AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-14 17:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: AS1024:v25.09
Branches Tags
AS1024:master AS1024:develop AS1024:ticket-task-approvals AS1024:duplicate-numbering-racecondition AS1024:undefined-asset-handling AS1024:revert-1176-Whit3XLightning-patch-2 AS1024:Before-Multi-Company-Removal
AS1024:v26.3 AS1024:v26.02 AS1024:v25.12 AS1024:v25.11 AS1024:v25.10 AS1024:v25.09 AS1024:v25.06 AS1024:v25.05 AS1024:v25.03 AS1024:v25.02.4 AS1024:v25.02.3 AS1024:v25.02.1 AS1024:v25.02 AS1024:v25.01.3 AS1024:v25.02.2 AS1024:v25.01.2 AS1024:v25.01
..
compare: AS1024:revert-1176-Whit3XLightning-patch-2
Branches Tags
AS1024:master AS1024:develop AS1024:ticket-task-approvals AS1024:duplicate-numbering-racecondition AS1024:undefined-asset-handling AS1024:revert-1176-Whit3XLightning-patch-2 AS1024:Before-Multi-Company-Removal
AS1024:v26.3 AS1024:v26.02 AS1024:v25.12 AS1024:v25.11 AS1024:v25.10 AS1024:v25.09 AS1024:v25.06 AS1024:v25.05 AS1024:v25.03 AS1024:v25.02.4 AS1024:v25.02.3 AS1024:v25.02.1 AS1024:v25.02 AS1024:v25.01.3 AS1024:v25.02.2 AS1024:v25.01.2 AS1024:v25.01

1 Commits
v25.09 ... revert-117

Author SHA1 Message Date
Johnny
16ab6144f9 Revert "Update folder_create_modal.php" 2025-03-01 12:12:44 -05:00
1635 changed files with 45110 additions and 163163 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -25,6 +25,4 @@ plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/*
xcustom/* xcustom/*
!xcustom/readme.php !xcustom/readme.php
post/xcustom post/xcustom
custom/*
!post/xcustom/readme.php !post/xcustom/readme.php
.zed

372
CHANGELOG.md
View File

@@ -2,371 +2,31 @@
This file documents all notable changes made to ITFlow. This file documents all notable changes made to ITFlow.
## [25.09]
***BACK UP*** before updating.
---
### Breaking Changes and Notes
- We strongly recommend updating from the command line, however if performed via the webui and after performed it will return a 404. thats normal as the directory structure has changed, just close your browser then log back in then go back to update to perform the many database updates.
- This is a major release with significant changes. While the community has done a great job identifying bugs, some may still remain — continued testing is encouraged.
- All AI settings will be **reset** and must be reconfigured using the new AI provider backend.
- The `xcustom` directory has been renamed to `custom`. All custom libraries and post-processing scripts should now be placed here.
---
### Added / Changed
- Numerous UI improvements and refinements across the application.
- Enhanced visual clarity by thickening the left border on ticket comments to help identify comment types.
- Ticket details UI redesigned to use less space at the top of the screen.
- Introduced tracking for the **first response date/time** on tickets.
- New reporting feature: **Average time to first response** on tickets.
- Stripe integration rebuilt using the new **payment provider backend**.
- Clients can now save and manage **multiple payment methods**.
- Support for selecting saved cards for **recurring invoices** in both the client and agent portals.
- Initial database structure and logic added for **credit management** (feature not yet enabled).
- Major **backend directory restructuring**.
- Introduced **stock/inventory management**, including a stock ledger backend.
- Stock quantities now update automatically when invoice items are added or removed.
- Invoice autocomplete now includes: **name, description, price, tax, stock levels**, and links `product_id` to `item_id`.
- Added a **category filter** to invoices.
- Linked stock to related expenses.
- New product fields: **location, code, and type**.
- Products now separated into two types: **Service** and **Product**.
- **Dark mode** introduced.
- Projects: Now support linking **closed tickets**.
- Clients: Added bulk actions for tags, referral source, industry, hourly rate, email, archive, and restore.
- Invoices: Bulk action added to **assign categories**.
- Assets: New `client_uri` field, visible in both the agent and client portals.
- Client Portal: Clients can now **select an asset** during ticket creation.
- Client Portal: Company logo now **displays in the header**.
- Client Portal: Dashboard cards are now **clickable** for more detail.
- Assets: Option added to include **MAC Address** in additional columns.
- Asset Interface: Bulk actions added — set DHCP, network type, and delete.
- API:
- Added `/location` endpoint.
- Ticket content now supports **HTML formatting**.
- New option to filter and display **500 records per page** in the footer.
- Payment methods are now treated as a **separate entity** instead of being grouped under categories.
- Updated libraries:
- **TinyMCE**
- **Chart.js** (major upgrade)
- **DataTables**
- **Bootstrap**
- **FullCalendar**
- **php-stripe**
---
### Fixed
- Several security vulnerabilities patched.
- Ticket status is no longer updated when scheduling.
- Client Portal: Tech contacts can no longer edit their own details.
- Fixed overlapping logo issue in Invoice/Quote PDF exports.
- Refactored `check_login.php` into multiple files for modular login functionality.
- Removed redundant logging comments for redirects.
- Renamed `get_settings.php` to `load_global_settings.php`.
- Simplified syntax for `ajax-modal` and updated usage throughout the app.
- Fixed issue where primary contact text wasnt displaying.
- Corrected client **Net Terms** display.
- Fixed logic for recurring expense **next run date**.
- Resolved broken **IMAP test button**.
- Archived clients can no longer log into the portal.
- Searching closed tickets no longer reverts to open tickets.
- Fixed project search filter not showing completed projects.
- Fixed issue where company logo was not being removed correctly.
- Resolved API bugs:
- Default rate and net terms.
- Contact location.
- Document endpoint.
---
### Developer Updates
- Replaced legacy code with newer functions like `redirect()`, `getFieldById()`, and `flash_alert()`.
- Significantly improved performance of queries used for filter selection boxes.
## [25.06.1]
### Fixed
- Fixed a regression in setup causing it to crash and never complete, due to missing default for currency.
## [25.06]
### Breaking CHANGES
- Old Document Verions will be deleted due to the major backend rewrite how document versions work.
### Added / Changed
- Improved function for retrieving remote IP address for logging purposes.
- Ticket categories are now sorted alphabetically.
- Visiting a deleted invoice or recurring invoice now redirects to the listing page; delete option added to invoice details page.
- Added "Mark as Sent" and "Make Payment" actions directly on the invoice listing page.
- Introduced Ticket Category UI for recurring tickets.
- In Project Details, bulk actions and sorting are now available for tickets.
- Updated ticket details UI to use full card stacks with edit icons for stackable items (e.g., asset, watchers, contact).
- Added a new setting to toggle AutoStart Timer in ticket details (disabled by default).
- Applied gray accent theme in the client section to visually distinguish from the global view.
- Introduced Ticket Due Date functionality (currently supports add/edit only; more updates coming next release).
- Added settings option to display Company Tax ID on invoices.
- Client overview now displays badge counts for all entities.
- Overhauled UI for Invoice, Quote, and Recurring Invoice details; switched PDF generation to TCPDF PHP from PDFMake JS.
- Document versioning has been moved to a separate backend table to resolve permanent link issues -- SEE Breaking CHANGES.
- Migrated Document Templates, Vendor Templates, and Software/License Templates to dedicated tables.
- Added functionality to mark all tasks in a ticket as complete or incomplete.
- Asset CSV import now supports a purchase date field.
- Recurring Payments have been restructured to auto-charge on the invoice due date instead of at generation time.
- Added "Base Template" label for vendor templates when available.
- Backup and restore processes now use a temporary directory; files are cleaned up automatically if operations fail.
- Added confirmation prompt when accepting or declining a quote.
- Other minor code UI/UX cleanups and refactoring throughout the app.
### Fixed
- Resolved issue with enabling MFA.
- Fixed UI regression where ticket listing columns would misalign.
- Non-billable invoices are no longer included in calculations.
- Addressed multiple minor reported security vulnerabilities.
- Tickets with open tasks are no longer resolved in bulk; a warning is shown along with a count of affected tickets.
## [25.05.1]
### Added / Changed
- Added Domain Expiring Card to Client Portal Dashboard for Primary and Technical Users.
- Added Balance and Monthly Recurring Amount to Client Portal Dahboard for Primary and Technical Users.
- Added Archive Searching to network and certificates also added unarchive capabilities to them as well.
### Fixed
- Add Payment not showing in Invoice.
- Updated Client Overview Entities to not show archived client's Entities even though the entity may not be archived.
## [25.05]
### Added / Changed
- Expanded file upload allow-list to include .bat and .stk file types.
- Added full backup/restore functionality. Backup downloads a zip that includes the SQL dump and uploads folder, setup now has option to restore from zip backup.
- Migrated Asset and Contact Links to modals to resolve variable overlap issue.
- Added Pagination to Notification Modal.
- Removed 500 Records Per Page option.
- Removed unused old DB checks in the top nav.
- Clients can now use the portal to setup Stripe automatic payments themselves for recurring invoices
- Automatic payments are now disabled for all recurring invoices if the saved payment method is removed
- Added Card Details and Payment added to Client Stripe.
- UI / UX updates to guest pay Make use of cards.
- Don't show Checkbox columns when ticket is closed, compact ticket list now matches round pills for status and priority.
- Ticket UI/UX update allow the ticket toolbar to be a little more mobile-friendly
- UI / UX Updates to Expenses - Combine Category and Description into 1 column.
- Country information is now displayed in Invoices, Quotes, Recurring Invoices, Clients, Locations, and the client top header.
- Added country-based search filters in Locations and Clients sections.
- Changed the settings name from Integrations to Identity Providers to make room for future iDPs (e.g. Google).
- Bump FullCalendar from 6.1.15 to 6.1.17.
- Bump DataTables from 2.2.2 to 2.3.1.
- Bump TCPDF from 6.8.2 to 6.9.4.
- Bump tinyMCE from 7.7.1 to 7.9.0.
- Bump phpMailer from 6.9.2 to 6.10.0.
- Bump stripe-php from 16.4.0 to 17.2.1.
### Fixed
- "None" option for SMTP encryption now functions correctly.
- Debug table row counts now reflect actual counts instead of relying on SHOW TABLE STATUS.
- Archived Categories now display properly.
- Stripe saved payment methods are now limited to credit/debit cards only.
## [25.03.6]
### Fixed
- Set default to date to 2035-12-31 as 9999-12-31 and 2999-12-31 broke certain browsers.
- Update Client PDF Export, add header added company logo.
- Present Larger clearer Warning about updates on update page.
- Allow to search by project reference.
## [25.03.5]
### Fixed
- Fixed the user listing issue when copying a trip.
- Corrected the display of recurring invoice amounts on the dashboard.
- Fixed the linking of entities with assets and contacts.
- Resolved the issue with displaying the correct mobile country code in the contact listing.
- Set the default date to `9999-12-31` to ensure future items (like invoices) are displayed by default.
- Fixed the display issue where file folders were not showing properly during document creation.
- Migrated from Dragula to SortableJS for a more modern, mobile-friendly solution.
- Added Handlebars icons for drag-and-drop items.
- Changed behavior to open Contact and Asset Details pages directly instead of using a modal.
## [25.03.4]
### Fixed
- Ability to remove additional assets from the ticket details screen.
- Fix the ability to remove assets from edit ticket not working when only 1 asset exists.
- Fix Database Backup corruption.
- Client Portal - show ticket number instead of ticket id in ticket listing.
- Add Purchase Reference to copy asset.
- Add Link to asset details from the global search.
- Fix Bulk assign ticket only showing contacts instead of ITFlow users.
## [25.03.3]
### Fixed
- Fix adding ITFlow user.
- Do not alert on inactive recurring invoices.
- Fix ticket user assignment including bulk assignment.
- Fix adding a location phone extension.
- Do not default to +1 Country code, instead default to null.
- Do not format numbers unless a country code is entered.
- Fix editing network location.
- Fix ticket redaction on client replies.
- Remove more from user activity as it requires admin privledges.
- Fix MFA Enforcement page.
## [25.03.2]
### Fixed
- Revert DB.sql change
## [25.03.1]
### Fixed
- Phone number missing in various sections.
- Match Database.
- Client Export Only display licenses users and assets from the selected client only.
## [25.03]
### Fixed
- Resolved missing attachments in ticket replies processed via the email parser.
- Fixed issue where the top half of portrait image uploads appeared cut off at the bottom.
- Ensured all tables and fields use `CHARACTER SET utf8mb4` and `COLLATE utf8mb4_general_ci` for updates and new installations.
- Converted `service_domains` table to use InnoDB instead of MyISAM.
- Fixed the initials function to properly handle UTF-8 characters, preventing contact-related issues.
- Interfaces can now start with `0`.
- Adjusted AI prompt handling to focus solely on content, avoiding unnecessary additions.
### Added / Changed
- Introduced bulk delete functionality for assets.
- Added the ability to redact ticket replies after a ticket is closed.
- Added support for redacting specific text while a ticket is open.
- Switched file upload hashing from SHA256 to MD5 to significantly improve performance.
- Enabled assigning multiple assets to a single ticket.
- Updated all many-to-many tables to support cascading deletes using foreign key associations, improving efficiency, performance, and data integrity.
- Enabled caching for AJAX modals to reduce repeated reloads and enhance browser performance.
- Upgraded DataTables from 2.2.1 to 2.2.2.
- Upgraded TinyMCE from 7.6.1 to 7.7.1, providing a significant performance boost.
- Added “Copy Credentials to Clipboard” button in AJAX asset and contact views.
- Renamed and reorganized several tables.
- Improved theme color organization by grouping primary colors and their related shades.
- Displayed a user icon next to contacts who have user accounts.
- New image uploads are now converted to optimized `.webp` format by default; original files are no longer saved. Existing images remain unchanged.
- Added international phone number support throughout the system.
- Introduced user signatures in preferences, which are now appended to all ticket replies.
- Optimized search filters to only display defined tags.
- Added “Projects” to the client-side navigation.
- Enabled “Create New Ticket” from within project details.
- Reintroduced batch payment functionality in client invoices.
- Included client abbreviations in both client and global search options.
- Added assigned software license details (User/Asset) to the client PDF export.
- Replaced client-side `pdfMake` with the PHP-based `TCPDF` library for generating client export runbooks.
- Introduced the ability to download documents as PDFs.
- Added a “Reference” field to tickets and invoices generated from recurring templates (not yet in active use).
### Breaking Changes
> **Important:** To update to this version, you **must** run the following commands from the command line from the scripts directory:
>
> ```bash
> php update_cli.php
> php update_cli.php --db_update
> ```
>
> Repeat `--db_update` until no further updates are found.
>
> **Back up your system before upgrading.**
> This version includes numerous backend changes critical for future development.
## [25.02.4]
### Fixed
- Resolved issue preventing the addition or editing of licenses when no vendor was selected.
- Fixed several undeclared variables in AJAX contact details.
- Corrected the contact ticket count display.
- Addressed an issue where clicking "More Details" in AJAX contact/asset details failed to include the `client_id` in the URL.
- Fixed an issue with recurring invoices in the client URL: clicking "Inactive" or "Active" would unexpectedly navigate away from the client section.
- Added new php function getFieldById() to return a record using just an id and sanitized as well.
## [25.02.3]
### Fixed
- Fixed notifications being reversed as dismissed notifications.
## [25.02.2]
### Fixed
- Corrected some edit modals not showing notes correctly.
- Bugfix: When exporting to CSV, the first asset wasn't being shown.
- Fix broken create / edit credentials.
- Fixed missing Notificatons link.
- Fixed a few dead links.
- Fixed Overdue count also counting Non-Billable Invoices.
- Fix Edit Client Notes.
### Added / Changed
- Implemented SSL certificate history tracking.
- Added Inactive / Active Filter to Recurring Invoices.
- Merged Dismissed notifications and notification in one.
- Added Link Button to addd / edit Document WYSIWYG.
- Added Physical location to the asset export / import.
## [25.02.1]
### Fixed
- Resolved broken links in the client overview, project and client listings, and rack details.
- Corrected asset transfer functionality to clients.
- Fixed the ticket scheduling redirect.
- Corrected the ticket link in the Scheduled Ticket Agent Notification email.
- Addressed issues with credentials and ticket actions in the Contact Detail Modal.
- Fixed text wrapping in notifications.
- Adjusted notifications so that they are sorted with the newest first.
- Fixed drag-and-drop functionality for tickets in the Kanban view on mobile devices.
- Resolved a weird issue with TinyMCE that prevented using links referencing your ITFlow instance url.
- Corrected image orientation issues during upload and the preview optimization process.
### Added / Changed
- Introduced entity link indicator icons and counts in the contacts and credentials section.
- Implemented a fade animation for the new AJAX modal.
- Removed the Client Overview Expire Day Select and replaced it with simplified 1, 7, or 45-day options.
- Added the ability to link and unlink entities within asset details.
- Introduced quick tag/category creation across the app.
- Added a Vendor Quick Details Modal.
- Enabled vendor linking and added a License Purchase Reference in the Software Licenses section.
- Added download original, optimized and thumbnail option for images.
- Added Paid status to the top corner of Invoice PDFs.
## [25.02] ## [25.02]
### Fixed ### Fixed
- Migrated several reports to the new permissions/roles system. - Migrated several reports to the new permissions/roles system
- Resolved issue with empty task box showing for closed/resolved tickets. - Resolved issue with empty task box showing for closed/resolved tickets
- Corrected ticket priority sorting. - Corrected ticket priority sorting
- Cloned asset interfaces when transferring assets between clients. - Cloned asset interfaces when transferring assets between clients
### Added / Changed ### Added / Changed
- Restored max number of records per page option back to 500 since we dont have repeating modals. - Restored max number of records per page option back to 500 since we dont have repeating modals.
- Bulk Categorize Tickets feature. - Bulk Categorize Tickets feature
- Renamed "Interface port" to "Interface Description." "Interface Name" should now refer to port name and/or number. - Renamed "Interface port" to "Interface Description." "Interface Name" should now refer to port name and/or number
- Changed "Transfer Asset to Client" from a single action to a bulk action. - Changed "Transfer Asset to Client" from a single action to a bulk action
- Updated Filter Footer UI to show "Showing x to x of x records" instead of just the total records. - Updated Filter Footer UI to show "Showing x to x of x records" instead of just the total records
- Added Client Overview section to view client assets, contacts, licenses, credentials, etc. - Added Client Overview section to view client assets, contacts, licenses, credentials, etc.
- Introduced Quick Peek for asset details, contact information, and document viewing throughout the ITFlow App, all made possible by AJAX. - Introduced Quick Peek for asset details, contact information, and document viewing throughout the ITFlow App, all made possible by AJAX
- Enabled Simple Drag-and-Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks, and Ticket Template Tasks. - Enabled Simple Drag-and-Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks, and Ticket Template Tasks
- Added new Ticket View options: Kanban and Simple View. - Added new Ticket View options: Kanban and Simple View
- Migrated all repeating modals to the new AJAX modal function for faster loading times and quicker development. - Migrated all repeating modals to the new AJAX modal function for faster loading times and quicker development
- Allowed clients to upload PDF documents to accepted quotes. - Allowed clients to upload PDF documents to accepted quotes
- Client Portal now shows ticket category. - Client Portal now shows ticket category
- Custom links can now be added to the Client Portal navbar. - Custom links can now be added to the Client Portal navbar
- Lots of little tweaks to UI, performance, bugs, etc. - Lots of little tweaks to UI, performance, bugs, etc.
### Breaking Changes ### Breaking Changes
- Cron scripts have officially been moved to the /scripts folder and are no longer in the root directory; they must be updated to function properly. - Cron scripts have officially been moved to the /scripts folder and are no longer in the root directory; they must be updated to function properly
## [25.01.3] ## [25.01.3]
### Fixed ### Fixed

1
README.md
View File

@@ -93,7 +93,6 @@ If you want to improve ITFlow, feel free to fork the repo and create a pull requ
Were incredibly grateful to the organizations and individuals who support the project - a big thank you to: Were incredibly grateful to the organizations and individuals who support the project - a big thank you to:
- CompuMatter - CompuMatter
- F1 for HELP - F1 for HELP
- JetBrains (PhpStorm)
## License ## License
ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details. ITFlow is distributed "as is" under the GPL License, WITHOUT WARRANTY OF ANY KIND. See [`LICENSE`](https://github.com/itflow-org/itflow/blob/master/LICENSE) for details.

6
SECURITY.md
View File

@@ -12,8 +12,10 @@
We operate a rolling release model. Any bug fixes will be released into latest version of ITFlow, so you must stay up-to-date. We operate a rolling release model. Any bug fixes will be released into latest version of ITFlow, so you must stay up-to-date.
| Version | Supported | | Version | Supported |
|---------| ------------------ | | ------- | ------------------ |
| 25.05 | :white_check_mark: | | Beta | :x: |
| 24.12 | :white_check_mark: |
| 25.1 | :white_check_mark: (When released) |
## Reporting a Vulnerability via GitHub Security Advisories ## Reporting a Vulnerability via GitHub Security Advisories

23
user/accounts.php → accounts.php
View File

@@ -9,6 +9,9 @@ require_once "includes/inc_all.php";
// Perms // Perms
enforceUserPermission('module_financial'); enforceUserPermission('module_financial');
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM accounts "SELECT SQL_CALC_FOUND_ROWS * FROM accounts
@@ -83,8 +86,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<tr> <tr>
<td> <td>
<a class="text-dark ajax-modal" href="#" <a class="text-dark" href="#"
data-modal-url="modals/account/account_edit.php?id=<?= $account_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_account_edit.php"
data-ajax-id="<?php echo $account_id; ?>"
>
<?php echo $account_name; ?> <?php echo $account_name; ?>
</a> </a>
</td> </td>
@@ -96,8 +102,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/account/account_edit.php?id=<?= $account_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_account_edit.php"
data-ajax-id="<?php echo $account_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if ($balance == 0 && $account_id != $config_stripe_account) { //Cannot Archive an Account until it reaches 0 Balance and cant be selected as an online account ?> <?php if ($balance == 0 && $account_id != $config_stripe_account) { //Cannot Archive an Account until it reaches 0 Balance and cant be selected as an online account ?>
@@ -118,11 +127,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; ?> <?php require_once "includes/filter_footer.php"; ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/account/account_add.php"; require_once "modals/account_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

108
admin/ai_model.php
View File

@@ -1,108 +0,0 @@
<?php
// Default Column Sortby Filter
$sort = "ai_model_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM ai_models LEFT JOIN ai_providers ON ai_model_ai_provider_id = ai_provider_id ORDER BY $sort $order");
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-robot mr-2"></i>AI Models</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAIModelModal"><i class="fas fa-plus mr-2"></i>Add Model</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_model_name&order=<?php echo $disp; ?>">
Model <?php if ($sort == 'ai_model_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'ai_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_model_use_case&order=<?php echo $disp; ?>">
Use Case<?php if ($sort == 'ai_model_use_case') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark">Prompt</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$provider_id = intval($row['ai_provider_id']);
$provider_name = nullable_htmlentities($row['ai_provider_name']);
$model_id = intval($row['ai_model_id']);
$model_name = nullable_htmlentities($row['ai_model_name']);
$use_case = nullable_htmlentities($row['ai_model_use_case']);
$prompt = nl2br(nullable_htmlentities($row['ai_model_prompt']));
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/ai/ai_model_edit.php?id=<?= $model_id ?>">
<?php echo $model_name; ?>
</a>
</td>
<td><?php echo $provider_name; ?></td>
<td><?php echo $use_case; ?></td>
<td><?php echo $prompt; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/ai/ai_model_edit.php?id=<?= $model_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_ai_model=<?php echo $model_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/ai/ai_model_add.php";
require_once "../includes/footer.php";

109
admin/ai_provider.php
View File

@@ -1,109 +0,0 @@
<?php
// Default Column Sortby Filter
$sort = "ai_provider_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM ai_providers ORDER BY $sort $order");
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-robot mr-2"></i>AI Providers</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addAIProviderModal"><i class="fas fa-plus mr-2"></i>Add Provider</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'ai_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_api_url&order=<?php echo $disp; ?>">
URL <?php if ($sort == 'ai_provider_api_url') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=ai_provider_api_key&order=<?php echo $disp; ?>">
Key <?php if ($sort == 'ai_provider_api_key') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark">Models</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$provider_id = intval($row['ai_provider_id']);
$provider_name = nullable_htmlentities($row['ai_provider_name']);
$url = nullable_htmlentities($row['ai_provider_api_url']);
$key = nullable_htmlentities($row['ai_provider_api_key']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ai_model_id') AS ai_model_count FROM ai_models WHERE ai_model_ai_provider_id = $provider_id"));
$ai_model_count = intval($row['ai_model_count']);
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/ai/ai_provider_edit.php?id=<?= $provider_id ?>">
<?php echo $provider_name; ?>
</a>
</td>
<td><?php echo $url; ?></td>
<td><?php echo $key; ?></td>
<td><?php echo $ai_model_count; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/ai/ai_provider_edit.php?id=<?= $provider_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_ai_provider=<?php echo $provider_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/ai/ai_provider_add.php";
require_once "../includes/footer.php";

64
admin/document_template_details.php
View File

@@ -1,64 +0,0 @@
<?php
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['document_template_id'])) {
$document_template_id = intval($_GET['document_template_id']);
}
$sql_document = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id");
$row = mysqli_fetch_array($sql_document);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = $purifier->purify($row['document_template_content']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
?>
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="../">Home</a>
</li>
<li class="breadcrumb-item">
<a href="users.php">Admin</a>
</li>
<li class="breadcrumb-item">
<a href="document_template.php">Document Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_template_name; ?></li>
</ol>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_template_name; ?></h3>
<div class="card-tools">
<button type="button" class="btn btn-primary ajax-modal"
data-modal-size="xl"
data-modal-url="modals/document_template/document_template_edit.php?id=<?= $document_template_id ?>">
<i class="fas fa-edit mr-2"></i>Edit
</button>
</div>
</div>
<div class="card-body prettyContent">
<?php echo $document_template_content; ?>
</div>
</div>
<script src="../js/pretty_content.js"></script>
<?php
require_once "../includes/footer.php";

17
admin/includes/inc_all_admin.php
View File

@@ -1,17 +0,0 @@
<?php
require_once "../config.php";
require_once "../functions.php";
require_once "../includes/router.php";
require_once "../includes/check_login.php";
require_once "../includes/page_title.php";
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
require_once "../includes/header.php";
require_once "../includes/top_nav.php";
require_once "includes/side_nav.php";
require_once "../includes/inc_wrapper.php";
require_once "../includes/inc_alert_feedback.php";
require_once "../includes/filter_header.php";
require_once "../includes/app_version.php";

4
admin/index.php
View File

@@ -1,4 +0,0 @@
<?php
header('Location: users.php');

