes
- Client Portal now shows ticket category. - Client Portal now shows ticket category
- Custom links can now be added to the Client Portal navbar. - Custom links can now be added to the Client Portal navbar
- Lots of little tweaks to UI, performance, bugs, etc. - Lots of little tweaks to UI, performance, bugs, etc.
### Breaking Changes ### Breaking Changes
- Cron scripts have officially been moved to the /scripts folder and are no longer in the root directory; they must be updated to function properly. - Cron scripts have officially been moved to the /scripts folder and are no longer in the root directory; they must be updated to function properly
## [25.01.3] ## [25.01.3]
### Fixed ### Fixed

1
README.md
View File

@@ -93,7 +93,6 @@ If you want to improve ITFlow, feel free to fork the repo and create a pull requ
Were incredibly grateful to the organizations and individuals who support the project - a big thank you to: Were incredibly grateful to the organizations and individuals who support the project - a big thank you to:
- CompuMatter - CompuMatter
- F1 for HELP - F1 for HELP
- JetBrains (PhpStorm)
## License ## License
ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details. ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details.

6
SECURITY.md
View File

@@ -12,8 +12,10 @@
We operate a rolling release model. Any bug fixes will be released into latest version of ITFlow, so you must stay up-to-date. We operate a rolling release model. Any bug fixes will be released into latest version of ITFlow, so you must stay up-to-date.
| Version | Supported | | Version | Supported |
|---------| ------------------ | | ------- | ------------------ |
| 25.05 | :white_check_mark: | | Beta | :x: |
| 24.12 | :white_check_mark: |
| 25.1 | :white_check_mark: (When released) |
## Reporting a Vulnerability via GitHub Security Advisories ## Reporting a Vulnerability via GitHub Security Advisories

3
accounts.php
View File

@@ -9,6 +9,9 @@ require_once "includes/inc_all.php";
// Perms // Perms
enforceUserPermission('module_financial'); enforceUserPermission('module_financial');
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM accounts "SELECT SQL_CALC_FOUND_ROWS * FROM accounts

4
admin_api.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM api_keys "SELECT SQL_CALC_FOUND_ROWS * FROM api_keys

7
admin_app_log.php
View File

@@ -26,6 +26,9 @@ if (isset($_GET['category']) & !empty($_GET['catergory'])) {
$category_filter = ''; $category_filter = '';
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM app_logs "SELECT SQL_CALC_FOUND_ROWS * FROM app_logs
@@ -45,10 +48,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<h3 class="card-title"><i class="fas fa-fw fa-history mr-2"></i>App Logs</h3> <h3 class="card-title"><i class="fas fa-fw fa-history mr-2"></i>App Logs</h3>
</div> </div>
<div class="card-body"> <div class="card-body">
<form autocomplete="off"> <form class="mb-4" autocomplete="off">
<div class="row"> <div class="row">
<div class="col-sm-4"> <div class="col-sm-4">
<div class="form-group">
<div class="input-group"> <div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search app logs"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search app logs">
<div class="input-group-append"> <div class="input-group-append">
@@ -57,7 +59,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
</div> </div>
</div> </div>
</div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="form-group"> <div class="form-group">

15
admin_audit_log.php
View File

@@ -46,6 +46,9 @@ if (isset($_GET['action']) & !empty($_GET['action'])) {
$action_filter = ''; $action_filter = '';
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs "SELECT SQL_CALC_FOUND_ROWS * FROM logs
@@ -72,7 +75,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<form class="mb-4" autocomplete="off"> <form class="mb-4" autocomplete="off">
<div class="row"> <div class="row">
<div class="col-sm-4"> <div class="col-sm-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search audit logs"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search audit logs">
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button> <button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
@@ -82,7 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="client" onchange="this.form.submit()"> <select class="form-control select2" name="client" onchange="this.form.submit()">
<option value="">- All Clients -</option> <option value="">- All Clients -</option>
@@ -102,7 +105,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="user" onchange="this.form.submit()"> <select class="form-control select2" name="user" onchange="this.form.submit()">
<option value="">- All Users -</option> <option value="">- All Users -</option>
@@ -122,7 +125,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="type" onchange="this.form.submit()"> <select class="form-control select2" name="type" onchange="this.form.submit()">
<option value="">- All Types -</option> <option value="">- All Types -</option>
@@ -141,7 +144,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="action" onchange="this.form.submit()"> <select class="form-control select2" name="action" onchange="this.form.submit()">
<option value="">- All Actions -</option> <option value="">- All Actions -</option>
@@ -195,7 +198,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<hr> <hr>
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-sm table-striped table-borderless table-hover"> <table class="table table-sm table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?> text-nowrap"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=log_created_at&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=log_created_at&order=<?php echo $disp; ?>">

10
admin_backup.php
View File

@@ -8,7 +8,7 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<div class="card-body" style="text-align: center;"> <div class="card-body" style="text-align: center;">
<div class="alert alert-secondary">If you are unable to back up the entire VM, you'll need to back up the files & database individually. There is no built-in restore. See the <a href="https://docs.itflow.org/backups" target="_blank">docs here</a>.</div> <div class="alert alert-secondary">If you are unable to back up the entire VM, you'll need to back up the files & database individually. There is no built-in restore. See the <a href="https://docs.itflow.org/backups" target="_blank">docs here</a>.</div>
<a class="btn btn-primary btn-lg p-3" href="post.php?download_backup&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"><i class="fas fa-fw fa-4x fa-download"></i><br><br>Download Backup</a> <a class="btn btn-primary btn-lg p-3" href="post.php?download_database&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"><i class="fas fa-fw fa-4x fa-download"></i><br><br>Download database</a>
</div> </div>
</div> </div>
@@ -20,12 +20,12 @@ require_once "includes/inc_all_admin.php";
<div class="card-body"> <div class="card-body">
<form action="post.php" method="POST"> <form action="post.php" method="POST">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="d-flex justify-content-center"> <div class="row d-flex justify-content-center">
<div class="input-group col-sm-4"> <div class="input-group col-4">
<div class="input-group-prepend">
<input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required> <input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required>
<div class="input-group-append">
<button class="btn btn-primary" type="submit" name="backup_master_key"><i class="fas fa-key"></i></button>
</div> </div>
<button class="btn btn-primary" type="submit" name="backup_master_key"><i class="fas fa-fw fa-key mr-2"></i>Get Master Key</button>
</div> </div>
</div> </div>
</form> </form>

12
admin_category.php
View File

@@ -13,6 +13,10 @@ if (isset($_GET['category'])) {
$category = "Expense"; $category = "Expense";
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM categories "SELECT SQL_CALC_FOUND_ROWS * FROM categories
@@ -23,6 +27,10 @@ $sql = mysqli_query(
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (isset($_GET['archived'])) {
$category = "Archived";
}
?> ?>
<div class="card card-dark"> <div class="card card-dark">
@@ -90,7 +98,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} else { } else {
echo 'btn-default'; echo 'btn-default';
} ?>">Ticket</a> } ?>">Ticket</a>
<a href="?<?php echo $url_query_strings_sort ?>&archived=1" <a href="?archived=1"
class="btn <?php if (isset($_GET['archived'])) { class="btn <?php if (isset($_GET['archived'])) {
echo 'btn-primary'; echo 'btn-primary';
} else { } else {
@@ -142,7 +150,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<?php <?php
if ($archived) { if ($category == "Archived") {
?> ?>
<a class="dropdown-item text-success confirm-link" <a class="dropdown-item text-success confirm-link"
href="post.php?unarchive_category=<?php echo $category_id; ?>"> href="post.php?unarchive_category=<?php echo $category_id; ?>">

4
admin_custom_link.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_links "SELECT SQL_CALC_FOUND_ROWS * FROM custom_links

26
admin_debug.php
View File

@@ -296,13 +296,7 @@ if ($tablesResult) {
while ($table = $tablesResult->fetch_assoc()) { while ($table = $tablesResult->fetch_assoc()) {
$tableName = $table['Name']; $tableName = $table['Name'];
$tableRows = $table['Rows'];
// Accurate row count
$countResult = $mysqli->query("SELECT COUNT(*) AS cnt FROM `$tableName`");
$countRow = $countResult->fetch_assoc();
$tableRows = $countRow['cnt'];
$countResult->free();
$dataLength = $table['Data_length']; $dataLength = $table['Data_length'];
$indexLength = $table['Index_length']; $indexLength = $table['Index_length'];
$tableSize = ($dataLength + $indexLength) / (1024 * 1024); // Size in MB $tableSize = ($dataLength + $indexLength) / (1024 * 1024); // Size in MB
@@ -342,6 +336,11 @@ if ($tablesResult) {
'name' => 'Total database size (MB)', 'name' => 'Total database size (MB)',
'value' => round($totalSize, 2) . ' MB', 'value' => round($totalSize, 2) . ' MB',
]; ];
} else {
$databaseStats[] = [
'name' => 'Database connection error',
'value' => $mysqli->error,
];
} }
// Section: Database Structure Comparison // Section: Database Structure Comparison
@@ -519,7 +518,6 @@ $mysqli->close();
</ul> </ul>
<hr> <hr>
<div class="table-responsive">
<table class="table table-bordered mb-3"> <table class="table table-bordered mb-3">
<tr> <tr>
<th>ITFlow release version</th> <th>ITFlow release version</th>
@@ -538,7 +536,6 @@ $mysqli->close();
<td><?php echo $gitBranch; ?></td> <td><?php echo $gitBranch; ?></td>
</tr> </tr>
</table> </table>
</div>
<!-- System Information Table --> <!-- System Information Table -->
<h3>System Information</h3> <h3>System Information</h3>
@@ -555,7 +552,6 @@ $mysqli->close();
<!-- PHP Extensions and Configuration Table --> <!-- PHP Extensions and Configuration Table -->
<h3 class="mt-3">PHP Extensions and Configuration</h3> <h3 class="mt-3">PHP Extensions and Configuration</h3>
<div class="table-responsive">
<table class="table table-sm table-bordered"> <table class="table table-sm table-bordered">
<!-- PHP Extensions Section --> <!-- PHP Extensions Section -->
<thead> <thead>
@@ -682,12 +678,11 @@ $mysqli->close();
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
</table> </table>
</div>
<!-- Database Structure Comparison Table --> <!-- Database Structure Comparison Table -->
<h3 class="mt-3">Database Structure Comparison</h3> <h3 class="mt-3">Database Structure Comparison</h3>
<div class="table-responsive">
<table class="table table-sm table-bordered"> <table class="table table-sm table-bordered">
<tbody> <tbody>
<?php if (!empty($dbComparison)): ?> <?php if (!empty($dbComparison)): ?>
@@ -704,11 +699,9 @@ $mysqli->close();
<?php endif; ?> <?php endif; ?>
</tbody> </tbody>
</table> </table>
</div>
<!-- Uploads Directory Stats Table --> <!-- Uploads Directory Stats Table -->
<h3 class="mt-3">Uploads Directory Stats</h3> <h3 class="mt-3">Uploads Directory Stats</h3>
<div class="table-responsive">
<table class="table table-sm table-bordered"> <table class="table table-sm table-bordered">
<tbody> <tbody>
<?php foreach ($uploadsStats as $stat): ?> <?php foreach ($uploadsStats as $stat): ?>
@@ -719,11 +712,9 @@ $mysqli->close();
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
</table> </table>
</div>
<!-- Database Stats Table --> <!-- Database Stats Table -->
<h3 class="mt-3">Database Stats</h3> <h3 class="mt-3">Database Stats</h3>
<div class="table-responsive">
<table class="table table-sm table-bordered"> <table class="table table-sm table-bordered">
<tbody> <tbody>
<?php foreach ($databaseStats as $stat): ?> <?php foreach ($databaseStats as $stat): ?>
@@ -734,11 +725,9 @@ $mysqli->close();
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
</table> </table>
</div>
<!-- Table Stats Table --> <!-- Table Stats Table -->
<h3 class="mt-3">Table Stats</h3> <h3 class="mt-3">Table Stats</h3>
<div class="table-responsive">
<table class="table table-sm table-bordered"> <table class="table table-sm table-bordered">
<thead> <thead>
<tr> <tr>
@@ -757,7 +746,6 @@ $mysqli->close();
<?php endforeach; ?> <?php endforeach; ?>
</tbody> </tbody>
</table> </table>
</div>
</div> </div>

60
admin_document_template.php
View File

@@ -1,16 +1,27 @@
<?php <?php
// Default Column Sort by Filter // Default Column Sort by Filter
$sort = "document_template_name"; $sort = "document_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
// Search query SQL snippet
if (!empty($q)) {
$query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q') OR document_name LIKE '%$q%')";
} else {
$query_snippet = ""; // empty
}
// Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM document_templates "SELECT SQL_CALC_FOUND_ROWS * FROM documents
LEFT JOIN users ON document_template_created_by = user_id LEFT JOIN users ON document_created_by = user_id
WHERE user_name LIKE '%$q%' OR document_template_name LIKE '%$q%' WHERE document_template = 1
$query_snippet
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -44,18 +55,18 @@
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_name&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">
Template Name <?php if ($sort == 'document_template_name') { echo $order_icon; } ?> Template Name <?php if ($sort == 'document_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_created_at&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'document_template_created_at') { echo $order_icon; } ?> Created <?php if ($sort == 'document_created_at') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_updated_at&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">
Updated <?php if ($sort == 'document_template_updated_at') { echo $order_icon; } ?> Updated <?php if ($sort == 'document_updated_at') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th class="text-center"> <th class="text-center">
@@ -67,26 +78,27 @@
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$document_template_id = intval($row['document_template_id']); $document_id = intval($row['document_id']);
$document_template_name = nullable_htmlentities($row['document_template_name']); $document_name = nullable_htmlentities($row['document_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']); $document_description = nullable_htmlentities($row['document_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']); $document_content = nullable_htmlentities($row['document_content']);
$document_template_created_by_name = nullable_htmlentities($row['user_name']); $document_created_by_name = nullable_htmlentities($row['user_name']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']); $document_created_at = nullable_htmlentities($row['document_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']); $document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
?> ?>
<tr> <tr>
<td> <td>
<a class="text-bold" href="admin_document_template_details.php?document_template_id=<?php echo $document_template_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_template_name; ?></a> <a class="text-bold" href="admin_document_template_details.php?document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_name; ?></a>
<div class="mt-1 text-secondary"><?php echo $document_template_description; ?></div> <div class="mt-1 text-secondary"><?php echo $document_description; ?></div>
</td> </td>
<td> <td>
<?php echo $document_template_created_at; ?> <?php echo $document_created_at; ?>
<div class="text-secondary"><?php echo $document_template_created_by_name; ?></div> <div class="text-secondary"><?php echo $document_created_by_name; ?></div>
</td> </td>
<td><?php echo $document_template_updated_at; ?></td> <td><?php echo $document_updated_at; ?></td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@@ -97,12 +109,12 @@
data-toggle="ajax-modal" data-toggle="ajax-modal"
data-modal-size="xl" data-modal-size="xl"
data-ajax-url="ajax/ajax_document_template_edit.php" data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_template_id; ?>" data-ajax-id="<?php echo $document_id; ?>"
> >
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document_template=<?php echo $document_template_id; ?>"> <a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
</div> </div>

24
admin_document_template_details.php
View File

@@ -11,19 +11,19 @@ $purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config); $purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['document_template_id'])) { if (isset($_GET['document_id'])) {
$document_template_id = intval($_GET['document_template_id']); $document_id = intval($_GET['document_id']);
} }
$sql_document = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id"); $sql_document = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id");
$row = mysqli_fetch_array($sql_document); $row = mysqli_fetch_array($sql_document);
$document_template_name = nullable_htmlentities($row['document_template_name']); $document_name = nullable_htmlentities($row['document_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']); $document_description = nullable_htmlentities($row['document_description']);
$document_template_content = $purifier->purify($row['document_template_content']); $document_content = $purifier->purify($row['document_content']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']); $document_created_at = nullable_htmlentities($row['document_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']); $document_updated_at = nullable_htmlentities($row['document_updated_at']);
?> ?>
@@ -37,27 +37,27 @@ $document_template_updated_at = nullable_htmlentities($row['document_template_up
<li class="breadcrumb-item"> <li class="breadcrumb-item">
<a href="admin_document_template.php">Document Templates</a> <a href="admin_document_template.php">Document Templates</a>
</li> </li>
<li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_template_name; ?></li> <li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_name; ?></li>
</ol> </ol>
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_template_name; ?></h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_name; ?></h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" <button type="button" class="btn btn-primary"
data-toggle="ajax-modal" data-toggle="ajax-modal"
data-modal-size="xl" data-modal-size="xl"
data-ajax-url="ajax/ajax_document_template_edit.php" data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_template_id; ?>" data-ajax-id="<?php echo $document_id; ?>"
> >
<i class="fas fa-edit mr-2"></i>Edit <i class="fas fa-edit mr-2"></i>Edit
</button> </button>
</div> </div>
</div> </div>
<div class="card-body prettyContent"> <div class="card-body prettyContent">
<?php echo $document_template_content; ?> <?php echo $document_content; ?>
</div> </div>
</div> </div>

3
admin_mail_queue.php
View File

@@ -6,6 +6,9 @@ $order = "DESC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM email_queue "SELECT SQL_CALC_FOUND_ROWS * FROM email_queue

4
admin_project_template.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM project_templates "SELECT SQL_CALC_FOUND_ROWS * FROM project_templates

34
admin_role.php
View File

@@ -1,16 +1,20 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "role_is_admin"; $sort = "user_role_is_admin";
$order = "DESC"; $order = "DESC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM user_roles "SELECT SQL_CALC_FOUND_ROWS * FROM user_roles
WHERE (role_name LIKE '%$q%' OR role_description LIKE '%$q%') WHERE (user_roles.user_role_name LIKE '%$q%' OR user_roles.user_role_description LIKE '%$q%')
AND role_archived_at IS NULL AND user_roles.user_role_archived_at IS NULL
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -46,17 +50,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<hr> <hr>
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover"> <table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?> text-nowrap"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=role_name&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=user_role_name&order=<?php echo $disp; ?>">
Role <?php if ($sort == 'role_name') { echo $order_icon; } ?> Role <?php if ($sort == 'user_role_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th>Members</th> <th>Members</th>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=role_is_admin&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=user_role_is_admin&order=<?php echo $disp; ?>">
Admin <?php if ($sort == 'role_is_admin') { echo $order_icon; } ?> Admin <?php if ($sort == 'user_role_is_admin') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th class="text-center">Action</th> <th class="text-center">Action</th>
@@ -66,17 +70,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$role_id = intval($row['role_id']); $role_id = intval($row['user_role_id']);
$role_name = nullable_htmlentities($row['role_name']); $role_name = nullable_htmlentities($row['user_role_name']);
$role_description = nullable_htmlentities($row['role_description']); $role_description = nullable_htmlentities($row['user_role_description']);
$role_admin = intval($row['role_is_admin']); $role_admin = intval($row['user_role_is_admin']);
$role_archived_at = nullable_htmlentities($row['role_archived_at']); $role_archived_at = nullable_htmlentities($row['user_role_archived_at']);
// Count number of users that have each role // Count number of users that have each role
$sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(user_id) FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL"); $sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(users.user_id) FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL");
$role_user_count = mysqli_fetch_row($sql_role_user_count)[0]; $role_user_count = mysqli_fetch_row($sql_role_user_count)[0];
$sql_users = mysqli_query($mysqli, "SELECT * FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL"); $sql_users = mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL");
// Initialize an empty array to hold user names // Initialize an empty array to hold user names
$user_names = []; $user_names = [];

24
admin_settings_company.php
View File

@@ -12,14 +12,12 @@ $company_address = nullable_htmlentities($row['company_address']);
$company_city = nullable_htmlentities($row['company_city']); $company_city = nullable_htmlentities($row['company_city']);
$company_state = nullable_htmlentities($row['company_state']); $company_state = nullable_htmlentities($row['company_state']);
$company_zip = nullable_htmlentities($row['company_zip']); $company_zip = nullable_htmlentities($row['company_zip']);
$company_phone_country_code = formatPhoneNumber($row['company_phone_country_code']); $company_phone = formatPhoneNumber($row['company_phone']);
$company_phone = nullable_htmlentities(formatPhoneNumber($row['company_phone'], $company_phone_country_code));
$company_email = nullable_htmlentities($row['company_email']); $company_email = nullable_htmlentities($row['company_email']);
$company_website = nullable_htmlentities($row['company_website']); $company_website = nullable_htmlentities($row['company_website']);
$company_logo = nullable_htmlentities($row['company_logo']); $company_logo = nullable_htmlentities($row['company_logo']);
$company_locale = nullable_htmlentities($row['company_locale']); $company_locale = nullable_htmlentities($row['company_locale']);
$company_currency = nullable_htmlentities($row['company_currency']); $company_currency = nullable_htmlentities($row['company_currency']);
$company_tax_id = nullable_htmlentities($row['company_tax_id']);
$company_initials = nullable_htmlentities(initials($company_name)); $company_initials = nullable_htmlentities(initials($company_name));
@@ -112,18 +110,13 @@ $company_initials = nullable_htmlentities(initials($company_name));
</div> </div>
</div> </div>
<label>Phone</label>
<div class="form-row">
<div class="col-md-9">
<div class="form-group"> <div class="form-group">
<label>Phone</label>
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $company_phone_country_code; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="phone" placeholder="Phone Number" value="<?php echo $company_phone; ?>">
<input type="tel" class="form-control" name="phone" value="<?php echo $company_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
</div> </div>
</div> </div>
@@ -147,16 +140,6 @@ $company_initials = nullable_htmlentities(initials($company_name));
</div> </div>
</div> </div>
<div class="form-group">
<label>Tax ID</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<input type="text" class="form-control" name="tax_id" value="<?php echo $company_tax_id; ?>" placeholder="Tax ID" maxlength="200">
</div>
</div>
<hr> <hr>
<button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
@@ -169,3 +152,4 @@ $company_initials = nullable_htmlentities(initials($company_name));
<?php <?php
require_once "includes/footer.php"; require_once "includes/footer.php";

3
admin_settings_custom_fields.php
View File

@@ -13,6 +13,9 @@ if (isset($_GET['table'])) {
$table = "client_assets"; $table = "client_assets";
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_fields "SELECT SQL_CALC_FOUND_ROWS * FROM custom_fields

22
admin_settings_default.php
View File

@@ -218,6 +218,28 @@ require_once "includes/inc_all_admin.php";
</div> </div>
</div> </div>
<div class="form-group">
<label>Phone Mask</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-phone"></i></span>
</div>
<select class="form-control select2" name="phone_mask">
<?php
$sql = mysqli_query($mysqli, "SELECT config_phone_mask FROM settings WHERE company_id = 1");
while ($row = mysqli_fetch_array($sql)) {
$phone_mask = intval($row['config_phone_mask']);
} ?>
<option <?php if ($phone_mask == 1) { echo "selected"; }?> value=1>
US Format - e.g. (412) 888-9999
</option>
<option <?php if ($phone_mask == 0) { echo "selected"; }?> value=0>
Non-US Format - e.g. 4128889999
</option>
</select>
</div>
</div>
<hr> <hr>
<button type="submit" name="edit_default_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_default_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>

21
admin_identity_provider.php → admin_settings_integration.php
View File

@@ -4,29 +4,13 @@ require_once "includes/inc_all_admin.php";
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-3"> <div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-fingerprint mr-2"></i>Identity Providers</h3> <h3 class="card-title"><i class="fas fa-fw fa-plug mr-2"></i>Integration Settings</h3>
</div> </div>
<div class="card-body"> <div class="card-body">
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<h4>Client Portal SSO via Microsoft Entra</h4> <h4>Client Portal SSO via Microsoft Entra</h4>
<div class="form-group">
<label>Identity Provider <small class='text-secondary'>(Currently only works with Microsft Entra)</small></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fingerprint"></i></span>
</div>
<select class="form-control select2" readonly>
<option <?php if (empty($config_azure_client_id)) { echo "selected"; } ?>>Disabled</option>
<option <?php if ($config_azure_client_id) { echo "selected"; } ?>>Microsoft Entra</option>
<option>Google (WIP)</option>
<option>Custom SSO (WIP)</option>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>MS Entra OAuth App (Client) ID</label> <label>MS Entra OAuth App (Client) ID</label>
<div class="input-group"> <div class="input-group">
@@ -49,10 +33,11 @@ require_once "includes/inc_all_admin.php";
<hr> <hr>
<button type="submit" name="edit_identity_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_integrations_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
</form> </form>
</div> </div>
</div> </div>
<?php require_once "includes/footer.php"; <?php require_once "includes/footer.php";

17
admin_settings_invoice.php
View File

@@ -37,21 +37,12 @@ require_once "includes/inc_all_admin.php";
<textarea class="form-control" rows="4" name="config_invoice_footer"><?php echo nullable_htmlentities($config_invoice_footer); ?></textarea> <textarea class="form-control" rows="4" name="config_invoice_footer"><?php echo nullable_htmlentities($config_invoice_footer); ?></textarea>
</div> </div>
<h5>Show Tax ID On Invoices</h5>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_invoice_show_tax_id" <?php if ($config_invoice_show_tax_id == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
<label class="custom-control-label" for="customSwitch1">Show Tax ID</label>
</div>
</div>
<h5>Invoice Late Fees</h5> <h5>Invoice Late Fees</h5>
<div class="form-group"> <div class="form-group">
<div class="custom-control custom-switch"> <div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_invoice_late_fee_enable" <?php if ($config_invoice_late_fee_enable == 1) { echo "checked"; } ?> value="1" id="customSwitch2"> <input type="checkbox" class="custom-control-input" name="config_invoice_late_fee_enable" <?php if ($config_invoice_late_fee_enable == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
<label class="custom-control-label" for="customSwitch2">Enable Late Fee</label> <label class="custom-control-label" for="customSwitch1">Enable Late Fee</label>
</div> </div>
</div> </div>
@@ -86,7 +77,7 @@ require_once "includes/inc_all_admin.php";
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span>
</div> </div>
<input type="text" class="form-control" name="config_recurring_invoice_prefix" placeholder="Recurring Invoice Prefix" value="<?php echo nullable_htmlentities($config_recurring_invoice_prefix); ?>" required> <input type="text" class="form-control" name="config_recurring_prefix" placeholder="Recurring Prefix" value="<?php echo nullable_htmlentities($config_recurring_prefix); ?>" required>
</div> </div>
</div> </div>
@@ -96,7 +87,7 @@ require_once "includes/inc_all_admin.php";
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span>
</div> </div>
<input type="number" min="0" class="form-control" name="config_recurring_invoice_next_number" placeholder="Next Recurring Invoice Number" value="<?php echo intval($config_recurring_invoice_next_number); ?>" required> <input type="number" min="0" class="form-control" name="config_recurring_next_number" placeholder="Next Recurring Number" value="<?php echo intval($config_recurring_next_number); ?>" required>
</div> </div>
</div> </div>

2
admin_settings_mail.php
View File

@@ -319,7 +319,7 @@ require_once "includes/inc_all_admin.php";
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="input-group-append"> <div class="input-group-append">
<button type="submit" name="test_email_imap" class="btn btn-success" disabled><i class="fas fa-fw fa-inbox mr-2"></i>Test (WIP)</button> <button type="submit" name="test_email_imap" class="btn btn-success"><i class="fas fa-fw fa-inbox mr-2"></i>Test</button>
</div> </div>
</form> </form>
</div> </div>

9
admin_settings_notification.php
View File

@@ -18,7 +18,7 @@ require_once "includes/inc_all_admin.php";
<label class="custom-control-label" for="enableCronSwitch">Enable Cron (recommended) <small>(several cron scripts must also be added to cron with correct schedules, <a href="https://docs.itflow.org/cron">docs</a>)</small></label> <label class="custom-control-label" for="enableCronSwitch">Enable Cron (recommended) <small>(several cron scripts must also be added to cron with correct schedules, <a href="https://docs.itflow.org/cron">docs</a>)</small></label>
</div> </div>
</div> </div>
<div class="table-responsive">
<table class="table table-bordered"> <table class="table table-bordered">
<thead class="thead-dark"> <thead class="thead-dark">
<tr> <tr>
@@ -37,7 +37,7 @@ require_once "includes/inc_all_admin.php";
<th> <th>
<div><i class="fas fa-fw fa-globe mr-2"></i>Domain Expiration Notice</div> <div><i class="fas fa-fw fa-globe mr-2"></i>Domain Expiration Notice</div>
<small class="text-muted"> <small class="text-muted">
(This setting triggers a notification when a domain is approaching its expiration date, specifically at 1, 7 and 45 days prior to expiry.) (This setting triggers a notification when a domain is approaching its expiration date, specifically at 1, 7, 14, 30 and 90 days prior to expiry.)
</small> </small>
</th> </th>
<td> <td>
@@ -54,7 +54,7 @@ require_once "includes/inc_all_admin.php";
<th> <th>
<div><i class="fas fa-fw fa-lock mr-2"></i>Certificate Expiration Notice</div> <div><i class="fas fa-fw fa-lock mr-2"></i>Certificate Expiration Notice</div>
<small class="text-muted"> <small class="text-muted">
(This setting triggers a notification when a certificate is approaching its expiration date, specifically at 1, 7 and 45 days prior to expiry.) (This setting triggers a notification when a certificate is approaching its expiration date, specifically at 1, 7, 14, 30 and 90 days prior to expiry.)
</small> </small>
</th> </th>
<td> <td>
@@ -67,7 +67,7 @@ require_once "includes/inc_all_admin.php";
<th> <th>
<div><i class="fas fa-fw fa-desktop mr-2"></i>Asset Warranty Expiration Notice</div> <div><i class="fas fa-fw fa-desktop mr-2"></i>Asset Warranty Expiration Notice</div>
<small class="text-muted"> <small class="text-muted">
(This setting triggers a notification when an asset is approaching its expiration date, specifically at 1, 7 and 45 days prior to expiry.) (This setting triggers a notification when an asset is approaching its expiration date, specifically at 1, 7, 14, 30 and 90 days prior to expiry.)
</small> </small>
</th> </th>
<td> <td>
@@ -170,7 +170,6 @@ require_once "includes/inc_all_admin.php";
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div>
<hr> <hr>