73
admin/modals/ai/ai_model_add.php
View File

@@ -1,73 +0,0 @@
<div class="form-group">
<div class="modal" id="addAIModelModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>Add AI Model</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<select class="form-control select2" name="provider" required>
<option value="">- Select an AI Provider -</option>
<?php
$sql_ai_providers = mysqli_query($mysqli, "SELECT * FROM ai_providers");
while ($row = mysqli_fetch_array($sql_ai_providers)) {
$ai_provider_id = intval($row['ai_provider_id']);
$ai_provider_name = nullable_htmlentities($row['ai_provider_name']);
?>
<option value="<?php echo $ai_provider_id; ?>"><?php echo $ai_provider_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Model Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="model" placeholder="ex gpt-4">
</div>
</div>
<div class="form-group">
<label>Use Case <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-th-list"></i></span>
</div>
<select class="form-control select2" name="use_case">
<option>General</option>
<option>Tickets</option>
<option>Documentation</option>
</select>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="8" name="prompt" placeholder="Enter a model prompt:"></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_ai_model" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

90
admin/modals/ai/ai_model_edit.php
View File

@@ -1,90 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$model_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM ai_models WHERE ai_model_id = $model_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$ai_model_ai_provider_id = intval($row['ai_model_ai_provider_id']);
$model_id = intval($row['ai_model_id']);
$model_name = nullable_htmlentities($row['ai_model_name']);
$use_case = nullable_htmlentities($row['ai_model_use_case']);
$prompt = nullable_htmlentities($row['ai_model_prompt']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>Editing: <strong><?php echo $model_name; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="model_id" value="<?php echo $model_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<select class="form-control select2" name="provider" required>
<option value="">- Select an AI Provider -</option>
<?php
$sql_ai_providers = mysqli_query($mysqli, "SELECT * FROM ai_providers");
while ($row = mysqli_fetch_array($sql_ai_providers)) {
$ai_provider_id = intval($row['ai_provider_id']);
$ai_provider_name = nullable_htmlentities($row['ai_provider_name']);
?>
<option <?php if ($ai_provider_id = $ai_model_ai_provider_id) { echo "selected"; } ?> value="<?php echo $ai_provider_id; ?>"><?php echo $ai_provider_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Model Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="model" value="<?php echo $model_name; ?>" placeholder="ex gpt-4">
</div>
</div>
<div class="form-group">
<label>Use Case <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-th-list"></i></span>
</div>
<select class="form-control select2" name="use_case">
<option <?php if ($use_case == 'General') { echo "selected"; } ?>>General</option>
<option <?php if ($use_case == 'Tickets') { echo "selected"; } ?>>Tickets</option>
<option <?php if ($use_case == 'Documentation') { echo "selected"; } ?>>Documentation</option>
</select>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="8" name="prompt" placeholder="Enter a model prompt:"><?php echo $prompt; ?></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_ai_model" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

54
admin/modals/ai/ai_provider_add.php
View File

@@ -1,54 +0,0 @@
<div class="form-group">
<div class="modal" id="addAIProviderModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>New AI Provider</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="provider" placeholder="ex OpenAI">
</div>
</div>
<div class="form-group">
<label>URL <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="url" class="form-control" name="url" placeholder="ex https://ai.company.ext/api">
</div>
</div>
<div class="form-group">
<label>API Key</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="api_key" placeholder="Enter API key here">
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_ai_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

69
admin/modals/ai/ai_provider_edit.php
View File

@@ -1,69 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$provider_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM ai_providers WHERE ai_provider_id = $provider_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$provider_name = nullable_htmlentities($row['ai_provider_name']);
$url = nullable_htmlentities($row['ai_provider_api_url']);
$key = nullable_htmlentities($row['ai_provider_api_key']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-robot mr-2"></i>Editing: <strong><?php echo $provider_name; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="provider_id" value="<?php echo $provider_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Provider Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="provider" value="<?php echo $provider_name; ?>" placeholder="ex OpenAI">
</div>
</div>
<div class="form-group">
<label>URL <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="url" class="form-control" name="url" value="<?php echo $url; ?>" placeholder="ex https://ai.company.ext/api">
</div>
</div>
<div class="form-group">
<label>API Key</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="api_key" value="<?php echo $key; ?>" placeholder="Enter API key here">
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_ai_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

48
admin/modals/category/category_add.php
View File

@@ -1,48 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$category = nullable_htmlentities($_GET['category']);
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-list-ul mr-2"></i>New <strong><?= nullable_htmlentities($category) ?></strong> Category</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo ($category); ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list-ul"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Category name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<label>Color <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-paint-brush"></i></span>
</div>
<input type="color" class="form-control col-3" name="color" required>
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

47
admin/modals/document_template/document_template_edit.php
View File

@@ -1,47 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$document_template_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$document_template_name = nullable_htmlentities($row['document_template_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_template_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_template_id" value="<?php echo $document_template_id; ?>">
<div class="modal-body">
<div class="form-group">
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_template_name; ?>" placeholder="Name" required>
</div>
<div class="form-group">
<textarea class="form-control tinymce" name="content"><?php echo $document_template_content; ?></textarea>
</div>
<div class="form-group">
<input type="text" class="form-control" name="description" value="<?php echo $document_template_description; ?>" placeholder="Short summary">
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_document_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

37
admin/modals/payment_method/payment_method_add.php
View File

@@ -1,37 +0,0 @@
<div class="modal" id="addPaymentMethodModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Creating: <strong>Payment Method</strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Payment method name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="3" name="description" placeholder="Enter a description..."></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_payment_method" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

51
admin/modals/payment_method/payment_method_edit.php
View File

@@ -1,51 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$payment_method_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM payment_methods WHERE payment_method_id = $payment_method_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$payment_method_id = intval($row['payment_method_id']);
$payment_method_name = nullable_htmlentities($row['payment_method_name']);
$payment_method_description = nullable_htmlentities($row['payment_method_description']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Editing: <strong><?php echo $payment_method_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
</div>
<input type="text" class="form-control" name="name" value="<?php echo $payment_method_name; ?>" placeholder="Payment method name" maxlength="200" required autofocus>
</div>
</div>
<div class="form-group">
<textarea class="form-control" rows="3" name="description" placeholder="Enter a description..."><?php echo $payment_method_description; ?></textarea>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_payment_method" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

103
admin/modals/payment_provider/payment_provider_add.php
View File

@@ -1,103 +0,0 @@
<div class="form-group">
<div class="modal" id="addPaymentProviderModal" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Add Payment Provider</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body">
<div class="alert alert-info">
An income account named after the provider will always be created and used for income of paid invoices.<br>
If "Enable Expense" option is enabled, a matching vendor will also be automatically created for expense tracking. Additionally, an expense category named "Payment Processing" will be created.
</div>
<div class="form-group">
<label>Provider <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
</div>
<select class="form-control select2" name="provider">
<option>Stripe</option>
</select>
</div>
</div>
<div class="form-group">
<label>Publishable key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)">
</div>
</div>
<div class="form-group">
<label>Secret key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)">
</div>
</div>
<div class="form-group">
<label>Threshold</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="threshold" placeholder="1000.00">
</div>
<small class="form-text text-muted">Will not show as an option at Checkout if above this number</small>
</div>
<hr>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="enable_expense" checked value="1" id="enableExpenseSwitch">
<label class="custom-control-label" for="enableExpenseSwitch">Enable Expense</label>
</div>
</div>
<div class="form-group">
<label>Percentage Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" placeholder="Enter Percentage">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
<div class="form-group">
<label>Flat Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" placeholder="0.030">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_payment_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Add</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
</div>
</div>
</div>

107
admin/modals/payment_provider/payment_provider_edit.php
View File

@@ -1,107 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$provider_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM payment_providers WHERE payment_provider_id = $provider_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$provider_name = nullable_htmlentities($row['payment_provider_name']);
$public_key = nullable_htmlentities($row['payment_provider_public_key']);
$private_key = nullable_htmlentities($row['payment_provider_private_key']);
$account_id = nullable_htmlentities($row['payment_provider_account']);
$threshold = floatval($row['payment_provider_threshold']);
$vendor_id = nullable_htmlentities($row['payment_provider_expense_vendor']);
$category_id = nullable_htmlentities($row['payment_provider_expense_category']);
$percent_fee = floatval($row['payment_provider_expense_percentage_fee']) * 100;
$flat_fee = floatval($row['payment_provider_expense_flat_fee']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Editing: <strong><?php echo $provider_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="provider_id" value="<?php echo $provider_id; ?>">
<div class="modal-body">
<div class="form-group">
<label>Publishable key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)" value="<?php echo $public_key; ?>">
</div>
</div>
<div class="form-group">
<label>Secret key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)" value="<?php echo $private_key; ?>">
</div>
</div>
<div class="form-group">
<label>Threshold</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="Threshold" placeholder="1000.00" value="<?php echo $threshold; ?>">
</div>
<small class="form-text text-muted">Will not show as an option at Checkout if above this number</small>
</div>
<hr>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="enable_expense" <?php if ($vendor_id) { echo "checked"; } ?> value="1" id="enableEditExpenseSwitch">
<label class="custom-control-label" for="enableEditExpenseSwitch">Enable Expense</label>
</div>
<small>(Category: Payment Processing -- Vendor: <?php echo $provider_name; ?></small>
</div>
<div class="form-group">
<label>Percentage Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" value="<?php echo $percent_fee; ?>" placeholder="Enter Percentage">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
<div class="form-group">
<label>Flat Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" value="<?php echo $flat_fee; ?>" placeholder="0.030">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_payment_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

94
admin/modals/tag/tag_add.php
View File

@@ -1,94 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$type_display = '';
if (isset($_GET['type'])) {
$type = intval($_GET['type']);
if ($type === 1) {
$type_display = "Client";
} elseif($type === 2) {
$type_display = "Location";
} elseif ($type === 3) {
$type_display = "Contact";
} elseif ($type === 4) {
$type_display = "Credential";
}
}
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-tag mr-2"></i>New <strong><?= $type_display ?></strong> Tag</h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="type" value="<?php echo $type; ?>">
<div class="modal-body">
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Tag name" maxlength="200" required autofocus>
</div>
</div>
<?php if (isset($_GET['type'])) { ?>
<input type="hidden" name="type" value="<?= $type ?>">
<?php } else { ?>
<div class="form-group">
<label>Type <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-th"></i></span>
</div>
<select class="form-control select2" name="type" required>
<option value="">- Type -</option>
<option value="1">Client Tag</option>
<option value="2">Location Tag</option>
<option value="3">Contact Tag</option>
<option value="4">Credential Tag</option>
</select>
</div>
</div>
<?php } ?>
<div class="form-group">
<label>Color <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-paint-brush"></i></span>
</div>
<input type="color" class="form-control col-3" name="color" required>
</div>
</div>
<div class="form-group">
<label>Icon</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-image"></i></span>
</div>
<input type="text" class="form-control" name="icon" placeholder="Icon ex handshake">
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="add_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once '../../../includes/modal_footer.php';

204
admin/modals/user/user_edit.php
View File

@@ -1,204 +0,0 @@
<?php
require_once '../../../includes/modal_header.php';
$user_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM users
LEFT JOIN user_settings ON users.user_id = user_settings.user_id
WHERE users.user_id = $user_id LIMIT 1"
);
$row = mysqli_fetch_array($sql);
$user_name = nullable_htmlentities($row['user_name']);
$user_email = nullable_htmlentities($row['user_email']);
$user_avatar = nullable_htmlentities($row['user_avatar']);
$user_token = nullable_htmlentities($row['user_token']);
$user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_role_id = intval($row['user_role_id']);
$user_initials = nullable_htmlentities(initials($user_name));
// Get User Client Access Permissions
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_client_permissions WHERE user_id = $user_id");
$client_access_array = [];
while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
$client_access_array[] = intval($row['client_id']);
}
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header bg-dark">
<h5 class="modal-title"><i class="fas fa-fw fa-user-edit mr-2"></i>Editing user:
<strong><?php echo $user_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
<div class="modal-body">
<ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-user-details<?php echo $user_id; ?>">Details</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-user-access<?php echo $user_id; ?>">Restrict Access</a>
</li>
</ul>
<hr>
<div class="tab-content">
<div class="tab-pane fade show active" id="pills-user-details<?php echo $user_id; ?>">
<center class="mb-3">
<?php if (!empty($user_avatar)) { ?>
<img class="img-fluid" src="<?php echo "uploads/users/$user_id/$user_avatar"; ?>">
<?php } else { ?>
<span class="fa-stack fa-4x">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $user_initials; ?></span>
</span>
<?php } ?>
</center>
<div class="form-group">
<label>Name <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div>
<input type="text" class="form-control" name="name" placeholder="Full Name" maxlength="200"
value="<?php echo $user_name; ?>" required>
</div>
</div>
<div class="form-group">
<label>Email <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
</div>
<input type="email" class="form-control" name="email" placeholder="Email Address" maxlength="200"
value="<?php echo $user_email; ?>" required>
</div>
</div>
<div class="form-group">
<label>New Password</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div>
<input type="password" class="form-control" data-toggle="password" name="new_password"
placeholder="Leave Blank For No Password Change" autocomplete="new-password">
<div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
</div>
</div>
<div class="form-group">
<label>Role <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
</div>
<select class="form-control select2" name="role" required>
<?php
$sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_archived_at IS NULL");
while ($row = mysqli_fetch_array($sql_user_roles)) {
$role_id = intval($row['role_id']);
$role_name = nullable_htmlentities($row['role_name']);
?>
<option <?php if ($role_id == $user_role_id) {echo "selected";} ?> value="<?php echo $role_id; ?>"><?php echo $role_name; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Avatar</label>
<input type="file" class="form-control-file" accept="image/*" name="file">
</div>
<div class="form-group">
<div class="custom-control custom-checkbox">
<input class="custom-control-input" type="checkbox" id="forceMFACheckBox<?php echo $user_id; ?>" name="force_mfa" value="1" <?php if($user_config_force_mfa == 1){ echo "checked"; } ?>>
<label for="forceMFACheckBox<?php echo $user_id; ?>" class="custom-control-label">
Force MFA
</label>
</div>
</div>
<?php if (!empty($user_token)) { ?>
<div class="form-group">
<label>2FA</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-id-card"></i></span>
</div>
<select class="form-control" name="2fa">
<option value="">Keep enabled</option>
<option value="disable">Disable</option>
</select>
</div>
</div>
<?php } ?>
</div>
<div class="tab-pane fade" id="pills-user-access<?php echo $user_id; ?>">
<div class="alert alert-info">
Check boxes to authorize user client access. No boxes grant full client access. Admin users are unaffected.
</div>
<ul class="list-group">
<li class="list-group-item bg-dark">
<div class="form-check">
<input type="checkbox" class="form-check-input" onclick="this.closest('.tab-pane').querySelectorAll('.client-checkbox').forEach(checkbox => checkbox.checked = this.checked);">
<label class="form-check-label ml-3"><strong>Restrict Access to Clients</strong></label>
</div>
</li>
<?php
$sql_client_select = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
while ($row = mysqli_fetch_array($sql_client_select)) {
$client_id_select = intval($row['client_id']);
$client_name_select = nullable_htmlentities($row['client_name']);
?>
<li class="list-group-item">
<div class="form-check">
<input type="checkbox" class="form-check-input client-checkbox" name="clients[]" value="<?php echo $client_id_select; ?>" <?php if (in_array($client_id_select, $client_access_array)) { echo "checked"; } ?>>
<label class="form-check-label ml-2"><?php echo $client_name_select; ?></label>
</div>
</li>
<?php } ?>
</ul>
</div>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="edit_user" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../../../includes/modal_footer_new.php";

102
admin/payment_method.php
View File

@@ -1,102 +0,0 @@
<?php
// Default Column Sortby Filter
$sort = "payment_method_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM payment_methods ORDER BY $sort $order");
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-credit-card mr-2"></i>Payment Methods</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addPaymentMethodModal"><i class="fas fa-plus mr-2"></i>Add Payment Method</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_method_name&order=<?php echo $disp; ?>">
Method <?php if ($sort == 'payment_method_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_method_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'payment_method_description') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_method_created_at&order=<?php echo $disp; ?>">
Created at <?php if ($sort == 'payment_method_created_at') { echo $order_icon; } ?>
</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$payment_method_id = intval($row['payment_method_id']);
$payment_method_name = nullable_htmlentities($row['payment_method_name']);
$payment_method_description = nullable_htmlentities($row['payment_method_description']);
$payment_method_created_at = nullable_htmlentities($row['payment_method_created_at']);
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/payment_method/payment_method_edit.php?id=<?= $payment_method_id ?>">
<?php echo $payment_method_name; ?>
</a>
</td>
<td><?php echo $payment_method_description; ?></td>
<td><?php echo $payment_method_created_at; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/payment_method/payment_method_edit.php?id=<?= $payment_method_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_payment_method=<?php echo $payment_method_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/payment_method/payment_method_add.php";
require_once "../includes/footer.php";

136
admin/payment_provider.php
View File

@@ -1,136 +0,0 @@
<?php
// Default Column Sortby Filter
$sort = "payment_provider_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "SELECT * FROM payment_providers
LEFT JOIN accounts ON payment_provider_account = account_id
LEFT JOIN vendors ON payment_provider_expense_vendor = vendor_id
LEFT JOIN categories ON payment_provider_expense_category = category_id
ORDER BY $sort $order"
);
$num_rows = mysqli_num_rows($sql);
?>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-credit-card mr-2"></i>Payment Providers</h3>
<div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addPaymentProviderModal"><i class="fas fa-plus mr-2"></i>Add Provider</button>
</div>
</div>
<div class="card-body">
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'payment_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=account_name&order=<?php echo $disp; ?>">
Expense / Income Account <?php if ($sort == 'account_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_provider_threshold&order=<?php echo $disp; ?>">
Threshold <?php if ($sort == 'payment_provider_threshold') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">
Expense Vendor <?php if ($sort == 'vendor_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=category_name&order=<?php echo $disp; ?>">
Expense Category <?php if ($sort == 'category_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark">Fee</a>
</th>
<th>
<a class="text-dark">Saved Payment Methods</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$provider_id = intval($row['payment_provider_id']);
$provider_name = nullable_htmlentities($row['payment_provider_name']);
$provider_description = nullable_htmlentities($row['payment_provider_description']);
$account_name = nullable_htmlentities($row['account_name']);
$threshold = floatval($row['payment_provider_threshold']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
$category = nullable_htmlentities($row['category_name']);
$percent_fee = floatval($row['payment_provider_expense_percentage_fee']) * 100;
$flat_fee = floatval($row['payment_provider_expense_flat_fee']);
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('saved_payment_id') AS saved_payment_count FROM client_saved_payment_methods WHERE saved_payment_provider_id = $provider_id"));
$saved_payment_count = intval($row['saved_payment_count']);
?>
<tr>
<td>
<a class="text-dark text-bold ajax-modal" href="#"
data-modal-url="modals/payment_provider/payment_provider_edit.php?id=<?= $provider_id ?>">
<?php echo $provider_name; ?>
</a>
<span class="text-secondary"><?php echo $provider_description; ?></span>
</td>
<td><?php echo $account_name; ?></td>
<td><?php echo numfmt_format_currency($currency_format, $threshold, $session_company_currency); ?></td>
<td><?php echo $vendor_name; ?></td>
<td><?php echo $category; ?></td>
<td><?php echo $percent_fee; ?> + <?php echo numfmt_format_currency($currency_format, $flat_fee, $session_company_currency); ?></td>
<td><?php echo $saved_payment_count; ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/payment_provider/payment_provider_edit.php?id=<?= $provider_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?disable_payment_provicer=<?php echo $provider_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-thumbs-down mr-2"></i>Disable
</a>
</div>
</div>
</td>
</tr>
<?php
}
if ($num_rows == 0) {
echo "<h3 class='text-secondary mt-3' style='text-align: center'>No Records Here</h3>";
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php
require_once "modals/payment_provider/payment_provider_add.php";
require_once "../includes/footer.php";

65
admin/post/ai_model.php
View File

@@ -1,65 +0,0 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Models ('ai_model')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_ai_model'])) {
validateCSRFToken($_POST['csrf_token']);
$provider_id = intval($_POST['provider']);
$model = sanitizeInput($_POST['model']);
$prompt = sanitizeInput($_POST['prompt']);
$use_case = sanitizeInput($_POST['use_case']);
mysqli_query($mysqli,"INSERT INTO ai_models SET ai_model_name = '$model', ai_model_prompt = '$prompt', ai_model_use_case = '$use_case', ai_model_ai_provider_id = $provider_id");
$ai_model_id = mysqli_insert_id($mysqli);
logAction("AI Model", "Create", "$session_name created AI Model $model");
flash_alert("AI Model <strong>$model</strong> created");
redirect();
}
if (isset($_POST['edit_ai_model'])) {
validateCSRFToken($_POST['csrf_token']);
$model_id = intval($_POST['model_id']);
$model = sanitizeInput($_POST['model']);
$prompt = sanitizeInput($_POST['prompt']);
$use_case = sanitizeInput($_POST['use_case']);
mysqli_query($mysqli,"UPDATE ai_models SET ai_model_name = '$model', ai_model_prompt = '$prompt', ai_model_use_case = '$use_case' WHERE ai_model_id = $model_id");
logAction("AI Model", "Edit", "$session_name edited AI Model $model");
flash_alert("AI Model <strong>$model</strong> edited");
redirect();
}
if (isset($_GET['delete_ai_model'])) {
validateCSRFToken($_GET['csrf_token']);
$model_id = intval($_GET['delete_ai_model']);
$model_name = sanitizeInput(getFieldById('ai_models', $model_id, 'ai_model_name'));
mysqli_query($mysqli,"DELETE FROM ai_models WHERE ai_model_id = $model_id");
logAction("AI Model", "Delete", "$session_name deleted AI Model $model_name");
flash_alert("AI Model <strong>$model_name</strong> deleted", 'error');
redirect();
}

65
admin/post/ai_provider.php
View File

@@ -1,65 +0,0 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Providers ('ai_provider')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_ai_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider = sanitizeInput($_POST['provider']);
$url = sanitizeInput($_POST['url']);
$model = sanitizeInput($_POST['model']);
$api_key = sanitizeInput($_POST['api_key']);
mysqli_query($mysqli,"INSERT INTO ai_providers SET ai_provider_name = '$provider', ai_provider_api_url = '$url', ai_provider_api_key = '$api_key'");
$ai_provider_id = mysqli_insert_id($mysqli);
logAction("AI Provider", "Create", "$session_name created AI Provider $provider");
flash_alert("AI Model <strong>$provider</strong> created");
redirect();
}
if (isset($_POST['edit_ai_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider_id = intval($_POST['provider_id']);
$provider = sanitizeInput($_POST['provider']);
$url = sanitizeInput($_POST['url']);
$api_key = sanitizeInput($_POST['api_key']);
mysqli_query($mysqli,"UPDATE ai_providers SET ai_provider_name = '$provider', ai_provider_api_url = '$url', ai_provider_api_key = '$api_key' WHERE ai_provider_id = $provider_id");
logAction("AI Provider", "Edit", "$session_name edited AI Provider $provider");
flash_alert("AI Model <strong>$provider</strong> edited");
redirect();
}
if (isset($_GET['delete_ai_provider'])) {
validateCSRFToken($_GET['csrf_token']);
$provider_id = intval($_GET['delete_ai_provider']);
$provider_name = sanitizeInput(getFieldById('ai_providers', $provider_id, 'ai_provider_name'));
mysqli_query($mysqli,"DELETE FROM ai_providers WHERE ai_provider_id = $provider_id");
logAction("AI Provider", "Delete", "$session_name deleted AI Provider $provider_name", 'error');
flash_alert("AI Provider <strong>$provider_name</strong> deleted", 'error');
redirect();
}

213
admin/post/backup.php
View File

@@ -1,213 +0,0 @@
<?php
/*
* ITFlow - GET/POST request handler for DB / master key backup
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
require_once "../includes/app_version.php";
if (isset($_GET['download_backup'])) {
validateCSRFToken($_GET['csrf_token']);
$timestamp = date('YmdHis');
$baseName = "itflow_$timestamp";
// === 0. Scoped cleanup ===
$cleanupFiles = [];
$registerTempFileForCleanup = function ($file) use (&$cleanupFiles) {
$cleanupFiles[] = $file;
};
register_shutdown_function(function () use (&$cleanupFiles) {
foreach ($cleanupFiles as $file) {
if (is_file($file)) {
@unlink($file);
}
}
});
// === 1. Local helper function: zipFolder
$zipFolder = function ($folderPath, $zipFilePath) {
$zip = new ZipArchive();
if ($zip->open($zipFilePath, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== TRUE) {
error_log("Failed to open zip file: $zipFilePath");
http_response_code(500);
exit("Internal Server Error: Cannot open zip archive.");
}
$folderPath = realpath($folderPath);
if (!$folderPath) {
error_log("Invalid folder path: $folderPath");
http_response_code(500);
exit("Internal Server Error: Invalid folder path.");
}
$files = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($folderPath),
RecursiveIteratorIterator::LEAVES_ONLY
);
foreach ($files as $file) {
if (!$file->isDir()) {
$filePath = $file->getRealPath();
$relativePath = substr($filePath, strlen($folderPath) + 1);
$zip->addFile($filePath, $relativePath);
}
}
$zip->close();
};
// === 2. Create all temp files
$sqlFile = tempnam(sys_get_temp_dir(), $baseName . "_sql_");
$uploadsZip = tempnam(sys_get_temp_dir(), $baseName . "_uploads_");
$versionFile = tempnam(sys_get_temp_dir(), $baseName . "_version_");
$finalZip = tempnam(sys_get_temp_dir(), $baseName . "_backup_");
foreach ([$sqlFile, $uploadsZip, $versionFile, $finalZip] as $f) {
$registerTempFileForCleanup($f);
chmod($f, 0600);
}
// === 3. Generate SQL Dump
$sqlContent = "-- UTF-8 + Foreign Key Safe Dump\n";
$sqlContent .= "SET NAMES 'utf8mb4';\n";
$sqlContent .= "SET foreign_key_checks = 0;\n\n";
$tables = [];
$res = $mysqli->query("SHOW TABLES");
if (!$res) {
error_log("MySQL Error: " . $mysqli->error);
exit("Error retrieving tables.");
}
while ($row = $res->fetch_row()) {
$tables[] = $row[0];
}
foreach ($tables as $table) {
$createRes = $mysqli->query("SHOW CREATE TABLE `$table`");
if (!$createRes) {
error_log("MySQL Error: " . $mysqli->error);
continue;
}
$createRow = $createRes->fetch_assoc();
$createSQL = array_values($createRow)[1];
$sqlContent .= "\n-- ----------------------------\n";
$sqlContent .= "-- Table structure for `$table`\n";
$sqlContent .= "-- ----------------------------\n";
$sqlContent .= "DROP TABLE IF EXISTS `$table`;\n";
$sqlContent .= $createSQL . ";\n\n";
$dataRes = $mysqli->query("SELECT * FROM `$table`");
if ($dataRes && $dataRes->num_rows > 0) {
$sqlContent .= "-- Dumping data for table `$table`\n";
while ($row = $dataRes->fetch_assoc()) {
$columns = array_map(fn($col) => '`' . $mysqli->real_escape_string($col) . '`', array_keys($row));
$values = array_map(function ($val) use ($mysqli) {
return is_null($val) ? "NULL" : "'" . $mysqli->real_escape_string($val) . "'";
}, array_values($row));
$sqlContent .= "INSERT INTO `$table` (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $values) . ");\n";
}
$sqlContent .= "\n";
}
}
$sqlContent .= "SET foreign_key_checks = 1;\n";
file_put_contents($sqlFile, $sqlContent);
// === 4. Zip the uploads folder
$zipFolder("../uploads", $uploadsZip);
// === 5. Create version.txt
$commitHash = trim(shell_exec('git log -1 --format=%H')) ?: 'N/A';
$gitBranch = trim(shell_exec('git rev-parse --abbrev-ref HEAD')) ?: 'N/A';
$versionContent = "ITFlow Backup Metadata\n";
$versionContent .= "-----------------------------\n";
$versionContent .= "Generated: " . date('Y-m-d H:i:s') . "\n";
$versionContent .= "Backup File: " . basename($finalZip) . "\n";
$versionContent .= "Generated By: $session_name\n";
$versionContent .= "Host: " . gethostname() . "\n";
$versionContent .= "Git Branch: $gitBranch\n";
$versionContent .= "Git Commit: $commitHash\n";
$versionContent .= "ITFlow Version: " . (defined('APP_VERSION') ? APP_VERSION : 'Unknown') . "\n";
$versionContent .= "Database Version: " . (defined('CURRENT_DATABASE_VERSION') ? CURRENT_DATABASE_VERSION : 'Unknown') . "\n";
$versionContent .= "Checksum (SHA256): \n";
file_put_contents($versionFile, $versionContent);
// === 6. Build final ZIP
$final = new ZipArchive();
if ($final->open($finalZip, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== TRUE) {
error_log("Failed to create final zip: $finalZip");
http_response_code(500);
exit("Internal Server Error: Unable to create backup archive.");
}
$final->addFile($sqlFile, "db.sql");
$final->addFile($uploadsZip, "uploads.zip");
$final->addFile($versionFile, "version.txt");
$final->close();
chmod($finalZip, 0600);
$checksum = hash_file('sha256', $finalZip);
file_put_contents($versionFile, $versionContent . "$checksum\n");
// === 7. Serve final ZIP
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename="' . basename($finalZip) . '"');
header('Content-Length: ' . filesize($finalZip));
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Content-Transfer-Encoding: binary');
flush();
$fp = fopen($finalZip, 'rb');
fpassthru($fp);
fclose($fp);
logAction("System", "Backup Download", "$session_name downloaded full backup.");
flash_alert("Full backup downloaded.");
exit;
}
if (isset($_POST['backup_master_key'])) {
validateCSRFToken($_POST['csrf_token']);
$password = $_POST['password'];
$sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id");
$row = mysqli_fetch_array($sql);
if (password_verify($password, $row['user_password'])) {
$site_encryption_master_key = decryptUserSpecificKey($row['user_specific_encryption_ciphertext'], $password);
logAction("Master Key", "Download", "$session_name retrieved the master encryption key");
appNotify("Master Key", "$session_name retrieved the master encryption key");
echo "==============================";
echo "<br>Master encryption key:<br>";
echo "<b>$site_encryption_master_key</b>";
echo "<br>==============================";
} else {
logAction("Master Key", "Download", "$session_name attempted to retrieve the master encryption key but failed");
flash_alert("Incorrect password.", 'error');
redirect();
}
}