2
admin_settings_online_payment.php
View File

@@ -76,7 +76,7 @@ require_once "includes/inc_all_admin.php";
<option value="">- Do not expense Stripe fees -</option> <option value="">- Do not expense Stripe fees -</option>
<?php <?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC"); $sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) { while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id = intval($row['vendor_id']); $vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']); $vendor_name = nullable_htmlentities($row['vendor_name']);

15
admin_settings_online_payment_clients.php
View File

@@ -11,15 +11,13 @@ $stripe_clients_sql = mysqli_query($mysqli, "SELECT * FROM client_stripe LEFT JO
</div> </div>
<div class="card-body"> <div class="card-body">
<div class="table-responsive">
<table class="table border border-dark"> <table class="table border border-dark">
<thead class="thead-dark text-nowrap"> <thead class="thead-dark">
<tr> <tr>
<th>Client</th> <th>Client</th>
<th>Stripe Customer ID</th> <th>Stripe Customer ID</th>
<th>Stripe Payment ID</th> <th>Stripe Payment ID</th>
<th>Payment Details</th>
<th>Created</th>
<th class="text-center">Action</th> <th class="text-center">Action</th>
</tr> </tr>
</thead> </thead>
@@ -31,17 +29,13 @@ $stripe_clients_sql = mysqli_query($mysqli, "SELECT * FROM client_stripe LEFT JO
$client_name = nullable_htmlentities($row['client_name']); $client_name = nullable_htmlentities($row['client_name']);
$stripe_id = nullable_htmlentities($row['stripe_id']); $stripe_id = nullable_htmlentities($row['stripe_id']);
$stripe_pm = nullable_htmlentities($row['stripe_pm']); $stripe_pm = nullable_htmlentities($row['stripe_pm']);
$stripe_pm_details = nullable_htmlentities($row['stripe_pm_details']);
$stripe_pm_created_at = nullable_htmlentities($row['stripe_pm_created_at']);
?> ?>
<tr> <tr>
<td><?php echo "$client_name ($client_id)"; ?></td> <td><?php echo "$client_name ($client_id)" ?></td>
<td><?php echo $stripe_id; ?></td> <td><?php echo $stripe_id; ?></td>
<td><?php echo $stripe_pm; ?></td> <td><?php echo $stripe_pm ?></td>
<td><?php echo $stripe_pm_details; ?></td>
<td><?php echo $stripe_pm_created_at; ?></td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@@ -67,7 +61,6 @@ $stripe_clients_sql = mysqli_query($mysqli, "SELECT * FROM client_stripe LEFT JO
</tbody> </tbody>
</table> </table>
</div>
</div> </div>

2
admin_settings_theme.php
View File

@@ -19,7 +19,7 @@ require_once "includes/inc_all_admin.php";
?> ?>
<div class="col-4 text-center mb-3"> <div class="col-3 text-center mb-3">
<div class="form-group"> <div class="form-group">
<div class="custom-control custom-radio"> <div class="custom-control custom-radio">
<input class="custom-control-input" type="radio" onchange="this.form.submit()" id="customRadio<?php echo $theme_color; ?>" name="edit_theme_settings" value="<?php echo $theme_color; ?>" <?php if ($config_theme == $theme_color) { echo "checked"; } ?>> <input class="custom-control-input" type="radio" onchange="this.form.submit()" id="customRadio<?php echo $theme_color; ?>" name="edit_theme_settings" value="<?php echo $theme_color; ?>" <?php if ($config_theme == $theme_color) { echo "checked"; } ?>>

32
admin_settings_ticket.php
View File

@@ -53,13 +53,6 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php } ?> <?php } ?>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_timer_autostart" <?php if ($config_ticket_timer_autostart == 1) { echo "checked"; } ?> value="1" id="ticketTimerSwitch">
<label class="custom-control-label" for="ticketTimerSwitch">Autostart Ticket Timer <small class="text-secondary">(This option will control if the timer starts automatically or manually)</small></label>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Number of hours to auto close resolved tickets</label> <label>Number of hours to auto close resolved tickets</label>
<div class="input-group"> <div class="input-group">
@@ -80,31 +73,6 @@ require_once "includes/inc_all_admin.php";
</div> </div>
</div> </div>
<div class="form-group">
<label>Tickets Default View</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<select class="form-control" name="config_ticket_default_view">
<option value=0 <?php if ($config_ticket_default_view == 0) { echo "selected"; } ?>>List</option>
<option value=1 <?php if ($config_ticket_default_view == 1) { echo "selected"; } ?>>Compact</option>
<option value=2 <?php if ($config_ticket_default_view == 2) { echo "selected"; } ?>>Kanban</option>
</select>
</div>
</div>
<div class="form-group">
<label>Kanban Settings</label>
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_ordering" <?php if ($config_ticket_ordering == 1) { echo "checked"; } ?> value="1" id="ticketOrderingSwitch">
<label class="custom-control-label" for="ticketOrderingSwitch">Allow ticket ordering within its column<small class="text-secondary">(uncheked will result in ordering it by priority and id)</small></label>
</div>
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_moving_columns" <?php if ($config_ticket_moving_columns == 1) { echo "checked"; } ?> value="1" id="ticketMovingColumnsSwitch">
<label class="custom-control-label" for="ticketMovingColumnsSwitch">Allow moving columns</label>
</div>
</div>
<hr> <hr>
<button type="submit" name="edit_ticket_settings" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_ticket_settings" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>

51
admin_software_template.php
View File

@@ -1,15 +1,20 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "software_template_name"; $sort = "software_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM software_templates "SELECT SQL_CALC_FOUND_ROWS * FROM software
WHERE software_template_name LIKE '%$q%' OR software_template_type LIKE '%$q%' WHERE software_template = 1
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%')
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -48,18 +53,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>"> <thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_name&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_name&order=<?php echo $disp; ?>">
Template <?php if ($sort == 'software_template_name') { echo $order_icon; } ?> Template <?php if ($sort == 'software_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_type&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_type&order=<?php echo $disp; ?>">
Type <?php if ($sort == 'software_template_type') { echo $order_icon; } ?> Type <?php if ($sort == 'software_type') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_license_type&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_license_type&order=<?php echo $disp; ?>">
License Type <?php if ($sort == 'software_template_license_type') { echo $order_icon; } ?> License Type <?php if ($sort == 'software_license_type') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th class="text-center">Action</th> <th class="text-center">Action</th>
@@ -69,41 +74,41 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$software_template_id = intval($row['software_template_id']); $software_id = intval($row['software_id']);
$software_template_name = nullable_htmlentities($row['software_template_name']); $software_name = nullable_htmlentities($row['software_name']);
$software_template_version = nullable_htmlentities($row['software_template_version']); $software_version = nullable_htmlentities($row['software_version']);
$software_template_description = nullable_htmlentities($row['software_template_description']); $software_description = nullable_htmlentities($row['software_description']);
$software_template_type = nullable_htmlentities($row['software_template_type']); $software_type = nullable_htmlentities($row['software_type']);
$software_template_license_type = nullable_htmlentities($row['software_template_license_type']); $software_license_type = nullable_htmlentities($row['software_license_type']);
$software_template_notes = nullable_htmlentities($row['software_template_notes']); $software_notes = nullable_htmlentities($row['software_notes']);
?> ?>
<tr> <tr>
<td> <td>
<a class="text-dark" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_template_id; ?>"> <a class="text-dark" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_id; ?>">
<div class="media"> <div class="media">
<i class="fa fa-fw fa-2x fa-cube mr-3"></i> <i class="fa fa-fw fa-2x fa-cube mr-3"></i>
<div class="media-body"> <div class="media-body">
<div><?php echo "$software_template_name <span>$software_template_version</span>"; ?></div> <div><?php echo "$software_name <span>$software_version</span>"; ?></div>
<div><small class="text-secondary"><?php echo $software_template_description; ?></small></div> <div><small class="text-secondary"><?php echo $software_description; ?></small></div>
</div> </div>
</div> </div>
</a> </a>
</td> </td>
<td><?php echo $software_template_type; ?></td> <td><?php echo $software_type; ?></td>
<td><?php echo $software_template_license_type; ?></td> <td><?php echo $software_license_type; ?></td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_template_id; ?>"> <a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if($session_user_role == 3) { ?> <?php if($session_user_role == 3) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_software_template=<?php echo $software_template_id; ?>"> <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_software=<?php echo $software_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
<?php } ?> <?php } ?>

4
admin_tag.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM tags "SELECT SQL_CALC_FOUND_ROWS * FROM tags

4
admin_tax.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT * FROM taxes "SELECT * FROM taxes

16
admin_ticket_status.php
View File

@@ -1,11 +1,15 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "ticket_status_order"; $sort = "ticket_status_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM ticket_statuses "SELECT SQL_CALC_FOUND_ROWS * FROM ticket_statuses
@@ -75,7 +79,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if ($ticket_status_active) { if ($ticket_status_active) {
$ticket_status_display = "<div class='text-success text-bold'>Active</div>"; $ticket_status_display = "<div class='text-success text-bold'>Active</div>";
} else { } else {
$ticket_status_display = "<div class='text-secondary'>Inactive</div>"; $ticket_status_display = "<div class='text-secondary'>Disabled</div>";
} }
?> ?>
@@ -93,6 +97,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<span class='badge badge-pill text-light p-2' style="background-color: <?php echo $ticket_status_color; ?>"><?php echo $ticket_status_name; ?></span> <span class='badge badge-pill text-light p-2' style="background-color: <?php echo $ticket_status_color; ?>"><?php echo $ticket_status_name; ?></span>
<td><?php echo $ticket_status_display; ?></td> <td><?php echo $ticket_status_display; ?></td>
<td> <td>
<?php if ( $ticket_status_id > 5 ) { ?>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
@@ -101,14 +106,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_custom_ticket_status_edit.php" data-ajax-id="<?php echo $ticket_status_id; ?>"> <a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_custom_ticket_status_edit.php" data-ajax-id="<?php echo $ticket_status_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if (!$ticket_status_active) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket_status=<?php echo $ticket_status_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token']; ?>"> <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket_status=<?php echo $ticket_status_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
</div>
</div>
<?php } ?> <?php } ?>
</div>
</div>
</td> </td>
</tr> </tr>

4
admin_ticket_template.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM ticket_templates "SELECT SQL_CALC_FOUND_ROWS * FROM ticket_templates

73
admin_ticket_template_details.php
View File

@@ -20,7 +20,7 @@ $sql_ticket_templates = mysqli_query($mysqli, "SELECT * FROM ticket_templates WH
$row = mysqli_fetch_array($sql_ticket_templates); $row = mysqli_fetch_array($sql_ticket_templates);
$ticket_template_name = nullable_htmlentities($row['ticket_template_name']); $ticket_template_name = nullable_htmlentities($row['ticket_template_name']);
//$ticket_template_description = nullable_htmlentities($row['ticket_template_description']); $ticket_template_description = nullable_htmlentities($row['ticket_template_description']);
$ticket_template_subject = nullable_htmlentities($row['ticket_template_subject']); $ticket_template_subject = nullable_htmlentities($row['ticket_template_subject']);
$ticket_template_details = $purifier->purify($row['ticket_template_details']); $ticket_template_details = $purifier->purify($row['ticket_template_details']);
$ticket_template_created_at = nullable_htmlentities($row['ticket_template_created_at']); $ticket_template_created_at = nullable_htmlentities($row['ticket_template_created_at']);
@@ -30,6 +30,7 @@ $ticket_template_updated_at = nullable_htmlentities($row['ticket_template_update
$sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id ORDER BY task_template_order ASC, task_template_id ASC"); $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id ORDER BY task_template_order ASC, task_template_id ASC");
?> ?>
<link rel="stylesheet" href="plugins/dragula/dragula.min.css">
<ol class="breadcrumb d-print-none"> <ol class="breadcrumb d-print-none">
<li class="breadcrumb-item"> <li class="breadcrumb-item">
@@ -45,7 +46,7 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
</ol> </ol>
<div class="row"> <div class="row">
<div class="col-9"> <div class="col-8">
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header"> <div class="card-header">
@@ -54,7 +55,7 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
<i class="fa fa-fw fa-2x fa-life-ring mr-3"></i> <i class="fa fa-fw fa-2x fa-life-ring mr-3"></i>
<div class="media-body"> <div class="media-body">
<h3 class="mb-0"><?php echo $ticket_template_name; ?></h3> <h3 class="mb-0"><?php echo $ticket_template_name; ?></h3>
<div><small class="text-secondary"><?php //echo $ticket_template_description; ?></small></div> <div><small class="text-secondary"><?php echo $ticket_template_description; ?></small></div>
</div> </div>
</div> </div>
</h3> </h3>
@@ -72,7 +73,7 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
</div> </div>
<div class="col-3"> <div class="col-4">
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header"> <div class="card-header">
@@ -82,32 +83,38 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_template_id" value="<?php echo $ticket_template_id; ?>"> <input type="hidden" name="ticket_template_id" value="<?php echo $ticket_template_id; ?>">
<div class="form-group"> <div class="form-group">
<div class="input-group input-group-sm"> <div class="input-group">
<input type="text" class="form-control" name="task_name" placeholder="Create a task" required maxlength="200"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tasks"></i></span>
</div>
<input type="text" class="form-control" name="task_name" placeholder="Create a task" required>
<div class="input-group-append"> <div class="input-group-append">
<button type="submit" name="add_ticket_template_task" class="btn btn-primary"><i class="fas fa-fw fa-check"></i></button> <button type="submit" name="add_ticket_template_task" class="btn btn-primary"><i class="fas fa-fw fa-check"></i></button>
</div> </div>
</div> </div>
</div> </div>
</form> </form>
<table class="table table-sm" id="tasks"> <table class="table table-striped table-sm">
<?php <?php
while($row = mysqli_fetch_array($sql_task_templates)){ while($row = mysqli_fetch_array($sql_task_templates)){
$task_id = intval($row['task_template_id']); $task_id = intval($row['task_template_id']);
$task_name = nullable_htmlentities($row['task_template_name']); $task_name = nullable_htmlentities($row['task_template_name']);
$task_completion_estimate = intval($row['task_template_completion_estimate']); $task_completion_estimate = intval($row['task_template_completion_estimate']);
//$task_description = nullable_htmlentities($row['task_template_description']); $task_description = nullable_htmlentities($row['task_template_description']);
?> ?>
<tr data-task-id="<?php echo $task_id; ?>"> <tr data-task-id="<?php echo $task_id; ?>">
<td><i class="far fa-fw fa-square text-secondary"></i></td>
<td> <td>
<a href="#" class="drag-handle"><i class="fas fa-bars text-muted mr-2"></i></a> <a href="#" class="grab-cursor">
<span class="text-dark"><?php echo $task_name; ?></span> <span class="text-secondary"><?php echo $task_completion_estimate; ?>m</span>
<span class="text-dark"> - <?php echo $task_name; ?></span>
</a>
</td> </td>
<td class="text-right"> <td class="text-right">
<div class="float-right"> <div class="float-right">
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-light text-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-link text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-v"></i> <i class="fas fa-fw fa-ellipsis-v"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item" href="#" <a class="dropdown-item" href="#"
@@ -138,26 +145,40 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
</div> </div>
<script src="js/pretty_content.js"></script> <script src="js/pretty_content.js"></script>
<script src="plugins/dragula/dragula.min.js"></script>
<script src="plugins/SortableJS/Sortable.min.js"></script>
<script> <script>
new Sortable(document.querySelector('table#tasks tbody'), { $(document).ready(function() {
handle: '.drag-handle', var container = $('.table tbody')[0];
animation: 150,
onEnd: function (evt) {
const rows = document.querySelectorAll('table#tasks tbody tr');
const positions = Array.from(rows).map((row, index) => ({
id: row.dataset.taskId,
order: index
}));
$.post('ajax.php', { dragula([container])
update_task_templates_order: true, .on('drop', function (el, target, source, sibling) {
// Handle the drop event to update the order in the database
var rows = $(container).children();
var positions = rows.map(function(index, row) {
return {
id: $(row).data('taskId'),
order: index
};
}).get();
// Send the new order to the server
$.ajax({
url: 'ajax.php',
method: 'POST',
data: {
update_task_templates_order: true, // Adjust the parameter name if needed
ticket_template_id: <?php echo $ticket_template_id; ?>, ticket_template_id: <?php echo $ticket_template_id; ?>,
positions: positions positions: positions
}); },
success: function(data) {
// Handle success
},
error: function(error) {
console.error('Error updating order:', error);
} }
}); });
});
});
</script> </script>
<?php <?php

30
admin_update.php
View File

@@ -32,11 +32,8 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<?php } ?> <?php } ?>
<?php if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { ?> <?php if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { ?>
<div class="alert alert-danger"> <div class="alert alert-warning">
<h1 class="font-weight-bold text-center">⚠️ DANGER ⚠️</h1> <strong>Ensure you have a current <a href="https://docs.itflow.org/backups">app & database backup</a> before updating!</strong>
<h2 class="font-weight-bold text-center">Do NOT run updates without first taking a backup</h2>
<p>VM Snapshots are highly recommended over other methods - see the <a href="https://docs.itflow.org/backups" class="alert-link" target="_blank">docs</a>. Review the <a href="https://github.com/itflow-org/itflow/blob/master/CHANGELOG.md" class="alert-link" target="_blank">changelog</a> for breaking changes that may require manual remediation.</p>
<p class="text-center font-weight-bold">Ignore this warning at your own risk.</p>
</div> </div>
<br> <br>
<a class="btn btn-dark btn-lg my-4" href="post.php?update_db"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update Database</h5></a> <a class="btn btn-dark btn-lg my-4" href="post.php?update_db"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update Database</h5></a>
@@ -49,17 +46,9 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<?php } else { <?php } else {
if (!empty($git_log)) { ?> if (!empty($git_log)) { ?>
<div class="alert alert-danger">
<h1 class="font-weight-bold text-center">⚠️ DANGER ⚠️</h1>
<h2 class="font-weight-bold text-center">Do NOT run updates without first taking a backup</h2>
<p>VM Snapshots are highly recommended over other methods - see the <a href="https://docs.itflow.org/backups" class="alert-link" target="_blank">docs</a>. Review the <a href="https://github.com/itflow-org/itflow/blob/master/CHANGELOG.md" class="alert-link" target="_blank">changelog</a> for breaking changes that may require manual remediation.</p>
<p class="text-center font-weight-bold">Ignore this warning at your own risk.</p>
</div>
<a class="btn btn-primary btn-lg my-4 confirm-link" href="post.php?no"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>TEST</h5></a> <a class="btn btn-primary btn-lg my-4" href="post.php?update"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update App</h5></a>
<a class="btn btn-danger btn-lg" href="post.php?update&force_update=1"><i class="fas fa-fw fa-4x fa-hammer mb-1"></i><h5>FORCE Update App</h5></a>
<a class="btn btn-primary btn-lg my-4 confirm-link" href="post.php?update"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update App</h5></a>
<a class="btn btn-danger btn-lg confirm-link" href="post.php?update&force_update=1"><i class="fas fa-fw fa-4x fa-hammer mb-1"></i><h5>FORCE Update App</h5></a>
<?php } else { ?> <?php } else { ?>
<p><strong>Application Release Version:<br><strong class="text-dark"><?php echo APP_VERSION; ?></strong></p> <p><strong>Application Release Version:<br><strong class="text-dark"><?php echo APP_VERSION; ?></strong></p>
@@ -67,17 +56,6 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<p class="text-secondary">Code Commit:<br><strong class="text-dark"><?php echo $current_version; ?></strong></p> <p class="text-secondary">Code Commit:<br><strong class="text-dark"><?php echo $current_version; ?></strong></p>
<p class="text-muted">You are up to date!<br>Everything is going to be alright</p> <p class="text-muted">You are up to date!<br>Everything is going to be alright</p>
<i class="far fa-3x text-dark fa-smile-wink"></i><br> <i class="far fa-3x text-dark fa-smile-wink"></i><br>
<?php if (rand(1,10) == 1) { ?>
<br>
<div class="alert alert-info alert-dismissible fade show" role="alert">
You're up to date, but when was the last time you checked your ITFlow backup works?
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<?php } ?>
<?php } <?php }
} }

27
admin_user.php
View File

@@ -6,13 +6,16 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM users "SELECT SQL_CALC_FOUND_ROWS * FROM users, user_settings, user_roles
LEFT JOIN user_roles ON user_role_id = role_id WHERE users.user_id = user_settings.user_id
LEFT JOIN user_settings ON users.user_id = user_settings.user_id AND user_settings.user_role = user_roles.user_role_id
WHERE (user_name LIKE '%$q%' OR user_email LIKE '%$q%') AND (user_name LIKE '%$q%' OR user_email LIKE '%$q%')
AND user_type = 1
AND user_archived_at IS NULL AND user_archived_at IS NULL
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -33,7 +36,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="dropdown-menu"> <div class="dropdown-menu">
<!--<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#userInviteModal"><i class="fas fa-paper-plane mr-2"></i>Invite User</a>--> <!--<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#userInviteModal"><i class="fas fa-paper-plane mr-2"></i>Invite User</a>-->
<?php if ($num_rows[0] > 1) { ?> <?php if ($num_rows[0] > 1) { ?>
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#exportUserModal"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="#" data-toggle="modal" data-target="#resetAllUserPassModal"><i class="fas fa-skull-crossbones mr-2"></i>IR</a> <a class="dropdown-item text-danger" href="#" data-toggle="modal" data-target="#resetAllUserPassModal"><i class="fas fa-skull-crossbones mr-2"></i>IR</a>
<?php } ?> <?php } ?>
@@ -53,6 +55,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
</div> </div>
<div class="col-md-8"> <div class="col-md-8">
<div class="float-right">
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#exportUserModal"><i class="fa fa-fw fa-download mr-2"></i>Export</button>
</div>
</div> </div>
</div> </div>
</form> </form>
@@ -72,8 +77,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</a> </a>
</th> </th>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=role_name&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=user_role&order=<?php echo $disp; ?>">
Role <?php if ($sort == 'role_name') { echo $order_icon; } ?> Role <?php if ($sort == 'user_role') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
@@ -111,8 +116,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$mfa_status_display = "<i class='fas fa-fw fa-lock text-success'></i>"; $mfa_status_display = "<i class='fas fa-fw fa-lock text-success'></i>";
} }
$user_config_force_mfa = intval($row['user_config_force_mfa']); $user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_role = intval($row['user_role_id']); $user_role = $row['user_role'];
$user_role_display = nullable_htmlentities($row['role_name']); $user_role_display = nullable_htmlentities($row['user_role_name']);
$user_initials = nullable_htmlentities(initials($user_name)); $user_initials = nullable_htmlentities(initials($user_name));
$sql_last_login = mysqli_query( $sql_last_login = mysqli_query(
@@ -134,7 +139,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} }
// Get User Client Access Permissions // Get User Client Access Permissions
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_client_permissions WHERE user_id = $user_id"); $user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_permissions WHERE user_id = $user_id");
$client_access_array = []; $client_access_array = [];
while ($row = mysqli_fetch_assoc($user_client_access_sql)) { while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
$client_access_array[] = intval($row['client_id']); $client_access_array[] = intval($row['client_id']);

86
admin_vendor_template.php
View File

@@ -1,15 +1,20 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "vendor_template_name"; $sort = "vendor_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM vendor_templates "SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_template_name LIKE '%$q%' OR vendor_template_description LIKE '%$q%' OR vendor_template_account_number LIKE '%$q%' OR vendor_template_website LIKE '%$q%' OR vendor_template_contact_name LIKE '%$q%' OR vendor_template_email LIKE '%$q%' OR vendor_template_phone LIKE '%$phone_query%' ORDER BY $sort $order LIMIT $record_from, $record_to" WHERE vendor_template = 1
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@@ -48,13 +53,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_template_name&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">
Vendor <?php if ($sort == 'vendor_template_name') { echo $order_icon; } ?> Vendor <?php if ($sort == 'vendor_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_template_description&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'vendor_template_description') { echo $order_icon; } ?> Description <?php if ($sort == 'vendor_description') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th>Contact</th> <th>Contact</th>
@@ -65,29 +70,30 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$vendor_template_id = intval($row['vendor_template_id']); $vendor_id = intval($row['vendor_id']);
$vendor_template_name = nullable_htmlentities($row['vendor_template_name']); $vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_template_description = nullable_htmlentities($row['vendor_template_description']); $vendor_description = nullable_htmlentities($row['vendor_description']);
if (empty($vendor_template_description)) { if (empty($vendor_description)) {
$vendor_template_description_display = "-"; $vendor_description_display = "-";
} else { } else {
$vendor_template_description_display = $vendor_template_description; $vendor_description_display = $vendor_description;
} }
$vendor_template_account_number = nullable_htmlentities($row['vendor_template_account_number']); $vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_template_contact_name = nullable_htmlentities($row['vendor_template_contact_name']); $vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
if (empty($vendor_template_contact_name)) { if (empty($vendor_contact_name)) {
$vendor_template_contact_name_display = "-"; $vendor_contact_name_display = "-";
} else { } else {
$vendor_template_contact_name_display = $vendor_template_contact_name; $vendor_contact_name_display = $vendor_contact_name;
} }
$vendor_template_phone = formatPhoneNumber($row['vendor_template_phone']); $vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_template_extension = nullable_htmlentities($row['vendor_template_extension']); $vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_template_email = nullable_htmlentities($row['vendor_template_email']); $vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_template_website = nullable_htmlentities($row['vendor_template_website']); $vendor_website = nullable_htmlentities($row['vendor_website']);
$vendor_template_hours = nullable_htmlentities($row['vendor_template_hours']); $vendor_hours = nullable_htmlentities($row['vendor_hours']);
$vendor_template_sla = nullable_htmlentities($row['vendor_template_sla']); $vendor_sla = nullable_htmlentities($row['vendor_sla']);
$vendor_template_code = nullable_htmlentities($row['vendor_template_code']); $vendor_code = nullable_htmlentities($row['vendor_code']);
$vendor_template_notes = nullable_htmlentities($row['vendor_template_notes']); $vendor_notes = nullable_htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
?> ?>
<tr> <tr>
@@ -95,38 +101,38 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="text-dark" href="#" <a class="text-dark" href="#"
data-toggle="ajax-modal" data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_vendor_template_edit.php" data-ajax-url="ajax/ajax_vendor_template_edit.php"
data-ajax-id="<?php echo $vendor_template_id; ?>" data-ajax-id="<?php echo $vendor_id; ?>"
> >
<i class="fa fa-fw fa-building text-secondary mr-2"></i><?php echo $vendor_template_name; ?> <i class="fa fa-fw fa-building text-secondary mr-2"></i><?php echo $vendor_name; ?>
</a> </a>
<?php <?php
if (!empty($vendor_template_account_number)) { if (!empty($vendor_account_number)) {
?> ?>
<br> <br>
<small class="text-secondary"><?php echo $vendor_template_account_number; ?></small> <small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<?php <?php
} }
?> ?>
</th> </th>
<td><?php echo $vendor_template_description_display; ?></td> <td><?php echo $vendor_description_display; ?></td>
<td> <td>
<?php <?php
if (!empty($vendor_template_contact_name)) { if (!empty($vendor_contact_name)) {
?> ?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_template_contact_name_display; ?> <i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<br> <br>
<?php <?php
} else { } else {
echo $vendor_template_contact_name_display; echo $vendor_contact_name_display;
} }
if (!empty($vendor_template_phone)) { ?> if (!empty($vendor_phone)) { ?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_template_phone; ?> <i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
<br> <br>
<?php } <?php }
if (!empty($vendor_template_email)) { ?> if (!empty($vendor_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_template_email; ?> <i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
<br> <br>
<?php } ?> <?php } ?>
@@ -140,13 +146,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<a class="dropdown-item" href="#" <a class="dropdown-item" href="#"
data-toggle="ajax-modal" data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_vendor_template_edit.php" data-ajax-url="ajax/ajax_vendor_template_edit.php"
data-ajax-id="<?php echo $vendor_template_id; ?>" data-ajax-id="<?php echo $vendor_id; ?>"
> >
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if ($session_user_role == 3) { ?> <?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_template_id; ?>"> <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
<?php } ?> <?php } ?>

54
ajax.php
View File

@@ -8,7 +8,7 @@
require_once "config.php"; require_once "config.php";
require_once "functions.php"; require_once "functions.php";
require_once "includes/check_login.php"; require_once "check_login.php";
require_once "plugins/totp/totp.php"; require_once "plugins/totp/totp.php";
/* /*
@@ -165,7 +165,7 @@ if (isset($_GET['ticket_query_views'])) {
} }
/* /*
* Generates public/guest links for sharing credentials/docs * Generates public/guest links for sharing logins/docs
*/ */
if (isset($_GET['share_generate_link'])) { if (isset($_GET['share_generate_link'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);
@@ -207,23 +207,23 @@ if (isset($_GET['share_generate_link'])) {
$item_name = sanitizeInput($row['file_name']); $item_name = sanitizeInput($row['file_name']);
} }
if ($item_type == "Credential") { if ($item_type == "Login") {
$credential = mysqli_query($mysqli, "SELECT credential_name, credential_username, credential_password FROM credentials WHERE credential_id = $item_id AND credential_client_id = $client_id LIMIT 1"); $login = mysqli_query($mysqli, "SELECT login_name, login_username, login_password FROM logins WHERE login_id = $item_id AND login_client_id = $client_id LIMIT 1");
$row = mysqli_fetch_array($credential); $row = mysqli_fetch_array($login);
$item_name = sanitizeInput($row['credential_name']); $item_name = sanitizeInput($row['login_name']);
// Decrypt & re-encrypt username/password for sharing // Decrypt & re-encrypt username/password for sharing
$credential_encryption_key = randomString(); $login_encryption_key = randomString();
$credential_username_cleartext = decryptCredentialEntry($row['credential_username']); $login_username_cleartext = decryptLoginEntry($row['login_username']);
$iv = randomString(); $iv = randomString();
$username_ciphertext = openssl_encrypt($credential_username_cleartext, 'aes-128-cbc', $credential_encryption_key, 0, $iv); $username_ciphertext = openssl_encrypt($login_username_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
$item_encrypted_username = $iv . $username_ciphertext; $item_encrypted_username = $iv . $username_ciphertext;
$credential_password_cleartext = decryptCredentialEntry($row['credential_password']); $login_password_cleartext = decryptLoginEntry($row['login_password']);
$iv = randomString(); $iv = randomString();
$password_ciphertext = openssl_encrypt($credential_password_cleartext, 'aes-128-cbc', $credential_encryption_key, 0, $iv); $password_ciphertext = openssl_encrypt($login_password_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
$item_encrypted_credential = $iv . $password_ciphertext; $item_encrypted_credential = $iv . $password_ciphertext;
} }
@@ -232,8 +232,8 @@ if (isset($_GET['share_generate_link'])) {
$share_id = $mysqli->insert_id; $share_id = $mysqli->insert_id;
// Return URL // Return URL
if ($item_type == "Credential") { if ($item_type == "Login") {
$url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key&ek=$credential_encryption_key"; $url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
} }
else { else {
$url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key"; $url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key";
@@ -242,7 +242,7 @@ if (isset($_GET['share_generate_link'])) {
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$company_name = sanitizeInput($row['company_name']); $company_name = sanitizeInput($row['company_name']);
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone'], $row['company_phone_country_code'])); $company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
// Sanitize Config vars from get_settings.php // Sanitize Config vars from get_settings.php
$config_ticket_from_name = sanitizeInput($config_ticket_from_name); $config_ticket_from_name = sanitizeInput($config_ticket_from_name);
@@ -294,7 +294,6 @@ if (isset($_GET['get_active_clients'])) {
$mysqli, $mysqli,
"SELECT client_id, client_name FROM clients "SELECT client_id, client_name FROM clients
WHERE client_archived_at IS NULL WHERE client_archived_at IS NULL
$access_permission_query
ORDER BY client_accessed_at DESC" ORDER BY client_accessed_at DESC"
); );
@@ -316,9 +315,7 @@ if (isset($_GET['get_client_contacts'])) {
$contact_sql = mysqli_query( $contact_sql = mysqli_query(
$mysqli, $mysqli,
"SELECT contact_id, contact_name, contact_primary, contact_important, contact_technical FROM contacts "SELECT contact_id, contact_name, contact_primary, contact_important, contact_technical FROM contacts
LEFT JOIN clients on contact_client_id = client_id
WHERE contacts.contact_archived_at IS NULL AND contact_client_id = $client_id WHERE contacts.contact_archived_at IS NULL AND contact_client_id = $client_id
$access_permission_query
ORDER BY contact_primary DESC, contact_technical DESC, contact_important DESC, contact_name" ORDER BY contact_primary DESC, contact_technical DESC, contact_important DESC, contact_name"
); );
@@ -336,24 +333,24 @@ if (isset($_GET['get_client_contacts'])) {
if (isset($_GET['get_totp_token_via_id'])) { if (isset($_GET['get_totp_token_via_id'])) {
enforceUserPermission('module_credential'); enforceUserPermission('module_credential');
$credential_id = intval($_GET['credential_id']); $login_id = intval($_GET['login_id']);
$sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT credential_name, credential_otp_secret, credential_client_id FROM credentials WHERE credential_id = $credential_id")); $sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT login_name, login_otp_secret, login_client_id FROM logins WHERE login_id = $login_id"));
$name = sanitizeInput($sql['credential_name']); $name = sanitizeInput($sql['login_name']);
$totp_secret = $sql['credential_otp_secret']; $totp_secret = $sql['login_otp_secret'];
$client_id = intval($sql['credential_client_id']); $client_id = intval($sql['login_client_id']);
$otp = TokenAuth6238::getTokenCode(strtoupper($totp_secret)); $otp = TokenAuth6238::getTokenCode(strtoupper($totp_secret));
echo json_encode($otp); echo json_encode($otp);
// Logging // Logging
// Only log the TOTP view if the user hasn't already viewed this specific login entry recently, this prevents logs filling if a user hovers across an entry a few times // Only log the TOTP view if the user hasn't already viewed this specific login entry recently, this prevents logs filling if a user hovers across an entry a few times
$check_recent_totp_view_logged_sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(log_id) AS recent_totp_view FROM logs WHERE log_type = 'Credential' AND log_action = 'View TOTP' AND log_user_id = $session_user_id AND log_entity_id = $credential_id AND log_client_id = $client_id AND log_created_at > (NOW() - INTERVAL 5 MINUTE)")); $check_recent_totp_view_logged_sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(log_id) AS recent_totp_view FROM logs WHERE log_type = 'Login' AND log_action = 'View TOTP' AND log_user_id = $session_user_id AND log_entity_id = $login_id AND log_client_id = $client_id AND log_created_at > (NOW() - INTERVAL 5 MINUTE)"));
$recent_totp_view_logged_count = intval($check_recent_totp_view_logged_sql['recent_totp_view']); $recent_totp_view_logged_count = intval($check_recent_totp_view_logged_sql['recent_totp_view']);
if ($recent_totp_view_logged_count == 0) { if ($recent_totp_view_logged_count == 0) {
// Logging // Logging
logAction("Credential", "View TOTP", "$session_name viewed credential TOTP code for $name", $client_id, $credential_id); logAction("Credential", "View TOTP", "$session_name viewed credential TOTP code for $name", $client_id, $login_id);
} }
} }
@@ -447,10 +444,10 @@ if (isset($_POST['update_kanban_ticket'])) {
$config_base_url = sanitizeInput($config_base_url); $config_base_url = sanitizeInput($config_base_url);
// Get Company Info // Get Company Info
$sql = mysqli_query($mysqli, "SELECT company_name, company_phone, company_phone_country_code FROM companies WHERE company_id = 1"); $sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$company_name = sanitizeInput($row['company_name']); $company_name = sanitizeInput($row['company_name']);
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone'], $row['company_phone_country_code'])); $company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
// EMAIL // EMAIL
$subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)"; $subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)";
@@ -589,16 +586,17 @@ if (isset($_POST['update_recurring_invoice_items_order'])) {
enforceUserPermission('module_sales', 2); enforceUserPermission('module_sales', 2);
$positions = $_POST['positions']; $positions = $_POST['positions'];
$recurring_invoice_id = intval($_POST['recurring_invoice_id']); $recurring_id = intval($_POST['recurring_id']);
foreach ($positions as $position) { foreach ($positions as $position) {
$id = intval($position['id']); $id = intval($position['id']);
$order = intval($position['order']); $order = intval($position['order']);
mysqli_query($mysqli, "UPDATE invoice_items SET item_order = $order WHERE item_recurring_invoice_id = $recurring_invoice_id AND item_id = $id"); mysqli_query($mysqli, "UPDATE invoice_items SET item_order = $order WHERE item_recurring_id = $recurring_id AND item_id = $id");
} }
// return a response // return a response
echo json_encode(['status' => 'success']); echo json_encode(['status' => 'success']);
exit; exit;
} }

12
ajax/ajax_asset_copy.php
View File

@@ -341,7 +341,7 @@ ob_start();
<option value="">- Select Vendor -</option> <option value="">- Select Vendor -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']); $vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); $vendor_name_select = nullable_htmlentities($row['vendor_name']);
@@ -364,16 +364,6 @@ ob_start();
</div> </div>
<?php if ($asset_type !== 'Virtual Machine') { ?> <?php if ($asset_type !== 'Virtual Machine') { ?>
<div class="form-group">
<label>Purchase Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" name="purchase_reference" placeholder="eg. Invoice, PO Number" >
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Purchase Date</label> <label>Purchase Date</label>
<div class="input-group"> <div class="input-group">

217
ajax/ajax_asset_details.php
View File

@@ -24,8 +24,8 @@ $asset_make = nullable_htmlentities($row['asset_make']);
$asset_model = nullable_htmlentities($row['asset_model']); $asset_model = nullable_htmlentities($row['asset_model']);
$asset_serial = nullable_htmlentities($row['asset_serial']); $asset_serial = nullable_htmlentities($row['asset_serial']);
$asset_os = nullable_htmlentities($row['asset_os']); $asset_os = nullable_htmlentities($row['asset_os']);
$asset_uri = sanitize_url($row['asset_uri']); $asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_uri_2 = sanitize_url($row['asset_uri_2']); $asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
$asset_status = nullable_htmlentities($row['asset_status']); $asset_status = nullable_htmlentities($row['asset_status']);
$asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']); $asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']);
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
@@ -50,7 +50,6 @@ $device_icon = getAssetIcon($asset_type);
$contact_name = nullable_htmlentities($row['contact_name']); $contact_name = nullable_htmlentities($row['contact_name']);
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_phone = nullable_htmlentities($row['contact_phone']); $contact_phone = nullable_htmlentities($row['contact_phone']);
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile = nullable_htmlentities($row['contact_mobile']); $contact_mobile = nullable_htmlentities($row['contact_mobile']);
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']); $contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
if ($contact_archived_at) { if ($contact_archived_at) {
@@ -112,53 +111,48 @@ $interface_count = mysqli_num_rows($sql_related_interfaces);
// Related Credentials Query // Related Credentials Query
$sql_related_credentials = mysqli_query($mysqli, " $sql_related_credentials = mysqli_query($mysqli, "
SELECT SELECT
credentials.credential_id AS credential_id, logins.login_id AS login_id,
credentials.credential_name, logins.login_name,
credentials.credential_description, logins.login_description,
credentials.credential_uri, logins.login_uri,
credentials.credential_username, logins.login_username,
credentials.credential_password, logins.login_password,
credentials.credential_otp_secret, logins.login_otp_secret,
credentials.credential_note, logins.login_note,
credentials.credential_important, logins.login_important,
credentials.credential_contact_id, logins.login_contact_id,
credentials.credential_asset_id logins.login_vendor_id,
FROM credentials logins.login_asset_id,
LEFT JOIN credential_tags ON credential_tags.credential_id = credentials.credential_id logins.login_software_id
LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id FROM logins
WHERE credential_asset_id = $asset_id LEFT JOIN login_tags ON login_tags.login_id = logins.login_id
AND credential_archived_at IS NULL LEFT JOIN tags ON tags.tag_id = login_tags.tag_id
GROUP BY credentials.credential_id WHERE login_asset_id = $asset_id
ORDER BY credential_name DESC AND login_archived_at IS NULL
GROUP BY logins.login_id
ORDER BY login_name DESC
"); ");
$credential_count = mysqli_num_rows($sql_related_credentials); $credential_count = mysqli_num_rows($sql_related_credentials);
// Related Tickets Query // Related Tickets Query
$sql_related_tickets = mysqli_query($mysqli, " $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
SELECT tickets.*, users.*, ticket_statuses.* LEFT JOIN users on ticket_assigned_to = user_id
FROM tickets
LEFT JOIN users ON ticket_assigned_to = user_id
LEFT JOIN ticket_statuses ON ticket_status_id = ticket_status LEFT JOIN ticket_statuses ON ticket_status_id = ticket_status
LEFT JOIN ticket_assets ON tickets.ticket_id = ticket_assets.ticket_id WHERE ticket_asset_id = $asset_id
WHERE ticket_asset_id = $asset_id OR ticket_assets.asset_id = $asset_id ORDER BY ticket_number DESC"
GROUP BY tickets.ticket_id );
ORDER BY ticket_number DESC
");
$ticket_count = mysqli_num_rows($sql_related_tickets); $ticket_count = mysqli_num_rows($sql_related_tickets);
// Related Recurring Tickets Query // Related Recurring Tickets Query
$sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM recurring_tickets $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets
LEFT JOIN recurring_ticket_assets ON recurring_tickets.recurring_ticket_id = recurring_ticket_assets.recurring_ticket_id WHERE scheduled_ticket_asset_id = $asset_id
WHERE recurring_ticket_asset_id = $asset_id OR recurring_ticket_assets.asset_id = $asset_id ORDER BY scheduled_ticket_next_run DESC"
GROUP BY recurring_tickets.recurring_ticket_id
ORDER BY recurring_ticket_next_run DESC"
); );
$recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets); $recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets);
// Related Documents // Related Documents
$sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents $sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents
LEFT JOIN documents ON asset_documents.document_id = documents.document_id LEFT JOIN documents ON asset_documents.document_id = documents.document_id
LEFT JOIN users ON user_id = document_created_by
WHERE asset_documents.asset_id = $asset_id WHERE asset_documents.asset_id = $asset_id
AND document_archived_at IS NULL AND document_archived_at IS NULL
ORDER BY document_name DESC" ORDER BY document_name DESC"
@@ -262,25 +256,25 @@ ob_start();
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($asset_type) { ?> <?php if ($asset_type) { ?>
<div><i class="fa fa-fw fa-tag text-secondary mr-2"></i><?php echo $asset_type; ?></div> <div><i class="fa fa-fw fa-tag text-secondary mr-3"></i><?php echo $asset_type; ?></div>
<?php } <?php }
if ($asset_make) { ?> if ($asset_make) { ?>
<div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-2"></i><?php echo "$asset_make $asset_model"; ?></div> <div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-3"></i><?php echo "$asset_make $asset_model"; ?></div>
<?php } <?php }
if ($asset_os) { ?> if ($asset_os) { ?>
<div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-2"></i><?php echo "$asset_os"; ?></div> <div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-3"></i><?php echo "$asset_os"; ?></div>
<?php } <?php }
if ($asset_serial) { ?> if ($asset_serial) { ?>
<div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-2"></i><?php echo $asset_serial; ?></div> <div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-3"></i><?php echo $asset_serial; ?></div>
<?php } <?php }
if ($asset_purchase_date) { ?> if ($asset_purchase_date) { ?>
<div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_purchase_date)); ?></div> <div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_purchase_date)); ?></div>
<?php } <?php }
if ($asset_install_date) { ?> if ($asset_install_date) { ?>
<div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_install_date)); ?></div> <div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_install_date)); ?></div>
<?php } <?php }
if ($asset_warranty_expire) { ?> if ($asset_warranty_expire) { ?>
<div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_warranty_expire)); ?></div> <div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_warranty_expire)); ?></div>
<?php } ?> <?php } ?>
</div> </div>
</div> </div>
@@ -291,19 +285,19 @@ ob_start();
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($asset_ip) { ?> <?php if ($asset_ip) { ?>
<div><i class="fa fa-fw fa-globe text-secondary mr-2"></i><?php echo $asset_ip; ?></div> <div><i class="fa fa-fw fa-globe text-secondary mr-3"></i><?php echo $asset_ip; ?></div>
<?php } ?> <?php } ?>
<?php if ($asset_nat_ip) { ?> <?php if ($asset_nat_ip) { ?>
<div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-2"></i><?php echo $asset_nat_ip; ?></div> <div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-3"></i><?php echo $asset_nat_ip; ?></div>
<?php } <?php }
if ($asset_mac) { ?> if ($asset_mac) { ?>
<div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-2"></i><?php echo $asset_mac; ?></div> <div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-3"></i><?php echo $asset_mac; ?></div>
<?php } <?php }
if ($asset_uri) { ?> if ($asset_uri) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri; ?>" target="_blank" title="<?php echo $asset_uri; ?>"><?php echo truncate($asset_uri, 20); ?></a></div> <div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri; ?>" target="_blank">Link</a></div>
<?php } <?php }
if ($asset_uri_2) { ?> if ($asset_uri_2) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank" title="<?php echo $asset_uri_2; ?>"><?php echo truncate($asset_uri_2, 20); ?></a></div> <div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank">Link 2</a></div>
<?php } ?> <?php } ?>
</div> </div>
</div> </div>
@@ -315,19 +309,19 @@ ob_start();
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($location_name) { ?> <?php if ($location_name) { ?>
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name_display; ?></div> <div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name_display; ?></div>
<?php } <?php }
if ($contact_name) { ?> if ($contact_name) { ?>
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-2"></i><?php echo $contact_name_display; ?></div> <div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-3"></i><?php echo $contact_name_display; ?></div>
<?php } <?php }
if ($contact_email) { ?> if ($contact_email) { ?>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div> <div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php } <?php }
if ($contact_phone) { ?> if ($contact_phone) { ?>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div> <div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
<?php } <?php }
if ($contact_mobile) { ?> if ($contact_mobile) { ?>
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_mobile); ?></div> <div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_mobile); ?></div>
<?php } ?> <?php } ?>
</div> </div>
@@ -454,69 +448,70 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_credentials)) { while ($row = mysqli_fetch_array($sql_related_credentials)) {
$credential_id = intval($row['credential_id']); $login_id = intval($row['login_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $login_name = nullable_htmlentities($row['login_name']);
$credential_description = nullable_htmlentities($row['credential_description']); $login_description = nullable_htmlentities($row['login_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $login_uri = nullable_htmlentities($row['login_uri']);
if (empty($credential_uri)) { if (empty($login_uri)) {
$credential_uri_display = "-"; $login_uri_display = "-";
} else { } else {
$credential_uri_display = "$credential_uri"; $login_uri_display = "$login_uri";
} }
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username'])); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
if (empty($credential_username)) { if (empty($login_username)) {
$credential_username_display = "-"; $login_username_display = "-";
} else { } else {
$credential_username_display = "$credential_username <button type='button' class='btn btn-sm clipboardjs' data-clipboard-text='$credential_username'><i class='far fa-copy text-secondary'></i></button>"; $login_username_display = "$login_username";
} }
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']);
$credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"'; $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"';
if (empty($credential_otp_secret)) { if (empty($login_otp_secret)) {
$otp_display = "-"; $otp_display = "-";
} else { } else {
$otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>"; $otp_display = "<span onmouseenter='showOTPViaLoginID($login_id)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
} }
$credential_note = nullable_htmlentities($row['credential_note']); $login_note = nullable_htmlentities($row['login_note']);
$credential_important = intval($row['credential_important']); $login_important = intval($row['login_important']);
$credential_contact_id = intval($row['credential_contact_id']); $login_contact_id = intval($row['login_contact_id']);
$credential_asset_id = intval($row['credential_asset_id']); $login_vendor_id = intval($row['login_vendor_id']);
$login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
// Tags // Tags
$credential_tag_name_display_array = array(); $login_tag_name_display_array = array();
$credential_tag_id_array = array(); $login_tag_id_array = array();
$sql_credential_tags = mysqli_query($mysqli, "SELECT * FROM credential_tags LEFT JOIN tags ON credential_tags.tag_id = tags.tag_id WHERE credential_id = $credential_id ORDER BY tag_name ASC"); $sql_login_tags = mysqli_query($mysqli, "SELECT * FROM login_tags LEFT JOIN tags ON login_tags.tag_id = tags.tag_id WHERE login_id = $login_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_credential_tags)) { while ($row = mysqli_fetch_array($sql_login_tags)) {
$credential_tag_id = intval($row['tag_id']); $login_tag_id = intval($row['tag_id']);
$credential_tag_name = nullable_htmlentities($row['tag_name']); $login_tag_name = nullable_htmlentities($row['tag_name']);
$credential_tag_color = nullable_htmlentities($row['tag_color']); $login_tag_color = nullable_htmlentities($row['tag_color']);
if (empty($credential_tag_color)) { if (empty($login_tag_color)) {
$credential_tag_color = "dark"; $login_tag_color = "dark";
} }
$credential_tag_icon = nullable_htmlentities($row['tag_icon']); $login_tag_icon = nullable_htmlentities($row['tag_icon']);
if (empty($credential_tag_icon)) { if (empty($login_tag_icon)) {
$credential_tag_icon = "tag"; $login_tag_icon = "tag";
} }
$credential_tag_id_array[] = $credential_tag_id; $login_tag_id_array[] = $login_tag_id;
$credential_tag_name_display_array[] = "<a href='credentials.php?client_id=$client_id&tags[]=$credential_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $credential_tag_color;'><i class='fa fa-fw fa-$credential_tag_icon mr-2'></i>$credential_tag_name</span></a>"; $login_tag_name_display_array[] = "<a href='client_logins.php?client_id=$client_id&tags[]=$login_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $login_tag_color;'><i class='fa fa-fw fa-$login_tag_icon mr-2'></i>$login_tag_name</span></a>";
} }
$credential_tags_display = implode('', $credential_tag_name_display_array); $login_tags_display = implode('', $login_tag_name_display_array);
?> ?>
<tr> <tr>
<td> <td>
<i class="fa fa-fw fa-key text-secondary"></i> <i class="fa fa-fw fa-key text-secondary"></i>
<?php echo $credential_name; ?> <?php echo $login_name; ?>
</td> </td>
<td><?php echo $credential_username_display; ?></td> <td><?php echo $login_username_display; ?></td>
<td> <td>
<button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $credential_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button> <button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button>
<button type='button' class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $credential_password; ?>'><i class='far fa-copy text-secondary'></i></button>
</td> </td>
<td><?php echo $otp_display; ?></td> <td><?php echo $otp_display; ?></td>
<td><?php echo $credential_uri_display; ?></td> <td><?php echo $login_uri_display; ?></td>
</tr> </tr>
<?php <?php
@@ -529,7 +524,7 @@ ob_start();
</table> </table>
</div> </div>
</div> </div>
<!-- Include script to get TOTP code via the credentials ID --> <!-- Include script to get TOTP code via the login ID -->
<script src="js/credential_show_otp_via_id.js"></script> <script src="js/credential_show_otp_via_id.js"></script>
<?php } ?> <?php } ?>
@@ -556,13 +551,12 @@ ob_start();
$ticket_number = intval($row['ticket_number']); $ticket_number = intval($row['ticket_number']);
$ticket_subject = nullable_htmlentities($row['ticket_subject']); $ticket_subject = nullable_htmlentities($row['ticket_subject']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_status_id = intval($row['ticket_status_id']);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
if (empty($ticket_updated_at)) { if (empty($ticket_updated_at)) {
if ($ticket_status_name == "Closed") { if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>"; $ticket_updated_at_display = "<p>Never</p>";
} else { } else {
$ticket_updated_at_display = "<p class='text-danger'>Never</p>"; $ticket_updated_at_display = "<p class='text-danger'>Never</p>";
@@ -583,7 +577,7 @@ ob_start();
} }
$ticket_assigned_to = intval($row['ticket_assigned_to']); $ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) { if (empty($ticket_assigned_to)) {
if ($ticket_status_id == 5) { if ($ticket_status == 5) {
$ticket_assigned_to_display = "<p>Not Assigned</p>"; $ticket_assigned_to_display = "<p>Not Assigned</p>";
} else { } else {
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>"; $ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
@@ -638,18 +632,18 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) { while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) {
$recurring_ticket_id = intval($row['recurring_ticket_id']); $scheduled_ticket_id = intval($row['scheduled_ticket_id']);
$recurring_ticket_subject = nullable_htmlentities($row['recurring_ticket_subject']); $scheduled_ticket_subject = nullable_htmlentities($row['scheduled_ticket_subject']);
$recurring_ticket_priority = nullable_htmlentities($row['recurring_ticket_priority']); $scheduled_ticket_priority = nullable_htmlentities($row['scheduled_ticket_priority']);
$recurring_ticket_frequency = nullable_htmlentities($row['recurring_ticket_frequency']); $scheduled_ticket_frequency = nullable_htmlentities($row['scheduled_ticket_frequency']);
$recurring_ticket_next_run = nullable_htmlentities($row['recurring_ticket_next_run']); $scheduled_ticket_next_run = nullable_htmlentities($row['scheduled_ticket_next_run']);
?> ?>
<tr> <tr>
<td class="text-bold"><?php echo $recurring_ticket_subject ?></td> <td class="text-bold"><?php echo $scheduled_ticket_subject ?></td>
<td><?php echo $recurring_ticket_priority ?></td> <td><?php echo $scheduled_ticket_priority ?></td>
<td><?php echo $recurring_ticket_frequency ?></td> <td><?php echo $scheduled_ticket_frequency ?></td>
<td><?php echo $recurring_ticket_next_run ?></td> <td><?php echo $scheduled_ticket_next_run ?></td>
</tr> </tr>
<?php } ?> <?php } ?>
@@ -689,6 +683,11 @@ ob_start();
$seat_count = 0; $seat_count = 0;
// Get Login
$login_id = intval($row['login_id']);
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
// Asset Licenses // Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id"); $asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array(); $asset_licenses_array = array();
@@ -853,11 +852,7 @@ ob_start();
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">
<a href="asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>" class="btn btn-primary text-bold"><span class="text-white"><i class="fas fa-info-circle mr-2"></i>More Details</span></a> <a href="asset_details.php?<?php echo $client_url; ?>asset_id=<?php echo $asset_id; ?>" class="btn btn-primary text-bold"><span class="text-white">More Details</span></a>
<a href="#" class="btn btn-secondary"
data-toggle="ajax-modal" data-ajax-url="ajax/ajax_asset_edit.php" data-ajax-id="<?php echo $asset_id; ?>">
<span class="text-white"><i class="fas fa-edit mr-2"></i>Edit</span>
</a>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button>
</div> </div>

69
ajax/ajax_asset_link_credential.php
View File

@@ -1,69 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets
WHERE asset_id = $asset_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$asset_name = nullable_htmlentities($row['asset_name']);
$client_id = intval($row['asset_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i>Link Credential to <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<select class="form-control select2" name="credential_id">
<option value="">- Select a Credential -</option>
<?php
$sql_credentials_select = mysqli_query($mysqli, "
SELECT credentials.credential_id, credentials.credential_name
FROM credentials
LEFT JOIN assets ON credentials.credential_asset_id = assets.asset_id
AND credentials.credential_asset_id = $asset_id
WHERE credentials.credential_client_id = $client_id
AND credentials.credential_asset_id = 0
AND credentials.credential_archived_at IS NULL
ORDER BY credentials.credential_name ASC
");
while ($row = mysqli_fetch_array($sql_credentials_select)) {
$credential_id = intval($row['credential_id']);
$credential_name = nullable_htmlentities($row['credential_name']);
?>
<option value="<?php echo $credential_id ?>"><?php echo $credential_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_asset_to_credential" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

70
ajax/ajax_asset_link_document.php
View File

@@ -1,70 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets
WHERE asset_id = $asset_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$asset_name = nullable_htmlentities($row['asset_name']);
$client_id = intval($row['asset_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-folder mr-2"></i>Link Document to <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-folder"></i></span>
</div>
<select class="form-control select2" name="document_id">
<option value="">- Select a Document -</option>
<?php
$sql_documents_select = mysqli_query($mysqli, "
SELECT documents.document_id, documents.document_name
FROM documents
LEFT JOIN asset_documents
ON documents.document_id = asset_documents.document_id
AND asset_documents.asset_id = $asset_id
WHERE documents.document_client_id = $client_id
AND documents.document_archived_at IS NULL
AND asset_documents.asset_id IS NULL
ORDER BY documents.document_name ASC
");
while ($row = mysqli_fetch_array($sql_documents_select)) {
$document_id = intval($row['document_id']);
$document_name = nullable_htmlentities($row['document_name']);
?>
<option value="<?php echo $document_id ?>"><?php echo $document_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_asset_to_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

73
ajax/ajax_asset_link_file.php
View File

@@ -1,73 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets
WHERE asset_id = $asset_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$asset_name = nullable_htmlentities($row['asset_name']);
$client_id = intval($row['asset_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-paperclip mr-2"></i>Link File to <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-paperclip"></i></span>
</div>
<select class="form-control select2" name="file_id">
<option value="">- Select a File -</option>
<?php
$sql_files_select = mysqli_query($mysqli, "
SELECT files.file_id, files.file_name, folders.folder_name
FROM files
LEFT JOIN asset_files
ON files.file_id = asset_files.file_id
AND asset_files.asset_id = $asset_id
LEFT JOIN folders
ON folders.folder_id = files.file_folder_id
WHERE files.file_client_id = $client_id
AND asset_files.asset_id IS NULL
ORDER BY folders.folder_name ASC, files.file_name ASC
");
while ($row = mysqli_fetch_array($sql_files_select)) {
$file_id = intval($row['file_id']);
$file_name = nullable_htmlentities($row['file_name']);
$folder_name = nullable_htmlentities($row['folder_name']);
?>
<option value="<?php echo $file_id ?>"><?php echo "$folder_name/$file_name"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_asset_to_file" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