57
admin/post/document_template.php
View File

@@ -1,57 +0,0 @@
<?php
// Doc Templates
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_document_template'])) {
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
mysqli_query($mysqli,"INSERT INTO document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$content', document_template_created_by = $session_user_id");
$document_template_id = mysqli_insert_id($mysqli);
logAction("Document Template", "Create", "$session_name created document template $name", 0, $document_template_id);
flash_alert("Document template <strong>$name</strong> created");
redirect();
}
if (isset($_POST['edit_document_template'])) {
$document_template_id = intval($_POST['document_template_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$content = mysqli_real_escape_string($mysqli,$_POST['content']);
// Document edit query
mysqli_query($mysqli,"UPDATE document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$content', document_template_updated_by = $session_user_id WHERE document_template_id = $document_template_id");
logAction("Document Template", "Edit", "$session_name edited document template $name", 0, $document_template_id);
flash_alert("Document Template <strong>$name</strong> edited");
redirect();
}
if (isset($_GET['delete_document_template'])) {
$document_template_id = intval($_GET['delete_document_template']);
$document_template_name = sanitizeInput(getFieldById('document_templates', $document_template_id, 'document_template_name'));
mysqli_query($mysqli,"DELETE FROM document_templates WHERE document_template_id = $document_template_id");
logAction("Document Template", "Delete", "$session_name deleted document template $document_template_name");
flash_alert("Document Template <strong>$document_template_name</strong> deleted", 'error');
redirect();
}

58
admin/post/payment_method.php
View File

@@ -1,58 +0,0 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Providers ('ai_providers')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_payment_method'])) {
validateCSRFToken($_POST['csrf_token']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
mysqli_query($mysqli,"INSERT INTO payment_methods SET payment_method_name = '$name', payment_method_description = '$description'");
logAction("Payment Method", "Create", "$session_name created Payment Method $name");
flash_alert("Payment Method <strong>$name</strong> created");
redirect();
}
if (isset($_POST['edit_payment_method'])) {
validateCSRFToken($_POST['csrf_token']);
$payment_method_id = intval($_POST['payment_method_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
mysqli_query($mysqli,"UPDATE payment_methods SET payment_method_name = '$name', payment_method_description = '$description' WHERE payment_method_id = $payment_method_id");
logAction("Payment Method", "Edit", "$session_name edited Payment Method $name");
flash_alert("Payment Method <strong>$name</strong> edited");
redirect();
}
if (isset($_GET['delete_payment_method'])) {
$payment_method_id = intval($_GET['delete_payment_method']);
$payment_method_name = sanitizeInput(getFieldById('payment_methods', $payment_method_is, 'payment_method_name'));
mysqli_query($mysqli,"DELETE FROM payment_methods WHERE payment_method_id = $payment_method_id");
logAction("Payment Method", "Delete", "$session_name deleted Payment Method $payment_method_name");
flash_alert("Payment Method <strong>$payment_method_name</strong> deleted", 'error');
redirect();
}

108
admin/post/payment_provider.php
View File

@@ -1,108 +0,0 @@
<?php
/*
* ITFlow - GET/POST request handler for AI Providers ('ai_providers')
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_payment_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider = sanitizeInput($_POST['provider']);
$public_key = sanitizeInput($_POST['public_key']);
$private_key = sanitizeInput($_POST['private_key']);
$threshold = floatval($_POST['threshold']);
$enable_expense = intval($_POST['enable_expense'] ?? 0);
$percentage_fee = floatval($_POST['percentage_fee']) / 100;
$flat_fee = floatval($_POST['flat_fee']);
// Check to make sure Provider isnt added Twice
$sql = "SELECT 1 FROM payment_providers WHERE payment_provider_name = '$provider' LIMIT 1";
$result = mysqli_query($mysqli, $sql);
if (mysqli_num_rows($result) > 0) {
flash_alert("Payment Provider <strong>$provider</strong> already exists", 'error');
redirect();
}
// Check for Stripe Account if not create it
$sql_account = mysqli_query($mysqli,"SELECT account_id FROM accounts WHERE account_name = '$provider' AND account_archived_at IS NULL LIMIT 1");
if (mysqli_num_rows($sql_account) == 0) {
$account_id = mysqli_insert_id($mysqli);
} else {
$row = mysqli_fetch_array($sql_account);
$account_id = intval($row['account_id']);
}
if ($enable_expense) {
// Category
$sql_category = mysqli_query($mysqli,"SELECT category_id FROM categories WHERE category_name = 'Payment Processing' AND category_type = 'Expense' AND category_archived_at IS NULL LIMIT 1");
if (mysqli_num_rows($sql_category) == 0) {
mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Processing Fee', category_type = 'Payment Processing', category_color = 'gray'");
$category_id = mysqli_insert_id($mysqli);
} else {
$row = mysqli_fetch_array($sql_category);
$category_id = intval($row['category_id']);
}
//Vendor
$sql_vendor = mysqli_query($mysqli,"SELECT vendor_id FROM vendors WHERE vendor_name = '$provider' AND vendor_client_id = 0 AND vendor_archived_at IS NULL LIMIT 1");
if (mysqli_num_rows($sql_vendor) == 0) {
mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$provider', vendor_descripion = 'Payment Processor Provider', vendor_client_id = 0");
$vendor_id = mysqli_insert_id($mysqli);
} else {
$row = mysqli_fetch_array($sql_vendor);
$vendor_id = intval($row['vendor_id']);
}
}
mysqli_query($mysqli,"INSERT INTO payment_providers SET payment_provider_name = '$provider', payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_account = $account_id, payment_provider_expense_vendor = $vendor_id, payment_provider_expense_category = $category_id, payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee");
$provider_id = mysqli_insert_id($mysqli);
logAction("Payment Provider", "Create", "$session_name created AI Provider $provider");
flash_alert("Payment provider <strong>$provider</strong> created");
redirect();
}
if (isset($_POST['edit_payment_provider'])) {
validateCSRFToken($_POST['csrf_token']);
$provider_id = intval($_POST['provider_id']);
$description = sanitizeInput($_POST['description']);
$public_key = sanitizeInput($_POST['public_key']);
$private_key = sanitizeInput($_POST['private_key']);
$threshold = floatval($_POST['threshold']);
$enable_expense = intval($_POST['enable_expense'] ?? 0);
$percentage_fee = floatval($_POST['percentage_fee']) / 100;
$flat_fee = floatval($_POST['flat_fee']);
mysqli_query($mysqli,"UPDATE payment_providers SET payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee WHERE payment_provider_id = $provider_id");
logAction("Payment Provider", "Edit", "$session_name edited Payment Provider $provider");
flash_alert("Payment Provider <strong>$provider</strong> edited");
redirect();
}
if (isset($_GET['delete_payment_provider'])) {
$provider_id = intval($_GET['delete_payment_provider']);
$provider_name = sanitizeInput(getFieldById('provider_providers', $provider_id, 'provider_name'));
mysqli_query($mysqli,"DELETE FROM payment_providers WHERE payment_provider_id = $provider_id");
logAction("Payment Provider", "Delete", "$session_name deleted Payment Provider $provider_name");
flash_alert("Payment Provider <strong>$provider_name</strong> deleted", 'error');
redirect();
}

70
admin/post/saved_payment_method.php
View File

@@ -1,70 +0,0 @@
<?php
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_GET['delete_saved_payment'])) {
validateCSRFToken($_GET['csrf_token']);
$saved_payment_id = intval($_GET['delete_saved_payment']);
$sql = mysqli_query($mysqli, "
SELECT
client_saved_payment_methods.saved_payment_id,
client_saved_payment_methods.saved_payment_client_id,
client_saved_payment_methods.saved_payment_provider_id,
client_saved_payment_methods.saved_payment_provider_method,
client_saved_payment_methods.saved_payment_description,
client_payment_provider.payment_provider_client,
payment_providers.payment_provider_name,
payment_providers.payment_provider_private_key
FROM client_saved_payment_methods
LEFT JOIN client_payment_provider
ON client_payment_provider.client_id = client_saved_payment_methods.saved_payment_client_id
AND client_payment_provider.payment_provider_id = client_saved_payment_methods.saved_payment_provider_id
LEFT JOIN payment_providers
ON payment_providers.payment_provider_id = client_saved_payment_methods.saved_payment_provider_id
WHERE client_saved_payment_methods.saved_payment_id = $saved_payment_id"
);
$row = mysqli_fetch_array($sql);
$client_id = intval($row['saved_payment_client_id']);
$provider_id = intval($row['saved_payment_provider_id']);
$payment_provider_name = nullable_htmlentities($row['payment_provider_name']);
$saved_payment_description = nullable_htmlentities($row['saved_payment_description']);
$provider_client = nullable_htmlentities($row['payment_provider_client']);
$payment_method = $row['saved_payment_provider_method'];
$private_key = $row['payment_provider_private_key'];
// Seperate logic for each Payment Provider
if ($payment_provider_name == 'Stripe') {
try {
// Initialize stripe
require_once 'plugins/stripe-php/init.php';
$stripe = new \Stripe\StripeClient($private_key);
// Detach PM
$stripe->paymentMethods->detach($payment_method, []);
} catch (Exception $e) {
$error = $e->getMessage();
error_log("Stripe payment error - encountered exception when removing payment method info for $payment_method: $error");
logApp("Stripe", "error", "Exception removing payment method for $payment_method: $error");
}
}
// Remove payment method from ITFlow
mysqli_query($mysqli, "DELETE FROM client_saved_payment_methods WHERE saved_payment_id = $saved_payment_id");
// SQL Cascade delete will Remove All Associated Auto Payment Methods on recurring invoices in the recurring payments table.
logAction("Payment Provider", "Update", "$session_name deleted saved payment method $saved_payment_description (PM: $payment_method)", $client_id);
flash_alert("Payment method <strong>$saved_payment_description</strong> removed", 'error');
redirect();
}

65
admin/post/software_template.php
View File

@@ -1,65 +0,0 @@
<?php
// Software/License Templates
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_POST['add_software_template'])) {
$name = sanitizeInput($_POST['name']);
$version = sanitizeInput($_POST['version']);
$description = sanitizeInput($_POST['description']);
$type = sanitizeInput($_POST['type']);
$license_type = sanitizeInput($_POST['license_type']);
$notes = sanitizeInput($_POST['notes']);
mysqli_query($mysqli,"INSERT INTO software_templates SET software_template_name = '$name', software_template_version = '$version', software_template_description = '$description', software_template_type = '$type', software_template_license_type = '$license_type', software_template_notes = '$notes'");
$software_template_id = mysqli_insert_id($mysqli);
logAction("Software Template", "Create", "$session_name created software template $name", 0, $software_template_id);
flash_alert("Software template <strong>$name</strong> created");
redirect();
}
if (isset($_POST['edit_software_template'])) {
$software_template_id = intval($_POST['software_template_id']);
$name = sanitizeInput($_POST['name']);
$version = sanitizeInput($_POST['version']);
$description = sanitizeInput($_POST['description']);
$type = sanitizeInput($_POST['type']);
$license_type = sanitizeInput($_POST['license_type']);
$notes = sanitizeInput($_POST['notes']);
mysqli_query($mysqli,"UPDATE software_templates SET software_template_name = '$name', software_template_version = '$version', software_template_description = '$description', software_template_type = '$type', software_template_license_type = '$license_type', software_template_notes = '$notes' WHERE software_template_id = $software_template_id");
logAction("Software Template", "Edit", "$session_name edited software template $name", 0, $software_template_id);
flash_alert("Software template <strong>$name</strong> edited");
redirect();
}
if (isset($_GET['delete_software_template'])) {
$software_template_id = intval($_GET['delete_software_template']);
// Get Software Template Name for logging and alert message
$sql = mysqli_query($mysqli,"SELECT software_template_name FROM software_templates WHERE software_template_id = $software_template_id");
$row = mysqli_fetch_array($sql);
$software_template_name = sanitizeInput($row['software_template_name']);
mysqli_query($mysqli,"DELETE FROM software_templates WHERE software_template_id = $software_template_id");
logAction("Software Template", "Delete", "$session_name deleted software template $software_template_name");
flash_alert("Software Template <strong>$software_template_name</strong> deleted", 'error');
redirect();
}

159
admin/post/vendor_template.php
View File

@@ -1,159 +0,0 @@
<?php
// Vendor Templates
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
// Import shared code from user-side vendor management as we reuse functions
require_once '../user/post/vendor.php';
if (isset($_POST['add_vendor_template'])) {
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$account_number = sanitizeInput($_POST['account_number']);
$contact_name = sanitizeInput($_POST['contact_name']);
$phone_country_code = preg_replace("/[^0-9]/", '', $_POST['phone_country_code']);
$phone = preg_replace("/[^0-9]/", '', $_POST['phone']);
$extension = preg_replace("/[^0-9]/", '', $_POST['extension']);
$email = sanitizeInput($_POST['email']);
$website = preg_replace("(^https?://)", "", sanitizeInput($_POST['website']));
$hours = sanitizeInput($_POST['hours']);
$sla = sanitizeInput($_POST['sla']);
$code = sanitizeInput($_POST['code']);
$notes = sanitizeInput($_POST['notes']);
mysqli_query($mysqli,"INSERT INTO vendor_templates SET vendor_template_name = '$name', vendor_template_description = '$description', vendor_template_contact_name = '$contact_name', vendor_template_phone = '$phone', vendor_template_extension = '$extension', vendor_template_email = '$email', vendor_template_website = '$website', vendor_template_hours = '$hours', vendor_template_sla = '$sla', vendor_template_code = '$code', vendor_template_account_number = '$account_number', vendor_template_notes = '$notes'");
$vendor_template_id = mysqli_insert_id($mysqli);
logAction("Vendor Template", "Create", "$session_name created vendor template $name", 0, $vendor_template_id);
flash_alert("Vendor template <strong>$name</strong> created");
redirect();
}
if (isset($_POST['edit_vendor_template'])) {
$vendor_template_id = intval($_POST['vendor_template_id']);
$name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$account_number = sanitizeInput($_POST['account_number']);
$contact_name = sanitizeInput($_POST['contact_name']);
$phone_country_code = preg_replace("/[^0-9]/", '', $_POST['phone_country_code']);
$phone = preg_replace("/[^0-9]/", '', $_POST['phone']);
$extension = preg_replace("/[^0-9]/", '', $_POST['extension']);
$email = sanitizeInput($_POST['email']);
$website = preg_replace("(^https?://)", "", sanitizeInput($_POST['website']));
$hours = sanitizeInput($_POST['hours']);
$sla = sanitizeInput($_POST['sla']);
$code = sanitizeInput($_POST['code']);
$notes = sanitizeInput($_POST['notes']);
if ($_POST['global_update_vendor_name'] == 1 ?? 0) {
$sql_global_update_vendor_name = ", vendor_name = '$name'";
} else {
$sql_global_update_vendor_name = "";
}
if ($_POST['global_update_vendor_description'] == 1) {
$sql_global_update_vendor_description = ", vendor_description = '$description'";
} else {
$sql_global_update_vendor_description = "";
}
if ($_POST['global_update_vendor_account_number'] == 1) {
$sql_global_update_vendor_account_number = ", vendor_account_number = '$account_number'";
} else {
$sql_global_update_vendor_account_number = "";
}
if ($_POST['global_update_vendor_contact_name'] == 1) {
$sql_global_update_vendor_contact_name = ", vendor_contact_name = '$contact_name'";
} else {
$sql_global_update_vendor_contact_name = "";
}
if ($_POST['global_update_vendor_phone'] == 1) {
$sql_global_update_vendor_phone = ", vendor_phone_country_code = '$phone_country_code', vendor_phone = '$phone', vendor_extension = '$extension'";
} else {
$sql_global_update_vendor_phone = "";
}
if ($_POST['global_update_vendor_hours'] == 1) {
$sql_global_update_vendor_hours = ", vendor_hours = '$hours'";
} else {
$sql_global_update_vendor_hours = "";
}
if ($_POST['global_update_vendor_email'] == 1) {
$sql_global_update_vendor_email = ", vendor_email = '$email'";
} else {
$sql_global_update_vendor_email = "";
}
if ($_POST['global_update_vendor_website'] == 1) {
$sql_global_update_vendor_website = ", vendor_website = '$website'";
} else {
$sql_global_update_vendor_website = "";
}
if ($_POST['global_update_vendor_sla'] == 1) {
$sql_global_update_vendor_sla = ", vendor_sla = '$sla'";
} else {
$sql_global_update_vendor_sla = "";
}
if ($_POST['global_update_vendor_code'] == 1) {
$sql_global_update_vendor_code = ", vendor_code = '$code'";
} else {
$sql_global_update_vendor_code = "";
}
if ($_POST['global_update_vendor_notes'] == 1) {
$sql_global_update_vendor_notes = ", vendor_notes = '$notes'";
} else {
$sql_global_update_vendor_notes = "";
}
// Update just the template
mysqli_query($mysqli,"UPDATE vendor_templates SET vendor_template_name = '$name', vendor_template_description = '$description', vendor_template_contact_name = '$contact_name', vendor_template_phone_country_code = '$phone_country_code', vendor_template_phone = '$phone', vendor_template_extension = '$extension', vendor_template_email = '$email', vendor_template_website = '$website', vendor_template_hours = '$hours', vendor_template_sla = '$sla', vendor_template_code = '$code', vendor_template_account_number = '$account_number', vendor_template_notes = '$notes' WHERE vendor_template_id = $vendor_template_id");
if ($_POST['update_base_vendors'] == 1) {
// Update client related vendors if anything is checked
$sql = "$sql_global_update_vendor_name $sql_global_update_vendor_description $sql_global_update_vendor_account_number $sql_global_update_vendor_contact_name $sql_global_update_vendor_phone $sql_global_update_vendor_hours $sql_global_update_vendor_email $sql_global_update_vendor_website $sql_global_update_vendor_sla $sql_global_update_vendor_code $sql_global_update_vendor_notes";
// Remove the first comma to prevent MySQL error
$sql = preg_replace('/,/', '', $sql, 1);
mysqli_query($mysqli,"UPDATE vendors SET $sql WHERE vendor_template_id = $vendor_template_id");
}
logAction("Vendor Template", "Edit", "$session_name edited vendor template $name", 0, $vendor_template_id);
flash_alert("Vendor template <strong>$name</strong> edited");
redirect();
}
if (isset($_GET['delete_vendor_template'])) {
$vendor_template_id = intval($_GET['delete_vendor_template']);
$vendor_template_name = sanitizeInput(getFieldById('vendor_templates', $vendor_template_id, 'vendor_template_name'));
// If its a template reset all vendors based off this template to no template base
mysqli_query($mysqli,"UPDATE vendors SET vendor_template_id = 0 WHERE vendor_template_id = $vendor_template_id");
mysqli_query($mysqli,"DELETE FROM vendor_templates WHERE vendor_template_id = $vendor_template_id");
logAction("Vendor Template", "Delete", "$session_name deleted vendor template $vendor_template_name");
flash_alert("Vendor Template <strong>$vendor_template_name</strong> deleted", 'error');
redirect();
}

138
admin/saved_payment_method.php
View File

@@ -1,138 +0,0 @@
<?php
// Default Column Sortby Filter
$sort = "client_name";
$order = "ASC";
require_once "includes/inc_all_admin.php";
$sql = mysqli_query($mysqli, "
SELECT SQL_CALC_FOUND_ROWS
client_saved_payment_methods.*,
payment_providers.payment_provider_name,
clients.client_name,
client_payment_provider.payment_provider_client
FROM client_saved_payment_methods
LEFT JOIN payment_providers
ON client_saved_payment_methods.saved_payment_provider_id = payment_providers.payment_provider_id
LEFT JOIN clients
ON client_saved_payment_methods.saved_payment_client_id = clients.client_id
LEFT JOIN client_payment_provider
ON client_payment_provider.client_id = client_saved_payment_methods.saved_payment_client_id
AND client_payment_provider.payment_provider_id = client_saved_payment_methods.saved_payment_provider_id
WHERE
client_name LIKE '%$q%'
OR payment_provider_name LIKE '%$q%'
OR saved_payment_description LIKE '%$q%'
OR payment_provider_client LIKE '%$q%'
OR saved_payment_provider_method LIKE '%$q%'
ORDER BY $sort $order
");
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?>
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title"><i class="fas fa-fw fa-credit-card mr-2"></i>Saved Payment Methods</h3>
</div>
<div class="card-body">
<form class="mb-4" autocomplete="off">
<div class="row">
<div class="col-md-4">
<div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) {echo stripslashes(nullable_htmlentities($q));} ?>" placeholder="Search Saved Payment Methods">
<div class="input-group-append">
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div>
</div>
<div class="col-md-8">
</div>
</div>
</form>
<hr>
<div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows == 0) { echo "d-none"; } ?>">
<tr>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=client_name&order=<?php echo $disp; ?>">
Client <?php if ($sort == 'client_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_provider_name&order=<?php echo $disp; ?>">
Provider <?php if ($sort == 'payment_provider_name') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=saved_payment_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'saved_payment_description') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=payment_provider_client&order=<?php echo $disp; ?>">
Provider Client ID <?php if ($sort == 'payment_provider_client') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=saved_payment_provider_method&order=<?php echo $disp; ?>">
Provider Payment Method ID <?php if ($sort == 'saved_payment_provider_method') { echo $order_icon; } ?>
</a>
</th>
<th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=saved_payment_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'saved_payment_created_at') { echo $order_icon; } ?>
</a>
</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql)) {
$saved_payment_id = intval($row['saved_payment_id']);
$client_id = intval($row['saved_payment_client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$provider_id = intval($row['saved_payment_provider_id']);
$provider_name = nullable_htmlentities($row['payment_provider_name']);
$saved_payment_description = nullable_htmlentities($row['saved_payment_description']);
$provider_client = nullable_htmlentities($row['payment_provider_client']);
$provider_payment_method = nullable_htmlentities($row['saved_payment_provider_method']);
$saved_payment_created_at = nullable_htmlentities($row['saved_payment_created_at']);
?>
<tr>
<td><?php echo $client_name; ?> (<?php echo $client_id; ?>)</td>
<td><?php echo $provider_name; ?> (<?php echo $provider_id; ?>)</td>
<td><?php echo $saved_payment_description; ?></td>
<td><?php echo $provider_client; ?></td>
<td><?php echo $provider_payment_method; ?></td>
<td><?php echo $saved_payment_created_at; ?></td>
<td>
<a class="btn btn-outline-danger confirm-link" href="post.php?delete_saved_payment=<?php echo $saved_payment_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php require_once "../includes/filter_footer.php"; ?>
</div>
</div>
<?php
require_once "../includes/footer.php";