68
ajax/ajax_asset_link_service.php
View File

@@ -1,68 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets
WHERE asset_id = $asset_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$asset_name = nullable_htmlentities($row['asset_name']);
$client_id = intval($row['asset_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-stream mr-2"></i>Link Service to <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-stream"></i></span>
</div>
<select class="form-control select2" name="service_id">
<option value="">- Select a Service -</option>
<?php
$sql_services_select = mysqli_query($mysqli, "
SELECT services.service_id, services.service_name
FROM services
LEFT JOIN service_assets
ON services.service_id = service_assets.service_id
AND service_assets.asset_id = $asset_id
WHERE services.service_client_id = $client_id
AND service_assets.asset_id IS NULL
ORDER BY services.service_name ASC
");
while ($row = mysqli_fetch_array($sql_services_select)) {
$service_id = intval($row['service_id']);
$service_name = nullable_htmlentities($row['service_name']);
?>
<option value="<?php echo $service_id ?>"><?php echo $service_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_service_to_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

73
ajax/ajax_asset_link_software.php
View File

@@ -1,73 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM assets
WHERE asset_id = $asset_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$asset_name = nullable_htmlentities($row['asset_name']);
$client_id = intval($row['asset_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-cube mr-2"></i>License Software to <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-cube"></i></span>
</div>
<select class="form-control select2" name="software_id">
<option value="">- Select a Device Software License -</option>
<?php
$sql_software_select = mysqli_query($mysqli, "
SELECT software.software_id, software.software_name
FROM software
LEFT JOIN software_assets
ON software.software_id = software_assets.software_id
AND software_assets.asset_id = $asset_id
WHERE software.software_client_id = $client_id
AND software.software_archived_at IS NULL
AND software.software_license_type = 'Device'
AND software_assets.asset_id IS NULL
ORDER BY software.software_name ASC
");
while ($row = mysqli_fetch_array($sql_software_select)) {
$software_id = intval($row['software_id']);
$software_name = nullable_htmlentities($row['software_name']);
?>
<option value="<?php echo $software_id ?>"><?php echo $software_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_software_to_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

2
ajax/ajax_calendar_event_edit.php
View File

@@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php';
$event_id = intval($_GET['id']); $event_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM calendar_events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE event_id = $event_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE event_id = $event_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$event_title = nullable_htmlentities($row['event_title']); $event_title = nullable_htmlentities($row['event_title']);

43
ajax/ajax_category_add.php
View File

@@ -1,43 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$category = nullable_htmlentities($_GET['category']);
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-list-ul mr-2"></i>New Category</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo ($category); ?>">
<div class="modal-body bg-white">
<div class="form-row">
<div class="form-group col-sm-9">
<div class="input-group">
<input type="text" class="form-control" name="name" placeholder="Category name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group col-sm-3">
<div class="input-group">
<input type="color" class="form-control" name="color" required>
</div>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

38
ajax/ajax_certificate_edit.php
View File

@@ -12,14 +12,10 @@ $certificate_description = nullable_htmlentities($row['certificate_description']
$certificate_domain = nullable_htmlentities($row['certificate_domain']); $certificate_domain = nullable_htmlentities($row['certificate_domain']);
$certificate_domain_id = intval($row['certificate_domain_id']); $certificate_domain_id = intval($row['certificate_domain_id']);
$certificate_issued_by = nullable_htmlentities($row['certificate_issued_by']); $certificate_issued_by = nullable_htmlentities($row['certificate_issued_by']);
$certificate_public_key = nullable_htmlentities($row['certificate_public_key']);
$certificate_notes = nullable_htmlentities($row['certificate_notes']);
$certificate_expire = nullable_htmlentities($row['certificate_expire']); $certificate_expire = nullable_htmlentities($row['certificate_expire']);
$certificate_created_at = nullable_htmlentities($row['certificate_created_at']); $certificate_created_at = nullable_htmlentities($row['certificate_created_at']);
$client_id = intval($row['certificate_client_id']); $client_id = intval($row['certificate_client_id']);
$history_sql = mysqli_query($mysqli, "SELECT * FROM certificate_history WHERE certificate_history_certificate_id = $certificate_id");
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
@@ -45,9 +41,6 @@ ob_start();
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsEditNotes<?php echo $certificate_id; ?>">Notes</a> <a class="nav-link" data-toggle="pill" href="#pillsEditNotes<?php echo $certificate_id; ?>">Notes</a>
</li> </li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsEditHistory<?php echo $certificate_id; ?>">History</a>
</li>
</ul> </ul>
<hr> <hr>
@@ -147,40 +140,11 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pillsEditNotes<?php echo $certificate_id; ?>"> <div class="tab-pane fade" id="pillsEditNotes<?php echo $certificate_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" name="notes" rows="12" placeholder="Enter some notes"><?php echo $certificate_notes; ?></textarea> <textarea class="form-control" name="notes" rows="12" placeholder="Enter some notes"><?php echo $certificate_notes; ?></textarea>
</div> </div>
</div>
<div class="tab-pane fade" id="pillsEditHistory<?php echo $certificate_id; ?>">
<div class="table-responsive">
<table class='table table-sm table-striped border table-hover'>
<thead class='thead-dark'>
<tr>
<th>Date</th>
<th>Field</th>
<th>Before</th>
<th>After</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($history_sql)) {
$certificate_modified_at = nullable_htmlentities($row['certificate_history_modified_at']);
$certificate_field = nullable_htmlentities($row['certificate_history_column']);
$certificate_before_value = nullable_htmlentities($row['certificate_history_old_value']);
$certificate_after_value = nullable_htmlentities($row['certificate_history_new_value']);
?>
<tr>
<td><?php echo $certificate_modified_at; ?></td>
<td><?php echo $certificate_field; ?></td>
<td><?php echo $certificate_before_value; ?></td>
<td><?php echo $certificate_after_value; ?></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div> </div>
</div> </div>

21
ajax/ajax_client_edit.php
View File

@@ -125,14 +125,6 @@ ob_start();
} }
?> ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Referral">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -165,15 +157,6 @@ ob_start();
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_tag_add.php"
data-ajax-id="1">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -251,7 +234,9 @@ ob_start();
<div class="tab-pane fade" id="pills-client-notes<?php echo $client_id; ?>"> <div class="tab-pane fade" id="pills-client-notes<?php echo $client_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" rows="10" placeholder="Enter some notes" name="notes"><?php echo $client_notes; ?></textarea> <textarea class="form-control" rows="10" placeholder="Enter some notes"
name="notes"><?php echo $client_notes; ?>
</textarea>
</div> </div>
</div> </div>

170
ajax/ajax_contact_details.php
View File

@@ -9,7 +9,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM contacts
LEFT JOIN locations ON location_id = contact_location_id LEFT JOIN locations ON location_id = contact_location_id
LEFT JOIN users ON user_id = contact_user_id LEFT JOIN users ON user_id = contact_user_id
WHERE contact_id = $contact_id WHERE contact_id = $contact_id
LIMIT 1 $client_query
"); ");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
@@ -18,11 +18,9 @@ $client_name = nullable_htmlentities($row['client_name']);
$contact_name = nullable_htmlentities($row['contact_name']); $contact_name = nullable_htmlentities($row['contact_name']);
$contact_title = nullable_htmlentities($row['contact_title']); $contact_title = nullable_htmlentities($row['contact_title']);
$contact_department =nullable_htmlentities($row['contact_department']); $contact_department =nullable_htmlentities($row['contact_department']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']); $contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row['contact_extension']); $contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']); $contact_mobile = formatPhoneNumber($row['contact_mobile']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_photo = nullable_htmlentities($row['contact_photo']); $contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_pin = nullable_htmlentities($row['contact_pin']); $contact_pin = nullable_htmlentities($row['contact_pin']);
@@ -53,21 +51,21 @@ $software_count = mysqli_num_rows($sql_linked_software);
$linked_software = array(); $linked_software = array();
// Related Credentials Query 1 to 1 relationship // Related Logins Query 1 to 1 relationship
$sql_related_credentials = mysqli_query($mysqli, " $sql_related_logins = mysqli_query($mysqli, "
SELECT SELECT
credentials.credential_id AS credentials_credential_id, -- Alias for credentials.credential_id logins.login_id AS logins_login_id, -- Alias for logins.login_id
credentials.*, -- All other columns from credentials logins.*, -- All other columns from logins
credential_tags.*, -- All columns from credential_tags login_tags.*, -- All columns from login_tags
tags.* -- All columns from tags tags.* -- All columns from tags
FROM credentials FROM logins
LEFT JOIN credential_tags ON credential_tags.credential_id = credentials.credential_id LEFT JOIN login_tags ON login_tags.login_id = logins.login_id
LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id LEFT JOIN tags ON tags.tag_id = login_tags.tag_id
WHERE credential_contact_id = $contact_id WHERE login_contact_id = $contact_id
GROUP BY credentials.credential_id GROUP BY logins.login_id
ORDER BY credential_name DESC ORDER BY login_name DESC
"); ");
$credential_count = mysqli_num_rows($sql_related_credentials); $credential_count = mysqli_num_rows($sql_related_logins);
// Related Tickets Query - 1 to 1 relationship // Related Tickets Query - 1 to 1 relationship
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
@@ -77,9 +75,9 @@ $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
$ticket_count = mysqli_num_rows($sql_related_tickets); $ticket_count = mysqli_num_rows($sql_related_tickets);
// Related Recurring Tickets Query // Related Recurring Tickets Query
$sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM recurring_tickets $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets
WHERE recurring_ticket_contact_id = $contact_id WHERE scheduled_ticket_contact_id = $contact_id
ORDER BY recurring_ticket_next_run DESC" ORDER BY scheduled_ticket_next_run DESC"
); );
$recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets); $recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets);
@@ -116,7 +114,7 @@ $sql_linked_services = mysqli_query($mysqli, "SELECT * FROM service_contacts, se
AND service_contacts.service_id = services.service_id AND service_contacts.service_id = services.service_id
ORDER BY service_name ASC" ORDER BY service_name ASC"
); );
$services_count = mysqli_num_rows($sql_linked_services); $service_count = mysqli_num_rows($sql_linked_services);
$linked_services = array(); $linked_services = array();
@@ -125,6 +123,7 @@ $sql_linked_documents = mysqli_query($mysqli, "SELECT * FROM contact_documents,
LEFT JOIN users ON document_created_by = user_id LEFT JOIN users ON document_created_by = user_id
WHERE contact_documents.contact_id = $contact_id WHERE contact_documents.contact_id = $contact_id
AND contact_documents.document_id = documents.document_id AND contact_documents.document_id = documents.document_id
AND document_template = 0
AND document_archived_at IS NULL AND document_archived_at IS NULL
ORDER BY document_name ASC" ORDER BY document_name ASC"
); );
@@ -190,6 +189,11 @@ ob_start();
<a class="nav-link" data-toggle="pill" href="#pills-contact-recurring-tickets<?php echo $contact_id; ?>"><i class="fas fa-fw fa-redo-alt fa-2x"></i><br>Rcr Tickets (<?php echo $recurring_ticket_count; ?>)</a> <a class="nav-link" data-toggle="pill" href="#pills-contact-recurring-tickets<?php echo $contact_id; ?>"><i class="fas fa-fw fa-redo-alt fa-2x"></i><br>Rcr Tickets (<?php echo $recurring_ticket_count; ?>)</a>
</li> </li>
<?php } ?> <?php } ?>
<?php if ($services_count) { ?>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-contact-services<?php echo $contact_id; ?>"><i class="fas fa-fw fa-stream fa-2x"></i><br>Services (<?php echo $services_count; ?>)</a>
</li>
<?php } ?>
<?php if ($document_count) { ?> <?php if ($document_count) { ?>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-contact-documents<?php echo $contact_id; ?>"><i class="fas fa-fw fa-file-alt fa-2x"></i><br>Documents (<?php echo $document_count; ?>)</a> <a class="nav-link" data-toggle="pill" href="#pills-contact-documents<?php echo $contact_id; ?>"><i class="fas fa-fw fa-file-alt fa-2x"></i><br>Documents (<?php echo $document_count; ?>)</a>
@@ -240,7 +244,7 @@ ob_start();
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name; ?></div> <div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name; ?></div>
<?php } <?php }
if ($contact_email) { ?> if ($contact_email) { ?>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button type="button" class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div> <div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php } <?php }
if ($contact_phone) { ?> if ($contact_phone) { ?>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><a href="tel:<?php echo "$contact_phone"?>"><?php echo $contact_phone; ?></a></div> <div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><a href="tel:<?php echo "$contact_phone"?>"><?php echo $contact_phone; ?></a></div>
@@ -398,9 +402,9 @@ ob_start();
<?php } ?> <?php } ?>
<?php if ($credential_count) { ?> <?php if ($credential_count) { ?>
<div class="tab-pane fade" id="pills-contact-credentials<?php echo $contact_id; ?>"> <div class="tab-pane fade" id="pills-contact-credentials<?php echo $asset_id; ?>">
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover table-sm dataTables" style="width:100%"> <table class="table table-striped table-borderless table-hover table-sm">
<thead> <thead>
<tr> <tr>
<th>Name</th> <th>Name</th>
@@ -414,70 +418,70 @@ ob_start();
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql_related_credentials)) { while ($row = mysqli_fetch_array($sql_related_logins)) {
$credential_id = intval($row['credentials_credential_id']); $login_id = intval($row['logins_login_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $login_name = nullable_htmlentities($row['login_name']);
$credential_description = nullable_htmlentities($row['credential_description']); $login_description = nullable_htmlentities($row['login_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $login_uri = nullable_htmlentities($row['login_uri']);
if (empty($credential_uri)) { if (empty($login_uri)) {
$credential_uri_display = "-"; $login_uri_display = "-";
} else { } else {
$credential_uri_display = "$credential_uri"; $login_uri_display = "$login_uri";
} }
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']); $login_uri_2 = nullable_htmlentities($row['login_uri_2']);
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username'])); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
if (empty($credential_username)) { if (empty($login_username)) {
$credential_username_display = "-"; $login_username_display = "-";
} else { } else {
$credential_username_display = "$credential_username <button type='button' class='btn btn-sm clipboardjs' data-clipboard-text='$credential_username'><i class='far fa-copy text-secondary'></i></button>"; $login_username_display = "$login_username";
} }
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']);
$credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"'; $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"';
if (empty($credential_otp_secret)) { if (empty($login_otp_secret)) {
$otp_display = "-"; $otp_display = "-";
} else { } else {
$otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>"; $otp_display = "<span onmouseenter='showOTPViaLoginID($login_id)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
} }
$credential_note = nullable_htmlentities($row['credential_note']); $login_note = nullable_htmlentities($row['login_note']);
$credential_important = intval($row['credential_important']); $login_important = intval($row['login_important']);
$credential_contact_id = intval($row['credential_contact_id']); $login_contact_id = intval($row['login_contact_id']);
$credential_asset_id = intval($row['credential_asset_id']); $login_vendor_id = intval($row['login_vendor_id']);
$login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
// Tags // Tags
$credential_tag_name_display_array = array(); $login_tag_name_display_array = array();
$credential_tag_id_array = array(); $login_tag_id_array = array();
$sql_credential_tags = mysqli_query($mysqli, "SELECT * FROM credential_tags LEFT JOIN tags ON credential_tags.tag_id = tags.tag_id WHERE credential_id = $credential_id ORDER BY tag_name ASC"); $sql_login_tags = mysqli_query($mysqli, "SELECT * FROM login_tags LEFT JOIN tags ON login_tags.tag_id = tags.tag_id WHERE login_id = $login_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_credential_tags)) { while ($row = mysqli_fetch_array($sql_login_tags)) {
$credential_tag_id = intval($row['tag_id']); $login_tag_id = intval($row['tag_id']);
$credential_tag_name = nullable_htmlentities($row['tag_name']); $login_tag_name = nullable_htmlentities($row['tag_name']);
$credential_tag_color = nullable_htmlentities($row['tag_color']); $login_tag_color = nullable_htmlentities($row['tag_color']);
if (empty($credential_tag_color)) { if (empty($login_tag_color)) {
$credential_tag_color = "dark"; $login_tag_color = "dark";
} }
$credential_tag_icon = nullable_htmlentities($row['tag_icon']); $login_tag_icon = nullable_htmlentities($row['tag_icon']);
if (empty($credential_tag_icon)) { if (empty($login_tag_icon)) {
$credential_tag_icon = "tag"; $login_tag_icon = "tag";
} }
$credential_tag_id_array[] = $credential_tag_id; $login_tag_id_array[] = $login_tag_id;
$credential_tag_name_display_array[] = "<a href='credentials.php?client_id=$client_id&tags[]=$credential_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $credential_tag_color;'><i class='fa fa-fw fa-$credential_tag_icon mr-2'></i>$credential_tag_name</span></a>"; $login_tag_name_display_array[] = "<a href='client_logins.php?client_id=$client_id&tags[]=$login_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $login_tag_color;'><i class='fa fa-fw fa-$login_tag_icon mr-2'></i>$login_tag_name</span></a>";
} }
$credential_tags_display = implode('', $credential_tag_name_display_array); $login_tags_display = implode('', $login_tag_name_display_array);
?> ?>
<tr> <tr>
<td><i class="fa fa-fw fa-key text-secondary mr-2"></i><?php echo $credential_name; ?></td> <td><i class="fa fa-fw fa-key text-secondary mr-2"></i><?php echo $login_name; ?></td>
<td><?php echo $credential_description; ?></td> <td><?php echo $login_description; ?></td>
<td><?php echo $credential_username_display; ?></td> <td><?php echo $login_username_display; ?></td>
<td> <td>
<button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $credential_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button> <button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button>
<button type="button" class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $credential_password; ?>'><i class='far fa-copy text-secondary'></i></button>
</td> </td>
<td><?php echo $otp_display; ?></td> <td><?php echo $otp_display; ?></td>
<td><?php echo $credential_uri_display; ?></td> <td><?php echo $login_uri_display; ?></td>
</tr> </tr>
<?php <?php
@@ -490,12 +494,12 @@ ob_start();
</table> </table>
</div> </div>
</div> </div>
<!-- Include script to get TOTP code via the credential ID --> <!-- Include script to get TOTP code via the login ID -->
<script src="js/credential_show_otp_via_id.js"></script> <script src="js/credential_show_otp_via_id.js"></script>
<?php } ?> <?php } ?>
<?php if ($ticket_count) { ?> <?php if ($ticket_count) { ?>
<div class="tab-pane fade" id="pills-contact-tickets<?php echo $contact_id; ?>"> <div class="tab-pane fade" id="pills-contact-tickets<?php echo $asset_id; ?>">
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover table-sm"> <table class="table table-striped table-borderless table-hover table-sm">
<thead class="text-dark"> <thead class="text-dark">
@@ -595,18 +599,18 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) { while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) {
$recurring_ticket_id = intval($row['recurring_ticket_id']); $scheduled_ticket_id = intval($row['scheduled_ticket_id']);
$recurring_ticket_subject = nullable_htmlentities($row['recurring_ticket_subject']); $scheduled_ticket_subject = nullable_htmlentities($row['scheduled_ticket_subject']);
$recurring_ticket_priority = nullable_htmlentities($row['recurring_ticket_priority']); $scheduled_ticket_priority = nullable_htmlentities($row['scheduled_ticket_priority']);
$recurring_ticket_frequency = nullable_htmlentities($row['recurring_ticket_frequency']); $scheduled_ticket_frequency = nullable_htmlentities($row['scheduled_ticket_frequency']);
$recurring_ticket_next_run = nullable_htmlentities($row['recurring_ticket_next_run']); $scheduled_ticket_next_run = nullable_htmlentities($row['scheduled_ticket_next_run']);
?> ?>
<tr> <tr>
<td class="text-bold"><?php echo $recurring_ticket_subject ?></td> <td class="text-bold"><?php echo $scheduled_ticket_subject ?></td>
<td><?php echo $recurring_ticket_priority ?></td> <td><?php echo $scheduled_ticket_priority ?></td>
<td><?php echo $recurring_ticket_frequency ?></td> <td><?php echo $scheduled_ticket_frequency ?></td>
<td><?php echo $recurring_ticket_next_run ?></td> <td><?php echo $scheduled_ticket_next_run ?></td>
</tr> </tr>
<?php } ?> <?php } ?>
@@ -844,13 +848,7 @@ ob_start();
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">
<a href="contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>" class="btn btn-primary text-bold"> <a href="contact_details.php?<?php echo $client_url; ?>contact_id=<?php echo $contact_id; ?>" class="btn btn-primary text-bold"><span class="text-white">More Details</span></a>
<span class="text-white"><i class="fas fa-info-circle mr-2"></i>More Details</span>
</a>
<a href="#" class="btn btn-secondary"
data-toggle="ajax-modal" data-ajax-url="ajax/ajax_contact_edit.php" data-ajax-id="<?php echo $contact_id; ?>">
<span class="text-white"><i class="fas fa-edit mr-2"></i>Edit</span>
</a>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button>
</div> </div>

37
ajax/ajax_contact_edit.php
View File

@@ -16,10 +16,8 @@ $contact_name = nullable_htmlentities($row['contact_name']);
$contact_title = nullable_htmlentities($row['contact_title']); $contact_title = nullable_htmlentities($row['contact_title']);
$contact_department = nullable_htmlentities($row['contact_department']); $contact_department = nullable_htmlentities($row['contact_department']);
$contact_extension = nullable_htmlentities($row['contact_extension']); $contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']); $contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code)); $contact_mobile = formatPhoneNumber($row['contact_mobile']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_pin = nullable_htmlentities($row['contact_pin']); $contact_pin = nullable_htmlentities($row['contact_pin']);
$contact_photo = nullable_htmlentities($row['contact_photo']); $contact_photo = nullable_htmlentities($row['contact_photo']);
@@ -113,38 +111,30 @@ ob_start();
</div> </div>
</div> </div>
<label>Phone / <span class="text-secondary">Extension</span></label> <label>Phone</label>
<div class="form-row"> <div class="form-row">
<div class="col-9"> <div class="col-8">
<div class="form-group"> <div class="form-group">
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "$contact_phone_country_code"; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200" value="<?php echo $contact_phone; ?>">
<input type="tel" class="form-control" name="phone" value="<?php echo $contact_phone; ?>" placeholder="Phone Number" maxlength="200">
</div> </div>
</div> </div>
</div> </div>
<div class="col-3"> <div class="col-4">
<div class="form-group"> <input type="text" class="form-control" name="extension" placeholder="Extension" maxlength="200" value="<?php echo $contact_extension; ?>">
<input type="text" class="form-control" name="extension" value="<?php echo $contact_extension; ?>" placeholder="ext." maxlength="200">
</div>
</div> </div>
</div> </div>
<label>Mobile</label>
<div class="form-row">
<div class="col-9">
<div class="form-group"> <div class="form-group">
<label>Mobile</label>
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="mobile_country_code" value="<?php echo "$contact_mobile_country_code"; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="mobile" placeholder="Mobile Phone Number" maxlength="200" value="<?php echo $contact_mobile; ?>">
<input type="tel" class="form-control" name="mobile" value="<?php echo $contact_mobile; ?>" placeholder="Phone Number">
</div>
</div>
</div> </div>
</div> </div>
@@ -321,15 +311,6 @@ ob_start();
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_tag_add.php"
data-ajax-id="3">
<i class="fas fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>

67
ajax/ajax_contact_link_asset.php
View File

@@ -1,67 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
WHERE contact_id = $contact_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$contact_name = nullable_htmlentities($row['contact_name']);
$client_id = intval($row['contact_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-desktop mr-2"></i>Link Asset to <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-desktop"></i></span>
</div>
<select class="form-control select2" name="asset_id">
<option value="">- Select an Asset -</option>
<?php
$sql_assets_select = mysqli_query($mysqli, "
SELECT asset_id, asset_name
FROM assets
WHERE asset_client_id = $client_id
AND asset_contact_id = 0
AND asset_archived_at IS NULL
ORDER BY asset_name ASC
");
while ($row = mysqli_fetch_array($sql_assets_select)) {
$asset_id = intval($row['asset_id']);
$asset_name = nullable_htmlentities($row['asset_name']);
?>
<option value="<?php echo $asset_id ?>"><?php echo $asset_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_contact_to_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

67
ajax/ajax_contact_link_credential.php
View File

@@ -1,67 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
WHERE contact_id = $contact_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$contact_name = nullable_htmlentities($row['contact_name']);
$client_id = intval($row['contact_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-key mr-2"></i>Link Credential to <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<select class="form-control select2" name="credential_id">
<option value="">- Select a Credential -</option>
<?php
$sql_credentials_select = mysqli_query($mysqli, "
SELECT credential_id, credential_name
FROM credentials
WHERE credential_client_id = $client_id
AND credential_contact_id = 0
AND credential_archived_at IS NULL
ORDER BY credential_name ASC
");
while ($row = mysqli_fetch_array($sql_credentials_select)) {
$credential_id = intval($row['credential_id']);
$credential_name = nullable_htmlentities($row['credential_name']);
?>
<option value="<?php echo $credential_id ?>"><?php echo $credential_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_contact_to_credential" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

70
ajax/ajax_contact_link_document.php
View File

@@ -1,70 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
WHERE contact_id = $contact_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$contact_name = nullable_htmlentities($row['contact_name']);
$client_id = intval($row['contact_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-folder mr-2"></i>Link Document to <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-folder"></i></span>
</div>
<select class="form-control select2" name="document_id">
<option value="">- Select a Document -</option>
<?php
$sql_documents_select = mysqli_query($mysqli, "
SELECT documents.document_id, documents.document_name
FROM documents
LEFT JOIN contact_documents
ON documents.document_id = contact_documents.document_id
AND contact_documents.contact_id = $contact_id
WHERE documents.document_client_id = $client_id
AND documents.document_archived_at IS NULL
AND contact_documents.contact_id IS NULL
ORDER BY documents.document_name ASC
");
while ($row = mysqli_fetch_array($sql_documents_select)) {
$document_id = intval($row['document_id']);
$document_name = nullable_htmlentities($row['document_name']);
?>
<option value="<?php echo $document_id ?>"><?php echo $document_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_contact_to_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

72
ajax/ajax_contact_link_file.php
View File

@@ -1,72 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
WHERE contact_id = $contact_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$contact_name = nullable_htmlentities($row['contact_name']);
$client_id = intval($row['contact_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-paperclip mr-2"></i>Link File to <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-paperclip"></i></span>
</div>
<select class="form-control select2" name="file_id">
<option value="">- Select a File -</option>
<?php
$sql_files_select = mysqli_query($mysqli, "
SELECT files.file_id, files.file_name, folders.folder_name
FROM files
LEFT JOIN contact_files
ON files.file_id = contact_files.file_id
AND contact_files.contact_id = $contact_id
LEFT JOIN folders
ON folders.folder_id = files.file_folder_id
WHERE files.file_client_id = $client_id
AND contact_files.contact_id IS NULL
ORDER BY folders.folder_name ASC, files.file_name ASC
");
while ($row = mysqli_fetch_array($sql_files_select)) {
$file_id = intval($row['file_id']);
$file_name = nullable_htmlentities($row['file_name']);
$folder_name = nullable_htmlentities($row['folder_name']);
?>
<option value="<?php echo $file_id ?>"><?php echo "$folder_name/$file_name"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_contact_to_file" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

68
ajax/ajax_contact_link_service.php
View File

@@ -1,68 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
WHERE contact_id = $contact_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$contact_name = nullable_htmlentities($row['contact_name']);
$client_id = intval($row['contact_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-stream mr-2"></i>Link Service to <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-stream"></i></span>
</div>
<select class="form-control select2" name="service_id">
<option value="">- Select a Service -</option>
<?php
$sql_services_select = mysqli_query($mysqli, "
SELECT services.service_id, services.service_name
FROM services
LEFT JOIN service_contacts
ON services.service_id = service_contacts.service_id
AND service_contacts.contact_id = $contact_id
WHERE services.service_client_id = $client_id
AND service_contacts.contact_id IS NULL
ORDER BY services.service_name ASC
");
while ($row = mysqli_fetch_array($sql_services_select)) {
$service_id = intval($row['service_id']);
$service_name = nullable_htmlentities($row['service_name']);
?>
<option value="<?php echo $service_id ?>"><?php echo $service_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_service_to_contact" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

71
ajax/ajax_contact_link_software.php
View File

@@ -1,71 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM contacts
WHERE contact_id = $contact_id
LIMIT 1
");
$row = mysqli_fetch_array($sql);
$contact_name = nullable_htmlentities($row['contact_name']);
$client_id = intval($row['contact_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-cube mr-2"></i>License Software to <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-cube"></i></span>
</div>
<select class="form-control select2" name="software_id">
<option value="">- Select a User Software License -</option>
<?php
$sql_software_select = mysqli_query($mysqli, "
SELECT software.software_id, software.software_name
FROM software
LEFT JOIN software_contacts
ON software.software_id = software_contacts.software_id
AND software_contacts.contact_id = $contact_id
WHERE software.software_client_id = $client_id
AND software.software_archived_at IS NULL
AND software.software_license_type = 'User'
AND software_contacts.contact_id IS NULL
ORDER BY software.software_name ASC
");
while ($row = mysqli_fetch_array($sql_software_select)) {
$software_id = intval($row['software_id']);
$software_name = nullable_htmlentities($row['software_name']);
?>
<option value="<?php echo $software_id ?>"><?php echo $software_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="link_software_to_contact" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Link</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";
?>

156
ajax/ajax_credential_edit.php
View File

@@ -2,34 +2,35 @@
require_once '../includes/ajax_header.php'; require_once '../includes/ajax_header.php';
$credential_id = intval($_GET['id']); $login_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_id = $credential_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_id = $login_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$client_id = intval($row['credential_client_id']); $client_id = intval($row['login_client_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $login_id = intval($row['login_id']);
$credential_description = nullable_htmlentities($row['credential_description']); $login_name = nullable_htmlentities($row['login_name']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $login_description = nullable_htmlentities($row['login_description']);
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']); $login_uri = nullable_htmlentities($row['login_uri']);
$credential_uri_link = sanitize_url($row['credential_uri']); $login_uri_2 = nullable_htmlentities($row['login_uri_2']);
$credential_uri_2_link = sanitize_url($row['credential_uri_2']); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password'])); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']);
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']); $login_note = nullable_htmlentities($row['login_note']);
$credential_note = nullable_htmlentities($row['credential_note']); $login_created_at = nullable_htmlentities($row['login_created_at']);
$credential_created_at = nullable_htmlentities($row['credential_created_at']); $login_archived_at = nullable_htmlentities($row['login_archived_at']);
$credential_archived_at = nullable_htmlentities($row['credential_archived_at']); $login_important = intval($row['login_important']);
$credential_important = intval($row['credential_important']); $login_contact_id = intval($row['login_contact_id']);
$credential_contact_id = intval($row['credential_contact_id']); $login_vendor_id = intval($row['login_vendor_id']);
$credential_asset_id = intval($row['credential_asset_id']); $login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
// Tags // Tags
$credential_tag_id_array = array(); $login_tag_id_array = array();
$sql_credential_tags = mysqli_query($mysqli, "SELECT tag_id FROM credential_tags WHERE credential_id = $credential_id"); $sql_login_tags = mysqli_query($mysqli, "SELECT tag_id FROM login_tags WHERE login_id = $login_id");
while ($row = mysqli_fetch_array($sql_credential_tags)) { while ($row = mysqli_fetch_array($sql_login_tags)) {
$credential_tag_id = intval($row['tag_id']); $login_tag_id = intval($row['tag_id']);
$credential_tag_id_array[] = $credential_tag_id; $login_tag_id_array[] = $login_tag_id;
} }
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
@@ -37,26 +38,26 @@ ob_start();
?> ?>
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><i class='fas fa-fw fa-key mr-2'></i>Editing credential: <strong><?php echo $credential_name; ?></strong></h5> <h5 class="modal-title"><i class='fas fa-fw fa-key mr-2'></i>Editing credential: <strong><?php echo $login_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="credential_id" value="<?php echo $credential_id; ?>"> <input type="hidden" name="login_id" value="<?php echo $login_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-credential-details<?php echo $credential_id; ?>">Details</a> <a class="nav-link active" data-toggle="pill" href="#pills-login-details<?php echo $login_id; ?>">Details</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-credential-relation<?php echo $credential_id; ?>">Relation</a> <a class="nav-link" data-toggle="pill" href="#pills-login-relation<?php echo $login_id; ?>">Relation</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-credential-notes<?php echo $credential_id; ?>">Notes</a> <a class="nav-link" data-toggle="pill" href="#pills-login-notes<?php echo $login_id; ?>">Notes</a>
</li> </li>
</ul> </ul>
@@ -64,7 +65,7 @@ ob_start();
<div class="tab-content" <?php if (lookupUserPermission('module_credential') <= 1) { echo 'inert'; } ?>> <div class="tab-content" <?php if (lookupUserPermission('module_credential') <= 1) { echo 'inert'; } ?>>
<div class="tab-pane fade show active" id="pills-credential-details<?php echo $credential_id; ?>"> <div class="tab-pane fade show active" id="pills-login-details<?php echo $login_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Name <strong class="text-danger">*</strong> / <span class="text-secondary">Important?</span></label> <label>Name <strong class="text-danger">*</strong> / <span class="text-secondary">Important?</span></label>
@@ -72,10 +73,10 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div> </div>
<input type="text" class="form-control" name="name" placeholder="Name of Credential" maxlength="200" value="<?php echo $credential_name; ?>" required> <input type="text" class="form-control" name="name" placeholder="Name of Login" maxlength="200" value="<?php echo $login_name; ?>" required>
<div class="input-group-append"> <div class="input-group-append">
<div class="input-group-text"> <div class="input-group-text">
<input type="checkbox" name="important" value="1" <?php if ($credential_important == 1) { echo "checked"; } ?>> <input type="checkbox" name="important" value="1" <?php if ($login_important == 1) { echo "checked"; } ?>>
</div> </div>
</div> </div>
</div> </div>
@@ -87,7 +88,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div> </div>
<input type="text" class="form-control" name="description" placeholder="Description" value="<?php echo $credential_description; ?>"> <input type="text" class="form-control" name="description" placeholder="Description" value="<?php echo $login_description; ?>">
</div> </div>
</div> </div>
@@ -97,7 +98,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div> </div>
<input type="text" class="form-control" name="username" placeholder="Username or ID" maxlength="350" value="<?php echo $credential_username; ?>"> <input type="text" class="form-control" name="username" placeholder="Username or ID" maxlength="350" value="<?php echo $login_username; ?>">
</div> </div>
</div> </div>
@@ -107,12 +108,12 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div> </div>
<input type="password" class="form-control" data-toggle="password" name="password" placeholder="Password or Key" maxlength="350" value="<?php echo $credential_password; ?>" required autocomplete="new-password"> <input type="password" class="form-control" data-toggle="password" name="password" placeholder="Password or Key" maxlength="350" value="<?php echo $login_password; ?>" required autocomplete="new-password">
<div class="input-group-append"> <div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div> </div>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $credential_password; ?>"><i class="fa fa-fw fa-copy"></i></button> <button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $login_password; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div> </div>
</div> </div>
</div> </div>
@@ -123,7 +124,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div> </div>
<input type="password" class="form-control" data-toggle="password" name="otp_secret" maxlength="200" value="<?php echo $credential_otp_secret; ?>" placeholder="Insert secret key"> <input type="password" class="form-control" data-toggle="password" name="otp_secret" maxlength="200" value="<?php echo $login_otp_secret; ?>" placeholder="Insert secret key">
<div class="input-group-append"> <div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div> </div>
@@ -136,13 +137,13 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-link"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-link"></i></span>
</div> </div>
<input type="text" class="form-control" name="uri" placeholder="ex. http://192.168.1.1" maxlength="500" value="<?php echo $credential_uri; ?>"> <input type="text" class="form-control" name="uri" placeholder="ex. http://192.168.1.1" maxlength="500" value="<?php echo $login_uri; ?>">
<div class="input-group-append"> <div class="input-group-append">
<a href="<?php echo $credential_uri_link; ?>" target="_blank" class="input-group-text"><i class="fa fa-fw fa-link"></i></a> <a href="<?php echo $login_uri; ?>" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
</div> </div>
<div class="input-group-append"> <div class="input-group-append">
<button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $credential_uri; ?>"><i class="fa fa-fw fa-copy"></i></button> <button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $login_uri; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div> </div>
</div> </div>
</div> </div>
@@ -153,19 +154,19 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-link"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-link"></i></span>
</div> </div>
<input type="text" class="form-control" name="uri_2" placeholder="ex. https://server.company.com:5001" maxlength="500" value="<?php echo $credential_uri_2; ?>"> <input type="text" class="form-control" name="uri_2" placeholder="ex. https://server.company.com:5001" maxlength="500" value="<?php echo $login_uri_2; ?>">
<div class="input-group-append"> <div class="input-group-append">
<a href="<?php echo $credential_uri_2_link; ?>" target="_blank" class="input-group-text"><i class="fa fa-fw fa-link"></i></a> <a href="<?php echo $login_uri_2; ?>" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
</div> </div>
<div class="input-group-append"> <div class="input-group-append">
<button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $credential_uri_2; ?>"><i class="fa fa-fw fa-copy"></i></button> <button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $login_uri_2; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<div class="tab-pane fade" id="pills-credential-relation<?php echo $credential_id; ?>"> <div class="tab-pane fade" id="pills-login-relation<?php echo $login_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Contact</label> <label>Contact</label>
@@ -174,7 +175,7 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div> </div>
<select class="form-control select2" name="contact"> <select class="form-control select2" name="contact">
<option value="">- Select Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli, "SELECT contact_id, contact_name FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT contact_id, contact_name FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
@@ -182,12 +183,34 @@ ob_start();
$contact_id_select = intval($row['contact_id']); $contact_id_select = intval($row['contact_id']);
$contact_name_select = nullable_htmlentities($row['contact_name']); $contact_name_select = nullable_htmlentities($row['contact_name']);
?> ?>
<option <?php if ($credential_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option> <option <?php if ($login_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
</div> </div>
</div> </div>
<div class="form-group">
<label>Vendor</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<select class="form-control select2" name="vendor">
<option value="0">- None -</option>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);
?>
<option <?php if ($login_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Asset</label> <label>Asset</label>
<div class="input-group"> <div class="input-group">
@@ -195,7 +218,7 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div> </div>
<select class="form-control select2" name="asset"> <select class="form-control select2" name="asset">
<option value="0">- Select Asset -</option> <option value="0">- None -</option>
<?php <?php
$sql_assets = mysqli_query($mysqli, "SELECT asset_id, asset_name, location_name FROM assets LEFT JOIN locations on asset_location_id = location_id WHERE asset_client_id = $client_id AND asset_archived_at IS NULL ORDER BY asset_name ASC"); $sql_assets = mysqli_query($mysqli, "SELECT asset_id, asset_name, location_name FROM assets LEFT JOIN locations on asset_location_id = location_id WHERE asset_client_id = $client_id AND asset_archived_at IS NULL ORDER BY asset_name ASC");
@@ -210,7 +233,29 @@ ob_start();
} }
?> ?>
<option <?php if ($credential_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo $asset_select_display_string; ?></option> <option <?php if ($login_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo $asset_select_display_string; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Software</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-box"></i></span>
</div>
<select class="form-control select2" name="software">
<option value="0">- None -</option>
<?php
$sql_software = mysqli_query($mysqli, "SELECT software_id, software_name FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql_software)) {
$software_id_select = intval($row['software_id']);
$software_name_select = nullable_htmlentities($row['software_name']);
?>
<option <?php if ($login_software_id == $software_id_select) { echo "selected"; } ?> value="<?php echo $software_id_select; ?>"><?php echo $software_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
@@ -219,10 +264,10 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pills-credential-notes<?php echo $credential_id; ?>"> <div class="tab-pane fade" id="pills-login-notes<?php echo $login_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" rows="12" placeholder="Enter some notes" name="note"><?php echo $credential_note; ?></textarea> <textarea class="form-control" rows="12" placeholder="Enter some notes" name="note"><?php echo $login_note; ?></textarea>
</div> </div>
<div class="form-group"> <div class="form-group">
@@ -239,19 +284,10 @@ ob_start();
$tag_id_select = intval($row['tag_id']); $tag_id_select = intval($row['tag_id']);
$tag_name_select = nullable_htmlentities($row['tag_name']); $tag_name_select = nullable_htmlentities($row['tag_name']);
?> ?>
<option value="<?php echo $tag_id_select; ?>" <?php if (in_array($tag_id_select, $credential_tag_id_array)) { echo "selected"; } ?>><?php echo $tag_name_select; ?></option> <option value="<?php echo $tag_id_select; ?>" <?php if (in_array($tag_id_select, $login_tag_id_array)) { echo "selected"; } ?>><?php echo $tag_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_tag_add.php"
data-ajax-id="4">
<i class="fas fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -260,7 +296,7 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">
<button type="submit" name="edit_credential" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_login" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>

94
ajax/ajax_credential_view.php
View File

@@ -1,94 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$credential_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_id = $credential_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$credential_name = nullable_htmlentities($row['credential_name']);
$credential_description = nullable_htmlentities($row['credential_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']);
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']);
$credential_username = nullable_htmlentities(decryptLoginEntry($row['credential_username']));
$credential_password = nullable_htmlentities(decryptLoginEntry($row['credential_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']);
$credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"';
if (empty($credential_otp_secret)) {
$otp_display = "-";
} else {
$otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>";
}
$credential_note = nullable_htmlentities($row['credential_note']);
$credential_created_at = nullable_htmlentities($row['credential_created_at']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark text-white">
<div class="d-flex align-items-center">
<i class="fas fa-fw fa-building fa-2x mr-3"></i>
<div>
<h5 class="modal-title mb-0"><?php echo $name; ?></h5>
<div class="text-muted"><?php echo getFallback($description); ?></div>
</div>
</div>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-light">
<!-- Vendor Info Card -->
<div class="card mb-3 shadow-sm rounded">
<div class="card-body">
<h6 class="text-secondary"><i class="fas fa-info-circle mr-2"></i>Vendor Details</h6>
<div class="row">
<div class="col-sm-6">
<div><strong>Account Number:</strong> <?php echo getFallback($account_number); ?></div>
<div><strong>Hours:</strong> <?php echo getFallback($hours); ?></div>
<div><strong>SLA:</strong> <?php echo getFallback($sla); ?></div>
</div>
<div class="col-sm-6">
<div><strong>Code:</strong> <?php echo getFallback($code); ?></div>
<div><strong>Website:</strong> <?php echo !empty($website) ? '<a href="' . $website . '" target="_blank" class="text-primary">' . $website . '</a>' : '<span class="text-muted">Not Available</span>'; ?></div>
</div>
</div>
</div>
</div>
<!-- Contact Info Card -->
<div class="card mb-3 shadow-sm rounded">
<div class="card-body">
<h6 class="text-secondary"><i class="fas fa-user mr-2"></i>Contact Information</h6>
<div class="row">
<div class="col-sm-6">
<div><strong>Contact Name:</strong> <?php echo getFallback($contact_name); ?></div>
<div><strong>Phone:</strong> <?php echo getFallback($phone); ?></div>
</div>
<div class="col-sm-6">
<div><strong>Email:</strong> <?php echo !empty($email) ? '<a href="mailto:' . $email . '" class="text-primary">' . $email . '</a>' : '<span class="text-muted">Not Available</span>'; ?></div>
</div>
</div>
</div>
</div>
<!-- Notes Card -->
<div class="card mb-3 shadow-sm rounded">
<div class="card-body">
<h6 class="text-secondary"><i class="fas fa-sticky-note mr-2"></i>Notes</h6>
<div>
<?php echo getFallback($notes); ?>
</div>
</div>
</div>
</div>
<script src="js/credential_show_otp_via_id.js"></script>
<?php
require_once "../includes/ajax_footer.php";

15
ajax/ajax_custom_ticket_status_edit.php
View File

@@ -8,7 +8,6 @@ $sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_status_order = intval($row['ticket_status_order']);
$ticket_status_active = intval($row['ticket_status_active']); $ticket_status_active = intval($row['ticket_status_active']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
@@ -31,7 +30,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div> </div>
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $ticket_status_name; ?>" required <?php if ($ticket_status_id <= 5) { echo "readonly"; } ?>> <input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $ticket_status_name; ?>" required>
</div> </div>
</div> </div>
@@ -45,16 +44,6 @@ ob_start();
</div> </div>
</div> </div>
<div class="form-group">
<label>Order</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-sort-numeric-down"></i></span>
</div>
<input type="number" class="form-control" name="order" placeholder="Leave blank for no order" value="<?php echo $ticket_status_order; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Status <strong class="text-danger">*</strong></label> <label>Status <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
@@ -63,7 +52,7 @@ ob_start();
</div> </div>
<select class="form-control select2" name="status" required> <select class="form-control select2" name="status" required>
<option <?php if ($ticket_status_active == 1) { echo "selected"; } ?> value="1">Active</option> <option <?php if ($ticket_status_active == 1) { echo "selected"; } ?> value="1">Active</option>
<option <?php if ($ticket_status_active == 0) { echo "selected"; } ?> value="0" <?php if ($ticket_status_id <= 5) { echo "disabled"; } ?>>Inactive</option> <option <?php if ($ticket_status_active == 0) { echo "selected"; } ?> value="0">Disabled</option>
</select> </select>
</div> </div>
</div> </div>

9
ajax/ajax_document_edit.php
View File

@@ -10,7 +10,12 @@ $row = mysqli_fetch_array($sql);
$document_name = nullable_htmlentities($row['document_name']); $document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']); $document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']); $document_content = nullable_htmlentities($row['document_content']);
$document_created_by_id = intval($row['document_created_by']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_archived_at = nullable_htmlentities($row['document_archived_at']);
$document_folder_id = intval($row['document_folder_id']); $document_folder_id = intval($row['document_folder_id']);
$document_parent = intval($row['document_parent']);
$document_client_visible = intval($row['document_client_visible']); $document_client_visible = intval($row['document_client_visible']);
$client_id = intval($row['document_client_id']); $client_id = intval($row['document_client_id']);
@@ -25,8 +30,10 @@ ob_start();
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>"> <input type="hidden" name="document_id" value="<?php if($document_parent == 0){ echo $document_id; } else { echo $document_parent; } ?>">
<input type="hidden" name="document_parent" value="<?php echo $document_parent; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="created_by" value="<?php echo $document_created_by_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">

20
ajax/ajax_document_template_edit.php
View File

@@ -2,38 +2,38 @@
require_once '../includes/ajax_header.php'; require_once '../includes/ajax_header.php';
$document_template_id = intval($_GET['id']); $document_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$document_template_name = nullable_htmlentities($row['document_template_name']); $document_name = nullable_htmlentities($row['document_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']); $document_description = nullable_htmlentities($row['document_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']); $document_content = nullable_htmlentities($row['document_content']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_template_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_template_id" value="<?php echo $document_template_id; ?>"> <input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_template_name; ?>" placeholder="Name" required> <input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_name; ?>" placeholder="Name" required>
</div> </div>
<div class="form-group"> <div class="form-group">
<textarea class="form-control tinymce" name="content"><?php echo $document_template_content; ?></textarea> <textarea class="form-control tinymce" name="content"><?php echo $document_content; ?></textarea>
</div> </div>
<div class="form-group"> <div class="form-group">
<input type="text" class="form-control" name="description" value="<?php echo $document_template_description; ?>" placeholder="Short summary"> <input type="text" class="form-control" name="description" value="<?php echo $document_description; ?>" placeholder="Short summary">
</div> </div>
</div> </div>

39
ajax/ajax_document_version_view.php
View File

@@ -1,39 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
// Initialize the HTML Purifier to prevent XSS
require_once "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
$document_version_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM document_versions WHERE document_version_id = $document_version_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$document_version_name = nullable_htmlentities($row['document_version_name']);
$document_version_content = $purifier->purify($row['document_version_content']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title text-white"><i class="fa fa-fw fa-file-alt mr-2"></i><?php echo $document_version_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-white prettyContent">
<?php echo $document_version_content; ?>
</div>
<script src="../js/pretty_content.js"></script>
<?php
require_once "../includes/ajax_footer.php";

3
ajax/ajax_document_view.php
View File

@@ -33,8 +33,5 @@ ob_start();
<?php echo $document_content; ?> <?php echo $document_content; ?>
</div> </div>
<script src="../js/pretty_content.js"></script>
<?php <?php
require_once "../includes/ajax_footer.php"; require_once "../includes/ajax_footer.php";

2
ajax/ajax_expense_copy.php
View File

@@ -105,7 +105,7 @@ ob_start();
<select class="form-control select2" name="vendor" required> <select class="form-control select2" name="vendor" required>
<?php <?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']); $vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); $vendor_name_select = nullable_htmlentities($row['vendor_name']);

16
ajax/ajax_expense_edit.php
View File

@@ -119,7 +119,7 @@ ob_start();
<select class="form-control select2" name="vendor" required> <select class="form-control select2" name="vendor" required>
<?php <?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC"); $sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) { while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id_select = intval($row['vendor_id']); $vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); $vendor_name_select = nullable_htmlentities($row['vendor_name']);
@@ -131,12 +131,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="vendors.php" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Expense">
<i class="fas fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>
@@ -181,12 +176,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Expense" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Expense">
<i class="fas fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>

7
ajax/ajax_invoice_edit.php
View File

@@ -77,12 +77,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Income" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Income">
<i class="fas fa-fw fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>

182
ajax/ajax_invoice_pay.php
View File

@@ -1,182 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$invoice_id = intval($_GET['id']);
$sql = mysqli_query(
$mysqli,
"SELECT * FROM invoices
LEFT JOIN clients ON invoice_client_id = client_id
LEFT JOIN contacts ON client_id = contact_client_id AND contact_primary = 1
WHERE invoice_id = $invoice_id
LIMIT 1"
);
$row = mysqli_fetch_array($sql);
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
$invoice_number = intval($row['invoice_number']);
$invoice_amount = floatval($row['invoice_amount']);
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$client_currency_code = nullable_htmlentities($row['client_currency_code']);
$contact_name = nullable_htmlentities($row['contact_name']);
$contact_email = nullable_htmlentities($row['contact_email']);
//Add up all the payments for the invoice and get the total amount paid to the invoice
$sql_amount_paid = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS amount_paid FROM payments WHERE payment_invoice_id = $invoice_id");
$row = mysqli_fetch_array($sql_amount_paid);
$amount_paid = floatval($row['amount_paid']);
$balance = $invoice_amount - $amount_paid;
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i><?php echo "$invoice_prefix$invoice_number"; ?>: Make Payment</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="invoice_id" value="<?php echo $invoice_id; ?>">
<input type="hidden" name="balance" value="<?php echo $balance; ?>">
<input type="hidden" name="currency_code" value="<?php echo $client_currency_code; ?>">
<div class="modal-body bg-white">
<div class="form-row">
<div class="col-md">
<div class="form-group">
<label>Date <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="date" class="form-control" name="date" max="2999-12-31" value="<?php echo date("Y-m-d"); ?>" required>
</div>
</div>
</div>
<div class="col-md">
<div class="form-group">
<label>Amount <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="amount" value="<?php echo number_format($balance, 2, '.', ''); ?>" placeholder="0.00" required>
</div>
</div>
</div>
</div>
<div class="form-group">
<label>Account <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
</div>
<select class="form-control select2" name="account" required>
<option value="">- Select an Account -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$account_id = intval($row['account_id']);
$account_name = nullable_htmlentities($row['account_name']);
$opening_balance = floatval($row['opening_balance']);
$sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
$row = mysqli_fetch_array($sql_payments);
$total_payments = floatval($row['total_payments']);
$sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
$row = mysqli_fetch_array($sql_revenues);
$total_revenues = floatval($row['total_revenues']);
$sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
$row = mysqli_fetch_array($sql_expenses);
$total_expenses = floatval($row['total_expenses']);
$account_balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
?>
<option <?php if ($config_default_payment_account == $account_id) { echo "selected"; } ?>
value="<?php echo $account_id; ?>">
<?php echo $account_name; ?> [$<?php echo number_format($account_balance, 2); ?>]
</option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Payment Method <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-money-check-alt"></i></span>
</div>
<select class="form-control select2" name="payment_method" required>
<option value="">- Method of Payment -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$category_name = nullable_htmlentities($row['category_name']);
?>
<option <?php if ($config_default_payment_method == $category_name) {
echo "selected";
} ?>><?php echo $category_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-file-alt"></i></span>
</div>
<input type="text" class="form-control" name="reference" placeholder="Check #, Trans #, etc" maxlength="200">
</div>
</div>
<?php if (!empty($config_smtp_host) && !empty($contact_email)) { ?>
<div class="form-group">
<label>Email Receipt</label>
<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="customControlAutosizing" name="email_receipt" value="1" checked>
<label class="custom-control-label" for="customControlAutosizing"><?php echo $contact_email; ?></label>
</div>
</div>
<?php } ?>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="add_payment" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Pay</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

39
ajax/ajax_location_edit.php
View File

@@ -14,11 +14,8 @@ $location_address = nullable_htmlentities($row['location_address']);
$location_city = nullable_htmlentities($row['location_city']); $location_city = nullable_htmlentities($row['location_city']);
$location_state = nullable_htmlentities($row['location_state']); $location_state = nullable_htmlentities($row['location_state']);
$location_zip = nullable_htmlentities($row['location_zip']); $location_zip = nullable_htmlentities($row['location_zip']);
$location_phone_country_code = nullable_htmlentities($row['location_phone_country_code']); $location_phone = formatPhoneNumber($row['location_phone']);
$location_phone = nullable_htmlentities(formatPhoneNumber($row['location_phone'], $location_phone_country_code)); $location_fax = formatPhoneNumber($row['location_fax']);
$location_extension = formatPhoneNumber($row['location_extension']);
$location_fax_country_code = nullable_htmlentities($row['location_fax_country_code']);
$location_fax = nullable_htmlentities(formatPhoneNumber($row['location_fax'], $location_fax_country_code));
$location_hours = nullable_htmlentities($row['location_hours']); $location_hours = nullable_htmlentities($row['location_hours']);
$location_photo = nullable_htmlentities($row['location_photo']); $location_photo = nullable_htmlentities($row['location_photo']);
$location_notes = nullable_htmlentities($row['location_notes']); $location_notes = nullable_htmlentities($row['location_notes']);
@@ -201,38 +198,23 @@ ob_start();
</div> </div>
</div> </div>
<label>Phone / <span class="text-secondary">Extension</span></label>
<div class="form-row">
<div class="col-9">
<div class="form-group"> <div class="form-group">
<label>Phone</label>
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $location_phone_country_code; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200" value="<?php echo $location_phone; ?>">
<input type="tel" class="form-control" name="phone" value="<?php echo $location_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
</div>
<div class="col-3">
<div class="form-group">
<input type="text" class="form-control" name="extension" value="<?php echo $location_extension; ?>" placeholder="ext." maxlength="200">
</div>
</div> </div>
</div> </div>
<label>Fax</label>
<div class="form-row">
<div class="col-9">
<div class="form-group"> <div class="form-group">
<label>Fax</label>
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="fax_country_code" value="<?php echo $location_fax_country_code; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="fax" placeholder="Fax Number" maxlength="200" value="<?php echo $location_fax; ?>">
<input type="tel" class="form-control" name="fax" value="<?php echo $location_fax; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
</div> </div>
</div> </div>
@@ -272,15 +254,6 @@ ob_start();
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_tag_add.php"
data-ajax-id="2">
<i class="fas fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>

2
ajax/ajax_network_edit.php
View File

@@ -90,7 +90,7 @@ ob_start();
$location_id = intval($row['location_id']); $location_id = intval($row['location_id']);
$location_name = nullable_htmlentities($row['location_name']); $location_name = nullable_htmlentities($row['location_name']);
?> ?>
<option value="<?php echo $location_id; ?>" <?php if ($location_id == $network_location_id) { echo "selected"; } ?>> <option value="<?php echo $location_id; ?>" <?php if ($location_id = $network_location_id) { echo "selected"; } ?>>
<?php echo $location_name; ?> <?php echo $location_name; ?>
</option> </option>
<?php <?php

110
ajax/ajax_notifications.php
View File

@@ -1,13 +1,11 @@
<?php <?php
require_once "../includes/ajax_header.php"; require_once '../includes/ajax_header.php';
$sql = mysqli_query( $sql = mysqli_query($mysqli, "SELECT * FROM notifications
$mysqli,
"SELECT * FROM notifications
WHERE notification_user_id = $session_user_id WHERE notification_user_id = $session_user_id
AND notification_dismissed_at IS NULL AND notification_dismissed_at IS NULL
ORDER BY notification_id DESC" ORDER BY notification_id"
); );
$num_notifications = mysqli_num_rows($sql); $num_notifications = mysqli_num_rows($sql);
@@ -25,68 +23,50 @@ ob_start();
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<?php if ($num_notifications) { ?> <?php if ($num_notifications) { ?>
<table class="table table-sm table-hover table-borderless">
<?php
<?php while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$notification_id = intval($row['notification_id']);
$notification_id = intval($row["notification_id"]); $notification_type = nullable_htmlentities($row['notification_type']);
$notification_type = nullable_htmlentities($row["notification_type"]); $notification_details = nullable_htmlentities($row['notification']);
$notification_details = nullable_htmlentities($row["notification"]); $notification_action = nullable_htmlentities($row['notification_action']);
$notification_action = nullable_htmlentities( $notification_timestamp_formated = date('M d g:ia',strtotime($row['notification_timestamp']));
$row["notification_action"] $notification_client_id = intval($row['notification_client_id']);
); if(empty($notification_action)) { $notification_action = "#"; }
$notification_timestamp_formated = date(
"M d g:ia",
strtotime($row["notification_timestamp"])
);
$notification_client_id = intval($row["notification_client_id"]);
if (empty($notification_action)) {
$notification_action = "#";
}
?> ?>
<tr class="notification-item">
<th> <a class="text-dark dropdown-item px-1" href="<?php echo $notification_action; ?>">
<a class="text-dark" href="<?php echo $notification_action; ?>"> <div>
<span class="text-bold">
<i class="fas fa-bullhorn mr-2"></i><?php echo $notification_type; ?> <i class="fas fa-bullhorn mr-2"></i><?php echo $notification_type; ?>
</span>
<small class="text-muted float-right"> <small class="text-muted float-right">
<?php echo $notification_timestamp_formated; ?> <?php echo $notification_timestamp_formated; ?>
</small> </small>
<br> </div>
<small class="text-secondary text-wrap"><?php echo $notification_details; ?></small> <small class="text-secondary"><?php echo $notification_details; ?></small>
</a> </a>
</th>
</tr>
<?php <?php
} }
} else {
?> ?>
</table> <div class="text-center text-secondary py-5">
<div class="text-center mt-2">
<button id="prev-btn" class="btn btn-sm btn-outline-secondary mr-2"><i class="fas fa-caret-left"></i></button>
<button id="next-btn" class="btn btn-sm btn-outline-secondary"><i class="fas fa-caret-right"></i></button>
</div>
<?php } else { ?>
<div class="text-center text-secondary pt-3">
<i class='far fa-6x fa-bell-slash'></i> <i class='far fa-6x fa-bell-slash'></i>
<h3 class="mt-3">No Notifications</h3> <h3 class="mt-3">No Notifications</h3>
</div> </div>
<?php } ?> <?php } ?>
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white justify-content-end">
<?php if ($num_notifications) { ?> <?php if ($num_notifications) { ?>
<a href="post.php?dismiss_all_notifications&csrf_token=<?php echo $_SESSION['csrf_token'] ?>" class="btn btn-primary">
<a href="post.php?dismiss_all_notifications&csrf_token=<?php echo $_SESSION[
"csrf_token"
]; ?>" class="btn btn-primary">
<span class="text-white text-bold"><i class="fas fa-check mr-2"></i>Dismiss all</span> <span class="text-white text-bold"><i class="fas fa-check mr-2"></i>Dismiss all</span>
</a> </a>
<a href="notifications.php" class="btn btn-secondary">
<span class="text-white">See all Notifications</span>
</a>
<?php } else { ?> <?php } else { ?>
<a href="notifications.php?dismissed" class="btn btn-dark"> <a href="notifications_dismissed.php" class="btn btn-dark">
<span class="text-white text-bold">See Dismissed Notifications</span> <span class="text-white text-bold">See Dismissed Notifications</span>
</a> </a>
<?php } ?> <?php } ?>
@@ -95,41 +75,5 @@ ob_start();
</button> </button>
</div> </div>
<script> <?php
$(document).ready(function () { require_once "../includes/ajax_footer.php";
var perPage = 8;
var $items = $(".notification-item");
var totalItems = $items.length;
var totalPages = Math.ceil(totalItems / perPage);
var currentPage = 0;
function showPage(page) {
$items.hide().slice(page * perPage, (page + 1) * perPage).show();
$("#prev-btn").prop("disabled", page === 0);
$("#next-btn").prop("disabled", page >= totalPages - 1);
$("#page-indicator").text(`Page ${page + 1} of ${totalPages} (${totalItems} total)`);
}
$("#prev-btn").on("click", function () {
if (currentPage > 0) {
currentPage--;
showPage(currentPage);
}
});
$("#next-btn").on("click", function () {
if (currentPage < totalPages - 1) {
currentPage++;
showPage(currentPage);
}
});
if (totalItems <= perPage) {
$("#prev-btn, #next-btn, #page-indicator").hide();
}
showPage(currentPage);
});
</script>
<?php require_once "../includes/ajax_footer.php";