184
admin/settings_notification.php
View File

@@ -1,184 +0,0 @@
<?php
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-bell mr-2"></i>Notifications</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_enable_cron" <?php if ($config_enable_cron == 1) { echo "checked"; } ?> value="1" id="enableCronSwitch">
<label class="custom-control-label" for="enableCronSwitch">Enable Cron (recommended) <small>(several cron scripts must also be added to cron with correct schedules, <a href="https://docs.itflow.org/cron">docs</a>)</small></label>
</div>
</div>
<div class="table-responsive">
<table class="table table-bordered">
<thead class="thead-dark">
<tr>
<th>Notification</th>
<th>App Notify</th>
<th>Tech Email Notify</th>
<th>Client Email Notify</th>
<th>Create Ticket</th>
</tr>
</thead>
<tbody>
<tr>
<th colspan=5>Expirations</th>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-globe mr-2"></i>Domain Expiration Notice</div>
<small class="text-muted">
(This setting triggers a notification when a domain is approaching its expiration date, specifically at 1, 7 and 45 days prior to expiry.)
</small>
</th>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_enable_alert_domain_expire" id="customCheck1" <?php if ($config_enable_alert_domain_expire == 1) { echo "checked"; } ?> value="1">
<label class="custom-control-label" for="customCheck1"></label>
</div>
</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-lock mr-2"></i>Certificate Expiration Notice</div>
<small class="text-muted">
(This setting triggers a notification when a certificate is approaching its expiration date, specifically at 1, 7 and 45 days prior to expiry.)
</small>
</th>
<td>
</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-desktop mr-2"></i>Asset Warranty Expiration Notice</div>
<small class="text-muted">
(This setting triggers a notification when an asset is approaching its expiration date, specifically at 1, 7 and 45 days prior to expiry.)
</small>
</th>
<td>
</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<th colspan=5>Billing</th>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-file-invoice mr-2"></i>Invoice Reminders</div>
<small class="text-muted">
(This will automatically dispatch a reminder email for the invoice to the primary contact's email every 30 days following the invoice's due date.)
</small>
</th>
<td>
</td>
<td></td>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_send_invoice_reminders" <?php if ($config_send_invoice_reminders == 1) { echo "checked"; } ?> value="1" id="sendInvoiceRemindersSwitch">
<label class="custom-control-label" for="sendInvoiceRemindersSwitch"></label>
</div>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-redo-alt mr-2"></i>Send Recurring Invoice</div>
<small class="text-muted">
(This will notify all primary and billing contacts of a client that a new invoice was generated from recurring invoices)
</small>
</th>
<td>
</td>
<td></td>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_recurring_auto_send_invoice" <?php if ($config_recurring_auto_send_invoice == 1) { echo "checked"; } ?> value="1" id="sendRecurringSwitch">
<label class="custom-control-label" for="sendRecurringSwitch"></label>
</div>
</td>
<td></td>
</tr>
<tr>
<th colspan=5>Operational</th>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-bell mr-2"></i>Send clients general notification emails</div>
<small class="text-secondary">(Should clients receive automatic emails when tickets are raised/closed?)</small>
</th>
<td></td>
<td></td>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_ticket_client_general_notifications" <?php if($config_ticket_client_general_notifications == 1){ echo "checked"; } ?> value="1" id="ticketNotificationSwitch">
<label class="custom-control-label" for="ticketNotificationSwitch"></label>
</div>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-link mr-2"></i>Shared Item View</div>
<small class="text-secondary">(Notify when Shared items are viewed)</small>
</th>
<td></td>
<td></td>
<td>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-clock mr-2"></i>Cron Execution</div>
<small class="text-secondary">(Notify when the nightly cron job ran)</small>
</th>
<td></td>
<td></td>
<td>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-download mr-2"></i>ITFlow Updates</div>
<small class="text-secondary">(Notify when ITFlow has an update)</small>
</th>
<td></td>
<td></td>
<td>
</td>
<td></td>
</tr>
</tbody>
</table>
</div>
<hr>
<button type="submit" name="edit_notification_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
</form>
</div>
</div>
<?php
require_once "../includes/footer.php";

163
admin/ticket_template_details.php
View File

@@ -1,163 +0,0 @@
<?php
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['ticket_template_id'])) {
$ticket_template_id = intval($_GET['ticket_template_id']);
}
$sql_ticket_templates = mysqli_query($mysqli, "SELECT * FROM ticket_templates WHERE ticket_template_id = $ticket_template_id");
$row = mysqli_fetch_array($sql_ticket_templates);
$ticket_template_name = nullable_htmlentities($row['ticket_template_name']);
$ticket_template_description = nullable_htmlentities($row['ticket_template_description']);
$ticket_template_subject = nullable_htmlentities($row['ticket_template_subject']);
$ticket_template_details = $purifier->purify($row['ticket_template_details']);
$ticket_template_created_at = nullable_htmlentities($row['ticket_template_created_at']);
$ticket_template_updated_at = nullable_htmlentities($row['ticket_template_updated_at']);
// Get Task Templates
$sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id ORDER BY task_template_order ASC, task_template_id ASC");
?>
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="../index.php">Home</a>
</li>
<li class="breadcrumb-item">
<a href="users.php">Admin</a>
</li>
<li class="breadcrumb-item">
<a href="ticket_template.php">Ticket Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-2"></i><?php echo $ticket_template_name; ?></li>
</ol>
<div class="row">
<div class="col-9">
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title mt-2">
<div class="media">
<i class="fa fa-fw fa-2x fa-life-ring mr-3"></i>
<div class="media-body">
<h3 class="mb-0"><?php echo $ticket_template_name; ?></h3>
<div><small class="text-secondary"><?php //echo $ticket_template_description; ?></small></div>
</div>
</div>
</h3>
<div class="card-tools">
<button type="button" class="btn btn-default btn-sm" data-toggle="modal" data-target="#editTicketTemplateModal">
<i class="fas fa-edit"></i>
</button>
</div>
</div>
<h5><?php echo $ticket_template_subject; ?></h5>
<div class="card-body prettyContent">
<?php echo $ticket_template_details; ?>
</div>
</div>
</div>
<div class="col-3">
<div class="card card-dark">
<div class="card-header">
<h5 class="card-title"><i class="fa fa-fw fa-tasks mr-2"></i>Tasks</h5>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_template_id" value="<?php echo $ticket_template_id; ?>">
<div class="form-group">
<div class="input-group input-group-sm">
<input type="text" class="form-control" name="task_name" placeholder="Create a task" required maxlength="200">
<div class="input-group-append">
<button type="submit" name="add_ticket_template_task" class="btn btn-primary"><i class="fas fa-fw fa-check"></i></button>
</div>
</div>
</div>
</form>
<table class="table table-sm" id="tasks">
<?php
while($row = mysqli_fetch_array($sql_task_templates)){
$task_id = intval($row['task_template_id']);
$task_name = nullable_htmlentities($row['task_template_name']);
$task_completion_estimate = intval($row['task_template_completion_estimate']);
//$task_description = nullable_htmlentities($row['task_template_description']);
?>
<tr data-task-id="<?php echo $task_id; ?>">
<td>
<a href="#" class="drag-handle"><i class="fas fa-bars text-muted mr-2"></i></a>
<span class="text-dark"><?php echo $task_name; ?></span>
</td>
<td class="text-right">
<div class="float-right">
<div class="dropdown dropleft text-center">
<button class="btn btn-light text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#"
data-modal-url="modals/ticket_template/ticket_template_task_edit.php?id=<?= $task_id ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task_template=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
</div>
</div>
</td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</div>
</div>
<script src="../js/pretty_content.js"></script>
<script src="../plugins/SortableJS/Sortable.min.js"></script>
<script>
new Sortable(document.querySelector('table#tasks tbody'), {
handle: '.drag-handle',
animation: 150,
onEnd: function (evt) {
const rows = document.querySelectorAll('table#tasks tbody tr');
const positions = Array.from(rows).map((row, index) => ({
id: row.dataset.taskId,
order: index
}));
$.post('ajax.php', {
update_task_templates_order: true,
ticket_template_id: <?php echo $ticket_template_id; ?>,
positions: positions
});
}
});
</script>
<?php
require_once "modals/ticket_template/ticket_template_edit.php";
require_once "../includes/footer.php";

12
admin/api_keys.php → admin_api.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM api_keys "SELECT SQL_CALC_FOUND_ROWS * FROM api_keys
@@ -162,15 +166,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</form> </form>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<script src="../js/bulk_actions.js"></script> <script src="js/bulk_actions.js"></script>
<?php <?php
require_once "modals/api/api_key_add.php"; require_once "modals/admin_api_key_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

21
admin/app_log.php → admin_app_log.php
View File

@@ -26,6 +26,9 @@ if (isset($_GET['category']) & !empty($_GET['catergory'])) {
$category_filter = ''; $category_filter = '';
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM app_logs "SELECT SQL_CALC_FOUND_ROWS * FROM app_logs
@@ -45,16 +48,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<h3 class="card-title"><i class="fas fa-fw fa-history mr-2"></i>App Logs</h3> <h3 class="card-title"><i class="fas fa-fw fa-history mr-2"></i>App Logs</h3>
</div> </div>
<div class="card-body"> <div class="card-body">
<form autocomplete="off"> <form class="mb-4" autocomplete="off">
<div class="row"> <div class="row">
<div class="col-sm-4"> <div class="col-sm-4">
<div class="form-group"> <div class="input-group">
<div class="input-group"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search app logs">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search app logs"> <div class="input-group-append">
<div class="input-group-append"> <button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button> <button class="btn btn-primary"><i class="fa fa-search"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>
</div>
</div> </div>
</div> </div>
</div> </div>
@@ -183,10 +184,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

21
admin/audit_log.php → admin_audit_log.php
View File

@@ -46,6 +46,9 @@ if (isset($_GET['action']) & !empty($_GET['action'])) {
$action_filter = ''; $action_filter = '';
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logs "SELECT SQL_CALC_FOUND_ROWS * FROM logs
@@ -72,7 +75,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<form class="mb-4" autocomplete="off"> <form class="mb-4" autocomplete="off">
<div class="row"> <div class="row">
<div class="col-sm-4"> <div class="col-sm-4">
<div class="input-group mb-3 mb-md-0"> <div class="input-group">
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search audit logs"> <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search audit logs">
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button> <button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
@@ -82,7 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="client" onchange="this.form.submit()"> <select class="form-control select2" name="client" onchange="this.form.submit()">
<option value="">- All Clients -</option> <option value="">- All Clients -</option>
@@ -102,7 +105,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="user" onchange="this.form.submit()"> <select class="form-control select2" name="user" onchange="this.form.submit()">
<option value="">- All Users -</option> <option value="">- All Users -</option>
@@ -122,7 +125,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="type" onchange="this.form.submit()"> <select class="form-control select2" name="type" onchange="this.form.submit()">
<option value="">- All Types -</option> <option value="">- All Types -</option>
@@ -141,7 +144,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
<div class="col-sm-2"> <div class="col-sm-2">
<div class="input-group mb-3 mb-md-0"> <div class="form-group">
<select class="form-control select2" name="action" onchange="this.form.submit()"> <select class="form-control select2" name="action" onchange="this.form.submit()">
<option value="">- All Actions -</option> <option value="">- All Actions -</option>
@@ -195,7 +198,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<hr> <hr>
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-sm table-striped table-borderless table-hover"> <table class="table table-sm table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?> text-nowrap"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=log_created_at&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=log_created_at&order=<?php echo $disp; ?>">
@@ -266,7 +269,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (empty($client_name)) { if (empty($client_name)) {
$client_name_display = "-"; $client_name_display = "-";
} else { } else {
$client_name_display = "<a href='../user/client_overview.php?client_id=$client_id'>$client_name</a>"; $client_name_display = "<a href='client_overview.php?client_id=$client_id'>$client_name</a>";
} }
$log_entity_id = intval($row['log_entity_id']); $log_entity_id = intval($row['log_entity_id']);
@@ -292,11 +295,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

14
admin/backup.php → admin_backup.php
View File

@@ -8,7 +8,7 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<div class="card-body" style="text-align: center;"> <div class="card-body" style="text-align: center;">
<div class="alert alert-secondary">If you are unable to back up the entire VM, you'll need to back up the files & database individually. There is no built-in restore. See the <a href="https://docs.itflow.org/backups" target="_blank">docs here</a>.</div> <div class="alert alert-secondary">If you are unable to back up the entire VM, you'll need to back up the files & database individually. There is no built-in restore. See the <a href="https://docs.itflow.org/backups" target="_blank">docs here</a>.</div>
<a class="btn btn-primary btn-lg p-3" href="post.php?download_backup&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"><i class="fas fa-fw fa-4x fa-download"></i><br><br>Download Backup</a> <a class="btn btn-primary btn-lg p-3" href="post.php?download_database&csrf_token=<?php echo $_SESSION['csrf_token'] ?>"><i class="fas fa-fw fa-4x fa-download"></i><br><br>Download database</a>
</div> </div>
</div> </div>
@@ -20,12 +20,12 @@ require_once "includes/inc_all_admin.php";
<div class="card-body"> <div class="card-body">
<form action="post.php" method="POST"> <form action="post.php" method="POST">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="d-flex justify-content-center"> <div class="row d-flex justify-content-center">
<div class="input-group col-sm-4"> <div class="input-group col-4">
<input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required> <div class="input-group-prepend">
<div class="input-group-append"> <input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required>
<button class="btn btn-primary" type="submit" name="backup_master_key"><i class="fas fa-key"></i></button>
</div> </div>
<button class="btn btn-primary" type="submit" name="backup_master_key"><i class="fas fa-fw fa-key mr-2"></i>Get Master Key</button>
</div> </div>
</div> </div>
</form> </form>
@@ -34,5 +34,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

40
admin/category.php → admin_category.php
View File

@@ -13,6 +13,10 @@ if (isset($_GET['category'])) {
$category = "Expense"; $category = "Expense";
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM categories "SELECT SQL_CALC_FOUND_ROWS * FROM categories
@@ -23,6 +27,10 @@ $sql = mysqli_query(
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (isset($_GET['archived'])) {
$category = "Archived";
}
?> ?>
<div class="card card-dark"> <div class="card card-dark">
@@ -34,7 +42,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (!isset($_GET['archived'])) { if (!isset($_GET['archived'])) {
?> ?>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary ajax-modal" data-modal-url="modals/category/category_add.php?category=<?= nullable_htmlentities($category) ?>"><i <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addCategoryModal"><i
class="fas fa-plus mr-2"></i>New <?php echo nullable_htmlentities($category); ?> Category</button> class="fas fa-plus mr-2"></i>New <?php echo nullable_htmlentities($category); ?> Category</button>
</div> </div>
<?php <?php
@@ -77,13 +85,20 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} else { } else {
echo 'btn-default'; echo 'btn-default';
} ?>">Referral</a> } ?>">Referral</a>
<a href="?category=Payment Method"
class="btn <?php if ($category == 'Payment Method') {
echo 'btn-primary';
} else {
echo 'btn-default';
} ?>">Payment
Method</a>
<a href="?category=Ticket" <a href="?category=Ticket"
class="btn <?php if ($category == 'Ticket') { class="btn <?php if ($category == 'Ticket') {
echo 'btn-primary'; echo 'btn-primary';
} else { } else {
echo 'btn-default'; echo 'btn-default';
} ?>">Ticket</a> } ?>">Ticket</a>
<a href="?<?php echo $url_query_strings_sort ?>&archived=1" <a href="?archived=1"
class="btn <?php if (isset($_GET['archived'])) { class="btn <?php if (isset($_GET['archived'])) {
echo 'btn-primary'; echo 'btn-primary';
} else { } else {
@@ -119,8 +134,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<tr> <tr>
<td> <td>
<a class="text-dark ajax-modal" href="#" <a class="text-dark" href="#"
data-modal-url="modals/category/category_edit.php?id=<?= $category_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_category_edit.php"
data-ajax-id="<?php echo $category_id; ?>"
>
<?php echo $category_name; ?> <?php echo $category_name; ?>
</a> </a>
</td> </td>
@@ -132,7 +150,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<?php <?php
if ($archived) { if ($category == "Archived") {
?> ?>
<a class="dropdown-item text-success confirm-link" <a class="dropdown-item text-success confirm-link"
href="post.php?unarchive_category=<?php echo $category_id; ?>"> href="post.php?unarchive_category=<?php echo $category_id; ?>">
@@ -145,8 +163,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
} else { } else {
?> ?>
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/category/category_edit.php?id=<?= $category_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_category_edit.php"
data-ajax-id="<?php echo $category_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<a class="dropdown-item text-danger confirm-link" <a class="dropdown-item text-danger confirm-link"
@@ -170,10 +191,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "modals/admin_category_add_modal.php";
require_once "includes/footer.php";

19
admin/custom_link.php → admin_custom_link.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_links "SELECT SQL_CALC_FOUND_ROWS * FROM custom_links
@@ -101,8 +105,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<tr> <tr>
<td> <td>
<a class="ajax-modal" href="#" <a href="#"
data-modal-url="modals/custom_link/custom_link_edit.php?id=<?= $custom_link_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_custom_link_edit.php"
data-ajax-id="<?php echo $custom_link_id; ?>"
>
<i class="fa fa-fw fa-<?php echo $custom_link_icon; ?> mr-2"></i><?php echo $custom_link_name;?> <i class="fa fa-fw fa-<?php echo $custom_link_icon; ?> mr-2"></i><?php echo $custom_link_name;?>
</a> </a>
</td> </td>
@@ -115,7 +122,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" data-modal-url="modals/custom_link/custom_link_edit.php?id=<?= $custom_link_id ?>"> <a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_custom_link_edit.php" data-ajax-id="<?php echo $custom_link_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
@@ -135,11 +142,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/custom_link/custom_link_add.php"; require_once "modals/admin_custom_link_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

411
admin/debug.php → admin_debug.php
View File

@@ -1,8 +1,8 @@
<?php <?php
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
require_once "../includes/database_version.php"; require_once "includes/database_version.php";
require_once "../config.php"; require_once "config.php";
$checks = []; $checks = [];
@@ -53,7 +53,6 @@ $extensions = [
'php-curl' => 'curl', 'php-curl' => 'curl',
'php-mbstring' => 'mbstring', 'php-mbstring' => 'mbstring',
'php-gd' => 'gd', 'php-gd' => 'gd',
'php-zip' => 'zip',
]; ];
foreach ($extensions as $name => $ext) { foreach ($extensions as $name => $ext) {
@@ -246,7 +245,7 @@ $filePermissions[] = [
$uploadsStats = []; $uploadsStats = [];
// Define the uploads directory path // Define the uploads directory path
$uploadsDir = __DIR__ . '/../uploads'; // Adjust the path if needed $uploadsDir = __DIR__ . '/uploads'; // Adjust the path if needed
if (is_dir($uploadsDir)) { if (is_dir($uploadsDir)) {
// Function to recursively count files and calculate total size // Function to recursively count files and calculate total size
@@ -297,13 +296,7 @@ if ($tablesResult) {
while ($table = $tablesResult->fetch_assoc()) { while ($table = $tablesResult->fetch_assoc()) {
$tableName = $table['Name']; $tableName = $table['Name'];
$tableRows = $table['Rows'];
// Accurate row count
$countResult = $mysqli->query("SELECT COUNT(*) AS cnt FROM `$tableName`");
$countRow = $countResult->fetch_assoc();
$tableRows = $countRow['cnt'];
$countResult->free();
$dataLength = $table['Data_length']; $dataLength = $table['Data_length'];
$indexLength = $table['Index_length']; $indexLength = $table['Index_length'];
$tableSize = ($dataLength + $indexLength) / (1024 * 1024); // Size in MB $tableSize = ($dataLength + $indexLength) / (1024 * 1024); // Size in MB
@@ -343,13 +336,18 @@ if ($tablesResult) {
'name' => 'Total database size (MB)', 'name' => 'Total database size (MB)',
'value' => round($totalSize, 2) . ' MB', 'value' => round($totalSize, 2) . ' MB',
]; ];
} else {
$databaseStats[] = [
'name' => 'Database connection error',
'value' => $mysqli->error,
];
} }
// Section: Database Structure Comparison // Section: Database Structure Comparison
$dbComparison = []; $dbComparison = [];
// Path to the db.sql file // Path to the db.sql file
$dbSqlFile = __DIR__ . '/../db.sql'; $dbSqlFile = __DIR__ . '/db.sql';
if (file_exists($dbSqlFile)) { if (file_exists($dbSqlFile)) {
// Read the db.sql file // Read the db.sql file
@@ -520,26 +518,24 @@ $mysqli->close();
</ul> </ul>
<hr> <hr>
<div class="table-responsive"> <table class="table table-bordered mb-3">
<table class="table table-bordered mb-3"> <tr>
<tr> <th>ITFlow release version</th>
<th>ITFlow release version</th> <th><?php echo APP_VERSION; ?></th>
<th><?php echo APP_VERSION; ?></th> </tr>
</tr> <tr>
<tr> <td>Current DB Version</td>
<td>Current DB Version</td> <td><?php echo CURRENT_DATABASE_VERSION; ?></td>
<td><?php echo CURRENT_DATABASE_VERSION; ?></td> </tr>
</tr> <tr>
<tr> <td>Current Code Commit</td>
<td>Current Code Commit</td> <td><?php echo $commitHash; ?></td>
<td><?php echo $commitHash; ?></td> </tr>
</tr> <tr>
<tr> <td>Current Branch</td>
<td>Current Branch</td> <td><?php echo $gitBranch; ?></td>
<td><?php echo $gitBranch; ?></td> </tr>
</tr> </table>
</table>
</div>
<!-- System Information Table --> <!-- System Information Table -->
<h3>System Information</h3> <h3>System Information</h3>
@@ -556,209 +552,200 @@ $mysqli->close();
<!-- PHP Extensions and Configuration Table --> <!-- PHP Extensions and Configuration Table -->
<h3 class="mt-3">PHP Extensions and Configuration</h3> <h3 class="mt-3">PHP Extensions and Configuration</h3>
<div class="table-responsive"> <table class="table table-sm table-bordered">
<table class="table table-sm table-bordered"> <!-- PHP Extensions Section -->
<!-- PHP Extensions Section --> <thead>
<thead> <tr class="table-secondary">
<tr class="table-secondary"> <th colspan="3">PHP Extensions</th>
<th colspan="3">PHP Extensions</th> </tr>
</thead>
<tbody>
<?php foreach ($phpExtensions as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($phpExtensions as $check): ?> <!-- PHP Configuration Section -->
<tr> <thead>
<td><?= htmlspecialchars($check['name']); ?></td> <tr class="table-secondary">
<td class="text-center"> <th colspan="3">PHP Configuration</th>
<?php if ($check['passed']): ?> </tr>
<i class="fas fa-check" style="color:green"></i> </thead>
<?php else: ?> <tbody>
<i class="fas fa-times" style="color:red"></i> <?php foreach ($phpConfig as $check): ?>
<?php endif; ?> <tr>
</td> <td><?= htmlspecialchars($check['name']); ?></td>
<td><?= htmlspecialchars($check['value']); ?></td> <td class="text-center">
</tr> <?php if ($check['passed']): ?>
<?php endforeach; ?> <i class="fas fa-check" style="color:green"></i>
</tbody> <?php else: ?>
<!-- PHP Configuration Section --> <i class="fas fa-times" style="color:red"></i>
<thead> <?php endif; ?>
<tr class="table-secondary"> </td>
<th colspan="3">PHP Configuration</th> <td><?= htmlspecialchars($check['value']); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($phpConfig as $check): ?> <thead>
<tr> <tr class="table-secondary">
<td><?= htmlspecialchars($check['name']); ?></td> <th colspan="3">Shell Commands</th>
<td class="text-center"> </tr>
<?php if ($check['passed']): ?> </thead>
<i class="fas fa-check" style="color:green"></i> <tbody>
<?php else: ?> <?php foreach ($shellCommands as $check): ?>
<i class="fas fa-times" style="color:red"></i> <tr>
<?php endif; ?> <td><?= htmlspecialchars($check['name']); ?></td>
</td> <td class="text-center">
<td><?= htmlspecialchars($check['value']); ?></td> <?php if ($check['passed']): ?>
</tr> <i class="fas fa-check" style="color:green"></i>
<?php endforeach; ?> <?php else: ?>
</tbody> <i class="fas fa-times" style="color:red"></i>
<thead> <?php endif; ?>
<tr class="table-secondary"> </td>
<th colspan="3">Shell Commands</th> <td><?= htmlspecialchars($check['value']); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($shellCommands as $check): ?> <thead>
<tr> <tr class="table-secondary">
<td><?= htmlspecialchars($check['name']); ?></td> <th colspan="3">SSL Checks</th>
<td class="text-center"> </tr>
<?php if ($check['passed']): ?> </thead>
<i class="fas fa-check" style="color:green"></i> <tbody>
<?php else: ?> <?php foreach ($sslChecks as $check): ?>
<i class="fas fa-times" style="color:red"></i> <tr>
<?php endif; ?> <td><?= htmlspecialchars($check['name']); ?></td>
</td> <td class="text-center">
<td><?= htmlspecialchars($check['value']); ?></td> <?php if ($check['passed']): ?>
</tr> <i class="fas fa-check" style="color:green"></i>
<?php endforeach; ?> <?php else: ?>
</tbody> <i class="fas fa-times" style="color:red"></i>
<thead> <?php endif; ?>
<tr class="table-secondary"> </td>
<th colspan="3">SSL Checks</th> <td><?= htmlspecialchars($check['value']); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($sslChecks as $check): ?> <thead>
<tr> <tr class="table-secondary">
<td><?= htmlspecialchars($check['name']); ?></td> <th colspan="3">Domain Checks</th>
<td class="text-center"> </tr>
<?php if ($check['passed']): ?> </thead>
<i class="fas fa-check" style="color:green"></i> <tbody>
<?php else: ?> <?php foreach ($domainChecks as $check): ?>
<i class="fas fa-times" style="color:red"></i> <tr>
<?php endif; ?> <td><?= htmlspecialchars($check['name']); ?></td>
</td> <td class="text-center">
<td><?= htmlspecialchars($check['value']); ?></td> <?php if ($check['passed']): ?>
</tr> <i class="fas fa-check" style="color:green"></i>
<?php endforeach; ?> <?php else: ?>
</tbody> <i class="fas fa-times" style="color:red"></i>
<thead> <?php endif; ?>
<tr class="table-secondary"> </td>
<th colspan="3">Domain Checks</th> <td><?= htmlspecialchars($check['value']); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($domainChecks as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
<!-- File Permissions Table --> <!-- File Permissions Table -->
<thead> <thead>
<tr class="table-secondary"> <tr class="table-secondary">
<th colspan="3">File Permissions</th> <th colspan="3">File Permissions</th>
</tr>
</thead>
<tbody>
<?php foreach ($filePermissions as $check): ?>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($filePermissions as $check): ?> </table>
<tr>
<td><?= htmlspecialchars($check['name']); ?></td>
<td class="text-center">
<?php if ($check['passed']): ?>
<i class="fas fa-check" style="color:green"></i>
<?php else: ?>
<i class="fas fa-times" style="color:red"></i>
<?php endif; ?>
</td>
<td><?= htmlspecialchars($check['value']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<!-- Database Structure Comparison Table --> <!-- Database Structure Comparison Table -->
<h3 class="mt-3">Database Structure Comparison</h3> <h3 class="mt-3">Database Structure Comparison</h3>
<div class="table-responsive"> <table class="table table-sm table-bordered">
<table class="table table-sm table-bordered"> <tbody>
<tbody> <?php if (!empty($dbComparison)): ?>
<?php if (!empty($dbComparison)): ?> <?php foreach ($dbComparison as $issue): ?>
<?php foreach ($dbComparison as $issue): ?>
<tr>
<td><?= htmlspecialchars($issue['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($issue['status']); ?></td>
</tr>
<?php endforeach; ?>
<?php else: ?>
<tr> <tr>
<td colspan="3">No discrepancies found between the database and db.sql file.</td> <td><?= htmlspecialchars($issue['name']); ?></td>
<td colspan="2"><?= htmlspecialchars($issue['status']); ?></td>
</tr> </tr>
<?php endif; ?> <?php endforeach; ?>
</tbody> <?php else: ?>
</table> <tr>
</div> <td colspan="3">No discrepancies found between the database and db.sql file.</td>
</tr>
<?php endif; ?>
</tbody>
</table>
<!-- Uploads Directory Stats Table --> <!-- Uploads Directory Stats Table -->
<h3 class="mt-3">Uploads Directory Stats</h3> <h3 class="mt-3">Uploads Directory Stats</h3>
<div class="table-responsive"> <table class="table table-sm table-bordered">
<table class="table table-sm table-bordered"> <tbody>
<tbody> <?php foreach ($uploadsStats as $stat): ?>
<?php foreach ($uploadsStats as $stat): ?> <tr>
<tr> <td><?= htmlspecialchars($stat['name']); ?></td>
<td><?= htmlspecialchars($stat['name']); ?></td> <td colspan="2"><?= htmlspecialchars($stat['value']); ?></td>
<td colspan="2"><?= htmlspecialchars($stat['value']); ?></td> </tr>
</tr> <?php endforeach; ?>
<?php endforeach; ?> </tbody>
</tbody> </table>
</table>
</div>
<!-- Database Stats Table --> <!-- Database Stats Table -->
<h3 class="mt-3">Database Stats</h3> <h3 class="mt-3">Database Stats</h3>
<div class="table-responsive"> <table class="table table-sm table-bordered">
<table class="table table-sm table-bordered"> <tbody>
<tbody> <?php foreach ($databaseStats as $stat): ?>
<?php foreach ($databaseStats as $stat): ?> <tr>
<tr> <td><?= htmlspecialchars($stat['name']); ?></td>
<td><?= htmlspecialchars($stat['name']); ?></td> <td colspan="2"><?= htmlspecialchars($stat['value']); ?></td>
<td colspan="2"><?= htmlspecialchars($stat['value']); ?></td> </tr>
</tr> <?php endforeach; ?>
<?php endforeach; ?> </tbody>
</tbody> </table>
</table>
</div>
<!-- Table Stats Table --> <!-- Table Stats Table -->
<h3 class="mt-3">Table Stats</h3> <h3 class="mt-3">Table Stats</h3>
<div class="table-responsive"> <table class="table table-sm table-bordered">
<table class="table table-sm table-bordered"> <thead>
<thead> <tr>
<th>Table Name</th>
<th>Fields / Rows</th>
<th>Size (MB)</th>
</tr>
</thead>
<tbody>
<?php foreach ($tableDetails as $table): ?>
<tr> <tr>
<th>Table Name</th> <td><?= htmlspecialchars($table['name']); ?></td>
<th>Fields / Rows</th> <td><?= htmlspecialchars("Fields: {$table['fields']}, Rows: {$table['rows']}"); ?></td>
<th>Size (MB)</th> <td><?= htmlspecialchars($table['size'] . ' MB'); ?></td>
</tr> </tr>
</thead> <?php endforeach; ?>
<tbody> </tbody>
<?php foreach ($tableDetails as $table): ?> </table>
<tr>
<td><?= htmlspecialchars($table['name']); ?></td>
<td><?= htmlspecialchars("Fields: {$table['fields']}, Rows: {$table['rows']}"); ?></td>
<td><?= htmlspecialchars($table['size'] . ' MB'); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div> </div>
@@ -766,5 +753,5 @@ $mysqli->close();
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