7
ajax/ajax_product_edit.php
View File

@@ -59,12 +59,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Income" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Income">
<i class="fas fa-fw fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>

24
ajax/ajax_project_edit.php
View File

@@ -74,8 +74,9 @@ ob_start();
<?php <?php
$sql_project_managers_select = mysqli_query( $sql_project_managers_select = mysqli_query(
$mysqli, $mysqli,
"SELECT user_id, user_name FROM users "SELECT users.user_id, user_name FROM users
WHERE user_role_id > 1 AND user_status = 1 AND user_archived_at IS NULL ORDER BY user_name ASC" LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_role > 1 AND user_status = 1 AND user_archived_at IS NULL ORDER BY user_name ASC"
); );
while ($row = mysqli_fetch_array($sql_project_managers_select)) { while ($row = mysqli_fetch_array($sql_project_managers_select)) {
$user_id_select = intval($row['user_id']); $user_id_select = intval($row['user_id']);
@@ -85,25 +86,6 @@ ob_start();
</select> </select>
</div> </div>
</div> </div>
<div class="form-group">
<label>Client</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-users"></i></span>
</div>
<select class="form-control select2" name="client_id">
<option value="0">- No Client -</option>
<?php
$sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL $access_permission_query ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql)) {
$select_client_id = intval($row['client_id']);
$select_client_name = nullable_htmlentities($row['client_name']);
?>
<option value="<?php echo $select_client_id; ?>" <?php if ($client_id == $select_client_id) { echo "selected"; } ?>><?php echo $select_client_name; ?></option>
<?php } ?>
</select>
</div>
</div>
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">
<button type="submit" name="edit_project" class="btn btn-primary text-bold"> <button type="submit" name="edit_project" class="btn btn-primary text-bold">

7
ajax/ajax_quote_edit.php
View File

@@ -73,12 +73,7 @@ ob_start();
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Income" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Income">
<i class="fas fa-fw fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>

9
ajax/ajax_recurring_expense_edit.php
View File

@@ -157,7 +157,7 @@ ob_start();
<select class="form-control select2" name="vendor" required> <select class="form-control select2" name="vendor" required>
<?php <?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND (vendor_archived_at > '$recurring_expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC"); $sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$recurring_expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) { while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id_select = intval($row['vendor_id']); $vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); $vendor_name_select = nullable_htmlentities($row['vendor_name']);
@@ -214,12 +214,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Expense" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Expense">
<i class="fas fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>

51
ajax/ajax_recurring_invoice_edit.php
View File

@@ -2,33 +2,33 @@
require_once '../includes/ajax_header.php'; require_once '../includes/ajax_header.php';
$recurring_invoice_id = intval($_GET['id']); $recurring_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_id = $recurring_invoice_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM recurring WHERE recurring_id = $recurring_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$recurring_invoice_prefix = nullable_htmlentities($row['recurring_invoice_prefix']); $recurring_prefix = nullable_htmlentities($row['recurring_prefix']);
$recurring_invoice_number = intval($row['recurring_invoice_number']); $recurring_number = intval($row['recurring_number']);
$recurring_invoice_scope = nullable_htmlentities($row['recurring_invoice_scope']); $recurring_scope = nullable_htmlentities($row['recurring_scope']);
$recurring_invoice_frequency = nullable_htmlentities($row['recurring_invoice_frequency']); $recurring_frequency = nullable_htmlentities($row['recurring_frequency']);
$recurring_invoice_status = nullable_htmlentities($row['recurring_invoice_status']); $recurring_status = nullable_htmlentities($row['recurring_status']);
$recurring_invoice_created_at = date('Y-m-d', strtotime($row['recurring_invoice_created_at'])); $recurring_created_at = date('Y-m-d', strtotime($row['recurring_created_at']));
$recurring_invoice_next_date = nullable_htmlentities($row['recurring_invoice_next_date']); $recurring_next_date = nullable_htmlentities($row['recurring_next_date']);
$recurring_invoice_discount = floatval($row['recurring_invoice_discount_amount']); $recurring_discount = floatval($row['recurring_discount_amount']);
$category_id = intval($row['recurring_invoice_category_id']); $category_id = intval($row['recurring_category_id']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-redo-alt mr-2"></i>Editing Recur Invoice: <strong><?php echo "$recurring_invoice_prefix$recurring_invoice_number"; ?></strong></h5> <h5 class="modal-title"><i class="fas fa-fw fa-redo-alt mr-2"></i>Editing Recur Invoice: <strong><?php echo "$recurring_prefix$recurring_number"; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="recurring_invoice_id" value="<?php echo $recurring_invoice_id; ?>"> <input type="hidden" name="recurring_id" value="<?php echo $recurring_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
@@ -38,7 +38,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-comment"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-comment"></i></span>
</div> </div>
<input type="text" class="form-control" name="scope" placeholder="Quick description" maxlength="255" value="<?php echo $recurring_invoice_scope; ?>"> <input type="text" class="form-control" name="scope" placeholder="Quick description" maxlength="255" value="<?php echo $recurring_scope; ?>">
</div> </div>
</div> </div>
@@ -50,8 +50,8 @@ ob_start();
</div> </div>
<select class="form-control select2" name="frequency" required> <select class="form-control select2" name="frequency" required>
<option value="">- Frequency -</option> <option value="">- Frequency -</option>
<option <?php if ($recurring_invoice_frequency == 'month') { echo "selected"; } ?> value="month">Monthly</option> <option <?php if ($recurring_frequency == 'month') { echo "selected"; } ?> value="month">Monthly</option>
<option <?php if ($recurring_invoice_frequency == 'year') { echo "selected"; } ?> value="year">Yearly</option> <option <?php if ($recurring_frequency == 'year') { echo "selected"; } ?> value="year">Yearly</option>
</select> </select>
</div> </div>
</div> </div>
@@ -62,7 +62,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div> </div>
<input type="date" class="form-control" name="next_date" max="2999-12-31" value="<?php echo $recurring_invoice_next_date; ?>" required> <input type="date" class="form-control" name="next_date" max="2999-12-31" value="<?php echo $recurring_next_date; ?>" required>
</div> </div>
</div> </div>
@@ -76,7 +76,7 @@ ob_start();
<option value="">- Category -</option> <option value="">- Category -</option>
<?php <?php
$sql_income_category = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$recurring_invoice_created_at' OR category_archived_at IS NULL) ORDER BY category_name ASC"); $sql_income_category = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Income' AND (category_archived_at > '$recurring_created_at' OR category_archived_at IS NULL) ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_income_category)) { while ($row = mysqli_fetch_array($sql_income_category)) {
$category_id_select = intval($row['category_id']); $category_id_select = intval($row['category_id']);
$category_name_select = nullable_htmlentities($row['category_name']); $category_name_select = nullable_htmlentities($row['category_name']);
@@ -88,12 +88,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Income" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Income">
<i class="fas fa-fw fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>
@@ -104,7 +99,7 @@ ob_start();
<div class='input-group-prepend'> <div class='input-group-prepend'>
<span class='input-group-text'><i class='fa fa-fw fa-dollar-sign'></i></span> <span class='input-group-text'><i class='fa fa-fw fa-dollar-sign'></i></span>
</div> </div>
<input type='text' class='form-control' inputmode="numeric" pattern="-?[0-9]*\.?[0-9]{0,2}" name='recurring_invoice_discount' placeholder='0.00' value="<?php echo number_format($recurring_invoice_discount, 2, '.', ''); ?>"> <input type='text' class='form-control' inputmode="numeric" pattern="-?[0-9]*\.?[0-9]{0,2}" name='recurring_discount' placeholder='0.00' value="<?php echo number_format($recurring_discount, 2, '.', ''); ?>">
</div> </div>
</div> </div>
@@ -115,10 +110,10 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
</div> </div>
<select class="form-control select2" name="status" required> <select class="form-control select2" name="status" required>
<option <?php if ($recurring_invoice_status == 1) { <option <?php if ($recurring_status == 1) {
echo "selected"; echo "selected";
} ?> value="1">Active</option> } ?> value="1">Active</option>
<option <?php if ($recurring_invoice_status == 0) { <option <?php if ($recurring_status == 0) {
echo "selected"; echo "selected";
} ?> value="0">InActive</option> } ?> value="0">InActive</option>
</select> </select>
@@ -127,7 +122,7 @@ ob_start();
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">
<button type="submit" name="edit_recurring_invoice" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_recurring" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>

144
ajax/ajax_recurring_ticket_edit.php
View File

@@ -2,65 +2,56 @@
require_once '../includes/ajax_header.php'; require_once '../includes/ajax_header.php';
$recurring_ticket_id = intval($_GET['id']); $scheduled_ticket_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM recurring_tickets WHERE recurring_ticket_id = $recurring_ticket_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets WHERE scheduled_ticket_id = $scheduled_ticket_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$client_id = intval($row['recurring_ticket_client_id']); $client_id = intval($row['scheduled_ticket_client_id']);
$recurring_ticket_subject = nullable_htmlentities($row['recurring_ticket_subject']); $scheduled_ticket_subject = nullable_htmlentities($row['scheduled_ticket_subject']);
$recurring_ticket_details = nullable_htmlentities($row['recurring_ticket_details']); $scheduled_ticket_details = nullable_htmlentities($row['scheduled_ticket_details']);
$recurring_ticket_priority = nullable_htmlentities($row['recurring_ticket_priority']); $scheduled_ticket_priority = nullable_htmlentities($row['scheduled_ticket_priority']);
$recurring_ticket_frequency = nullable_htmlentities($row['recurring_ticket_frequency']); $scheduled_ticket_frequency = nullable_htmlentities($row['scheduled_ticket_frequency']);
$recurring_ticket_next_run = nullable_htmlentities($row['recurring_ticket_next_run']); $scheduled_ticket_next_run = nullable_htmlentities($row['scheduled_ticket_next_run']);
$recurring_ticket_assigned_to = intval($row['recurring_ticket_assigned_to']); $scheduled_ticket_assigned_to = intval($row['scheduled_ticket_assigned_to']);
$recurring_ticket_contact_id = intval($row['recurring_ticket_contact_id']); $scheduled_ticket_contact_id = intval($row['scheduled_ticket_contact_id']);
$recurring_ticket_asset_id = intval($row['recurring_ticket_asset_id']); $scheduled_ticket_asset_id = intval($row['scheduled_ticket_asset_id']);
$recurring_ticket_category = intval($row['recurring_ticket_category']); $scheduled_ticket_billable = intval($row['scheduled_ticket_billable']);
$recurring_ticket_billable = intval($row['recurring_ticket_billable']);
// Additional Assets Selected
$additional_assets_array = array();
$sql_additional_assets = mysqli_query($mysqli, "SELECT asset_id FROM recurring_ticket_assets WHERE recurring_ticket_id = $recurring_ticket_id");
while ($row = mysqli_fetch_array($sql_additional_assets)) {
$additional_asset_id = intval($row['asset_id']);
$additional_assets_array[] = $additional_asset_id;
}
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-calendar-check mr-2"></i>Editing Recurring Ticket: <strong><?php echo $recurring_ticket_subject; ?></strong></h5> <h5 class="modal-title"><i class="fas fa-fw fa-calendar-check mr-2"></i>Editing Recurring Ticket: <strong><?php echo $scheduled_ticket_subject; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="recurring_ticket_id" value="<?php echo $recurring_ticket_id; ?>"> <input type="hidden" name="scheduled_ticket_id" value="<?php echo $scheduled_ticket_id; ?>">
<input type="hidden" name="client" value="<?php echo $client_id; ?>"> <input type="hidden" name="client" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-edit-details<?php echo $recurring_ticket_id; ?>"><i class="fa fa-fw fa-life-ring mr-2"></i>Details</a> <a class="nav-link active" data-toggle="pill" href="#pills-edit-details<?php echo $scheduled_ticket_id; ?>"><i class="fa fa-fw fa-life-ring mr-2"></i>Details</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-edit-contacts<?php echo $recurring_ticket_id; ?>"><i class="fa fa-fw fa-users mr-2"></i>Contact</a> <a class="nav-link" data-toggle="pill" href="#pills-edit-contacts<?php echo $scheduled_ticket_id; ?>"><i class="fa fa-fw fa-users mr-2"></i>Contacts</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-edit-schedule<?php echo $recurring_ticket_id; ?>"><i class="fa fa-fw fa-building mr-2"></i>Schedule</a> <a class="nav-link" data-toggle="pill" href="#pills-edit-schedule<?php echo $scheduled_ticket_id; ?>"><i class="fa fa-fw fa-building mr-2"></i>Schedule</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-edit-assets<?php echo $recurring_ticket_id; ?>"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</a> <a class="nav-link" data-toggle="pill" href="#pills-edit-assets<?php echo $scheduled_ticket_id; ?>"><i class="fa fa-fw fa-desktop mr-2"></i>Assets</a>
</li> </li>
</ul> </ul>
<div class="tab-content" <?php if (lookupUserPermission('module_support') <= 1) { echo 'inert'; } ?>> <div class="tab-content" <?php if (lookupUserPermission('module_support') <= 1) { echo 'inert'; } ?>>
<div class="tab-pane fade show active" id="pills-edit-details<?php echo $recurring_ticket_id; ?>"> <div class="tab-pane fade show active" id="pills-edit-details<?php echo $scheduled_ticket_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Subject <strong class="text-danger">*</strong></label> <label>Subject <strong class="text-danger">*</strong></label>
@@ -68,16 +59,14 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div> </div>
<input type="text" class="form-control" name="subject" placeholder="Subject" maxlength="500" value="<?php echo $recurring_ticket_subject; ?>" required > <input type="text" class="form-control" name="subject" placeholder="Subject" maxlength="500" value="<?php echo $scheduled_ticket_subject; ?>" required >
</div> </div>
</div> </div>
<div class="form-group"> <div class="form-group">
<textarea class="form-control tinymce" name="details"><?php echo $recurring_ticket_details; ?></textarea> <textarea class="form-control tinymce" name="details"><?php echo $scheduled_ticket_details; ?></textarea>
</div> </div>
<div class="row">
<div class="col">
<div class="form-group"> <div class="form-group">
<label>Priority <strong class="text-danger">*</strong></label> <label>Priority <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
@@ -85,46 +74,12 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-thermometer-half"></i></span>
</div> </div>
<select class="form-control select2" name="priority" required> <select class="form-control select2" name="priority" required>
<option <?php if ($recurring_ticket_priority == "Low") { echo "selected"; } ?> >Low</option> <option <?php if ($scheduled_ticket_priority == "Low") { echo "selected"; } ?> >Low</option>
<option <?php if ($recurring_ticket_priority == "Medium") { echo "selected"; } ?> >Medium</option> <option <?php if ($scheduled_ticket_priority == "Medium") { echo "selected"; } ?> >Medium</option>
<option <?php if ($recurring_ticket_priority == "High") { echo "selected"; } ?> >High</option> <option <?php if ($scheduled_ticket_priority == "High") { echo "selected"; } ?> >High</option>
</select> </select>
</div> </div>
</div> </div>
</div>
<div class="col">
<div class="form-group">
<label>Category</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-layer-group"></i></span>
</div>
<select class="form-control select2" name="category">
<option value="0">- Uncategorized -</option>
<?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option <?php if ($recurring_ticket_category == $category_id) {echo "selected";} ?> value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php } ?>
</select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Ticket">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div>
</div>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Assign To</label> <label>Assign To</label>
@@ -145,7 +100,7 @@ ob_start();
$user_name_select = nullable_htmlentities($row['user_name']); $user_name_select = nullable_htmlentities($row['user_name']);
?> ?>
<option value="<?php echo $user_id_select; ?>" <?php if ($recurring_ticket_assigned_to == $user_id_select) { echo "selected"; } ?>><?php echo $user_name_select; ?></option> <option value="<?php echo $user_id_select; ?>" <?php if ($scheduled_ticket_assigned_to == $user_id_select) { echo "selected"; } ?>><?php echo $user_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
</div> </div>
@@ -154,7 +109,7 @@ ob_start();
<div class="form-group <?php if (!$config_module_enable_accounting) { echo 'd-none'; } ?>"> <div class="form-group <?php if (!$config_module_enable_accounting) { echo 'd-none'; } ?>">
<div class="custom-control custom-switch"> <div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" id="editTicketBillable" name="billable" <input type="checkbox" class="custom-control-input" id="editTicketBillable" name="billable"
<?php if ($recurring_ticket_billable == 1) { echo "checked"; } ?> value="1" <?php if ($scheduled_ticket_billable == 1) { echo "checked"; } ?> value="1"
> >
<label class="custom-control-label" for="editTicketBillable">Mark Billable</label> <label class="custom-control-label" for="editTicketBillable">Mark Billable</label>
</div> </div>
@@ -162,7 +117,7 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pills-edit-contacts<?php echo $recurring_ticket_id; ?>"> <div class="tab-pane fade" id="pills-edit-contacts<?php echo $scheduled_ticket_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Contact</label> <label>Contact</label>
@@ -197,7 +152,7 @@ ob_start();
} }
?> ?>
<option value="<?php echo $contact_id_select; ?>" <?php if ($contact_id_select == $recurring_ticket_contact_id) { echo "selected"; } ?>><?php echo "$contact_name_select$contact_title_display_select$contact_primary_display_select$contact_technical_display_select"; ?></option> <option value="<?php echo $contact_id_select; ?>" <?php if ($contact_id_select == $scheduled_ticket_contact_id) { echo "selected"; } ?>><?php echo "$contact_name_select$contact_title_display_select$contact_primary_display_select$contact_technical_display_select"; ?></option>
<?php } ?> <?php } ?>
</select> </select>
</div> </div>
@@ -205,7 +160,7 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pills-edit-schedule<?php echo $recurring_ticket_id; ?>"> <div class="tab-pane fade" id="pills-edit-schedule<?php echo $scheduled_ticket_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Frequency <strong class="text-danger">*</strong></label> <label>Frequency <strong class="text-danger">*</strong></label>
@@ -214,11 +169,11 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-recycle"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-recycle"></i></span>
</div> </div>
<select class="form-control select2" name="frequency"> <select class="form-control select2" name="frequency">
<option <?php if ($recurring_ticket_frequency == "Weekly") { echo "selected"; } ?>>Weekly</option> <option <?php if ($scheduled_ticket_frequency == "Weekly") { echo "selected"; } ?>>Weekly</option>
<option <?php if ($recurring_ticket_frequency == "Monthly") { echo "selected"; } ?>>Monthly</option> <option <?php if ($scheduled_ticket_frequency == "Monthly") { echo "selected"; } ?>>Monthly</option>
<option <?php if ($recurring_ticket_frequency == "Quarterly") { echo "selected"; } ?>>Quarterly</option> <option <?php if ($scheduled_ticket_frequency == "Quarterly") { echo "selected"; } ?>>Quarterly</option>
<option <?php if ($recurring_ticket_frequency == "Biannually") { echo "selected"; } ?>>Biannually</option> <option <?php if ($scheduled_ticket_frequency == "Biannually") { echo "selected"; } ?>>Biannually</option>
<option <?php if ($recurring_ticket_frequency == "Annually") { echo "selected"; } ?>>Annually</option> <option <?php if ($scheduled_ticket_frequency == "Annually") { echo "selected"; } ?>>Annually</option>
</select> </select>
</div> </div>
</div> </div>
@@ -229,13 +184,13 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar-day"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-calendar-day"></i></span>
</div> </div>
<input class="form-control" type="date" name="next_date" max="2999-12-31" value="<?php echo $recurring_ticket_next_run; ?>"> <input class="form-control" type="date" name="next_date" max="2999-12-31" value="<?php echo $scheduled_ticket_next_run; ?>">
</div> </div>
</div> </div>
</div> </div>
<div class="tab-pane fade" id="pills-edit-assets<?php echo $recurring_ticket_id; ?>"> <div class="tab-pane fade" id="pills-edit-assets<?php echo $scheduled_ticket_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Asset</label> <label>Asset</label>
@@ -253,7 +208,7 @@ ob_start();
$asset_name_select = nullable_htmlentities($row['asset_name']); $asset_name_select = nullable_htmlentities($row['asset_name']);
$asset_contact_name_select = nullable_htmlentities($row['contact_name']); $asset_contact_name_select = nullable_htmlentities($row['contact_name']);
?> ?>
<option <?php if ($recurring_ticket_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo "$asset_name_select - $asset_contact_name_select"; ?></option> <option <?php if ($scheduled_ticket_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo "$asset_name_select - $asset_contact_name_select"; ?></option>
<?php <?php
} }
@@ -262,31 +217,6 @@ ob_start();
</div> </div>
</div> </div>
<div class="form-group">
<label>Additional Assets</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-desktop"></i></span>
</div>
<select class="form-control select2" name="additional_assets[]" data-tags="true" data-placeholder="- Select Additional Assets -" multiple>
<option value=""></option>
<?php
$sql_assets = mysqli_query($mysqli, "SELECT asset_id, asset_name, contact_name FROM assets LEFT JOIN contacts ON contact_id = asset_contact_id WHERE asset_client_id = $client_id AND asset_id != $recurring_ticket_asset_id AND asset_archived_at IS NULL ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = intval($row['asset_id']);
$asset_name_select = nullable_htmlentities($row['asset_name']);
$asset_contact_name_select = nullable_htmlentities($row['contact_name']);
?>
<option value="<?php echo $asset_id_select; ?>"
<?php if (in_array($asset_id_select, $additional_assets_array)) { echo "selected"; } ?>
><?php echo "$asset_name_select - $asset_contact_name_select"; ?></option>
<?php } ?>
</select>
</div>
</div>
</div> </div>
</div> </div>

7
ajax/ajax_revenue_edit.php
View File

@@ -125,12 +125,7 @@ ob_start();
?> ?>
</select> </select>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" <a class="btn btn-secondary" href="admin_category.php?category=Income" target="_blank"><i class="fas fa-fw fa-plus"></i></a>
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Income">
<i class="fas fa-fw fa-plus"></i>
</button>
</div> </div>
</div> </div>
</div> </div>

12
ajax/ajax_role_edit.php
View File

@@ -4,18 +4,18 @@ require_once '../includes/ajax_header.php';
$role_id = intval($_GET['id']); $role_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_id = $role_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE user_role_id = $role_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$role_name = nullable_htmlentities($row['role_name']); $role_name = nullable_htmlentities($row['user_role_name']);
$role_description = nullable_htmlentities($row['role_description']); $role_description = nullable_htmlentities($row['user_role_description']);
$role_admin = intval($row['role_is_admin']); $role_admin = intval($row['user_role_is_admin']);
// Count number of users that have each role // Count number of users that have each role
$sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(user_id) FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL"); $sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(users.user_id) FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL");
$role_user_count = mysqli_fetch_row($sql_role_user_count)[0]; $role_user_count = mysqli_fetch_row($sql_role_user_count)[0];
$sql_users = mysqli_query($mysqli, "SELECT * FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL"); $sql_users = mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL");
// Initialize an empty array to hold user names // Initialize an empty array to hold user names
$user_names = []; $user_names = [];

265
ajax/ajax_service_details.php
View File

@@ -5,6 +5,7 @@ require_once '../includes/ajax_header.php';
$service_id = intval($_GET['id']); $service_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM services WHERE service_id = $service_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM services WHERE service_id = $service_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$service_name = nullable_htmlentities($row['service_name']); $service_name = nullable_htmlentities($row['service_name']);
$service_description = nullable_htmlentities($row['service_description']); $service_description = nullable_htmlentities($row['service_description']);
@@ -16,7 +17,6 @@ $service_created_at = nullable_htmlentities($row['service_created_at']);
$service_updated_at = nullable_htmlentities($row['service_updated_at']); $service_updated_at = nullable_htmlentities($row['service_updated_at']);
$service_review_due = nullable_htmlentities($row['service_review_due']); $service_review_due = nullable_htmlentities($row['service_review_due']);
$client_id = intval($row['service_client_id']); $client_id = intval($row['service_client_id']);
// Service Importance // Service Importance
if ($service_importance == "High") { if ($service_importance == "High") {
$service_importance_display = "<span class='p-2 badge badge-danger'>$service_importance</span>"; $service_importance_display = "<span class='p-2 badge badge-danger'>$service_importance</span>";
@@ -28,23 +28,23 @@ if ($service_importance == "High") {
$service_importance_display = "-"; $service_importance_display = "-";
} }
// Associated Assets (and their credentials/networks/locations) // Associated Assets (and their logins/networks/locations)
$sql_assets = mysqli_query( $sql_assets = mysqli_query(
$mysqli, $mysqli,
"SELECT * FROM service_assets "SELECT * FROM service_assets
LEFT JOIN assets ON service_assets.asset_id = assets.asset_id LEFT JOIN assets ON service_assets.asset_id = assets.asset_id
LEFT JOIN asset_interfaces ON interface_asset_id = assets.asset_id AND interface_primary = 1 LEFT JOIN asset_interfaces ON interface_asset_id = assets.asset_id AND interface_primary = 1
LEFT JOIN credentials ON service_assets.asset_id = credentials.credential_asset_id LEFT JOIN logins ON service_assets.asset_id = logins.login_asset_id
LEFT JOIN networks ON interface_network_id = networks.network_id LEFT JOIN networks ON interface_network_id = networks.network_id
LEFT JOIN locations ON assets.asset_location_id = locations.location_id LEFT JOIN locations ON assets.asset_location_id = locations.location_id
WHERE service_id = $service_id" WHERE service_id = $service_id"
); );
// Associated credentials // Associated logins
$sql_credentials = mysqli_query( $sql_logins = mysqli_query(
$mysqli, $mysqli,
"SELECT * FROM service_credentials "SELECT * FROM service_logins
LEFT JOIN credentials ON service_credentials.credential_id = credentials.credential_id LEFT JOIN logins ON service_logins.login_id = logins.login_id
WHERE service_id = $service_id" WHERE service_id = $service_id"
); );
@@ -55,7 +55,6 @@ $sql_domains = mysqli_query(
LEFT JOIN domains ON service_domains.domain_id = domains.domain_id LEFT JOIN domains ON service_domains.domain_id = domains.domain_id
WHERE service_id = $service_id" WHERE service_id = $service_id"
); );
// Associated Certificates // Associated Certificates
$sql_certificates = mysqli_query( $sql_certificates = mysqli_query(
$mysqli, $mysqli,
@@ -64,6 +63,10 @@ $sql_certificates = mysqli_query(
WHERE service_id = $service_id" WHERE service_id = $service_id"
); );
// Associated URLs ---- REMOVED for now
//$sql_urls = mysqli_query($mysqli, "SELECT * FROM service_urls
//WHERE service_id = '$service_id'");
// Associated Vendors // Associated Vendors
$sql_vendors = mysqli_query( $sql_vendors = mysqli_query(
$mysqli, $mysqli,
@@ -113,99 +116,149 @@ ob_start();
<!-- Assets --> <!-- Assets -->
<?php <?php
if (mysqli_num_rows($sql_assets) > 0) { if (mysqli_num_rows($sql_assets) > 0) { ?>
echo "<h5><i class='fas fa-fw fa-desktop mr-2'></i>Assets</h5><ul>"; <h5><i class="fas fa-fw fa-desktop mr-2"></i>Assets</h5>
<ul>
<?php
// Reset the $sql_assets pointer to the start - as we've already cycled through once
mysqli_data_seek($sql_assets, 0); mysqli_data_seek($sql_assets, 0);
while ($row = mysqli_fetch_array($sql_assets)) { while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id = intval($row['asset_id']); $asset_id = intval($row['asset_id']);
$asset_name = nullable_htmlentities($row['asset_name']); $asset_name = nullable_htmlentities($row['asset_name']);
$ip = !empty($row['interface_ip']) ? '(' . nullable_htmlentities($row['interface_ip']) . ')' : ''; if (!empty($row['interface_ip'])) {
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_asset_details.php' data-ajax-id='$asset_id'>$asset_name</a>$ip</li>"; $ip = '('.nullable_htmlentities($row["interface_ip"]).')';
} else {
$ip = '';
} }
echo "</ul>"; echo "<li><a href='#' data-toggle='ajax-modal'
data-modal-size='lg'
data-ajax-url='ajax/ajax_asset_details.php'
data-ajax-id='$asset_id'>$asset_name</a>$ip</li>";
}
?>
</ul>
<?php
} }
?> ?>
<!-- Networks --> <!-- Networks -->
<?php <?php
$networks = [];
if ($sql_assets) { if ($sql_assets) {
$networks = [];
// Reset the $sql_assets pointer to the start
mysqli_data_seek($sql_assets, 0); mysqli_data_seek($sql_assets, 0);
// Get networks linked to assets - push name to array
while ($row = mysqli_fetch_array($sql_assets)) { while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['network_name'])) { if (!empty($row['network_name'])) {
$network_data = nullable_htmlentities($row["network_name"]) . ':' . nullable_htmlentities($row["network_vlan"]); $network_data = nullable_htmlentities("$row[network_name]:$row[network_vlan]");
$networks[] = $network_data; array_push($networks, $network_data);
} }
} }
// Remove duplicates
$networks = array_unique($networks); $networks = array_unique($networks);
if (!empty($networks)) {
echo "<h5><i class='fas fa-fw fa-network-wired mr-2'></i>Networks</h5><ul>"; // Display
if (!empty($networks)) { ?>
<h5><i class="fas fa-fw fa-network-wired mr-2"></i>Networks</h5>
<ul>
<?php
}
foreach($networks as $network) { foreach($networks as $network) {
$network_parts = explode(":", $network); $network = explode(":", $network);
$network_name = $network_parts[0]; echo "<li><a href=\"networks.php?client_id=$client_id&q=$network[0]\">$network[0] </a>(VLAN $network[1])</li>";
$network_vlan = $network_parts[1] ?? '';
echo "<li><a href='networks.php?client_id=$client_id&q=$network_name'>$network_name</a> (VLAN $network_vlan)</li>";
}
echo "</ul>";
} }
?>
</ul>
<?php
} }
?> ?>
<!-- Locations --> <!-- Locations -->
<?php <?php
$location_names = [];
if ($sql_assets) { if ($sql_assets) {
$location_names = [];
// Reset the $sql_assets pointer to the start - as we've already cycled through once
mysqli_data_seek($sql_assets, 0); mysqli_data_seek($sql_assets, 0);
// Get locations linked to assets - push their name and vlan to arrays
while ($row = mysqli_fetch_array($sql_assets)) { while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['location_name'])) { if (!empty($row['location_name'])) {
$location_names[] = nullable_htmlentities($row['location_name']); array_push($location_names, $row['location_name']);
} }
} }
// Remove duplicates
$location_names = array_unique($location_names); $location_names = array_unique($location_names);
if (!empty($location_names)) {
echo "<h5><i class='fas fa-fw fa-map-marker-alt mr-2'></i>Locations</h5><ul>"; // Display
if (!empty($location_names)) { ?>
<h5><i class="fas fa-fw fa-map-marker-alt mr-2"></i>Locations</h5>
<ul>
<?php
}
foreach($location_names as $location) { foreach($location_names as $location) {
echo "<li><a href='locations.php?client_id=$client_id&q=$location'>$location</a></li>"; echo "<li><a href=\"locations.php?client_id=$client_id&q=$location\">$location</a></li>";
}
echo "</ul>";
} }
?>
</ul>
<?php
} }
?> ?>
<!-- Domains --> <!-- Domains -->
<?php <?php
if (mysqli_num_rows($sql_domains) > 0) { if (mysqli_num_rows($sql_domains) > 0) { ?>
echo "<h5><i class='fas fa-fw fa-globe mr-2'></i>Domains</h5><ul>"; <h5><i class="fas fa-fw fa-globe mr-2"></i>Domains</h5>
<ul>
<?php
// Reset the $sql_domains pointer to the start
mysqli_data_seek($sql_domains, 0); mysqli_data_seek($sql_domains, 0);
// Showing linked domains
while ($row = mysqli_fetch_array($sql_domains)) { while ($row = mysqli_fetch_array($sql_domains)) {
if (!empty($row['domain_name'])) { if (!empty($row['domain_name'])) {
$domain_name = nullable_htmlentities($row['domain_name']); echo "<li><a href=\"domains.php?client_id=$client_id&q=$row[domain_name]\">$row[domain_name]</a></li>";
echo "<li><a href='domains.php?client_id=$client_id&q=$domain_name'>$domain_name</a></li>";
} }
} }
echo "</ul>"; ?>
</ul>
<?php
} }
?> ?>
<!-- Certificates --> <!-- Certificates -->
<?php <?php
if (mysqli_num_rows($sql_certificates) > 0) { if (mysqli_num_rows($sql_certificates) > 0) { ?>
echo "<h5><i class='fas fa-fw fa-lock mr-2'></i>Certificates</h5><ul>"; <h5><i class="fas fa-fw fa-lock mr-2"></i>Certificates</h5>
<ul>
<?php
// Reset the $sql_certificates pointer to the start
mysqli_data_seek($sql_certificates, 0); mysqli_data_seek($sql_certificates, 0);
// Showing linked certs
while ($row = mysqli_fetch_array($sql_certificates)) { while ($row = mysqli_fetch_array($sql_certificates)) {
if (!empty($row['certificate_name'])) { if (!empty($row['certificate_name'])) {
$certificate_name = nullable_htmlentities($row['certificate_name']); echo "<li><a href=\"certificates.php?client_id=$client_id&q=$row[certificate_name]\">$row[certificate_name] ($row[certificate_domain])</a></li>";
$certificate_domain = nullable_htmlentities($row['certificate_domain']);
echo "<li><a href='certificates.php?client_id=$client_id&q=$certificate_name'>$certificate_name ($certificate_domain)</a></li>";
} }
} }
echo "</ul>"; ?>
</ul>
<?php
} }
?> ?>
</div> </div>
</div> </div>
<!-- Right side --> <!-- Right side -->
<div class="col-4"> <div class="col-4">
<div class="col-12"> <div class="col-12">
@@ -214,95 +267,130 @@ ob_start();
<!-- Vendors --> <!-- Vendors -->
<?php <?php
if (mysqli_num_rows($sql_vendors) > 0) { // Reset the $sql_vendors pointer to the start
echo "<h5><i class='fas fa-fw fa-building mr-2'></i>Vendors</h5><ul>";
mysqli_data_seek($sql_vendors, 0); mysqli_data_seek($sql_vendors, 0);
if (mysqli_num_rows($sql_vendors) > 0) { ?>
<h5><i class="fas fa-fw fa-building mr-2"></i>Vendors</h5>
<ul>
<?php
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id = intval($row['vendor_id']); echo "<li><a href=\"vendors.php?client_id=$client_id&q=$row[vendor_name]\">$row[vendor_name]</a></li>";
$vendor_name = nullable_htmlentities($row['vendor_name']);
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_vendor_details.php' data-ajax-id='$vendor_id'>$vendor_name</a></li>";
} }
echo "</ul>"; ?>
</ul>
<?php
} }
?> ?>
<!-- Contacts --> <!-- Contacts -->
<?php <?php
if (mysqli_num_rows($sql_contacts) > 0) { if (mysqli_num_rows($sql_contacts) > 0) { ?>
echo "<h5><i class='fas fa-fw fa-users mr-2'></i>Contacts</h5><ul>"; <h5><i class="fas fa-fw fa-users mr-2"></i>Contacts</h5>
<ul>
<?php
// Reset the $sql_contacts pointer to the start
mysqli_data_seek($sql_contacts, 0); mysqli_data_seek($sql_contacts, 0);
while ($row = mysqli_fetch_array($sql_contacts)) { while ($row = mysqli_fetch_array($sql_contacts)) {
$contact_id = intval($row['contact_id']); $contact_id = intval($row['contact_id']);
$contact_name = nullable_htmlentities($row['contact_name']); $contact_name = nullable_htmlentities($row['contact_name']);
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_contact_details.php' data-ajax-id='$contact_id'>$contact_name</a></li>"; echo "<li><a href='#' data-toggle='ajax-modal'
data-modal-size='lg'
data-ajax-url='ajax/ajax_contact_details.php'
data-ajax-id='$contact_id'>
$contact_name
</a>
</li>";
} }
echo "</ul>"; ?>
</ul>
<?php
} }
?> ?>
<!-- Credentials --> <!-- Logins -->
<?php <?php
if (mysqli_num_rows($sql_assets) > 0 || mysqli_num_rows($sql_credentials) > 0) { if (mysqli_num_rows($sql_assets) > 0 || mysqli_num_rows($sql_logins) > 0) { ?>
echo "<h5><i class='fas fa-fw fa-key mr-2'></i>Credentials</h5><ul>"; <h5><i class="fas fa-fw fa-key mr-2"></i>Logins</h5>
// Credentials linked to assets <ul>
<?php
// Reset the $sql_assets/logins pointer to the start
mysqli_data_seek($sql_assets, 0); mysqli_data_seek($sql_assets, 0);
mysqli_data_seek($sql_logins, 0);
// Showing logins linked to assets
while ($row = mysqli_fetch_array($sql_assets)) { while ($row = mysqli_fetch_array($sql_assets)) {
$credential_name = nullable_htmlentities($row['credential_name']); if (!empty($row['login_name'])) {
if (!empty($credential_name)) { echo "<li><a href=\"credentials.php?client_id=$client_id&q=$row[login_name]\">$row[login_name]</a></li>";
echo "<li><a href='credentials.php?client_id=$client_id&q=$credential_name'>$credential_name</a></li>";
} }
} }
// Explicitly linked credentials
mysqli_data_seek($sql_credentials, 0); // Showing explicitly linked logins
while ($row = mysqli_fetch_array($sql_credentials)) { while ($row = mysqli_fetch_array($sql_logins)) {
$credential_name = nullable_htmlentities($row['credential_name']); if (!empty($row['login_name'])) {
if (!empty($credential_name)) { echo "<li><a href=\"credentials.php?client_id=$client_id&q=$row[login_name]\">$row[login_name]</a></li>";
echo "<li><a href='credentials.php?client_id=$client_id&q=$credential_name'>$credential_name</a></li>";
} }
} }
echo "</ul>"; ?>
</ul>
<?php
} }
?> ?>
<!-- URLs --> <!-- URLs -->
<?php <?php
$urls = []; if ($sql_logins || $sql_assets) { ?>
mysqli_data_seek($sql_credentials, 0); <h5><i class="fas fa-fw fa-link mr-2"></i>URLs</h5>
while ($row = mysqli_fetch_array($sql_credentials)) { <ul>
if (!empty($row['credential_uri'])) { <?php
$urls[] = sanitize_url($row['credential_uri']); // Reset the $sql_logins pointer to the start
mysqli_data_seek($sql_logins, 0);
// Showing URLs linked to logins
while ($row = mysqli_fetch_array($sql_logins)) {
if (!empty($row['login_uri'])) {
echo "<li><a href=\"https://$row[login_uri]\">$row[login_uri]</a></li>";
} }
} }
// Reset the $sql_assets pointer to the start
mysqli_data_seek($sql_assets, 0); mysqli_data_seek($sql_assets, 0);
// Show URLs linked to assets, that also have logins
while ($row = mysqli_fetch_array($sql_assets)) { while ($row = mysqli_fetch_array($sql_assets)) {
if (!empty($row['asset_uri'])) { if (!empty($row['login_uri'])) {
$urls[] = sanitize_url($row['asset_uri']); echo "<li><a href=\"https://$row[login_uri]\">$row[login_uri]</a></li>";
} }
} }
$urls = array_unique($urls); ?>
if (!empty($urls)) { </ul>
echo "<h5><i class='fas fa-fw fa-link mr-2'></i>URLs</h5><ul>"; <?php
foreach ($urls as $url) {
$label = htmlspecialchars(parse_url($url, PHP_URL_HOST) ?: $url);
echo "<li><a href='$url' target='_blank'>$label</a></li>";
}
echo "</ul>";
} }
?> ?>
<!-- Documents --> <!-- Documents -->
<?php <?php
if (mysqli_num_rows($sql_docs) > 0) { if (mysqli_num_rows($sql_docs) > 0) { ?>
echo "<h5><i class='fas fa-fw fa-file-alt mr-2'></i>Documents</h5><ul>"; <h5><i class="fas fa-fw fa-file-alt mr-2"></i>Documents</h5>
<ul>
<?php
// Reset the $sql_docs pointer to the start
mysqli_data_seek($sql_docs, 0); mysqli_data_seek($sql_docs, 0);
while ($row = mysqli_fetch_array($sql_docs)) { while ($row = mysqli_fetch_array($sql_docs)) {
$document_id = intval($row['document_id']); echo "<li><a href=\"client_document_details.php?client_id=$client_id&document_id=$row[document_id]\">$row[document_name]</a></li>";
$document_name = nullable_htmlentities($row['document_name']);
echo "<li><a href='#' data-toggle='ajax-modal' data-modal-size='lg' data-ajax-url='ajax/ajax_document_view.php' data-ajax-id='$document_id'>$document_name</a></li>";
}
echo "</ul>";
} }
?> ?>
</ul>
<?php
}
?>
<!-- <h5><i class="nav-icon fas fa-file-alt"></i> Services</h5>-->
<!-- <ul>-->
<!-- <li>Related Service - Coming soon!</li>-->
<!-- </ul>-->
</div> </div>
</div> </div>
@@ -311,4 +399,3 @@ ob_start();
<?php <?php
require_once "../includes/ajax_footer.php"; require_once "../includes/ajax_footer.php";
?>

32
ajax/ajax_service_edit.php
View File

@@ -18,23 +18,23 @@ $service_updated_at = nullable_htmlentities($row['service_updated_at']);
$service_review_due = nullable_htmlentities($row['service_review_due']); $service_review_due = nullable_htmlentities($row['service_review_due']);
$client_id = intval($row['service_client_id']); $client_id = intval($row['service_client_id']);
// Associated Assets (and their credentials/networks/locations) // Associated Assets (and their logins/networks/locations)
$sql_assets = mysqli_query( $sql_assets = mysqli_query(
$mysqli, $mysqli,
"SELECT * FROM service_assets "SELECT * FROM service_assets
LEFT JOIN assets ON service_assets.asset_id = assets.asset_id LEFT JOIN assets ON service_assets.asset_id = assets.asset_id
LEFT JOIN asset_interfaces ON interface_asset_id = assets.asset_id AND interface_primary = 1 LEFT JOIN asset_interfaces ON interface_asset_id = assets.asset_id AND interface_primary = 1
LEFT JOIN credentials ON service_assets.asset_id = credentials.credential_asset_id LEFT JOIN logins ON service_assets.asset_id = logins.login_asset_id
LEFT JOIN networks ON interface_network_id = networks.network_id LEFT JOIN networks ON interface_network_id = networks.network_id
LEFT JOIN locations ON assets.asset_location_id = locations.location_id LEFT JOIN locations ON assets.asset_location_id = locations.location_id
WHERE service_id = $service_id" WHERE service_id = $service_id"
); );
// Associated credentials // Associated logins
$sql_credentials = mysqli_query( $sql_logins = mysqli_query(
$mysqli, $mysqli,
"SELECT * FROM service_credentials "SELECT * FROM service_logins
LEFT JOIN credentials ON service_credentials.credential_id = credentials.credential_id LEFT JOIN logins ON service_logins.login_id = logins.login_id
WHERE service_id = $service_id" WHERE service_id = $service_id"
); );
@@ -211,7 +211,7 @@ ob_start();
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_vendors, MYSQLI_ASSOC), "vendor_id"); $selected_ids = array_column(mysqli_fetch_all($sql_vendors, MYSQLI_ASSOC), "vendor_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$service_created_at' OR vendor_archived_at IS NULL) AND vendor_client_id = $client_id"); $sql_all = mysqli_query($mysqli, "SELECT * FROM vendors WHERE (vendor_archived_at > '$service_created_at' OR vendor_archived_at IS NULL) AND vendor_template = 0 AND vendor_client_id = $client_id");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
$vendor_id = intval($row_all['vendor_id']); $vendor_id = intval($row_all['vendor_id']);
$vendor_name = nullable_htmlentities($row_all['vendor_name']); $vendor_name = nullable_htmlentities($row_all['vendor_name']);
@@ -280,21 +280,21 @@ ob_start();
</div> </div>
<div class="form-group"> <div class="form-group">
<label for="credentials">Credentials</label> <label for="logins">Logins</label>
<select multiple class="form-control select2" name="credentials[]"> <select multiple class="form-control select2" name="logins[]">
<?php <?php
$selected_ids = array_column(mysqli_fetch_all($sql_credentials, MYSQLI_ASSOC), "credential_id"); $selected_ids = array_column(mysqli_fetch_all($sql_logins, MYSQLI_ASSOC), "login_id");
$sql_all = mysqli_query($mysqli, "SELECT * FROM credentials WHERE (credential_archived_at > '$service_created_at' OR credential_archived_at IS NULL) AND credential_client_id = $client_id"); $sql_all = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_archived_at > '$service_created_at' OR login_archived_at IS NULL) AND login_client_id = $client_id");
while ($row_all = mysqli_fetch_array($sql_all)) { while ($row_all = mysqli_fetch_array($sql_all)) {
$credential_id = intval($row_all['credential_id']); $login_id = intval($row_all['login_id']);
$credential_name = nullable_htmlentities($row_all['credential_name']); $login_name = nullable_htmlentities($row_all['login_name']);
if (in_array($credential_id, $selected_ids)) { if (in_array($login_id, $selected_ids)) {
echo "<option value=\"$credential_id\" selected>$credential_name</option>"; echo "<option value=\"$login_id\" selected>$login_name</option>";
} }
else{ else{
echo "<option value=\"$credential_id\">$credential_name</option>"; echo "<option value=\"$login_id\">$login_name</option>";
} }
} }
?> ?>

34
ajax/ajax_software_edit.php
View File

@@ -14,12 +14,10 @@ $software_type = nullable_htmlentities($row['software_type']);
$software_license_type = nullable_htmlentities($row['software_license_type']); $software_license_type = nullable_htmlentities($row['software_license_type']);
$software_key = nullable_htmlentities($row['software_key']); $software_key = nullable_htmlentities($row['software_key']);
$software_seats = nullable_htmlentities($row['software_seats']); $software_seats = nullable_htmlentities($row['software_seats']);
$software_purchase_reference = nullable_htmlentities($row['software_purchase_reference']);
$software_purchase = nullable_htmlentities($row['software_purchase']); $software_purchase = nullable_htmlentities($row['software_purchase']);
$software_expire = nullable_htmlentities($row['software_expire']); $software_expire = nullable_htmlentities($row['software_expire']);
$software_notes = nullable_htmlentities($row['software_notes']); $software_notes = nullable_htmlentities($row['software_notes']);
$software_created_at = nullable_htmlentities($row['software_created_at']); $software_created_at = nullable_htmlentities($row['software_created_at']);
$software_vendor_id = intval($row['software_vendor_id']);
$client_id = intval($row['software_client_id']); $client_id = intval($row['software_client_id']);
$seat_count = 0; $seat_count = 0;
@@ -109,28 +107,6 @@ ob_start();
</div> </div>
</div> </div>
<div class="form-group">
<label>Vendor</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<select class="form-control select2" name="vendor">
<option value="">- Select Vendor -</option>
<?php
$vendor_sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($vendor_sql)) {
$vendor_id = $row['vendor_id'];
$vendor_name = $row['vendor_name'];
?>
<option <?php if ($software_vendor_id == $vendor_id) { echo "selected"; } ?> value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Type <strong class="text-danger">*</strong></label> <label>Type <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
@@ -184,16 +160,6 @@ ob_start();
</div> </div>
</div> </div>
<div class="form-group">
<label>Purchase Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" name="purchase_reference" placeholder="eg. Invoice, PO Number" value="<?php echo $software_purchase_reference; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Purchase Date</label> <label>Purchase Date</label>
<div class="input-group"> <div class="input-group">

18
ajax/ajax_software_template_edit.php
View File

@@ -2,16 +2,16 @@
require_once '../includes/ajax_header.php'; require_once '../includes/ajax_header.php';
$software_template_id = intval($_GET['id']); $software_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM software_templates WHERE software_template_id = $software_template_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = $software_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$software_name = nullable_htmlentities($row['software_template_name']); $software_name = nullable_htmlentities($row['software_name']);
$software_version = nullable_htmlentities($row['software_template_version']); $software_version = nullable_htmlentities($row['software_version']);
$software_description = nullable_htmlentities($row['software_template_description']); $software_description = nullable_htmlentities($row['software_description']);
$software_type = nullable_htmlentities($row['software_template_type']); $software_type = nullable_htmlentities($row['software_type']);
$software_license_type = nullable_htmlentities($row['software_template_license_type']); $software_license_type = nullable_htmlentities($row['software_license_type']);
$software_notes = nullable_htmlentities($row['software_template_notes']); $software_notes = nullable_htmlentities($row['software_notes']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
@@ -24,7 +24,7 @@ ob_start();
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="software_template_id" value="<?php echo $software_template_id; ?>"> <input type="hidden" name="software_id" value="<?php echo $software_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">

49
ajax/ajax_tag_add.php
View File

@@ -1,49 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$type = intval($_GET['id']);
?>
<!-- <option value="1">Client Tag</option> -->
<!-- <option value="2">Location Tag</option> -->
<!-- <option value="3">Contact Tag</option> -->
<!-- <option value="4">Credential Tag</option> -->
<div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-tag mr-2"></i>New Tag</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo $type; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<div class="input-group">
<input type="text" class="form-control" name="name" placeholder="Tag name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<div class="input-group">
<input type="color" class="form-control col-3" name="color" required>
</div>
</div>
<div class="form-group">
<div class="input-group">
<input type="text" class="form-control" name="icon" placeholder="Icon ex handshake">
</div>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="add_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

92
ajax/ajax_ticket_edit.php
View File

@@ -18,22 +18,12 @@ $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_billable = intval($row['ticket_billable']); $ticket_billable = intval($row['ticket_billable']);
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']); $ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_due_at = nullable_htmlentities($row['ticket_due_at']);
$ticket_assigned_to = intval($row['ticket_assigned_to']);
$contact_id = intval($row['ticket_contact_id']); $contact_id = intval($row['ticket_contact_id']);
$asset_id = intval($row['ticket_asset_id']); $asset_id = intval($row['ticket_asset_id']);
$location_id = intval($row['ticket_location_id']); $location_id = intval($row['ticket_location_id']);
$vendor_id = intval($row['ticket_vendor_id']); $vendor_id = intval($row['ticket_vendor_id']);
$project_id = intval($row['ticket_project_id']); $project_id = intval($row['ticket_project_id']);
// Additional Assets Selected
$additional_assets_array = array();
$sql_additional_assets = mysqli_query($mysqli, "SELECT asset_id FROM ticket_assets WHERE ticket_id = $ticket_id");
while ($row = mysqli_fetch_array($sql_additional_assets)) {
$additional_asset_id = intval($row['asset_id']);
$additional_assets_array[] = $additional_asset_id;
}
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
@@ -77,7 +67,7 @@ ob_start();
</div> </div>
<div class="form-group"> <div class="form-group">
<textarea class="form-control tinymceTicket" rows="8" name="details"><?php echo $ticket_details; ?></textarea> <textarea class="form-control tinymce" rows="8" name="details"><?php echo $ticket_details; ?></textarea>
</div> </div>
<div class="row"> <div class="row">
@@ -107,7 +97,7 @@ ob_start();
<select class="form-control select2" name="category"> <select class="form-control select2" name="category">
<option value="0">- Uncategorized -</option> <option value="0">- Uncategorized -</option>
<?php <?php
$sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL ORDER BY category_name ASC"); $sql_categories = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Ticket' AND category_archived_at IS NULL");
while ($row = mysqli_fetch_array($sql_categories)) { while ($row = mysqli_fetch_array($sql_categories)) {
$category_id = intval($row['category_id']); $category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']); $category_name = nullable_htmlentities($row['category_name']);
@@ -117,57 +107,6 @@ ob_start();
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary" type="button"
data-toggle="ajax-modal"
data-modal-size="sm"
data-ajax-url="ajax/ajax_category_add.php?category=Ticket">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col">
<div class="form-group">
<label>Assign to</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-check"></i></span>
</div>
<select class="form-control select2" name="assigned_to">
<option value="0">Not Assigned</option>
<?php
$sql = mysqli_query(
$mysqli,
"SELECT user_id, user_name FROM users
WHERE user_role_id > 1
AND user_type = 1
AND user_status = 1
AND user_archived_at IS NULL
ORDER BY user_name ASC"
);
while ($row = mysqli_fetch_array($sql)) {
$user_id = intval($row['user_id']);
$user_name = nullable_htmlentities($row['user_name']); ?>
<option <?php if ($ticket_assigned_to === $user_id) { echo "selected"; } ?> value="<?php echo $user_id; ?>"><?php echo $user_name; ?></option>
<?php } ?>
</select>
</div>
</div>
</div>
<div class="col">
<div class="form-group">
<label>Due</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar-check"></i></span>
</div>
<input type="datetime-local" class="form-control" name="due" value="<?php echo $ticket_due_at; ?>">
</div> </div>
</div> </div>
</div> </div>
@@ -265,31 +204,6 @@ ob_start();
</div> </div>
</div> </div>
<div class="form-group">
<label>Additional Assets</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-desktop"></i></span>
</div>
<select class="form-control select2" name="additional_assets[]" data-tags="true" data-placeholder="- Select Additional Assets -" multiple>
<option value=""></option>
<?php
$sql_assets = mysqli_query($mysqli, "SELECT asset_id, asset_name, contact_name FROM assets LEFT JOIN contacts ON contact_id = asset_contact_id WHERE asset_client_id = $client_id AND asset_id != $asset_id AND asset_archived_at IS NULL ORDER BY asset_name ASC");
while ($row = mysqli_fetch_array($sql_assets)) {
$asset_id_select = intval($row['asset_id']);
$asset_name_select = nullable_htmlentities($row['asset_name']);
$asset_contact_name_select = nullable_htmlentities($row['contact_name']);
?>
<option value="<?php echo $asset_id_select; ?>"
<?php if (in_array($asset_id_select, $additional_assets_array)) { echo "selected"; } ?>
><?php echo "$asset_name_select - $asset_contact_name_select"; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Location</label> <label>Location</label>
<div class="input-group"> <div class="input-group">
@@ -328,7 +242,7 @@ ob_start();
<option value="0">- None -</option> <option value="0">- None -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_archived_at IS NULL ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']); $vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); $vendor_name_select = nullable_htmlentities($row['vendor_name']);

47
ajax/ajax_ticket_reply_redact.php
View File

@@ -1,47 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$ticket_reply_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM ticket_replies
LEFT JOIN tickets ON ticket_id = ticket_reply_ticket_id
WHERE ticket_reply_id = $ticket_reply_id
LIMIT 1"
);
$row = mysqli_fetch_array($sql);
$ticket_reply = nullable_htmlentities($row['ticket_reply']);
$client_id = intval($row['ticket_client_id']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-edit mr-2"></i>Redacting Ticket Reply</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_reply_id" value="<?php echo $ticket_reply_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<textarea class="form-control tinymceRedact" name="ticket_reply"><?php echo $ticket_reply; ?></textarea>
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="redact_ticket_reply" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

2
ajax/ajax_ticket_template_task_edit.php
View File

@@ -10,7 +10,7 @@ $row = mysqli_fetch_array($sql);
$task_template_name = nullable_htmlentities($row['task_template_name']); $task_template_name = nullable_htmlentities($row['task_template_name']);
$task_template_order = intval($row['task_template_order']); $task_template_order = intval($row['task_template_order']);
$task_template_completion_estimate = intval($row['task_template_completion_estimate']); $task_template_completion_estimate = intval($row['task_template_completion_estimate']);
//$task_template_description = nullable_htmlentities($row['task_template_description']); $task_template_description = nullable_htmlentities($row['task_template_description']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();

2
ajax/ajax_trip_copy.php
View File

@@ -115,7 +115,7 @@ ob_start();
$sql_users = mysqli_query($mysqli, "SELECT users.user_id, user_name FROM users $sql_users = mysqli_query($mysqli, "SELECT users.user_id, user_name FROM users
LEFT JOIN user_settings on users.user_id = user_settings.user_id LEFT JOIN user_settings on users.user_id = user_settings.user_id
WHERE user_role_id > 1 AND user_archived_at IS NULL ORDER BY user_name ASC" WHERE user_role > 1 AND user_archived_at IS NULL ORDER BY user_name ASC"
); );
while ($row = mysqli_fetch_array($sql_users)) { while ($row = mysqli_fetch_array($sql_users)) {
$user_id_select = intval($row['user_id']); $user_id_select = intval($row['user_id']);