71
admin/document_template.php → admin_document_template.php
View File

@@ -1,16 +1,27 @@
<?php <?php
// Default Column Sort by Filter // Default Column Sort by Filter
$sort = "document_template_name"; $sort = "document_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
// Search query SQL snippet
if (!empty($q)) {
$query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q') OR document_name LIKE '%$q%')";
} else {
$query_snippet = ""; // empty
}
// Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM document_templates "SELECT SQL_CALC_FOUND_ROWS * FROM documents
LEFT JOIN users ON document_template_created_by = user_id LEFT JOIN users ON document_created_by = user_id
WHERE user_name LIKE '%$q%' OR document_template_name LIKE '%$q%' WHERE document_template = 1
$query_snippet
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -44,18 +55,18 @@
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_name&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">
Template Name <?php if ($sort == 'document_template_name') { echo $order_icon; } ?> Template Name <?php if ($sort == 'document_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_created_at&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">
Created <?php if ($sort == 'document_template_created_at') { echo $order_icon; } ?> Created <?php if ($sort == 'document_created_at') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_updated_at&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">
Updated <?php if ($sort == 'document_template_updated_at') { echo $order_icon; } ?> Updated <?php if ($sort == 'document_updated_at') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th class="text-center"> <th class="text-center">
@@ -67,39 +78,43 @@
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$document_template_id = intval($row['document_template_id']); $document_id = intval($row['document_id']);
$document_template_name = nullable_htmlentities($row['document_template_name']); $document_name = nullable_htmlentities($row['document_name']);
$document_template_description = nullable_htmlentities($row['document_template_description']); $document_description = nullable_htmlentities($row['document_description']);
$document_template_content = nullable_htmlentities($row['document_template_content']); $document_content = nullable_htmlentities($row['document_content']);
$document_template_created_by_name = nullable_htmlentities($row['user_name']); $document_created_by_name = nullable_htmlentities($row['user_name']);
$document_template_created_at = nullable_htmlentities($row['document_template_created_at']); $document_created_at = nullable_htmlentities($row['document_created_at']);
$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']); $document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_folder_id = intval($row['document_folder_id']);
?> ?>
<tr> <tr>
<td> <td>
<a class="text-bold" href="document_template_details.php?document_template_id=<?php echo $document_template_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_template_name; ?></a> <a class="text-bold" href="admin_document_template_details.php?document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_name; ?></a>
<div class="mt-1 text-secondary"><?php echo $document_template_description; ?></div> <div class="mt-1 text-secondary"><?php echo $document_description; ?></div>
</td> </td>
<td> <td>
<?php echo $document_template_created_at; ?> <?php echo $document_created_at; ?>
<div class="text-secondary"><?php echo $document_template_created_by_name; ?></div> <div class="text-secondary"><?php echo $document_created_by_name; ?></div>
</td> </td>
<td><?php echo $document_template_updated_at; ?></td> <td><?php echo $document_updated_at; ?></td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-toggle="ajax-modal"
data-modal-size="xl" data-modal-size="xl"
data-modal-url="modals/document_template/document_template_edit.php?id=<?= $document_template_id ?>"> data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold" href="post.php?delete_document_template=<?php echo $document_template_id; ?>"> <a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
</div> </div>
@@ -117,12 +132,12 @@
</table> </table>
<br> <br>
</div> </div>
<?php require_once "../includes/filter_footer.php"; ?> <?php require_once "includes/filter_footer.php"; ?>
</div> </div>
</div> </div>
<?php require_once "modals/document_template/document_template_add.php"; ?> <?php require_once "modals/admin_document_template_add_modal.php"; ?>
<?php require_once "../includes/footer.php"; ?> <?php require_once "includes/footer.php"; ?>
<script> <script>
$(document).ready(function(){ $(document).ready(function(){

67
admin_document_template_details.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['document_id'])) {
$document_id = intval($_GET['document_id']);
}
$sql_document = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id");
$row = mysqli_fetch_array($sql_document);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = $purifier->purify($row['document_content']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
?>
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="clients.php">Home</a>
</li>
<li class="breadcrumb-item">
<a href="admin_user.php">Admin</a>
</li>
<li class="breadcrumb-item">
<a href="admin_document_template.php">Document Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_name; ?></li>
</ol>
<div class="card card-dark">
<div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_name; ?></h3>
<div class="card-tools">
<button type="button" class="btn btn-primary"
data-toggle="ajax-modal"
data-modal-size="xl"
data-ajax-url="ajax/ajax_document_template_edit.php"
data-ajax-id="<?php echo $document_id; ?>"
>
<i class="fas fa-edit mr-2"></i>Edit
</button>
</div>
</div>
<div class="card-body prettyContent">
<?php echo $document_content; ?>
</div>
</div>
<script src="js/pretty_content.js"></script>
<?php
require_once "includes/footer.php";

18
admin/mail_queue.php → admin_mail_queue.php
View File

@@ -6,6 +6,9 @@ $order = "DESC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM email_queue "SELECT SQL_CALC_FOUND_ROWS * FROM email_queue
@@ -174,9 +177,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<td><?php echo $email_status_display; ?></td> <td><?php echo $email_status_display; ?></td>
<td><?php echo $email_attempts; ?></td> <td><?php echo $email_attempts; ?></td>
<td class="text-center"> <td class="text-center">
<a class="btn btn-sm btn-secondary ajax-modal" href="#" <a class="btn btn-sm btn-secondary" href="#"
data-modal-size="lg" data-toggle = "ajax-modal"
data-modal-url="modals/mail_queue/mail_queue_message_view.php?id=<?= $email_id ?>"> data-modal-size = "lg"
data-ajax-url = "ajax/ajax_admin_mail_queue_message_view.php"
data-ajax-id = "<?php echo $email_id; ?>"
>
<i class="fas fa-fw fa-eye"></i> <i class="fas fa-fw fa-eye"></i>
</a> </a>
@@ -202,11 +208,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
</form> </form>
<?php require_once "../includes/filter_footer.php"; ?> <?php require_once "includes/filter_footer.php"; ?>
</div> </div>
</div> </div>
<script src="../js/bulk_actions.js"></script> <script src="js/bulk_actions.js"></script>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

14
admin/project_template.php → admin_project_template.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM project_templates "SELECT SQL_CALC_FOUND_ROWS * FROM project_templates
@@ -92,7 +96,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fa fa-fw fa-2x fa-project-diagram mr-3"></i> <i class="fa fa-fw fa-2x fa-project-diagram mr-3"></i>
<div class="media-body"> <div class="media-body">
<div> <div>
<a href="project_template_details.php?project_template_id=<?php echo $project_template_id; ?>"> <a href="admin_project_template_details.php?project_template_id=<?php echo $project_template_id; ?>">
<?php echo $project_template_name; ?> <?php echo $project_template_name; ?>
</a> </a>
</div> </div>
@@ -125,7 +129,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
require "modals/project_template/project_template_edit.php"; require "modals/admin_project_template_edit_modal.php";
} }
@@ -134,12 +138,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/project_template/project_template_add.php"; require_once "modals/admin_project_template_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

11
admin/project_template_details.php → admin_project_template_details.php
View File

@@ -51,7 +51,7 @@ if (isset($_GET['project_template_id'])) {
<a href="admin_user.php">Admin</a> <a href="admin_user.php">Admin</a>
</li> </li>
<li class="breadcrumb-item"> <li class="breadcrumb-item">
<a href="project_template.php">Project Templates</a> <a href="admin_project_template.php">Project Templates</a>
</li> </li>
<li class="breadcrumb-item active">Project Template Details</li> <li class="breadcrumb-item active">Project Template Details</li>
</ol> </ol>
@@ -164,7 +164,7 @@ if (isset($_GET['project_template_id'])) {
</form> </form>
</td> </td>
<td> <td>
<a href="ticket_template_details.php?ticket_template_id=<?php echo $ticket_template_id; ?>"> <a href="admin_ticket_template_details.php?ticket_template_id=<?php echo $ticket_template_id; ?>">
<?php echo $ticket_template_name; ?> <?php echo $ticket_template_name; ?>
</a> </a>
</td> </td>
@@ -202,6 +202,7 @@ if (isset($_GET['project_template_id'])) {
while($row = mysqli_fetch_array($sql_task_templates)){ while($row = mysqli_fetch_array($sql_task_templates)){
$task_template_id = intval($row['task_template_id']); $task_template_id = intval($row['task_template_id']);
$task_template_name = nullable_htmlentities($row['task_template_name']); $task_template_name = nullable_htmlentities($row['task_template_name']);
$task_template_description = nullable_htmlentities($row['task_template_description']);
?> ?>
<tr> <tr>
<td> <td>
@@ -221,12 +222,12 @@ if (isset($_GET['project_template_id'])) {
<?php <?php
require_once "modals/project_template/project_template_edit.php"; require_once "modals/admin_project_template_edit_modal.php";
require_once "modals/project_template/project_template_ticket_template_add.php"; require_once "modals/admin_project_template_ticket_template_add_modal.php";
} }
require_once "../includes/footer.php"; require_once "includes/footer.php";
?> ?>

53
admin/roles.php → admin_role.php
View File

@@ -1,16 +1,20 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "role_is_admin"; $sort = "user_role_is_admin";
$order = "DESC"; $order = "DESC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM user_roles "SELECT SQL_CALC_FOUND_ROWS * FROM user_roles
WHERE (role_name LIKE '%$q%' OR role_description LIKE '%$q%') WHERE (user_roles.user_role_name LIKE '%$q%' OR user_roles.user_role_description LIKE '%$q%')
AND role_archived_at IS NULL AND user_roles.user_role_archived_at IS NULL
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -46,17 +50,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<hr> <hr>
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover"> <table class="table table-striped table-borderless table-hover">
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?> text-nowrap"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=role_name&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=user_role_name&order=<?php echo $disp; ?>">
Role <?php if ($sort == 'role_name') { echo $order_icon; } ?> Role <?php if ($sort == 'user_role_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th>Members</th> <th>Members</th>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=role_is_admin&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=user_role_is_admin&order=<?php echo $disp; ?>">
Admin <?php if ($sort == 'role_is_admin') { echo $order_icon; } ?> Admin <?php if ($sort == 'user_role_is_admin') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th class="text-center">Action</th> <th class="text-center">Action</th>
@@ -66,17 +70,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$role_id = intval($row['role_id']); $role_id = intval($row['user_role_id']);
$role_name = nullable_htmlentities($row['role_name']); $role_name = nullable_htmlentities($row['user_role_name']);
$role_description = nullable_htmlentities($row['role_description']); $role_description = nullable_htmlentities($row['user_role_description']);
$role_admin = intval($row['role_is_admin']); $role_admin = intval($row['user_role_is_admin']);
$role_archived_at = nullable_htmlentities($row['role_archived_at']); $role_archived_at = nullable_htmlentities($row['user_role_archived_at']);
// Count number of users that have each role // Count number of users that have each role
$sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(user_id) FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL"); $sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(users.user_id) FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL");
$role_user_count = mysqli_fetch_row($sql_role_user_count)[0]; $role_user_count = mysqli_fetch_row($sql_role_user_count)[0];
$sql_users = mysqli_query($mysqli, "SELECT * FROM users WHERE user_role_id = $role_id AND user_archived_at IS NULL"); $sql_users = mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL");
// Initialize an empty array to hold user names // Initialize an empty array to hold user names
$user_names = []; $user_names = [];
@@ -86,7 +90,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} }
// Convert the array of user names to a comma-separated string // Convert the array of user names to a comma-separated string
$user_names_string = implode(",", $user_names); $user_names_string = implode(",", $user_names) ;
if (empty($user_names_string)) { if (empty($user_names_string)) {
$user_names_string = "-"; $user_names_string = "-";
@@ -95,8 +99,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<tr> <tr>
<td> <td>
<a href="#" <?php if ($role_id !== 3) { ?> class="ajax-modal" data-modal-url="modals/role/role_edit.php?id=<?= $role_id ?>" <?php } ?>> <a class="text-dark text-bold" href="#" data-toggle="modal" data-target="#editRoleModal<?php echo $role_id; ?>">
<strong class="text-dark"><?php echo $role_name; ?></strong> <?php echo $role_name; ?>
</a> </a>
<div class="text-secondary"><?php echo $role_description; ?></div> <div class="text-secondary"><?php echo $role_description; ?></div>
</td> </td>
@@ -110,8 +114,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/role/role_edit.php?id=<?= $role_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_role_edit.php"
data-ajax-id="<?php echo $role_id; ?>"
>
<i class="fas fa-fw fa-user-edit mr-2"></i>Edit <i class="fas fa-fw fa-user-edit mr-2"></i>Edit
</a> </a>
@@ -137,12 +144,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/role/role_add.php"; require_once "modals/admin_role_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

77
admin_settings_ai.php Normal file
View File

@@ -0,0 +1,77 @@
<?php
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-robot mr-2"></i>AI</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<label>AI Provider</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<select class="form-control select2" name="provider">
<option value="" <?php if($config_ai_enable == 0) { echo "selected"; } ?> >Disabled</option>
<option <?php if($config_ai_provider == "Ollama") { echo "selected"; } ?> >Ollama</option>
<option <?php if($config_ai_provider == "OpenAI") { echo "selected"; } ?> >OpenAI</option>
<option <?php if($config_ai_provider == "LocalAI") { echo "selected"; } ?> >LocalAI</option>
</select>
</div>
</div>
<div class="form-group">
<label>AI Model</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-robot"></i></span>
</div>
<input type="text" class="form-control" name="model" value="<?php echo nullable_htmlentities($config_ai_model); ?>" placeholder="ex gpt-4">
</div>
</div>
<div class="form-group">
<label>URL</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="url" class="form-control" name="url" value="<?php echo nullable_htmlentities($config_ai_url); ?>" placeholder="ex https://ai.company.ext/api">
</div>
</div>
<div class="form-group">
<label>API Key</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="api_key" value="<?php echo nullable_htmlentities($config_ai_api_key); ?>" placeholder="Enter API key here">
</div>
</div>
<hr>
<button type="submit" name="edit_ai_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
</form>
<div class="mt-5">
<h5>Test AI Rewording</h5>
<textarea id="textInput" class="form-control tinymceAI mb-3" rows="10"></textarea>
</div>
<script src="js/ai_reword.js"></script>
</div>
</div>
<?php
require_once "includes/footer.php";

42
admin/settings_company.php → admin_settings_company.php
View File

@@ -12,14 +12,12 @@ $company_address = nullable_htmlentities($row['company_address']);
$company_city = nullable_htmlentities($row['company_city']); $company_city = nullable_htmlentities($row['company_city']);
$company_state = nullable_htmlentities($row['company_state']); $company_state = nullable_htmlentities($row['company_state']);
$company_zip = nullable_htmlentities($row['company_zip']); $company_zip = nullable_htmlentities($row['company_zip']);
$company_phone_country_code = formatPhoneNumber($row['company_phone_country_code']); $company_phone = formatPhoneNumber($row['company_phone']);
$company_phone = nullable_htmlentities(formatPhoneNumber($row['company_phone'], $company_phone_country_code));
$company_email = nullable_htmlentities($row['company_email']); $company_email = nullable_htmlentities($row['company_email']);
$company_website = nullable_htmlentities($row['company_website']); $company_website = nullable_htmlentities($row['company_website']);
$company_logo = nullable_htmlentities($row['company_logo']); $company_logo = nullable_htmlentities($row['company_logo']);
$company_locale = nullable_htmlentities($row['company_locale']); $company_locale = nullable_htmlentities($row['company_locale']);
$company_currency = nullable_htmlentities($row['company_currency']); $company_currency = nullable_htmlentities($row['company_currency']);
$company_tax_id = nullable_htmlentities($row['company_tax_id']);
$company_initials = nullable_htmlentities(initials($company_name)); $company_initials = nullable_htmlentities(initials($company_name));
@@ -35,10 +33,10 @@ $company_initials = nullable_htmlentities(initials($company_name));
<div class="row"> <div class="row">
<div class="col-md-3 text-center"> <div class="col-md-3 text-center">
<?php if ($company_logo) { ?> <?php if($company_logo) { ?>
<img class="img-thumbnail" src="<?php echo "../uploads/settings/$company_logo"; ?>"> <img class="img-thumbnail" src="<?php echo "uploads/settings/$company_logo"; ?>">
<a href="post.php?remove_company_logo" class="btn btn-outline-danger btn-block">Remove Logo</a> <a href="post.php?remove_company_logo" class="btn btn-outline-danger btn-block">Remove Logo</a>
<hr> <hr>
<?php } ?> <?php } ?>
<div class="form-group"> <div class="form-group">
<label>Upload company logo</label> <label>Upload company logo</label>
@@ -112,18 +110,13 @@ $company_initials = nullable_htmlentities(initials($company_name));
</div> </div>
</div> </div>
<label>Phone</label> <div class="form-group">
<div class="form-row"> <label>Phone</label>
<div class="col-md-9"> <div class="input-group">
<div class="form-group"> <div class="input-group-prepend">
<div class="input-group"> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $company_phone_country_code; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" value="<?php echo $company_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div> </div>
<input type="text" class="form-control" name="phone" placeholder="Phone Number" value="<?php echo $company_phone; ?>">
</div> </div>
</div> </div>
@@ -147,16 +140,6 @@ $company_initials = nullable_htmlentities(initials($company_name));
</div> </div>
</div> </div>
<div class="form-group">
<label>Tax ID</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-balance-scale"></i></span>
</div>
<input type="text" class="form-control" name="tax_id" value="<?php echo $company_tax_id; ?>" placeholder="Tax ID" maxlength="200">
</div>
</div>
<hr> <hr>
<button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_company" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
@@ -168,4 +151,5 @@ $company_initials = nullable_htmlentities(initials($company_name));
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

7
admin/settings_custom_fields.php → admin_settings_custom_fields.php
View File

@@ -13,6 +13,9 @@ if (isset($_GET['table'])) {
$table = "client_assets"; $table = "client_assets";
} }
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM custom_fields "SELECT SQL_CALC_FOUND_ROWS * FROM custom_fields
@@ -109,7 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
@@ -117,5 +120,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
require_once "custom_field_create_modal.php"; require_once "custom_field_create_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

24
admin/settings_default.php → admin_settings_default.php
View File

@@ -218,6 +218,28 @@ require_once "includes/inc_all_admin.php";
</div> </div>
</div> </div>
<div class="form-group">
<label>Phone Mask</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-phone"></i></span>
</div>
<select class="form-control select2" name="phone_mask">
<?php
$sql = mysqli_query($mysqli, "SELECT config_phone_mask FROM settings WHERE company_id = 1");
while ($row = mysqli_fetch_array($sql)) {
$phone_mask = intval($row['config_phone_mask']);
} ?>
<option <?php if ($phone_mask == 1) { echo "selected"; }?> value=1>
US Format - e.g. (412) 888-9999
</option>
<option <?php if ($phone_mask == 0) { echo "selected"; }?> value=0>
Non-US Format - e.g. 4128889999
</option>
</select>
</div>
</div>
<hr> <hr>
<button type="submit" name="edit_default_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_default_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
@@ -227,4 +249,4 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

23
admin/identity_provider.php → admin_settings_integration.php
View File

@@ -4,29 +4,13 @@ require_once "includes/inc_all_admin.php";
<div class="card card-dark"> <div class="card card-dark">
<div class="card-header py-3"> <div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-fingerprint mr-2"></i>Identity Providers</h3> <h3 class="card-title"><i class="fas fa-fw fa-plug mr-2"></i>Integration Settings</h3>
</div> </div>
<div class="card-body"> <div class="card-body">
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<h4>Client Portal SSO via Microsoft Entra</h4> <h4>Client Portal SSO via Microsoft Entra</h4>
<div class="form-group">
<label>Identity Provider <small class='text-secondary'>(Currently only works with Microsoft Entra ID/AAD)</small></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fingerprint"></i></span>
</div>
<select class="form-control select2" readonly>
<option <?php if (empty($config_azure_client_id)) { echo "selected"; } ?>>Disabled</option>
<option <?php if ($config_azure_client_id) { echo "selected"; } ?>>Microsoft Entra</option>
<option>Google (WIP)</option>
<option>Custom SSO (WIP)</option>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>MS Entra OAuth App (Client) ID</label> <label>MS Entra OAuth App (Client) ID</label>
<div class="input-group"> <div class="input-group">
@@ -49,10 +33,11 @@ require_once "includes/inc_all_admin.php";
<hr> <hr>
<button type="submit" name="edit_identity_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_integrations_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
</form> </form>
</div> </div>
</div> </div>
<?php require_once "../includes/footer.php"; <?php require_once "includes/footer.php";

21
admin/settings_invoice.php → admin_settings_invoice.php
View File

@@ -37,21 +37,12 @@ require_once "includes/inc_all_admin.php";
<textarea class="form-control" rows="4" name="config_invoice_footer"><?php echo nullable_htmlentities($config_invoice_footer); ?></textarea> <textarea class="form-control" rows="4" name="config_invoice_footer"><?php echo nullable_htmlentities($config_invoice_footer); ?></textarea>
</div> </div>
<h5>Show Tax ID On Invoices</h5>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_invoice_show_tax_id" <?php if ($config_invoice_show_tax_id == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
<label class="custom-control-label" for="customSwitch1">Show Tax ID</label>
</div>
</div>
<h5>Invoice Late Fees</h5> <h5>Invoice Late Fees</h5>
<div class="form-group"> <div class="form-group">
<div class="custom-control custom-switch"> <div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_invoice_late_fee_enable" <?php if ($config_invoice_late_fee_enable == 1) { echo "checked"; } ?> value="1" id="customSwitch2"> <input type="checkbox" class="custom-control-input" name="config_invoice_late_fee_enable" <?php if ($config_invoice_late_fee_enable == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
<label class="custom-control-label" for="customSwitch2">Enable Late Fee</label> <label class="custom-control-label" for="customSwitch1">Enable Late Fee</label>
</div> </div>
</div> </div>
@@ -86,7 +77,7 @@ require_once "includes/inc_all_admin.php";
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span>
</div> </div>
<input type="text" class="form-control" name="config_recurring_invoice_prefix" placeholder="Recurring Invoice Prefix" value="<?php echo nullable_htmlentities($config_recurring_invoice_prefix); ?>" required> <input type="text" class="form-control" name="config_recurring_prefix" placeholder="Recurring Prefix" value="<?php echo nullable_htmlentities($config_recurring_prefix); ?>" required>
</div> </div>
</div> </div>
@@ -96,7 +87,7 @@ require_once "includes/inc_all_admin.php";
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-barcode"></i></span>
</div> </div>
<input type="number" min="0" class="form-control" name="config_recurring_invoice_next_number" placeholder="Next Recurring Invoice Number" value="<?php echo intval($config_recurring_invoice_next_number); ?>" required> <input type="number" min="0" class="form-control" name="config_recurring_next_number" placeholder="Next Recurring Number" value="<?php echo intval($config_recurring_next_number); ?>" required>
</div> </div>
</div> </div>
@@ -111,5 +102,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

2
admin/settings_localization.php → admin_settings_localization.php
View File

@@ -75,5 +75,5 @@ $timezones = DateTimeZone::listIdentifiers();
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

2
admin/settings_mail.php → admin_settings_mail.php
View File

@@ -327,5 +327,5 @@ require_once "includes/inc_all_admin.php";
<?php } ?> <?php } ?>
<?php require_once "../includes/footer.php"; <?php require_once "includes/footer.php";