17
ajax/ajax_user_edit.php
View File

@@ -4,10 +4,7 @@ require_once '../includes/ajax_header.php';
$user_id = intval($_GET['id']); $user_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM users $sql = mysqli_query($mysqli, "SELECT * FROM users, user_settings WHERE users.user_id = user_settings.user_id AND users.user_id = $user_id LIMIT 1");
LEFT JOIN user_settings ON users.user_id = user_settings.user_id
WHERE users.user_id = $user_id LIMIT 1"
);
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$user_name = nullable_htmlentities($row['user_name']); $user_name = nullable_htmlentities($row['user_name']);
@@ -15,11 +12,11 @@ $user_email = nullable_htmlentities($row['user_email']);
$user_avatar = nullable_htmlentities($row['user_avatar']); $user_avatar = nullable_htmlentities($row['user_avatar']);
$user_token = nullable_htmlentities($row['user_token']); $user_token = nullable_htmlentities($row['user_token']);
$user_config_force_mfa = intval($row['user_config_force_mfa']); $user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_role_id = intval($row['user_role_id']); $user_role = intval($row['user_role']);
$user_initials = nullable_htmlentities(initials($user_name)); $user_initials = nullable_htmlentities(initials($user_name));
// Get User Client Access Permissions // Get User Client Access Permissions
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_client_permissions WHERE user_id = $user_id"); $user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_permissions WHERE user_id = $user_id");
$client_access_array = []; $client_access_array = [];
while ($row = mysqli_fetch_assoc($user_client_access_sql)) { while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
$client_access_array[] = intval($row['client_id']); $client_access_array[] = intval($row['client_id']);
@@ -110,13 +107,13 @@ ob_start();
</div> </div>
<select class="form-control select2" name="role" required> <select class="form-control select2" name="role" required>
<?php <?php
$sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_archived_at IS NULL"); $sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE user_role_archived_at IS NULL");
while ($row = mysqli_fetch_array($sql_user_roles)) { while ($row = mysqli_fetch_array($sql_user_roles)) {
$role_id = intval($row['role_id']); $user_role_id = intval($row['user_role_id']);
$role_name = nullable_htmlentities($row['role_name']); $user_role_name = nullable_htmlentities($row['user_role_name']);
?> ?>
<option <?php if ($role_id == $user_role_id) {echo "selected";} ?> value="<?php echo $role_id; ?>"><?php echo $role_name; ?></option> <option <?php if ($user_role == $user_role_id) {echo "selected";} ?> value="<?php echo $user_role_id; ?>"><?php echo $user_role_name; ?></option>
<?php } ?> <?php } ?>
</select> </select>

89
ajax/ajax_vendor_details.php
View File

@@ -1,89 +0,0 @@
<?php
require_once '../includes/ajax_header.php';
$vendor_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_id = $vendor_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$name = sanitizeInput($row['vendor_name']);
$description = sanitizeInput($row['vendor_description']);
$account_number = sanitizeInput($row['vendor_account_number']);
$contact_name = sanitizeInput($row['vendor_contact_name']);
$phone = preg_replace("/[^0-9]/", '',$row['vendor_phone']);
$extension = preg_replace("/[^0-9]/", '',$row['vendor_extension']);
$email = sanitizeInput($row['vendor_email']);
$website = sanitizeInput($row['vendor_website']);
$hours = sanitizeInput($row['vendor_hours']);
$sla = sanitizeInput($row['vendor_sla']);
$code = sanitizeInput($row['vendor_code']);
$notes = sanitizeInput($row['vendor_notes']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark text-white">
<div class="d-flex align-items-center">
<i class="fas fa-fw fa-building fa-2x mr-3"></i>
<div>
<h5 class="modal-title mb-0"><?php echo $name; ?></h5>
<div class="text-muted"><?php echo getFallback($description); ?></div>
</div>
</div>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<div class="modal-body bg-light">
<!-- Vendor Info Card -->
<div class="card mb-3 shadow-sm rounded">
<div class="card-body">
<h6 class="text-secondary"><i class="fas fa-info-circle mr-2"></i>Vendor Details</h6>
<div class="row">
<div class="col-sm-6">
<div><strong>Account Number:</strong> <?php echo getFallback($account_number); ?></div>
<div><strong>Hours:</strong> <?php echo getFallback($hours); ?></div>
<div><strong>SLA:</strong> <?php echo getFallback($sla); ?></div>
</div>
<div class="col-sm-6">
<div><strong>Code:</strong> <?php echo getFallback($code); ?></div>
<div><strong>Website:</strong> <?php echo !empty($website) ? '<a href="' . $website . '" target="_blank" class="text-primary">' . $website . '</a>' : '<span class="text-muted">Not Available</span>'; ?></div>
</div>
</div>
</div>
</div>
<!-- Contact Info Card -->
<div class="card mb-3 shadow-sm rounded">
<div class="card-body">
<h6 class="text-secondary"><i class="fas fa-user mr-2"></i>Contact Information</h6>
<div class="row">
<div class="col-sm-6">
<div><strong>Contact Name:</strong> <?php echo getFallback($contact_name); ?></div>
<div><strong>Phone:</strong> <?php echo getFallback($phone); ?></div>
</div>
<div class="col-sm-6">
<div><strong>Email:</strong> <?php echo !empty($email) ? '<a href="mailto:' . $email . '" class="text-primary">' . $email . '</a>' : '<span class="text-muted">Not Available</span>'; ?></div>
</div>
</div>
</div>
</div>
<!-- Notes Card -->
<div class="card mb-3 shadow-sm rounded">
<div class="card-body">
<h6 class="text-secondary"><i class="fas fa-sticky-note mr-2"></i>Notes</h6>
<div>
<?php echo getFallback($notes); ?>
</div>
</div>
</div>
</div>
<?php
require_once "../includes/ajax_footer.php";

22
ajax/ajax_vendor_edit.php
View File

@@ -11,8 +11,7 @@ $vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_description = nullable_htmlentities($row['vendor_description']); $vendor_description = nullable_htmlentities($row['vendor_description']);
$vendor_account_number = nullable_htmlentities($row['vendor_account_number']); $vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']); $vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
$vendor_phone_country_code = nullable_htmlentities($row['vendor_phone_country_code']); $vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_phone = nullable_htmlentities(formatPhoneNumber($row['vendor_phone'], $vendor_phone_country_code));
$vendor_extension = nullable_htmlentities($row['vendor_extension']); $vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_email = nullable_htmlentities($row['vendor_email']); $vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_website = nullable_htmlentities($row['vendor_website']); $vendor_website = nullable_htmlentities($row['vendor_website']);
@@ -104,10 +103,10 @@ ob_start();
<option value="0">- None -</option> <option value="0">- None -</option>
<?php <?php
$sql_vendor_templates = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_archived_at IS NULL ORDER BY vendor_template_name ASC"); $sql_vendor_templates = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_template = 1 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendor_templates)) { while ($row = mysqli_fetch_array($sql_vendor_templates)) {
$vendor_template_id_select = $row['vendor_template_id']; $vendor_template_id_select = $row['vendor_id'];
$vendor_template_name_select = nullable_htmlentities($row['vendor_template_name']); ?> $vendor_template_name_select = nullable_htmlentities($row['vendor_name']); ?>
<option <?php if ($vendor_template_id == $vendor_template_id_select) { echo "selected"; } ?> value="<?php echo $vendor_template_id_select; ?>"><?php echo $vendor_template_name_select; ?></option> <option <?php if ($vendor_template_id == $vendor_template_id_select) { echo "selected"; } ?> value="<?php echo $vendor_template_id_select; ?>"><?php echo $vendor_template_name_select; ?></option>
<?php } ?> <?php } ?>
@@ -119,23 +118,20 @@ ob_start();
<div class="tab-pane fade" id="pills-support<?php echo $vendor_id; ?>"> <div class="tab-pane fade" id="pills-support<?php echo $vendor_id; ?>">
<label>Support Phone / <span class="text-secondary">Extension</span></label> <label>Support Phone</label>
<div class="form-row"> <div class="form-row">
<div class="col-9"> <div class="col-8">
<div class="form-group"> <div class="form-group">
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $vendor_phone_country_code; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200" value="<?php echo $vendor_phone; ?>">
<input type="tel" class="form-control" name="phone" value="<?php echo $vendor_phone; ?>" placeholder="Phone Number" maxlength="200">
</div> </div>
</div> </div>
</div> </div>
<div class="col-3"> <div class="col-4">
<div class="form-group"> <input type="text" class="form-control" name="extension" placeholder="Prompts" maxlength="200" value="<?php echo $vendor_extension; ?>">
<input type="text" class="form-control" name="extension" value="<?php echo $vendor_extension; ?>" placeholder="ext." maxlength="200">
</div>
</div> </div>
</div> </div>

49
ajax/ajax_vendor_template_edit.php
View File

@@ -2,22 +2,23 @@
require_once '../includes/ajax_header.php'; require_once '../includes/ajax_header.php';
$vendor_template_id = intval($_GET['id']); $vendor_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_id = $vendor_template_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_id = $vendor_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$vendor_name = nullable_htmlentities($row['vendor_template_name']); $vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_description = nullable_htmlentities($row['vendor_template_description']); $vendor_description = nullable_htmlentities($row['vendor_description']);
$vendor_account_number = nullable_htmlentities($row['vendor_template_account_number']); $vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_contact_name = nullable_htmlentities($row['vendor_template_contact_name']); $vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
$vendor_phone = formatPhoneNumber($row['vendor_template_phone']); $vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_extension = nullable_htmlentities($row['vendor_template_extension']); $vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_email = nullable_htmlentities($row['vendor_template_email']); $vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_website = nullable_htmlentities($row['vendor_template_website']); $vendor_website = nullable_htmlentities($row['vendor_website']);
$vendor_hours = nullable_htmlentities($row['vendor_template_hours']); $vendor_hours = nullable_htmlentities($row['vendor_hours']);
$vendor_sla = nullable_htmlentities($row['vendor_template_sla']); $vendor_sla = nullable_htmlentities($row['vendor_sla']);
$vendor_code = nullable_htmlentities($row['vendor_template_code']); $vendor_code = nullable_htmlentities($row['vendor_code']);
$vendor_notes = nullable_htmlentities($row['vendor_template_notes']); $vendor_notes = nullable_htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
@@ -30,18 +31,18 @@ ob_start();
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="vendor_template_id" value="<?php echo $vendor_template_id; ?>"> <input type="hidden" name="vendor_id" value="<?php echo $vendor_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $vendor_template_id; ?>">Details</a> <a class="nav-link active" data-toggle="pill" href="#pills-details<?php echo $vendor_id; ?>">Details</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-support<?php echo $vendor_template_id; ?>">Support</a> <a class="nav-link" data-toggle="pill" href="#pills-support<?php echo $vendor_id; ?>">Support</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $vendor_template_id; ?>">Notes</a> <a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $vendor_id; ?>">Notes</a>
</li> </li>
</ul> </ul>
@@ -51,7 +52,7 @@ ob_start();
<div class="tab-content"> <div class="tab-content">
<div class="tab-pane fade show active" id="pills-details<?php echo $vendor_template_id; ?>"> <div class="tab-pane fade show active" id="pills-details<?php echo $vendor_id; ?>">
<div class="form-group"> <div class="form-group">
@@ -116,14 +117,14 @@ ob_start();
<div class="form-group"> <div class="form-group">
<div class="custom-control custom-checkbox"> <div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="updateVendorsCheckbox<?php echo $vendor_template_id; ?>" name="update_base_vendors" value="1" > <input type="checkbox" class="custom-control-input" id="updateVendorsCheckbox<?php echo $vendor_id; ?>" name="update_base_vendors" value="1" >
<label class="custom-control-label" for="updateVendorsCheckbox<?php echo $vendor_template_id; ?>">Update All Base Vendors</label> <label class="custom-control-label" for="updateVendorsCheckbox<?php echo $vendor_id; ?>">Update All Base Vendors</label>
</div> </div>
</div> </div>
</div> </div>
<div class="tab-pane fade" id="pills-support<?php echo $vendor_template_id; ?>"> <div class="tab-pane fade" id="pills-support<?php echo $vendor_id; ?>">
<label>Support Phone</label> <label>Support Phone</label>
<div class="form-row"> <div class="form-row">
@@ -133,7 +134,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div> </div>
<input type="tel" class="form-control" name="phone" value="<?php echo $vendor_phone; ?>"> <input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200" value="<?php echo $vendor_phone; ?>">
<div class="input-group-append"> <div class="input-group-append">
<div class="input-group-text"> <div class="input-group-text">
<input type="checkbox" name="global_update_vendor_phone" value="1"> <input type="checkbox" name="global_update_vendor_phone" value="1">
@@ -224,7 +225,7 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pills-notes<?php echo $vendor_template_id; ?>"> <div class="tab-pane fade" id="pills-notes<?php echo $vendor_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"><?php echo $vendor_notes; ?></textarea> <textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"><?php echo $vendor_notes; ?></textarea>

2
api/v1/credentials/create.php
View File

@@ -13,7 +13,7 @@ $insert_id = false;
if (!empty($api_key_decrypt_password) && !empty($name) && !(empty($password))) { if (!empty($api_key_decrypt_password) && !empty($name) && !(empty($password))) {
// Add credential // Add credential
$insert_sql = mysqli_query($mysqli,"INSERT INTO credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_vendor_id = $vendor_id, credential_asset_id = $asset_id, credential_software_id = $software_id, credential_client_id = $client_id"); $insert_sql = mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_uri_2 = '$uri_2', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id, login_client_id = $client_id");
// Check insert & get insert ID // Check insert & get insert ID
if ($insert_sql) { if ($insert_sql) {

104
api/v1/credentials/credential_model.php
View File

@@ -8,53 +8,53 @@ if (isset($_POST['api_key_decrypt_password'])) {
$api_key_decrypt_password = $_POST['api_key_decrypt_password']; // No sanitization $api_key_decrypt_password = $_POST['api_key_decrypt_password']; // No sanitization
} }
if (isset($_POST['credential_name'])) { if (isset($_POST['login_name'])) {
$name = sanitizeInput($_POST['credential_name']); $name = sanitizeInput($_POST['login_name']);
} elseif (isset($credential_row) && isset($credential_row['credential_name'])) { } elseif (isset($credential_row) && isset($credential_row['login_name'])) {
$name = $credential_row['credential_name']; $name = $credential_row['login_name'];
} else { } else {
$name = ''; $name = '';
} }
if (isset($_POST['credential_description'])) { if (isset($_POST['login_description'])) {
$description = sanitizeInput($_POST['credential_description']); $description = sanitizeInput($_POST['login_description']);
} elseif (isset($credential_row) && isset($credential_row['credential_description'])) { } elseif (isset($credential_row) && isset($credential_row['login_description'])) {
$description = $credential_row['credential_description']; $description = $credential_row['login_description'];
} else { } else {
$description = ''; $description = '';
} }
if (isset($_POST['credential_uri'])) { if (isset($_POST['login_uri'])) {
$uri = sanitizeInput($_POST['credential_uri']); $uri = sanitizeInput($_POST['login_uri']);
} elseif (isset($credential_row) && isset($credential_row['credential_uri'])) { } elseif (isset($credential_row) && isset($credential_row['login_uri'])) {
$uri = $credential_row['credential_uri']; $uri = $credential_row['login_uri'];
} else { } else {
$uri = ''; $uri = '';
} }
if (isset($_POST['credential_uri_2'])) { if (isset($_POST['login_uri_2'])) {
$uri_2 = sanitizeInput($_POST['credential_uri_2']); $uri_2 = sanitizeInput($_POST['login_uri_2']);
} elseif (isset($credential_row) && isset($credential_row['credential_uri_2'])) { } elseif (isset($credential_row) && isset($credential_row['login_uri_2'])) {
$uri_2 = $credential_row['credential_uri_2']; $uri_2 = $credential_row['login_uri_2'];
} else { } else {
$uri_2 = ''; $uri_2 = '';
} }
if (isset($_POST['credential_username'])) { if (isset($_POST['login_username'])) {
$username = $_POST['credential_username']; $username = $_POST['login_username'];
$username = apiEncryptLoginEntry($username, $api_key_decrypt_hash, $api_key_decrypt_password); $username = apiEncryptLoginEntry($username, $api_key_decrypt_hash, $api_key_decrypt_password);
} elseif (isset($credential_row) && isset($credential_row['credential_username'])) { } elseif (isset($credential_row) && isset($credential_row['login_username'])) {
$username = $credential_row['credential_username']; $username = $credential_row['login_username'];
} else { } else {
$username = ''; $username = '';
} }
if (isset($_POST['credential_password'])) { if (isset($_POST['login_password'])) {
$password = $_POST['credential_password']; $password = $_POST['login_password'];
$password = apiEncryptLoginEntry($password, $api_key_decrypt_hash, $api_key_decrypt_password); $password = apiEncryptLoginEntry($password, $api_key_decrypt_hash, $api_key_decrypt_password);
$password_changed = true; $password_changed = true;
} elseif (isset($credential_row) && isset($credential_row['credential_password'])) { } elseif (isset($credential_row) && isset($credential_row['login_password'])) {
$password = $credential_row['credential_password']; $password = $credential_row['login_password'];
$password_changed = false; $password_changed = false;
} else { } else {
$password = ''; $password = '';
@@ -63,58 +63,58 @@ if (isset($_POST['credential_password'])) {
if (isset($_POST['credential_otp_secret'])) { if (isset($_POST['login_otp_secret'])) {
$otp_secret = sanitizeInput($_POST['credential_otp_secret']); $otp_secret = sanitizeInput($_POST['login_otp_secret']);
} elseif (isset($credential_row) && isset($credential_row['credential_otp_secret'])) { } elseif (isset($credential_row) && isset($credential_row['login_otp_secret'])) {
$otp_secret = $credential_row['credential_otp_secret']; $otp_secret = $credential_row['login_otp_secret'];
} else { } else {
$otp_secret = ''; $otp_secret = '';
} }
if (isset($_POST['credential_note'])) { if (isset($_POST['login_note'])) {
$note = sanitizeInput($_POST['credential_note']); $note = sanitizeInput($_POST['login_note']);
} elseif (isset($credential_row) && isset($credential_row['credential_note'])) { } elseif (isset($credential_row) && isset($credential_row['login_note'])) {
$note = $credential_row['credential_note']; $note = $credential_row['login_note'];
} else { } else {
$note = ''; $note = '';
} }
if (isset($_POST['credential_important'])) { if (isset($_POST['login_important'])) {
$important = intval($_POST['credential_important']); $important = intval($_POST['login_important']);
} elseif (isset($credential_row) && isset($credential_row['credential_important'])) { } elseif (isset($credential_row) && isset($credential_row['login_important'])) {
$important = $credential_row['credential_important']; $important = $credential_row['login_important'];
} else { } else {
$important = ''; $important = '';
} }
if (isset($_POST['credential_contact_id'])) { if (isset($_POST['login_contact_id'])) {
$contact_id = intval($_POST['credential_contact_id']); $contact_id = intval($_POST['login_contact_id']);
} elseif (isset($credential_row) && isset($credential_row['credential_contact_id'])) { } elseif (isset($credential_row) && isset($credential_row['login_contact_id'])) {
$contact_id = $credential_row['credential_contact_id']; $contact_id = $credential_row['login_contact_id'];
} else { } else {
$contact_id = ''; $contact_id = '';
} }
if (isset($_POST['credential_vendor_id'])) { if (isset($_POST['login_vendor_id'])) {
$vendor_id = intval($_POST['credential_vendor_id']); $vendor_id = intval($_POST['login_vendor_id']);
} elseif (isset($credential_row) && isset($credential_row['credential_vendor_id'])) { } elseif (isset($credential_row) && isset($credential_row['login_vendor_id'])) {
$vendor_id = $credential_row['credential_vendor_id']; $vendor_id = $credential_row['login_vendor_id'];
} else { } else {
$vendor_id = ''; $vendor_id = '';
} }
if (isset($_POST['credential_asset_id'])) { if (isset($_POST['login_asset_id'])) {
$asset_id = intval($_POST['credential_asset_id']); $asset_id = intval($_POST['login_asset_id']);
} elseif (isset($credential_row) && isset($credential_row['credential_asset_id'])) { } elseif (isset($credential_row) && isset($credential_row['login_asset_id'])) {
$asset_id = $credential_row['credential_asset_id']; $asset_id = $credential_row['login_asset_id'];
} else { } else {
$asset_id = ''; $asset_id = '';
} }
if (isset($_POST['credential_software_id'])) { if (isset($_POST['login_software_id'])) {
$software_id = intval($_POST['credential_software_id']); $software_id = intval($_POST['login_software_id']);
} elseif (isset($credential_row) && isset($credential_row['credential_software_id'])) { } elseif (isset($credential_row) && isset($credential_row['login_software_id'])) {
$software_id = $credential_row['credential_software_id']; $software_id = $credential_row['login_software_id'];
} else { } else {
$software_id = ''; $software_id = '';
} }

14
api/v1/credentials/read.php
View File

@@ -13,17 +13,17 @@ if (isset($_GET['api_key_decrypt_password'])) {
} }
// Specific credential/login via ID (single) // Specific credential/login via ID (single)
if (isset($_GET['credential_id']) && !empty($api_key_decrypt_password)) { if (isset($_GET['login_id']) && !empty($api_key_decrypt_password)) {
$id = intval($_GET['credential_id']); $id = intval($_GET['login_id']);
$sql = mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_id = '$id' AND credential_client_id LIKE '$client_id' LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_id = '$id' AND login_client_id LIKE '$client_id' LIMIT 1");
} elseif (!empty($api_key_decrypt_password)) { } elseif (!empty($api_key_decrypt_password)) {
// All credentials ("credentials") // All credentials ("logins")
$sql = mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_client_id LIKE '$client_id' ORDER BY credential_id LIMIT $limit OFFSET $offset"); $sql = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_client_id LIKE '$client_id' ORDER BY login_id LIMIT $limit OFFSET $offset");
} }
@@ -37,8 +37,8 @@ if ($sql && mysqli_num_rows($sql) > 0) {
$row = array(); $row = array();
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$row['credential_username'] = apiDecryptCredentialEntry($row['credential_username'], $api_key_decrypt_hash, $api_key_decrypt_password); $row['login_username'] = apiDecryptLoginEntry($row['login_username'], $api_key_decrypt_hash, $api_key_decrypt_password);
$row['credential_password'] = apiDecryptCredentialEntry($row['credential_password'], $api_key_decrypt_hash, $api_key_decrypt_password); $row['login_password'] = apiDecryptLoginEntry($row['login_password'], $api_key_decrypt_hash, $api_key_decrypt_password);
$return_arr['data'][] = $row; $return_arr['data'][] = $row;
} }

12
api/v1/credentials/update.php
View File

@@ -5,30 +5,30 @@ require_once '../validate_api_key.php';
require_once '../require_post_method.php'; require_once '../require_post_method.php';
// Parse ID // Parse ID
$credential_id = intval($_POST['credential_id']); $login_id = intval($_POST['login_id']);
// Default // Default
$update_count = false; $update_count = false;
if (!empty($_POST['api_key_decrypt_password']) && !empty($credential_id)) { if (!empty($_POST['api_key_decrypt_password']) && !empty($login_id)) {
$credential_row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_id = '$credential_id' AND credential_client_id = $client_id LIMIT 1")); $credential_row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM logins WHERE login_id = '$login_id' AND login_client_id = $client_id LIMIT 1"));
// Variable assignment from POST - assigning the current database value if a value is not provided // Variable assignment from POST - assigning the current database value if a value is not provided
require_once 'credential_model.php'; require_once 'credential_model.php';
$update_sql = mysqli_query($mysqli,"UPDATE credentials SET credential_name = '$name', credential_description = '$description', credential_uri = '$uri', credential_uri_2 = '$uri_2', credential_username = '$username', credential_password = '$password', credential_otp_secret = '$otp_secret', credential_note = '$note', credential_important = $important, credential_contact_id = $contact_id, credential_vendor_id = $vendor_id, credential_asset_id = $asset_id, credential_software_id = $software_id, credential_client_id = $client_id WHERE credential_id = '$credential_id' AND credential_client_id = $client_id LIMIT 1"); $update_sql = mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_uri_2 = '$uri_2', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id, login_client_id = $client_id WHERE login_id = '$login_id' AND login_client_id = $client_id LIMIT 1");
// Check insert & get insert ID // Check insert & get insert ID
if ($update_sql) { if ($update_sql) {
$update_count = mysqli_affected_rows($mysqli); $update_count = mysqli_affected_rows($mysqli);
if ($password_changed) { if ($password_changed) {
mysqli_query($mysqli, "UPDATE credentials SET credential_password_changed_at = NOW() WHERE credential_id = $credential_id LIMIT 1"); mysqli_query($mysqli, "UPDATE logins SET login_password_changed_at = NOW() WHERE login_id = $login_id LIMIT 1");
} }
// Logging // Logging
logAction("Credential", "Edit", "$name via API ($api_key_name)", $client_id, $credential_id); logAction("Credential", "Edit", "$name via API ($api_key_name)", $client_id, $login_id);
logAction("API", "Success", "Updated credential $name via API ($api_key_name)", $client_id); logAction("API", "Success", "Updated credential $name via API ($api_key_name)", $client_id);
} }

5
api/v1/documents/create.php
View File

@@ -13,12 +13,15 @@ $insert_id = false;
if (!empty($name) && !(empty($content))) { if (!empty($name) && !(empty($content))) {
// Create document // Create document
$insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id"); $insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id");
// Check insert & get insert ID // Check insert & get insert ID
if ($insert_sql) { if ($insert_sql) {
$insert_id = mysqli_insert_id($mysqli); $insert_id = mysqli_insert_id($mysqli);
// Update field document_parent to be the same id as document ID as this is the only version of the document.
mysqli_query($mysqli,"UPDATE documents SET document_parent = $insert_id WHERE document_id = $insert_id");
// Logging // Logging
logAction("Document", "Create", "$name via API ($api_key_name)", $client_id, $insert_id); logAction("Document", "Create", "$name via API ($api_key_name)", $client_id, $insert_id);
logAction("API", "Success", "Created document $name via API ($api_key_name)", $client_id); logAction("API", "Success", "Created document $name via API ($api_key_name)", $client_id);

24
api/v1/documents/update.php
View File

@@ -18,12 +18,34 @@ if (!empty($document_id)) {
require_once 'document_model.php'; require_once 'document_model.php';
// Documents are a little weird as we update them by *inserting* a new document row // Documents are a little weird as we update them by *inserting* a new document row
$update_insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id"); $update_insert_sql = mysqli_query($mysqli,"INSERT INTO documents SET document_name = '$name', document_description = '$description', document_content = '$content', document_content_raw = '$content_raw', document_template = 0, document_folder_id = $folder, document_created_by = 0, document_client_id = $client_id");
// Check insert & get insert ID // Check insert & get insert ID
if ($update_insert_sql) { if ($update_insert_sql) {
$insert_id = $new_document_id = mysqli_insert_id($mysqli); $insert_id = $new_document_id = mysqli_insert_id($mysqli);
// Update the parent ID of the new document to match its new document ID
mysqli_query($mysqli,"UPDATE documents SET document_parent = $new_document_id WHERE document_id = $new_document_id");
// Link all existing links with old document with new document
mysqli_query($mysqli,"UPDATE documents SET document_parent = $new_document_id, document_archived_at = NOW() WHERE document_parent = $document_id");
// Update Links to the new parent document:-
// Document files
mysqli_query($mysqli,"UPDATE document_files SET document_id = $new_document_id WHERE document_id = $document_id");
// Contact documents
mysqli_query($mysqli,"UPDATE contact_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Asset documents
mysqli_query($mysqli,"UPDATE asset_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Software documents
mysqli_query($mysqli,"UPDATE software_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Vendor documents
mysqli_query($mysqli,"UPDATE vendor_documents SET document_id = $new_document_id WHERE document_id = $document_id");
// Logging // Logging
logAction("Document", "Edit", "$name via API ($api_key_name) previous version kept", $client_id, $insert_id); logAction("Document", "Edit", "$name via API ($api_key_name) previous version kept", $client_id, $insert_id);
logAction("API", "Success", "Edited document $name via API ($api_key_name)", $client_id); logAction("API", "Success", "Edited document $name via API ($api_key_name)", $client_id);

4
api/v1/tickets/create.php
View File

@@ -5,7 +5,7 @@ require_once '../validate_api_key.php';
require_once '../require_post_method.php'; require_once '../require_post_method.php';
// Ticket-related settings // Ticket-related settings
require_once "../../../includes/get_settings.php"; require_once "../../../get_settings.php";
$sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1"); $sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
@@ -39,7 +39,7 @@ if (!empty($subject)) {
// Insert ticket // Insert ticket
$url_key = randomString(156); $url_key = randomString(156);
$insert_sql = mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_source = 'API', ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $billable, ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_vendor_id = $vendor_id, ticket_created_by = 0, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_url_key = '$url_key', ticket_client_id = $client_id"); $insert_sql = mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_vendor_id = $vendor_id, ticket_created_by = 0, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_url_key = '$url_key', ticket_client_id = $client_id");
// Check insert & get insert ID // Check insert & get insert ID
if ($insert_sql) { if ($insert_sql) {

8
api/v1/tickets/ticket_model.php
View File

@@ -59,11 +59,3 @@ if (isset($_POST['ticket_assigned_to'])) {
} else { } else {
$assigned_to = '0'; $assigned_to = '0';
} }
if (isset($_POST['ticket_billable'])) {
$billable = intval($_POST['ticket_billable']);
} elseif ($ticket_row) {
$billable = $ticket_row['ticket_billable'];
} else {
$billable = '0';
}

Some files were not shown because too many files have changed in this diff Show More