2
admin/settings_module.php → admin_settings_module.php
View File

@@ -78,5 +78,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

183
admin_settings_notification.php Normal file
View File

@@ -0,0 +1,183 @@
<?php
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-bell mr-2"></i>Notifications</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_enable_cron" <?php if ($config_enable_cron == 1) { echo "checked"; } ?> value="1" id="enableCronSwitch">
<label class="custom-control-label" for="enableCronSwitch">Enable Cron (recommended) <small>(several cron scripts must also be added to cron with correct schedules, <a href="https://docs.itflow.org/cron">docs</a>)</small></label>
</div>
</div>
<table class="table table-bordered">
<thead class="thead-dark">
<tr>
<th>Notification</th>
<th>App Notify</th>
<th>Tech Email Notify</th>
<th>Client Email Notify</th>
<th>Create Ticket</th>
</tr>
</thead>
<tbody>
<tr>
<th colspan=5>Expirations</th>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-globe mr-2"></i>Domain Expiration Notice</div>
<small class="text-muted">
(This setting triggers a notification when a domain is approaching its expiration date, specifically at 1, 7, 14, 30 and 90 days prior to expiry.)
</small>
</th>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_enable_alert_domain_expire" id="customCheck1" <?php if ($config_enable_alert_domain_expire == 1) { echo "checked"; } ?> value="1">
<label class="custom-control-label" for="customCheck1"></label>
</div>
</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-lock mr-2"></i>Certificate Expiration Notice</div>
<small class="text-muted">
(This setting triggers a notification when a certificate is approaching its expiration date, specifically at 1, 7, 14, 30 and 90 days prior to expiry.)
</small>
</th>
<td>
</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-desktop mr-2"></i>Asset Warranty Expiration Notice</div>
<small class="text-muted">
(This setting triggers a notification when an asset is approaching its expiration date, specifically at 1, 7, 14, 30 and 90 days prior to expiry.)
</small>
</th>
<td>
</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<th colspan=5>Billing</th>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-file-invoice mr-2"></i>Invoice Reminders</div>
<small class="text-muted">
(This will automatically dispatch a reminder email for the invoice to the primary contact's email every 30 days following the invoice's due date.)
</small>
</th>
<td>
</td>
<td></td>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_send_invoice_reminders" <?php if ($config_send_invoice_reminders == 1) { echo "checked"; } ?> value="1" id="sendInvoiceRemindersSwitch">
<label class="custom-control-label" for="sendInvoiceRemindersSwitch"></label>
</div>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-redo-alt mr-2"></i>Send Recurring Invoice</div>
<small class="text-muted">
(This will notify all primary and billing contacts of a client that a new invoice was generated from recurring invoices)
</small>
</th>
<td>
</td>
<td></td>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_recurring_auto_send_invoice" <?php if ($config_recurring_auto_send_invoice == 1) { echo "checked"; } ?> value="1" id="sendRecurringSwitch">
<label class="custom-control-label" for="sendRecurringSwitch"></label>
</div>
</td>
<td></td>
</tr>
<tr>
<th colspan=5>Operational</th>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-bell mr-2"></i>Send clients general notification emails</div>
<small class="text-secondary">(Should clients receive automatic emails when tickets are raised/closed?)</small>
</th>
<td></td>
<td></td>
<td>
<div class="custom-control custom-checkbox text-center">
<input type="checkbox" class="custom-control-input" name="config_ticket_client_general_notifications" <?php if($config_ticket_client_general_notifications == 1){ echo "checked"; } ?> value="1" id="ticketNotificationSwitch">
<label class="custom-control-label" for="ticketNotificationSwitch"></label>
</div>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-link mr-2"></i>Shared Item View</div>
<small class="text-secondary">(Notify when Shared items are viewed)</small>
</th>
<td></td>
<td></td>
<td>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-clock mr-2"></i>Cron Execution</div>
<small class="text-secondary">(Notify when the nightly cron job ran)</small>
</th>
<td></td>
<td></td>
<td>
</td>
<td></td>
</tr>
<tr>
<th>
<div><i class="fas fa-fw fa-download mr-2"></i>ITFlow Updates</div>
<small class="text-secondary">(Notify when ITFlow has an update)</small>
</th>
<td></td>
<td></td>
<td>
</td>
<td></td>
</tr>
</tbody>
</table>
<hr>
<button type="submit" name="edit_notification_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
</form>
</div>
</div>
<?php
require_once "includes/footer.php";

154
admin_settings_online_payment.php Normal file
View File

@@ -0,0 +1,154 @@
<?php
require_once "includes/inc_all_admin.php";
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-credit-card mr-2"></i>Online Payment</h3>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_stripe_enable" <?php if ($config_stripe_enable == 1) { echo "checked"; } ?> value="1" id="enableStripeSwitch">
<label class="custom-control-label" for="enableStripeSwitch">Enable Stripe</label>
</div>
</div>
<div class="<?php if ($config_stripe_enable == 0) { echo "d-none"; } ?>">
<div class="form-group">
<label>Publishable key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<input type="text" class="form-control" name="config_stripe_publishable" placeholder="Stripe Publishable API Key (pk_...)" value="<?php echo nullable_htmlentities($config_stripe_publishable); ?>">
</div>
</div>
<div class="form-group">
<label>Secret key <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="config_stripe_secret" placeholder="Stripe Secret API Key (sk_...)" value="<?php echo nullable_htmlentities($config_stripe_secret); ?>">
</div>
</div>
<div class="form-group">
<label>Account <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fas fa-fw fa-piggy-bank"></i></span>
</div>
<select class="form-control select2" name="config_stripe_account">
<option value="">- Account -</option>
<?php
$sql_accounts = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
while ($row = mysqli_fetch_array($sql_accounts)) {
$account_id = intval($row['account_id']);
$account_name = nullable_htmlentities($row['account_name']);
?>
<option value="<?php echo $account_id ?>" <?php if ($account_id == $config_stripe_account) { echo "selected"; } ?>><?php echo $account_name ?></option>
<?php
}
?>
</select>
</div>
</div>
<hr>
<div class="form-group">
<label>Expense Vendor</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<select class="form-control select2" name="config_stripe_expense_vendor">
<option value="">- Do not expense Stripe fees -</option>
<?php
$sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$vendor_id = intval($row['vendor_id']);
$vendor_name = nullable_htmlentities($row['vendor_name']);
?>
<option <?php if ($config_stripe_expense_vendor == $vendor_id) { ?> selected <?php } ?> value="<?php echo $vendor_id; ?>"><?php echo $vendor_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Expense Category</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
</div>
<select class="form-control select2" name="config_stripe_expense_category">
<option value="">- Do not expense Stripe fees -</option>
<?php
$sql_select = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL ORDER BY category_name ASC");
while ($row = mysqli_fetch_array($sql_select)) {
$category_id = intval($row['category_id']);
$category_name = nullable_htmlentities($row['category_name']);
?>
<option <?php if ($config_stripe_expense_category == $category_id) { ?> selected <?php } ?> value="<?php echo $category_id; ?>"><?php echo $category_name; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group">
<label>Percentage Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="config_stripe_percentage_fee" placeholder="Enter Percentage" value="<?php echo $config_stripe_percentage_fee * 100; ?>">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
<div class="form-group">
<label>Flat Fee to expense</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="config_stripe_flat_fee" placeholder="0.030" value="<?php echo number_format($config_stripe_flat_fee, 2, '.', ''); ?>">
</div>
<small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
</div>
</div>
<div class="alert alert-secondary">Currently, we only integrate with Stripe. Please see <a href="https://forum.itflow.org/d/439-payment-integrations-megathread" target="_blank">this forum post</a>.</div>
</div>
<hr>
<button type="submit" name="edit_online_payment_settings" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
</form>
</div>
</div>
<?php
require_once "includes/footer.php";

70
admin_settings_online_payment_clients.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
require_once "includes/inc_all_admin.php";
$stripe_clients_sql = mysqli_query($mysqli, "SELECT * FROM client_stripe LEFT JOIN clients ON client_stripe.client_id = clients.client_id");
?>
<div class="card card-dark">
<div class="card-header py-3">
<h3 class="card-title"><i class="fas fa-fw fa-credit-card mr-2"></i>Online Payment - Client info</h3>
</div>
<div class="card-body">
<table class="table border border-dark">
<thead class="thead-dark">
<tr>
<th>Client</th>
<th>Stripe Customer ID</th>
<th>Stripe Payment ID</th>
<th class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($stripe_clients_sql)) {
$client_id = intval($row['client_id']);
$client_name = nullable_htmlentities($row['client_name']);
$stripe_id = nullable_htmlentities($row['stripe_id']);
$stripe_pm = nullable_htmlentities($row['stripe_pm']);
?>
<tr>
<td><?php echo "$client_name ($client_id)" ?></td>
<td><?php echo $stripe_id; ?></td>
<td><?php echo $stripe_pm ?></td>
<td>
<div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<?php if (!empty($stripe_pm)) { ?>
<a class="dropdown-item text-danger confirm-link" href="post.php?stripe_remove_pm&client_id=<?php echo $client_id ?>&pm=<?php echo $stripe_pm ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-credit-card mr-2"></i>Delete payment method
</a>
<?php } else { ?>
<a data-toggle="tooltip" data-placement="left" title="May result in duplicate customer records in Stripe" class="dropdown-item text-danger confirm-link" href="post.php?stripe_reset_customer&client_id=<?php echo $client_id ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Reset Stripe
</a>
<?php } ?>
</div>
</div>
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
<?php
require_once "includes/footer.php";

2
admin/settings_project.php → admin_settings_project.php
View File

@@ -41,4 +41,4 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

2
admin/settings_quote.php → admin_settings_quote.php
View File

@@ -54,5 +54,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

2
admin/settings_security.php → admin_settings_security.php
View File

@@ -62,5 +62,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

2
admin/settings_telemetry.php → admin_settings_telemetry.php
View File

@@ -38,5 +38,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

6
admin/settings_theme.php → admin_settings_theme.php
View File

@@ -19,7 +19,7 @@ require_once "includes/inc_all_admin.php";
?> ?>
<div class="col-4 text-center mb-3"> <div class="col-3 text-center mb-3">
<div class="form-group"> <div class="form-group">
<div class="custom-control custom-radio"> <div class="custom-control custom-radio">
<input class="custom-control-input" type="radio" onchange="this.form.submit()" id="customRadio<?php echo $theme_color; ?>" name="edit_theme_settings" value="<?php echo $theme_color; ?>" <?php if ($config_theme == $theme_color) { echo "checked"; } ?>> <input class="custom-control-input" type="radio" onchange="this.form.submit()" id="customRadio<?php echo $theme_color; ?>" name="edit_theme_settings" value="<?php echo $theme_color; ?>" <?php if ($config_theme == $theme_color) { echo "checked"; } ?>>
@@ -48,7 +48,7 @@ require_once "includes/inc_all_admin.php";
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off"> <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<img class="mb-3" src="<?php if(file_exists("../uploads/favicon.ico")) { echo "../uploads/favicon.ico"; } else { echo "../favicon.ico"; } ?>"> <img class="mb-3" src="<?php if(file_exists("uploads/favicon.ico")) { echo "uploads/favicon.ico"; } else { echo "favicon.ico"; } ?>">
<div class="form-group"> <div class="form-group">
<input type="file" class="form-control-file" name="file" accept=".ico"> <input type="file" class="form-control-file" name="file" accept=".ico">
@@ -63,5 +63,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

34
admin/settings_ticket.php → admin_settings_ticket.php
View File

@@ -53,13 +53,6 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php } ?> <?php } ?>
<div class="form-group">
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_timer_autostart" <?php if ($config_ticket_timer_autostart == 1) { echo "checked"; } ?> value="1" id="ticketTimerSwitch">
<label class="custom-control-label" for="ticketTimerSwitch">Autostart Ticket Timer <small class="text-secondary">(This option will control if the timer starts automatically or manually)</small></label>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Number of hours to auto close resolved tickets</label> <label>Number of hours to auto close resolved tickets</label>
<div class="input-group"> <div class="input-group">
@@ -80,31 +73,6 @@ require_once "includes/inc_all_admin.php";
</div> </div>
</div> </div>
<div class="form-group">
<label>Tickets Default View</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div>
<select class="form-control" name="config_ticket_default_view">
<option value=0 <?php if ($config_ticket_default_view == 0) { echo "selected"; } ?>>List</option>
<option value=1 <?php if ($config_ticket_default_view == 1) { echo "selected"; } ?>>Compact</option>
<option value=2 <?php if ($config_ticket_default_view == 2) { echo "selected"; } ?>>Kanban</option>
</select>
</div>
</div>
<div class="form-group">
<label>Kanban Settings</label>
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_ordering" <?php if ($config_ticket_ordering == 1) { echo "checked"; } ?> value="1" id="ticketOrderingSwitch">
<label class="custom-control-label" for="ticketOrderingSwitch">Allow ticket ordering within its column<small class="text-secondary">(uncheked will result in ordering it by priority and id)</small></label>
</div>
<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input" name="config_ticket_moving_columns" <?php if ($config_ticket_moving_columns == 1) { echo "checked"; } ?> value="1" id="ticketMovingColumnsSwitch">
<label class="custom-control-label" for="ticketMovingColumnsSwitch">Allow moving columns</label>
</div>
</div>
<hr> <hr>
<button type="submit" name="edit_ticket_settings" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_ticket_settings" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
@@ -114,5 +82,5 @@ require_once "includes/inc_all_admin.php";
</div> </div>
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

57
admin/software_template.php → admin_software_template.php
View File

@@ -1,15 +1,20 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "software_template_name"; $sort = "software_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM software_templates "SELECT SQL_CALC_FOUND_ROWS * FROM software
WHERE software_template_name LIKE '%$q%' OR software_template_type LIKE '%$q%' WHERE software_template = 1
AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%')
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -48,18 +53,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>"> <thead class="text-dark <?php if($num_rows[0] == 0){ echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_name&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_name&order=<?php echo $disp; ?>">
Template <?php if ($sort == 'software_template_name') { echo $order_icon; } ?> Template <?php if ($sort == 'software_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_type&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_type&order=<?php echo $disp; ?>">
Type <?php if ($sort == 'software_template_type') { echo $order_icon; } ?> Type <?php if ($sort == 'software_type') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_template_license_type&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=software_license_type&order=<?php echo $disp; ?>">
License Type <?php if ($sort == 'software_template_license_type') { echo $order_icon; } ?> License Type <?php if ($sort == 'software_license_type') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th class="text-center">Action</th> <th class="text-center">Action</th>
@@ -69,41 +74,41 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$software_template_id = intval($row['software_template_id']); $software_id = intval($row['software_id']);
$software_template_name = nullable_htmlentities($row['software_template_name']); $software_name = nullable_htmlentities($row['software_name']);
$software_template_version = nullable_htmlentities($row['software_template_version']); $software_version = nullable_htmlentities($row['software_version']);
$software_template_description = nullable_htmlentities($row['software_template_description']); $software_description = nullable_htmlentities($row['software_description']);
$software_template_type = nullable_htmlentities($row['software_template_type']); $software_type = nullable_htmlentities($row['software_type']);
$software_template_license_type = nullable_htmlentities($row['software_template_license_type']); $software_license_type = nullable_htmlentities($row['software_license_type']);
$software_template_notes = nullable_htmlentities($row['software_template_notes']); $software_notes = nullable_htmlentities($row['software_notes']);
?> ?>
<tr> <tr>
<td> <td>
<a class="text-dark ajax-modal" href="#" data-modal-url="modals/software_template/software_template_edit.php?id=<?= $software_template_id ?>"> <a class="text-dark" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_id; ?>">
<div class="media"> <div class="media">
<i class="fa fa-fw fa-2x fa-cube mr-3"></i> <i class="fa fa-fw fa-2x fa-cube mr-3"></i>
<div class="media-body"> <div class="media-body">
<div><?php echo "$software_template_name <span>$software_template_version</span>"; ?></div> <div><?php echo "$software_name <span>$software_version</span>"; ?></div>
<div><small class="text-secondary"><?php echo $software_template_description; ?></small></div> <div><small class="text-secondary"><?php echo $software_description; ?></small></div>
</div> </div>
</div> </div>
</a> </a>
</td> </td>
<td><?php echo $software_template_type; ?></td> <td><?php echo $software_type; ?></td>
<td><?php echo $software_template_license_type; ?></td> <td><?php echo $software_license_type; ?></td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" data-modal-url="modals/software_template/software_template_edit.php?id=<?= $software_template_id ?>"> <a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_software_template_edit.php" data-ajax-id="<?php echo $software_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if($session_user_role == 3) { ?> <?php if($session_user_role == 3) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_software_template=<?php echo $software_template_id; ?>"> <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_software=<?php echo $software_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
<?php } ?> <?php } ?>
@@ -121,11 +126,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/software_template/software_template_add.php"; require_once "modals/admin_software_template_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

26
admin/tag.php → admin_tag.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM tags "SELECT SQL_CALC_FOUND_ROWS * FROM tags
@@ -21,7 +25,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fas fa-fw fa-tags mr-2"></i>Tags</h3> <h3 class="card-title mt-2"><i class="fas fa-fw fa-tags mr-2"></i>Tags</h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary ajax-modal" data-modal-url="modals/tag/tag_add.php"><i class="fas fa-plus mr-2"></i>New Tag</button> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTagModal"><i class="fas fa-plus mr-2"></i>New Tag</button>
</div> </div>
</div> </div>
@@ -83,8 +87,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<tr> <tr>
<td> <td>
<a class="ajax-modal" href="#" <a href="#"
data-modal-url="modals/tag/tag_edit.php?id=<?= $tag_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_tag_edit.php"
data-ajax-id="<?php echo $tag_id; ?>"
>
<span class='badge text-light p-2 mr-1' style="background-color: <?php echo $tag_color; ?>"><i class="fa fa-fw fa-<?php echo $tag_icon; ?> mr-2"></i><?php echo $tag_name; ?></span> <span class='badge text-light p-2 mr-1' style="background-color: <?php echo $tag_color; ?>"><i class="fa fa-fw fa-<?php echo $tag_icon; ?> mr-2"></i><?php echo $tag_name; ?></span>
</a> </a>
</td> </td>
@@ -95,8 +102,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/tag/tag_edit.php?id=<?= $tag_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_tag_edit.php"
data-ajax-id="<?php echo $tag_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
@@ -117,11 +127,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/admin_tag_add_modal.php";
require_once "includes/footer.php";
require_once "../includes/footer.php";

24
admin/tax.php → admin_tax.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT * FROM taxes "SELECT * FROM taxes
@@ -53,8 +57,11 @@ $num_rows = mysqli_num_rows($sql);
?> ?>
<tr> <tr>
<td> <td>
<a class="text-dark text-bold ajax-modal" href="#" <a class="text-dark text-bold" href="#"
data-modal-url="modals/tax/tax_edit.php?id=<?= $tax_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_tax_edit.php"
data-ajax-id="<?php echo $tax_id; ?>"
>
<?php echo $tax_name; ?> <?php echo $tax_name; ?>
</a> </a>
</td> </td>
@@ -65,8 +72,11 @@ $num_rows = mysqli_num_rows($sql);
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/tax/tax_edit.php?id=<?= $tax_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_tax_edit.php"
data-ajax-id="<?php echo $tax_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
@@ -96,5 +106,7 @@ $num_rows = mysqli_num_rows($sql);
</div> </div>
<?php <?php
require_once "modals/tax/tax_add.php"; require_once "modals/admin_tax_add_modal.php";
require_once "../includes/footer.php";
require_once "includes/footer.php";

30
admin/ticket_status.php → admin_ticket_status.php
View File

@@ -1,11 +1,15 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "ticket_status_order"; $sort = "ticket_status_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM ticket_statuses "SELECT SQL_CALC_FOUND_ROWS * FROM ticket_statuses
@@ -75,7 +79,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if ($ticket_status_active) { if ($ticket_status_active) {
$ticket_status_display = "<div class='text-success text-bold'>Active</div>"; $ticket_status_display = "<div class='text-success text-bold'>Active</div>";
} else { } else {
$ticket_status_display = "<div class='text-secondary'>Inactive</div>"; $ticket_status_display = "<div class='text-secondary'>Disabled</div>";
} }
?> ?>
@@ -83,7 +87,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<td> <td>
<a href="#" <a href="#"
<?php if ( $ticket_status_id > 5 ) { ?> <?php if ( $ticket_status_id > 5 ) { ?>
class="ajax-modal" data-modal-url="modals/ticket_status/ticket_status_edit.php?id=<?= $ticket_status_id ?>" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_custom_ticket_status_edit.php" data-ajax-id="<?php echo $ticket_status_id; ?>"
<?php } ?> <?php } ?>
> >
<?php echo $ticket_status_name; ?> <?php echo $ticket_status_name; ?>
@@ -93,22 +97,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<span class='badge badge-pill text-light p-2' style="background-color: <?php echo $ticket_status_color; ?>"><?php echo $ticket_status_name; ?></span> <span class='badge badge-pill text-light p-2' style="background-color: <?php echo $ticket_status_color; ?>"><?php echo $ticket_status_name; ?></span>
<td><?php echo $ticket_status_display; ?></td> <td><?php echo $ticket_status_display; ?></td>
<td> <td>
<?php if ( $ticket_status_id > 5 ) { ?>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown"> <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" data-modal-url="modals/ticket_status/ticket_status_edit.php?id=<?= $ticket_status_id ?>"> <a class="dropdown-item" href="#" data-toggle="ajax-modal" data-ajax-url="ajax/ajax_custom_ticket_status_edit.php" data-ajax-id="<?php echo $ticket_status_id; ?>">
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if (!$ticket_status_active) { ?> <div class="dropdown-divider"></div>
<div class="dropdown-divider"></div> <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket_status=<?php echo $ticket_status_id; ?>">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_ticket_status=<?php echo $ticket_status_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token']; ?>"> <i class="fas fa-fw fa-trash mr-2"></i>Delete
<i class="fas fa-fw fa-trash mr-2"></i>Delete </a>
</a>
<?php } ?>
</div> </div>
</div> </div>
<?php } ?>
</td> </td>
</tr> </tr>
@@ -120,13 +124,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/ticket_status/ticket_status_add.php"; require_once "modals/admin_ticket_status_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

12
admin/ticket_template.php → admin_ticket_template.php
View File

@@ -6,6 +6,10 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM ticket_templates "SELECT SQL_CALC_FOUND_ROWS * FROM ticket_templates
@@ -75,7 +79,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fa fa-fw fa-2x fa-life-ring mr-3"></i> <i class="fa fa-fw fa-2x fa-life-ring mr-3"></i>
<div class="media-body"> <div class="media-body">
<div> <div>
<a href="ticket_template_details.php?ticket_template_id=<?php echo $ticket_template_id; ?>"> <a href="admin_ticket_template_details.php?ticket_template_id=<?php echo $ticket_template_id; ?>">
<?php echo $ticket_template_name; ?> <?php echo $ticket_template_name; ?>
</a> </a>
</div> </div>
@@ -104,12 +108,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/ticket_template/ticket_template_add.php"; require_once "modals/admin_ticket_template_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

187
admin_ticket_template_details.php Normal file
View File

@@ -0,0 +1,187 @@
<?php
require_once "includes/inc_all_admin.php";
//Initialize the HTML Purifier to prevent XSS
require "plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
$purifier = new HTMLPurifier($purifier_config);
if (isset($_GET['ticket_template_id'])) {
$ticket_template_id = intval($_GET['ticket_template_id']);
}
$sql_ticket_templates = mysqli_query($mysqli, "SELECT * FROM ticket_templates WHERE ticket_template_id = $ticket_template_id");
$row = mysqli_fetch_array($sql_ticket_templates);
$ticket_template_name = nullable_htmlentities($row['ticket_template_name']);
$ticket_template_description = nullable_htmlentities($row['ticket_template_description']);
$ticket_template_subject = nullable_htmlentities($row['ticket_template_subject']);
$ticket_template_details = $purifier->purify($row['ticket_template_details']);
$ticket_template_created_at = nullable_htmlentities($row['ticket_template_created_at']);
$ticket_template_updated_at = nullable_htmlentities($row['ticket_template_updated_at']);
// Get Task Templates
$sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id ORDER BY task_template_order ASC, task_template_id ASC");
?>
<link rel="stylesheet" href="plugins/dragula/dragula.min.css">
<ol class="breadcrumb d-print-none">
<li class="breadcrumb-item">
<a href="clients.php">Home</a>
</li>
<li class="breadcrumb-item">
<a href="admin_user.php">Admin</a>
</li>
<li class="breadcrumb-item">
<a href="admin_ticket_template.php">Ticket Templates</a>
</li>
<li class="breadcrumb-item active"><i class="fas fa-life-ring mr-2"></i><?php echo $ticket_template_name; ?></li>
</ol>
<div class="row">
<div class="col-8">
<div class="card card-dark">
<div class="card-header">
<h3 class="card-title mt-2">
<div class="media">
<i class="fa fa-fw fa-2x fa-life-ring mr-3"></i>
<div class="media-body">
<h3 class="mb-0"><?php echo $ticket_template_name; ?></h3>
<div><small class="text-secondary"><?php echo $ticket_template_description; ?></small></div>
</div>
</div>
</h3>
<div class="card-tools">
<button type="button" class="btn btn-default btn-sm" data-toggle="modal" data-target="#editTicketTemplateModal">
<i class="fas fa-edit"></i>
</button>
</div>
</div>
<h5><?php echo $ticket_template_subject; ?></h5>
<div class="card-body prettyContent">
<?php echo $ticket_template_details; ?>
</div>
</div>
</div>
<div class="col-4">
<div class="card card-dark">
<div class="card-header">
<h5 class="card-title"><i class="fa fa-fw fa-tasks mr-2"></i>Tasks</h5>
</div>
<div class="card-body">
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_template_id" value="<?php echo $ticket_template_id; ?>">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tasks"></i></span>
</div>
<input type="text" class="form-control" name="task_name" placeholder="Create a task" required>
<div class="input-group-append">
<button type="submit" name="add_ticket_template_task" class="btn btn-primary"><i class="fas fa-fw fa-check"></i></button>
</div>
</div>
</div>
</form>
<table class="table table-striped table-sm">
<?php
while($row = mysqli_fetch_array($sql_task_templates)){
$task_id = intval($row['task_template_id']);
$task_name = nullable_htmlentities($row['task_template_name']);
$task_completion_estimate = intval($row['task_template_completion_estimate']);
$task_description = nullable_htmlentities($row['task_template_description']);
?>
<tr data-task-id="<?php echo $task_id; ?>">
<td><i class="far fa-fw fa-square text-secondary"></i></td>
<td>
<a href="#" class="grab-cursor">
<span class="text-secondary"><?php echo $task_completion_estimate; ?>m</span>
<span class="text-dark"> - <?php echo $task_name; ?></span>
</a>
</td>
<td class="text-right">
<div class="float-right">
<div class="dropdown dropleft text-center">
<button class="btn btn-link text-secondary btn-sm" type="button" data-toggle="dropdown">
<i class="fas fa-fw fa-ellipsis-v"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#"
data-toggle = "ajax-modal"
data-ajax-url = "ajax/ajax_ticket_template_task_edit.php"
data-ajax-id = "<?php echo $task_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_task_template=<?php echo $task_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
<i class="fas fa-fw fa-trash-alt mr-2"></i>Delete
</a>
</div>
</div>
</div>
</td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</div>
</div>
<script src="js/pretty_content.js"></script>
<script src="plugins/dragula/dragula.min.js"></script>
<script>
$(document).ready(function() {
var container = $('.table tbody')[0];
dragula([container])
.on('drop', function (el, target, source, sibling) {
// Handle the drop event to update the order in the database
var rows = $(container).children();
var positions = rows.map(function(index, row) {
return {
id: $(row).data('taskId'),
order: index
};
}).get();
// Send the new order to the server
$.ajax({
url: 'ajax.php',
method: 'POST',
data: {
update_task_templates_order: true, // Adjust the parameter name if needed
ticket_template_id: <?php echo $ticket_template_id; ?>,
positions: positions
},
success: function(data) {
// Handle success
},
error: function(error) {
console.error('Error updating order:', error);
}
});
});
});
</script>
<?php
require_once "modals/admin_ticket_template_edit_modal.php";
require_once "includes/footer.php";

34
admin/update.php → admin_update.php
View File

@@ -1,7 +1,7 @@
<?php <?php
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
require_once "../includes/database_version.php"; require_once "includes/database_version.php";
$updates = fetchUpdates(); $updates = fetchUpdates();
@@ -32,11 +32,8 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<?php } ?> <?php } ?>
<?php if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { ?> <?php if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { ?>
<div class="alert alert-danger"> <div class="alert alert-warning">
<h1 class="font-weight-bold text-center">⚠️ DANGER ⚠️</h1> <strong>Ensure you have a current <a href="https://docs.itflow.org/backups">app & database backup</a> before updating!</strong>
<h2 class="font-weight-bold text-center">Do NOT run updates without first taking a backup</h2>
<p>VM Snapshots are highly recommended over other methods - see the <a href="https://docs.itflow.org/backups" class="alert-link" target="_blank">docs</a>. Review the <a href="https://github.com/itflow-org/itflow/blob/master/CHANGELOG.md" class="alert-link" target="_blank">changelog</a> for breaking changes that may require manual remediation.</p>
<p class="text-center font-weight-bold">Ignore this warning at your own risk.</p>
</div> </div>
<br> <br>
<a class="btn btn-dark btn-lg my-4" href="post.php?update_db"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update Database</h5></a> <a class="btn btn-dark btn-lg my-4" href="post.php?update_db"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update Database</h5></a>
@@ -49,17 +46,9 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<?php } else { <?php } else {
if (!empty($git_log)) { ?> if (!empty($git_log)) { ?>
<div class="alert alert-danger">
<h1 class="font-weight-bold text-center">⚠️ DANGER ⚠️</h1>
<h2 class="font-weight-bold text-center">Do NOT run updates without first taking a backup</h2>
<p>VM Snapshots are highly recommended over other methods - see the <a href="https://docs.itflow.org/backups" class="alert-link" target="_blank">docs</a>. Review the <a href="https://github.com/itflow-org/itflow/blob/master/CHANGELOG.md" class="alert-link" target="_blank">changelog</a> for breaking changes that may require manual remediation.</p>
<p class="text-center font-weight-bold">Ignore this warning at your own risk.</p>
</div>
<a class="btn btn-primary btn-lg my-4 confirm-link" href="post.php?no"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>TEST</h5></a> <a class="btn btn-primary btn-lg my-4" href="post.php?update"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update App</h5></a>
<a class="btn btn-danger btn-lg" href="post.php?update&force_update=1"><i class="fas fa-fw fa-4x fa-hammer mb-1"></i><h5>FORCE Update App</h5></a>
<a class="btn btn-primary btn-lg my-4 confirm-link" href="post.php?update"><i class="fas fa-fw fa-4x fa-download mb-1"></i><h5>Update App</h5></a>
<a class="btn btn-danger btn-lg confirm-link" href="post.php?update&force_update=1"><i class="fas fa-fw fa-4x fa-hammer mb-1"></i><h5>FORCE Update App</h5></a>
<?php } else { ?> <?php } else { ?>
<p><strong>Application Release Version:<br><strong class="text-dark"><?php echo APP_VERSION; ?></strong></p> <p><strong>Application Release Version:<br><strong class="text-dark"><?php echo APP_VERSION; ?></strong></p>
@@ -67,17 +56,6 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<p class="text-secondary">Code Commit:<br><strong class="text-dark"><?php echo $current_version; ?></strong></p> <p class="text-secondary">Code Commit:<br><strong class="text-dark"><?php echo $current_version; ?></strong></p>
<p class="text-muted">You are up to date!<br>Everything is going to be alright</p> <p class="text-muted">You are up to date!<br>Everything is going to be alright</p>
<i class="far fa-3x text-dark fa-smile-wink"></i><br> <i class="far fa-3x text-dark fa-smile-wink"></i><br>
<?php if (rand(1,10) == 1) { ?>
<br>
<div class="alert alert-info alert-dismissible fade show" role="alert">
You're up to date, but when was the last time you checked your ITFlow backup works?
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<?php } ?>
<?php } <?php }
} }
@@ -106,5 +84,5 @@ $git_log = shell_exec("git log $repo_branch..origin/$repo_branch --pretty=format
<?php <?php
require_once "../includes/footer.php"; require_once "includes/footer.php";

57
admin/users.php → admin_user.php
View File

@@ -6,13 +6,16 @@ $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM users "SELECT SQL_CALC_FOUND_ROWS * FROM users, user_settings, user_roles
LEFT JOIN user_roles ON user_role_id = role_id WHERE users.user_id = user_settings.user_id
LEFT JOIN user_settings ON users.user_id = user_settings.user_id AND user_settings.user_role = user_roles.user_role_id
WHERE (user_name LIKE '%$q%' OR user_email LIKE '%$q%') AND (user_name LIKE '%$q%' OR user_email LIKE '%$q%')
AND user_type = 1
AND user_archived_at IS NULL AND user_archived_at IS NULL
ORDER BY $sort $order LIMIT $record_from, $record_to" ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
@@ -33,7 +36,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="dropdown-menu"> <div class="dropdown-menu">
<!--<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#userInviteModal"><i class="fas fa-paper-plane mr-2"></i>Invite User</a>--> <!--<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#userInviteModal"><i class="fas fa-paper-plane mr-2"></i>Invite User</a>-->
<?php if ($num_rows[0] > 1) { ?> <?php if ($num_rows[0] > 1) { ?>
<a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#exportUserModal"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger" href="#" data-toggle="modal" data-target="#resetAllUserPassModal"><i class="fas fa-skull-crossbones mr-2"></i>IR</a> <a class="dropdown-item text-danger" href="#" data-toggle="modal" data-target="#resetAllUserPassModal"><i class="fas fa-skull-crossbones mr-2"></i>IR</a>
<?php } ?> <?php } ?>
@@ -53,6 +55,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</div> </div>
</div> </div>
<div class="col-md-8"> <div class="col-md-8">
<div class="float-right">
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#exportUserModal"><i class="fa fa-fw fa-download mr-2"></i>Export</button>
</div>
</div> </div>
</div> </div>
</form> </form>
@@ -72,8 +77,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</a> </a>
</th> </th>
<th> <th>
<a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=role_name&order=<?php echo $disp; ?>"> <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=user_role&order=<?php echo $disp; ?>">
Role <?php if ($sort == 'role_name') { echo $order_icon; } ?> Role <?php if ($sort == 'user_role') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
@@ -111,8 +116,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$mfa_status_display = "<i class='fas fa-fw fa-lock text-success'></i>"; $mfa_status_display = "<i class='fas fa-fw fa-lock text-success'></i>";
} }
$user_config_force_mfa = intval($row['user_config_force_mfa']); $user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_role = intval($row['user_role_id']); $user_role = $row['user_role'];
$user_role_display = nullable_htmlentities($row['role_name']); $user_role_display = nullable_htmlentities($row['user_role_name']);
$user_initials = nullable_htmlentities(initials($user_name)); $user_initials = nullable_htmlentities(initials($user_name));
$sql_last_login = mysqli_query( $sql_last_login = mysqli_query(
@@ -134,7 +139,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} }
// Get User Client Access Permissions // Get User Client Access Permissions
$user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_client_permissions WHERE user_id = $user_id"); $user_client_access_sql = mysqli_query($mysqli,"SELECT client_id FROM user_permissions WHERE user_id = $user_id");
$client_access_array = []; $client_access_array = [];
while ($row = mysqli_fetch_assoc($user_client_access_sql)) { while ($row = mysqli_fetch_assoc($user_client_access_sql)) {
$client_access_array[] = intval($row['client_id']); $client_access_array[] = intval($row['client_id']);
@@ -148,14 +153,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
?> ?>
<tr> <tr>
<td class="text-center"> <td class="text-center">
<a href="#" <a class="text-dark" href="#"
<?php if ($user_id !== $session_user_id) { // Prevent modifying self ?> <?php if ($user_id !== $session_user_id) { // Prevent modifying self ?>
class="ajax-modal" data-toggle="ajax-modal"
data-modal-url="modals/user/user_edit.php?id=<?= $user_id ?>" data-ajax-url="ajax/ajax_user_edit.php"
data-ajax-id="<?php echo $user_id; ?>"
<?php } ?> <?php } ?>
> >
<?php if (!empty($user_avatar)) { ?> <?php if (!empty($user_avatar)) { ?>
<img class="img-size-50 img-circle" src="<?php echo "../uploads/users/$user_id/$user_avatar"; ?>"> <img class="img-size-50 img-circle" src="<?php echo "uploads/users/$user_id/$user_avatar"; ?>">
<?php } else { ?> <?php } else { ?>
<span class="fa-stack fa-2x"> <span class="fa-stack fa-2x">
<i class="fa fa-circle fa-stack-2x text-secondary"></i> <i class="fa fa-circle fa-stack-2x text-secondary"></i>
@@ -179,8 +185,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/user/user_edit.php?id=<?= $user_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_user_edit.php"
data-ajax-id="<?php echo $user_id; ?>"
>
<i class="fas fa-fw fa-user-edit mr-2"></i>Edit <i class="fas fa-fw fa-user-edit mr-2"></i>Edit
</a> </a>
<?php if ($remember_token_count > 0) { ?> <?php if ($remember_token_count > 0) { ?>
@@ -208,7 +217,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
require "modals/user/user_archive.php"; require "modals/admin_user_archive_modal.php";
} }
@@ -217,7 +226,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
@@ -228,8 +237,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</script> </script>
<?php <?php
require_once "modals/user/user_add.php"; require_once "modals/admin_user_add_modal.php";
require_once "modals/user/user_invite.php"; require_once "modals/admin_user_invite_modal.php";
require_once "modals/user/user_export.php"; require_once "modals/admin_user_export_modal.php";
require_once "modals/user/user_all_reset_password.php"; require_once "modals/admin_user_all_reset_password_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

102
admin/vendor_template.php → admin_vendor_template.php
View File

@@ -1,15 +1,20 @@
<?php <?php
// Default Column Sortby Filter // Default Column Sortby Filter
$sort = "vendor_template_name"; $sort = "vendor_name";
$order = "ASC"; $order = "ASC";
require_once "includes/inc_all_admin.php"; require_once "includes/inc_all_admin.php";
//Rebuild URL
$url_query_strings_sort = http_build_query($get_copy);
$sql = mysqli_query( $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM vendor_templates "SELECT SQL_CALC_FOUND_ROWS * FROM vendors
WHERE vendor_template_name LIKE '%$q%' OR vendor_template_description LIKE '%$q%' OR vendor_template_account_number LIKE '%$q%' OR vendor_template_website LIKE '%$q%' OR vendor_template_contact_name LIKE '%$q%' OR vendor_template_email LIKE '%$q%' OR vendor_template_phone LIKE '%$phone_query%' ORDER BY $sort $order LIMIT $record_from, $record_to" WHERE vendor_template = 1
AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') ORDER BY $sort $order LIMIT $record_from, $record_to"
); );
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
@@ -48,13 +53,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_template_name&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_name&order=<?php echo $disp; ?>">
Vendor <?php if ($sort == 'vendor_template_name') { echo $order_icon; } ?> Vendor <?php if ($sort == 'vendor_name') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th> <th>
<a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_template_description&order=<?php echo $disp; ?>"> <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=vendor_description&order=<?php echo $disp; ?>">
Description <?php if ($sort == 'vendor_template_description') { echo $order_icon; } ?> Description <?php if ($sort == 'vendor_description') { echo $order_icon; } ?>
</a> </a>
</th> </th>
<th>Contact</th> <th>Contact</th>
@@ -65,65 +70,69 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php <?php
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$vendor_template_id = intval($row['vendor_template_id']); $vendor_id = intval($row['vendor_id']);
$vendor_template_name = nullable_htmlentities($row['vendor_template_name']); $vendor_name = nullable_htmlentities($row['vendor_name']);
$vendor_template_description = nullable_htmlentities($row['vendor_template_description']); $vendor_description = nullable_htmlentities($row['vendor_description']);
if (empty($vendor_template_description)) { if (empty($vendor_description)) {
$vendor_template_description_display = "-"; $vendor_description_display = "-";
} else { } else {
$vendor_template_description_display = $vendor_template_description; $vendor_description_display = $vendor_description;
} }
$vendor_template_account_number = nullable_htmlentities($row['vendor_template_account_number']); $vendor_account_number = nullable_htmlentities($row['vendor_account_number']);
$vendor_template_contact_name = nullable_htmlentities($row['vendor_template_contact_name']); $vendor_contact_name = nullable_htmlentities($row['vendor_contact_name']);
if (empty($vendor_template_contact_name)) { if (empty($vendor_contact_name)) {
$vendor_template_contact_name_display = "-"; $vendor_contact_name_display = "-";
} else { } else {
$vendor_template_contact_name_display = $vendor_template_contact_name; $vendor_contact_name_display = $vendor_contact_name;
} }
$vendor_template_phone = formatPhoneNumber($row['vendor_template_phone']); $vendor_phone = formatPhoneNumber($row['vendor_phone']);
$vendor_template_extension = nullable_htmlentities($row['vendor_template_extension']); $vendor_extension = nullable_htmlentities($row['vendor_extension']);
$vendor_template_email = nullable_htmlentities($row['vendor_template_email']); $vendor_email = nullable_htmlentities($row['vendor_email']);
$vendor_template_website = nullable_htmlentities($row['vendor_template_website']); $vendor_website = nullable_htmlentities($row['vendor_website']);
$vendor_template_hours = nullable_htmlentities($row['vendor_template_hours']); $vendor_hours = nullable_htmlentities($row['vendor_hours']);
$vendor_template_sla = nullable_htmlentities($row['vendor_template_sla']); $vendor_sla = nullable_htmlentities($row['vendor_sla']);
$vendor_template_code = nullable_htmlentities($row['vendor_template_code']); $vendor_code = nullable_htmlentities($row['vendor_code']);
$vendor_template_notes = nullable_htmlentities($row['vendor_template_notes']); $vendor_notes = nullable_htmlentities($row['vendor_notes']);
$vendor_template = intval($row['vendor_template']);
?> ?>
<tr> <tr>
<th> <th>
<a class="text-dark ajax-modal" href="#" <a class="text-dark" href="#"
data-modal-url="modals/vendor_template/vendor_template_edit.php?id=<?= $vendor_template_id ?>"> data-toggle="ajax-modal"
<i class="fa fa-fw fa-building text-secondary mr-2"></i><?php echo $vendor_template_name; ?> data-ajax-url="ajax/ajax_vendor_template_edit.php"
data-ajax-id="<?php echo $vendor_id; ?>"
>
<i class="fa fa-fw fa-building text-secondary mr-2"></i><?php echo $vendor_name; ?>
</a> </a>
<?php <?php
if (!empty($vendor_template_account_number)) { if (!empty($vendor_account_number)) {
?> ?>
<br> <br>
<small class="text-secondary"><?php echo $vendor_template_account_number; ?></small> <small class="text-secondary"><?php echo $vendor_account_number; ?></small>
<?php <?php
} }
?> ?>
</th> </th>
<td><?php echo $vendor_template_description_display; ?></td> <td><?php echo $vendor_description_display; ?></td>
<td> <td>
<?php <?php
if (!empty($vendor_template_contact_name)) { if (!empty($vendor_contact_name)) {
?> ?>
<i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_template_contact_name_display; ?> <i class="fa fa-fw fa-user text-secondary mr-2 mb-2"></i><?php echo $vendor_contact_name_display; ?>
<br> <br>
<?php <?php
} else { } else {
echo $vendor_template_contact_name_display; echo $vendor_contact_name_display;
} }
if (!empty($vendor_template_phone)) { ?> if (!empty($vendor_phone)) { ?>
<i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_template_phone; ?> <i class="fa fa-fw fa-phone text-secondary mr-2 mb-2"></i><?php echo $vendor_phone; ?>
<br> <br>
<?php } <?php }
if (!empty($vendor_template_email)) { ?> if (!empty($vendor_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_template_email; ?> <i class="fa fa-fw fa-envelope text-secondary mr-2 mb-2"></i><?php echo $vendor_email; ?>
<br> <br>
<?php } ?> <?php } ?>
@@ -134,13 +143,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<i class="fas fa-ellipsis-h"></i> <i class="fas fa-ellipsis-h"></i>
</button> </button>
<div class="dropdown-menu"> <div class="dropdown-menu">
<a class="dropdown-item ajax-modal" href="#" <a class="dropdown-item" href="#"
data-modal-url="modals/vendor_template/vendor_template_edit.php?id=<?= $vendor_template_id ?>"> data-toggle="ajax-modal"
data-ajax-url="ajax/ajax_vendor_template_edit.php"
data-ajax-id="<?php echo $vendor_id; ?>"
>
<i class="fas fa-fw fa-edit mr-2"></i>Edit <i class="fas fa-fw fa-edit mr-2"></i>Edit
</a> </a>
<?php if ($session_user_role == 3) { ?> <?php if ($session_user_role == 3) { ?>
<div class="dropdown-divider"></div> <div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_template_id; ?>"> <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete <i class="fas fa-fw fa-trash mr-2"></i>Delete
</a> </a>
<?php } ?> <?php } ?>
@@ -158,11 +170,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</tbody> </tbody>
</table> </table>
</div> </div>
<?php require_once "../includes/filter_footer.php"; <?php require_once "includes/filter_footer.php";
?> ?>
</div> </div>
</div> </div>
<?php <?php
require_once "modals/vendor_template/vendor_template_add.php"; require_once "modals/admin_vendor_template_add_modal.php";
require_once "../includes/footer.php"; require_once "includes/footer.php";

133
user/ajax.php → ajax.php
View File

@@ -6,10 +6,10 @@
* Always returns data in JSON format, unless otherwise specified * Always returns data in JSON format, unless otherwise specified
*/ */
require_once "../config.php"; require_once "config.php";
require_once "../functions.php"; require_once "functions.php";
require_once "../includes/check_login.php"; require_once "check_login.php";
require_once "../plugins/totp/totp.php"; require_once "plugins/totp/totp.php";
/* /*
* Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key) * Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
@@ -165,7 +165,7 @@ if (isset($_GET['ticket_query_views'])) {
} }
/* /*
* Generates public/guest links for sharing credentials/docs * Generates public/guest links for sharing logins/docs
*/ */
if (isset($_GET['share_generate_link'])) { if (isset($_GET['share_generate_link'])) {
enforceUserPermission('module_support', 2); enforceUserPermission('module_support', 2);
@@ -207,23 +207,23 @@ if (isset($_GET['share_generate_link'])) {
$item_name = sanitizeInput($row['file_name']); $item_name = sanitizeInput($row['file_name']);
} }
if ($item_type == "Credential") { if ($item_type == "Login") {
$credential = mysqli_query($mysqli, "SELECT credential_name, credential_username, credential_password FROM credentials WHERE credential_id = $item_id AND credential_client_id = $client_id LIMIT 1"); $login = mysqli_query($mysqli, "SELECT login_name, login_username, login_password FROM logins WHERE login_id = $item_id AND login_client_id = $client_id LIMIT 1");
$row = mysqli_fetch_array($credential); $row = mysqli_fetch_array($login);
$item_name = sanitizeInput($row['credential_name']); $item_name = sanitizeInput($row['login_name']);
// Decrypt & re-encrypt username/password for sharing // Decrypt & re-encrypt username/password for sharing
$credential_encryption_key = randomString(); $login_encryption_key = randomString();
$credential_username_cleartext = decryptCredentialEntry($row['credential_username']); $login_username_cleartext = decryptLoginEntry($row['login_username']);
$iv = randomString(); $iv = randomString();
$username_ciphertext = openssl_encrypt($credential_username_cleartext, 'aes-128-cbc', $credential_encryption_key, 0, $iv); $username_ciphertext = openssl_encrypt($login_username_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
$item_encrypted_username = $iv . $username_ciphertext; $item_encrypted_username = $iv . $username_ciphertext;
$credential_password_cleartext = decryptCredentialEntry($row['credential_password']); $login_password_cleartext = decryptLoginEntry($row['login_password']);
$iv = randomString(); $iv = randomString();
$password_ciphertext = openssl_encrypt($credential_password_cleartext, 'aes-128-cbc', $credential_encryption_key, 0, $iv); $password_ciphertext = openssl_encrypt($login_password_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
$item_encrypted_credential = $iv . $password_ciphertext; $item_encrypted_credential = $iv . $password_ciphertext;
} }
@@ -232,8 +232,8 @@ if (isset($_GET['share_generate_link'])) {
$share_id = $mysqli->insert_id; $share_id = $mysqli->insert_id;
// Return URL // Return URL
if ($item_type == "Credential") { if ($item_type == "Login") {
$url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key&ek=$credential_encryption_key"; $url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
} }
else { else {
$url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key"; $url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key";
@@ -242,7 +242,7 @@ if (isset($_GET['share_generate_link'])) {
$sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$company_name = sanitizeInput($row['company_name']); $company_name = sanitizeInput($row['company_name']);
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone'], $row['company_phone_country_code'])); $company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
// Sanitize Config vars from get_settings.php // Sanitize Config vars from get_settings.php
$config_ticket_from_name = sanitizeInput($config_ticket_from_name); $config_ticket_from_name = sanitizeInput($config_ticket_from_name);
@@ -294,7 +294,6 @@ if (isset($_GET['get_active_clients'])) {
$mysqli, $mysqli,
"SELECT client_id, client_name FROM clients "SELECT client_id, client_name FROM clients
WHERE client_archived_at IS NULL WHERE client_archived_at IS NULL
$access_permission_query
ORDER BY client_accessed_at DESC" ORDER BY client_accessed_at DESC"
); );
@@ -316,9 +315,7 @@ if (isset($_GET['get_client_contacts'])) {
$contact_sql = mysqli_query( $contact_sql = mysqli_query(
$mysqli, $mysqli,
"SELECT contact_id, contact_name, contact_primary, contact_important, contact_technical FROM contacts "SELECT contact_id, contact_name, contact_primary, contact_important, contact_technical FROM contacts
LEFT JOIN clients on contact_client_id = client_id
WHERE contacts.contact_archived_at IS NULL AND contact_client_id = $client_id WHERE contacts.contact_archived_at IS NULL AND contact_client_id = $client_id
$access_permission_query
ORDER BY contact_primary DESC, contact_technical DESC, contact_important DESC, contact_name" ORDER BY contact_primary DESC, contact_technical DESC, contact_important DESC, contact_name"
); );
@@ -329,79 +326,6 @@ if (isset($_GET['get_client_contacts'])) {
echo json_encode($response); echo json_encode($response);
} }
/*
* Returns ordered list of active assets for a specified client
*/
if (isset($_GET['get_client_assets'])) {
enforceUserPermission('module_client');
$client_id = intval($_GET['client_id']);
$asset_sql = mysqli_query(
$mysqli,
"SELECT asset_id, asset_name, contact_name FROM assets
LEFT JOIN clients on asset_client_id = client_id
LEFT JOIN contacts ON contact_id = asset_contact_id
WHERE assets.asset_archived_at IS NULL AND asset_client_id = $client_id
$access_permission_query
ORDER BY asset_important DESC, asset_name"
);
while ($row = mysqli_fetch_array($asset_sql)) {
$response['assets'][] = $row;
}
echo json_encode($response);
}
/*
* Returns locations for a specified client
*/
if (isset($_GET['get_client_locations'])) {
enforceUserPermission('module_client');
$client_id = intval($_GET['client_id']);
$locations_sql = mysqli_query(
$mysqli,
"SELECT location_id, location_name FROM locations
LEFT JOIN clients on location_client_id = client_id
WHERE locations.location_archived_at IS NULL AND location_client_id = $client_id
$access_permission_query
ORDER BY location_primary DESC, location_name ASC"
);
while ($row = mysqli_fetch_array($locations_sql)) {
$response['locations'][] = $row;
}
echo json_encode($response);
}
/*
* Returns ordered list of vendors for a specified client
*/
if (isset($_GET['get_client_vendors'])) {
enforceUserPermission('module_client');
$client_id = intval($_GET['client_id']);
$vendors_sql = mysqli_query(
$mysqli,
"SELECT vendor_id, vendor_name FROM vendors
LEFT JOIN clients on vendor_client_id = client_id
WHERE vendors.vendor_archived_at IS NULL AND vendor_client_id = $client_id
$access_permission_query
ORDER BY vendor_name ASC"
);
while ($row = mysqli_fetch_array($vendors_sql)) {
$response['vendors'][] = $row;
}
echo json_encode($response);
}
/* /*
* NEW TOTP getter for client login/passwords page * NEW TOTP getter for client login/passwords page
* When provided with a login ID, checks permissions and returns the 6-digit code * When provided with a login ID, checks permissions and returns the 6-digit code
@@ -409,24 +333,24 @@ if (isset($_GET['get_client_vendors'])) {
if (isset($_GET['get_totp_token_via_id'])) { if (isset($_GET['get_totp_token_via_id'])) {
enforceUserPermission('module_credential'); enforceUserPermission('module_credential');
$credential_id = intval($_GET['credential_id']); $login_id = intval($_GET['login_id']);
$sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT credential_name, credential_otp_secret, credential_client_id FROM credentials WHERE credential_id = $credential_id")); $sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT login_name, login_otp_secret, login_client_id FROM logins WHERE login_id = $login_id"));
$name = sanitizeInput($sql['credential_name']); $name = sanitizeInput($sql['login_name']);
$totp_secret = $sql['credential_otp_secret']; $totp_secret = $sql['login_otp_secret'];
$client_id = intval($sql['credential_client_id']); $client_id = intval($sql['login_client_id']);
$otp = TokenAuth6238::getTokenCode(strtoupper($totp_secret)); $otp = TokenAuth6238::getTokenCode(strtoupper($totp_secret));
echo json_encode($otp); echo json_encode($otp);
// Logging // Logging
// Only log the TOTP view if the user hasn't already viewed this specific login entry recently, this prevents logs filling if a user hovers across an entry a few times // Only log the TOTP view if the user hasn't already viewed this specific login entry recently, this prevents logs filling if a user hovers across an entry a few times
$check_recent_totp_view_logged_sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(log_id) AS recent_totp_view FROM logs WHERE log_type = 'Credential' AND log_action = 'View TOTP' AND log_user_id = $session_user_id AND log_entity_id = $credential_id AND log_client_id = $client_id AND log_created_at > (NOW() - INTERVAL 5 MINUTE)")); $check_recent_totp_view_logged_sql = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT(log_id) AS recent_totp_view FROM logs WHERE log_type = 'Login' AND log_action = 'View TOTP' AND log_user_id = $session_user_id AND log_entity_id = $login_id AND log_client_id = $client_id AND log_created_at > (NOW() - INTERVAL 5 MINUTE)"));
$recent_totp_view_logged_count = intval($check_recent_totp_view_logged_sql['recent_totp_view']); $recent_totp_view_logged_count = intval($check_recent_totp_view_logged_sql['recent_totp_view']);
if ($recent_totp_view_logged_count == 0) { if ($recent_totp_view_logged_count == 0) {
// Logging // Logging
logAction("Credential", "View TOTP", "$session_name viewed credential TOTP code for $name", $client_id, $credential_id); logAction("Credential", "View TOTP", "$session_name viewed credential TOTP code for $name", $client_id, $login_id);
} }
} }
@@ -520,10 +444,10 @@ if (isset($_POST['update_kanban_ticket'])) {
$config_base_url = sanitizeInput($config_base_url); $config_base_url = sanitizeInput($config_base_url);
// Get Company Info // Get Company Info
$sql = mysqli_query($mysqli, "SELECT company_name, company_phone, company_phone_country_code FROM companies WHERE company_id = 1"); $sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$company_name = sanitizeInput($row['company_name']); $company_name = sanitizeInput($row['company_name']);
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone'], $row['company_phone_country_code'])); $company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
// EMAIL // EMAIL
$subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)"; $subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)";
@@ -662,16 +586,17 @@ if (isset($_POST['update_recurring_invoice_items_order'])) {
enforceUserPermission('module_sales', 2); enforceUserPermission('module_sales', 2);
$positions = $_POST['positions']; $positions = $_POST['positions'];
$recurring_invoice_id = intval($_POST['recurring_invoice_id']); $recurring_id = intval($_POST['recurring_id']);
foreach ($positions as $position) { foreach ($positions as $position) {
$id = intval($position['id']); $id = intval($position['id']);
$order = intval($position['order']); $order = intval($position['order']);
mysqli_query($mysqli, "UPDATE invoice_items SET item_order = $order WHERE item_recurring_invoice_id = $recurring_invoice_id AND item_id = $id"); mysqli_query($mysqli, "UPDATE invoice_items SET item_order = $order WHERE item_recurring_id = $recurring_id AND item_id = $id");
} }
// return a response // return a response
echo json_encode(['status' => 'success']); echo json_encode(['status' => 'success']);
exit; exit;
} }

12
user/modals/account/account_edit.php → ajax/ajax_account_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$account_id = intval($_GET['id']); $account_id = intval($_GET['id']);
@@ -14,16 +14,16 @@ $account_notes = nullable_htmlentities($row['account_notes']);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Editing account: <strong><?php echo $account_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-piggy-bank mr-2"></i>Editing account: <strong><?php echo $account_name; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="account_id" value="<?php echo $account_id; ?>"> <input type="hidden" name="account_id" value="<?php echo $account_id; ?>">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Account Name <strong class="text-danger">*</strong></label> <label>Account Name <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
@@ -40,7 +40,7 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_account" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_account" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
@@ -48,4 +48,4 @@ ob_start();
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

14
admin/modals/mail_queue/mail_queue_message_view.php → ajax/ajax_admin_mail_queue_message_view.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
if (!isset($session_is_admin) || !$session_is_admin) { if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access."); exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
@@ -9,7 +9,7 @@ if (!isset($session_is_admin) || !$session_is_admin) {
$email_id = intval($_GET['id']); $email_id = intval($_GET['id']);
//Initialize the HTML Purifier to prevent XSS //Initialize the HTML Purifier to prevent XSS
require "../../../plugins/htmlpurifier/HTMLPurifier.standalone.php"; require "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault(); $purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one $purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
@@ -43,13 +43,13 @@ if ($email_status == 0) {
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fas fa-fw fa-envelope-open mr-2'></i><strong><?php echo $email_subject; ?></strong></h5> <h5 class="modal-title"><i class='fas fa-fw fa-envelope-open mr-2'></i><strong><?php echo $email_subject; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<div class="modal-body"> <div class="modal-body bg-white">
<div class="row"> <div class="row">
<div class="col-md-1"> <div class="col-md-1">
<span class="text-secondary">From:</span> <span class="text-secondary">From:</span>
@@ -73,7 +73,7 @@ ob_start();
</div> </div>
</div> </div>
<script src="../../js/pretty_content.js"></script> <script src="../js/pretty_content.js"></script>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

24
user/modals/asset/asset_copy.php → ajax/ajax_asset_copy.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']); $asset_id = intval($_GET['id']);
@@ -44,9 +44,9 @@ $device_icon = getAssetIcon($asset_type);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fa fa-fw fa-<?php echo $device_icon; ?> mr-2'></i>Copying asset: <strong><?php echo $asset_name; ?></strong></h5> <h5 class="modal-title"><i class='fa fa-fw fa-<?php echo $device_icon; ?> mr-2'></i>Copying asset: <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-light" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
@@ -54,7 +54,7 @@ ob_start();
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -341,7 +341,7 @@ ob_start();
<option value="">- Select Vendor -</option> <option value="">- Select Vendor -</option>
<?php <?php
$sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql_vendors = mysqli_query($mysqli, "SELECT * FROM vendors WHERE vendor_archived_at IS NULL AND vendor_client_id = $client_id AND vendor_template = 0 ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) { while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']); $vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']); $vendor_name_select = nullable_htmlentities($row['vendor_name']);
@@ -364,16 +364,6 @@ ob_start();
</div> </div>
<?php if ($asset_type !== 'Virtual Machine') { ?> <?php if ($asset_type !== 'Virtual Machine') { ?>
<div class="form-group">
<label>Purchase Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" name="purchase_reference" placeholder="eg. Invoice, PO Number" >
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Purchase Date</label> <label>Purchase Date</label>
<div class="input-group"> <div class="input-group">
@@ -436,11 +426,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Copy</button> <button type="submit" name="add_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Copy</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

257
user/modals/asset/asset_details.php → ajax/ajax_asset_details.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']); $asset_id = intval($_GET['id']);
@@ -24,9 +24,8 @@ $asset_make = nullable_htmlentities($row['asset_make']);
$asset_model = nullable_htmlentities($row['asset_model']); $asset_model = nullable_htmlentities($row['asset_model']);
$asset_serial = nullable_htmlentities($row['asset_serial']); $asset_serial = nullable_htmlentities($row['asset_serial']);
$asset_os = nullable_htmlentities($row['asset_os']); $asset_os = nullable_htmlentities($row['asset_os']);
$asset_uri = sanitize_url($row['asset_uri']); $asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_uri_2 = sanitize_url($row['asset_uri_2']); $asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
$asset_uri_client = sanitize_url($row['asset_uri_client']);
$asset_status = nullable_htmlentities($row['asset_status']); $asset_status = nullable_htmlentities($row['asset_status']);
$asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']); $asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']);
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
@@ -51,7 +50,6 @@ $device_icon = getAssetIcon($asset_type);
$contact_name = nullable_htmlentities($row['contact_name']); $contact_name = nullable_htmlentities($row['contact_name']);
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_phone = nullable_htmlentities($row['contact_phone']); $contact_phone = nullable_htmlentities($row['contact_phone']);
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile = nullable_htmlentities($row['contact_mobile']); $contact_mobile = nullable_htmlentities($row['contact_mobile']);
$contact_archived_at = nullable_htmlentities($row['contact_archived_at']); $contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
if ($contact_archived_at) { if ($contact_archived_at) {
@@ -113,53 +111,48 @@ $interface_count = mysqli_num_rows($sql_related_interfaces);
// Related Credentials Query // Related Credentials Query
$sql_related_credentials = mysqli_query($mysqli, " $sql_related_credentials = mysqli_query($mysqli, "
SELECT SELECT
credentials.credential_id AS credential_id, logins.login_id AS login_id,
credentials.credential_name, logins.login_name,
credentials.credential_description, logins.login_description,
credentials.credential_uri, logins.login_uri,
credentials.credential_username, logins.login_username,
credentials.credential_password, logins.login_password,
credentials.credential_otp_secret, logins.login_otp_secret,
credentials.credential_note, logins.login_note,
credentials.credential_important, logins.login_important,
credentials.credential_contact_id, logins.login_contact_id,
credentials.credential_asset_id logins.login_vendor_id,
FROM credentials logins.login_asset_id,
LEFT JOIN credential_tags ON credential_tags.credential_id = credentials.credential_id logins.login_software_id
LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id FROM logins
WHERE credential_asset_id = $asset_id LEFT JOIN login_tags ON login_tags.login_id = logins.login_id
AND credential_archived_at IS NULL LEFT JOIN tags ON tags.tag_id = login_tags.tag_id
GROUP BY credentials.credential_id WHERE login_asset_id = $asset_id
ORDER BY credential_name DESC AND login_archived_at IS NULL
GROUP BY logins.login_id
ORDER BY login_name DESC
"); ");
$credential_count = mysqli_num_rows($sql_related_credentials); $credential_count = mysqli_num_rows($sql_related_credentials);
// Related Tickets Query // Related Tickets Query
$sql_related_tickets = mysqli_query($mysqli, " $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
SELECT tickets.*, users.*, ticket_statuses.* LEFT JOIN users on ticket_assigned_to = user_id
FROM tickets
LEFT JOIN users ON ticket_assigned_to = user_id
LEFT JOIN ticket_statuses ON ticket_status_id = ticket_status LEFT JOIN ticket_statuses ON ticket_status_id = ticket_status
LEFT JOIN ticket_assets ON tickets.ticket_id = ticket_assets.ticket_id WHERE ticket_asset_id = $asset_id
WHERE ticket_asset_id = $asset_id OR ticket_assets.asset_id = $asset_id ORDER BY ticket_number DESC"
GROUP BY tickets.ticket_id );
ORDER BY ticket_number DESC
");
$ticket_count = mysqli_num_rows($sql_related_tickets); $ticket_count = mysqli_num_rows($sql_related_tickets);
// Related Recurring Tickets Query // Related Recurring Tickets Query
$sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM recurring_tickets $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets
LEFT JOIN recurring_ticket_assets ON recurring_tickets.recurring_ticket_id = recurring_ticket_assets.recurring_ticket_id WHERE scheduled_ticket_asset_id = $asset_id
WHERE recurring_ticket_asset_id = $asset_id OR recurring_ticket_assets.asset_id = $asset_id ORDER BY scheduled_ticket_next_run DESC"
GROUP BY recurring_tickets.recurring_ticket_id
ORDER BY recurring_ticket_next_run DESC"
); );
$recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets); $recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets);
// Related Documents // Related Documents
$sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents $sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents
LEFT JOIN documents ON asset_documents.document_id = documents.document_id LEFT JOIN documents ON asset_documents.document_id = documents.document_id
LEFT JOIN users ON user_id = document_created_by
WHERE asset_documents.asset_id = $asset_id WHERE asset_documents.asset_id = $asset_id
AND document_archived_at IS NULL AND document_archived_at IS NULL
ORDER BY document_name DESC" ORDER BY document_name DESC"
@@ -196,14 +189,14 @@ if (isset($_GET['client_id'])) {
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i><strong><?php echo $asset_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-<?php echo $device_icon; ?> mr-2"></i><strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -255,7 +248,7 @@ ob_start();
<div class="card-header"> <div class="card-header">
<h3 class="text-bold"><i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-3"></i><?php echo $asset_name; ?></h3> <h3 class="text-bold"><i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-3"></i><?php echo $asset_name; ?></h3>
<?php if ($asset_photo) { ?> <?php if ($asset_photo) { ?>
<img class="img-fluid img-circle p-3" alt="asset_photo" src="<?php echo "../uploads/clients/$client_id/$asset_photo"; ?>"> <img class="img-fluid img-circle p-3" alt="asset_photo" src="<?php echo "uploads/clients/$client_id/$asset_photo"; ?>">
<?php } ?> <?php } ?>
<?php if ($asset_description) { ?> <?php if ($asset_description) { ?>
<div class="text-secondary"><?php echo $asset_description; ?></div> <div class="text-secondary"><?php echo $asset_description; ?></div>
@@ -263,25 +256,25 @@ ob_start();
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($asset_type) { ?> <?php if ($asset_type) { ?>
<div><i class="fa fa-fw fa-tag text-secondary mr-2"></i><?php echo $asset_type; ?></div> <div><i class="fa fa-fw fa-tag text-secondary mr-3"></i><?php echo $asset_type; ?></div>
<?php } <?php }
if ($asset_make) { ?> if ($asset_make) { ?>
<div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-2"></i><?php echo "$asset_make $asset_model"; ?></div> <div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-3"></i><?php echo "$asset_make $asset_model"; ?></div>
<?php } <?php }
if ($asset_os) { ?> if ($asset_os) { ?>
<div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-2"></i><?php echo "$asset_os"; ?></div> <div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-3"></i><?php echo "$asset_os"; ?></div>
<?php } <?php }
if ($asset_serial) { ?> if ($asset_serial) { ?>
<div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-2"></i><?php echo $asset_serial; ?></div> <div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-3"></i><?php echo $asset_serial; ?></div>
<?php } <?php }
if ($asset_purchase_date) { ?> if ($asset_purchase_date) { ?>
<div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_purchase_date)); ?></div> <div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_purchase_date)); ?></div>
<?php } <?php }
if ($asset_install_date) { ?> if ($asset_install_date) { ?>
<div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_install_date)); ?></div> <div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_install_date)); ?></div>
<?php } <?php }
if ($asset_warranty_expire) { ?> if ($asset_warranty_expire) { ?>
<div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-2"></i><?php echo date('Y-m-d', strtotime($asset_warranty_expire)); ?></div> <div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($asset_warranty_expire)); ?></div>
<?php } ?> <?php } ?>
</div> </div>
</div> </div>
@@ -292,23 +285,19 @@ ob_start();
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($asset_ip) { ?> <?php if ($asset_ip) { ?>
<div><i class="fa fa-fw fa-globe text-secondary mr-2"></i><?php echo $asset_ip; ?></div> <div><i class="fa fa-fw fa-globe text-secondary mr-3"></i><?php echo $asset_ip; ?></div>
<?php } ?> <?php } ?>
<?php if ($asset_nat_ip) { ?> <?php if ($asset_nat_ip) { ?>
<div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-2"></i><?php echo $asset_nat_ip; ?></div> <div class="mt-2"><i class="fa fa-fw fa-random text-secondary mr-3"></i><?php echo $asset_nat_ip; ?></div>
<?php } <?php }
if ($asset_mac) { ?> if ($asset_mac) { ?>
<div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-2"></i><?php echo $asset_mac; ?></div> <div class="mt-2"><i class="fa fa-fw fa-ethernet text-secondary mr-3"></i><?php echo $asset_mac; ?></div>
<?php } <?php }
if ($asset_uri) { ?> if ($asset_uri) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri; ?>" target="_blank" title="<?php echo $asset_uri; ?>"><?php echo truncate($asset_uri, 20); ?></a></div> <div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri; ?>" target="_blank">Link</a></div>
<?php } <?php }
if ($asset_uri_2) { ?> if ($asset_uri_2) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank" title="<?php echo $asset_uri_2; ?>"><?php echo truncate($asset_uri_2, 20); ?></a></div> <div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-3"></i><a href="<?php echo $asset_uri_2; ?>" target="_blank">Link 2</a></div>
<?php } ?>
<?php
if ($asset_uri_client) { ?>
<div class="mt-2"><i class="fa fa-fw fa-link text-secondary mr-2"></i>Client URI: <a href="<?= $asset_uri_client ?>" target="_blank" title="<?= $asset_uri_client ?>"><?= truncate($asset_uri_client, 20); ?></a></div>
<?php } ?> <?php } ?>
</div> </div>
</div> </div>
@@ -320,19 +309,19 @@ ob_start();
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($location_name) { ?> <?php if ($location_name) { ?>
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name_display; ?></div> <div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-3"></i><?php echo $location_name_display; ?></div>
<?php } <?php }
if ($contact_name) { ?> if ($contact_name) { ?>
<div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-2"></i><?php echo $contact_name_display; ?></div> <div class="mt-2"><i class="fa fa-fw fa-user text-secondary mr-3"></i><?php echo $contact_name_display; ?></div>
<?php } <?php }
if ($contact_email) { ?> if ($contact_email) { ?>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div> <div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php } <?php }
if ($contact_phone) { ?> if ($contact_phone) { ?>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div> <div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
<?php } <?php }
if ($contact_mobile) { ?> if ($contact_mobile) { ?>
<div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><?php echo formatPhoneNumber($contact_mobile); ?></div> <div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo formatPhoneNumber($contact_mobile); ?></div>
<?php } ?> <?php } ?>
</div> </div>
@@ -353,7 +342,7 @@ ob_start();
// Send a POST request to ajax.php as ajax.php with data contact_set_notes=true, contact_id=NUM, notes=NOTES // Send a POST request to ajax.php as ajax.php with data contact_set_notes=true, contact_id=NUM, notes=NOTES
jQuery.post( jQuery.post(
"../ajax.php", "ajax.php",
{ {
asset_set_notes: 'TRUE', asset_set_notes: 'TRUE',
asset_id: asset_id, asset_id: asset_id,
@@ -412,9 +401,12 @@ ob_start();
// Show either "-" or "AssetName - Port" // Show either "-" or "AssetName - Port"
if ($connected_asset_name) { if ($connected_asset_name) {
$connected_to_display = "<a class='ajax-modal' href='#' data-modal-size='lg' $connected_to_display =
data-modal-url='modals/asset/asset_details.php?id=$connected_asset_id'> "<a href='#' data-toggle='ajax-modal'
<strong><i class='fa fa-fw fa-$connected_asset_icon mr-1'></i>$connected_asset_name</strong> - $connected_interface_name data-modal-size='lg'
data-ajax-url='ajax/ajax_asset_details.php'
data-ajax-id='$connected_asset_id'>
<strong><i class='fa fa-fw fa-$connected_asset_icon mr-1'></i>$connected_asset_name</strong> - $connected_interface_name
</a> </a>
"; ";
} else { } else {
@@ -456,69 +448,70 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_credentials)) { while ($row = mysqli_fetch_array($sql_related_credentials)) {
$credential_id = intval($row['credential_id']); $login_id = intval($row['login_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $login_name = nullable_htmlentities($row['login_name']);
$credential_description = nullable_htmlentities($row['credential_description']); $login_description = nullable_htmlentities($row['login_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $login_uri = nullable_htmlentities($row['login_uri']);
if (empty($credential_uri)) { if (empty($login_uri)) {
$credential_uri_display = "-"; $login_uri_display = "-";
} else { } else {
$credential_uri_display = "$credential_uri"; $login_uri_display = "$login_uri";
} }
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username'])); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
if (empty($credential_username)) { if (empty($login_username)) {
$credential_username_display = "-"; $login_username_display = "-";
} else { } else {
$credential_username_display = "$credential_username <button type='button' class='btn btn-sm clipboardjs' data-clipboard-text='$credential_username'><i class='far fa-copy text-secondary'></i></button>"; $login_username_display = "$login_username";
} }
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']);
$credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"'; $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"';
if (empty($credential_otp_secret)) { if (empty($login_otp_secret)) {
$otp_display = "-"; $otp_display = "-";
} else { } else {
$otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>"; $otp_display = "<span onmouseenter='showOTPViaLoginID($login_id)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
} }
$credential_note = nullable_htmlentities($row['credential_note']); $login_note = nullable_htmlentities($row['login_note']);
$credential_important = intval($row['credential_important']); $login_important = intval($row['login_important']);
$credential_contact_id = intval($row['credential_contact_id']); $login_contact_id = intval($row['login_contact_id']);
$credential_asset_id = intval($row['credential_asset_id']); $login_vendor_id = intval($row['login_vendor_id']);
$login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
// Tags // Tags
$credential_tag_name_display_array = array(); $login_tag_name_display_array = array();
$credential_tag_id_array = array(); $login_tag_id_array = array();
$sql_credential_tags = mysqli_query($mysqli, "SELECT * FROM credential_tags LEFT JOIN tags ON credential_tags.tag_id = tags.tag_id WHERE credential_id = $credential_id ORDER BY tag_name ASC"); $sql_login_tags = mysqli_query($mysqli, "SELECT * FROM login_tags LEFT JOIN tags ON login_tags.tag_id = tags.tag_id WHERE login_id = $login_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_credential_tags)) { while ($row = mysqli_fetch_array($sql_login_tags)) {
$credential_tag_id = intval($row['tag_id']); $login_tag_id = intval($row['tag_id']);
$credential_tag_name = nullable_htmlentities($row['tag_name']); $login_tag_name = nullable_htmlentities($row['tag_name']);
$credential_tag_color = nullable_htmlentities($row['tag_color']); $login_tag_color = nullable_htmlentities($row['tag_color']);
if (empty($credential_tag_color)) { if (empty($login_tag_color)) {
$credential_tag_color = "dark"; $login_tag_color = "dark";
} }
$credential_tag_icon = nullable_htmlentities($row['tag_icon']); $login_tag_icon = nullable_htmlentities($row['tag_icon']);
if (empty($credential_tag_icon)) { if (empty($login_tag_icon)) {
$credential_tag_icon = "tag"; $login_tag_icon = "tag";
} }
$credential_tag_id_array[] = $credential_tag_id; $login_tag_id_array[] = $login_tag_id;
$credential_tag_name_display_array[] = "<a href='credentials.php?client_id=$client_id&tags[]=$credential_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $credential_tag_color;'><i class='fa fa-fw fa-$credential_tag_icon mr-2'></i>$credential_tag_name</span></a>"; $login_tag_name_display_array[] = "<a href='client_logins.php?client_id=$client_id&tags[]=$login_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $login_tag_color;'><i class='fa fa-fw fa-$login_tag_icon mr-2'></i>$login_tag_name</span></a>";
} }
$credential_tags_display = implode('', $credential_tag_name_display_array); $login_tags_display = implode('', $login_tag_name_display_array);
?> ?>
<tr> <tr>
<td> <td>
<i class="fa fa-fw fa-key text-secondary"></i> <i class="fa fa-fw fa-key text-secondary"></i>
<?php echo $credential_name; ?> <?php echo $login_name; ?>
</td> </td>
<td><?php echo $credential_username_display; ?></td> <td><?php echo $login_username_display; ?></td>
<td> <td>
<button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $credential_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button> <button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button>
<button type='button' class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $credential_password; ?>'><i class='far fa-copy text-secondary'></i></button>
</td> </td>
<td><?php echo $otp_display; ?></td> <td><?php echo $otp_display; ?></td>
<td><?php echo $credential_uri_display; ?></td> <td><?php echo $login_uri_display; ?></td>
</tr> </tr>
<?php <?php
@@ -531,8 +524,8 @@ ob_start();
</table> </table>
</div> </div>
</div> </div>
<!-- Include script to get TOTP code via the credentials ID --> <!-- Include script to get TOTP code via the login ID -->
<script src="../js/credential_show_otp_via_id.js"></script> <script src="js/credential_show_otp_via_id.js"></script>
<?php } ?> <?php } ?>
<?php if ($ticket_count) { ?> <?php if ($ticket_count) { ?>
@@ -558,13 +551,12 @@ ob_start();
$ticket_number = intval($row['ticket_number']); $ticket_number = intval($row['ticket_number']);
$ticket_subject = nullable_htmlentities($row['ticket_subject']); $ticket_subject = nullable_htmlentities($row['ticket_subject']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_status_id = intval($row['ticket_status_id']);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
if (empty($ticket_updated_at)) { if (empty($ticket_updated_at)) {
if ($ticket_status_name == "Closed") { if ($ticket_status == "Closed") {
$ticket_updated_at_display = "<p>Never</p>"; $ticket_updated_at_display = "<p>Never</p>";
} else { } else {
$ticket_updated_at_display = "<p class='text-danger'>Never</p>"; $ticket_updated_at_display = "<p class='text-danger'>Never</p>";
@@ -585,7 +577,7 @@ ob_start();
} }
$ticket_assigned_to = intval($row['ticket_assigned_to']); $ticket_assigned_to = intval($row['ticket_assigned_to']);
if (empty($ticket_assigned_to)) { if (empty($ticket_assigned_to)) {
if ($ticket_status_id == 5) { if ($ticket_status == 5) {
$ticket_assigned_to_display = "<p>Not Assigned</p>"; $ticket_assigned_to_display = "<p>Not Assigned</p>";
} else { } else {
$ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>"; $ticket_assigned_to_display = "<p class='text-danger'>Not Assigned</p>";
@@ -640,18 +632,18 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) { while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) {
$recurring_ticket_id = intval($row['recurring_ticket_id']); $scheduled_ticket_id = intval($row['scheduled_ticket_id']);
$recurring_ticket_subject = nullable_htmlentities($row['recurring_ticket_subject']); $scheduled_ticket_subject = nullable_htmlentities($row['scheduled_ticket_subject']);
$recurring_ticket_priority = nullable_htmlentities($row['recurring_ticket_priority']); $scheduled_ticket_priority = nullable_htmlentities($row['scheduled_ticket_priority']);
$recurring_ticket_frequency = nullable_htmlentities($row['recurring_ticket_frequency']); $scheduled_ticket_frequency = nullable_htmlentities($row['scheduled_ticket_frequency']);
$recurring_ticket_next_run = nullable_htmlentities($row['recurring_ticket_next_run']); $scheduled_ticket_next_run = nullable_htmlentities($row['scheduled_ticket_next_run']);
?> ?>
<tr> <tr>
<td class="text-bold"><?php echo $recurring_ticket_subject ?></td> <td class="text-bold"><?php echo $scheduled_ticket_subject ?></td>
<td><?php echo $recurring_ticket_priority ?></td> <td><?php echo $scheduled_ticket_priority ?></td>
<td><?php echo $recurring_ticket_frequency ?></td> <td><?php echo $scheduled_ticket_frequency ?></td>
<td><?php echo $recurring_ticket_next_run ?></td> <td><?php echo $scheduled_ticket_next_run ?></td>
</tr> </tr>
<?php } ?> <?php } ?>
@@ -691,6 +683,11 @@ ob_start();
$seat_count = 0; $seat_count = 0;
// Get Login
$login_id = intval($row['login_id']);
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
// Asset Licenses // Asset Licenses
$asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id"); $asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id");
$asset_licenses_array = array(); $asset_licenses_array = array();
@@ -759,9 +756,12 @@ ob_start();
<tr> <tr>
<td> <td>
<a class="ajax-modal" href="#" <a href="#"
data-toggle="ajax-modal"
data-modal-size="lg" data-modal-size="lg"
data-modal-url="modals/document/document_view.php?id=<?= $document_id ?>"> data-ajax-url="ajax/ajax_document_view.php"
data-ajax-id="<?php echo $document_id; ?>"
>
<?php echo $document_name; ?> <?php echo $document_name; ?>
</a> </a>
<div class="text-secondary"><?php echo $document_description; ?></div> <div class="text-secondary"><?php echo $document_description; ?></div>
@@ -830,7 +830,7 @@ ob_start();
$file_created_at = nullable_htmlentities($row['file_created_at']); $file_created_at = nullable_htmlentities($row['file_created_at']);
?> ?>
<tr> <tr>
<td><a class="text-dark" href="<?php echo "../uploads/clients/$client_id/$file_reference_name"; ?>" target="_blank" ><?php echo "$file_name<br><span class='text-secondary'>$file_description</span>"; ?></a></td> <td><a class="text-dark" href="<?php echo "uploads/clients/$client_id/$file_reference_name"; ?>" target="_blank" ><?php echo "$file_name<br><span class='text-secondary'>$file_description</span>"; ?></a></td>
<td><?php echo $file_mime_type; ?></td> <td><?php echo $file_mime_type; ?></td>
<td><?php echo $file_created_at; ?></td> <td><?php echo $file_created_at; ?></td>
</tr> </tr>
@@ -851,15 +851,10 @@ ob_start();
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<a href="asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>" <a href="asset_details.php?<?php echo $client_url; ?>asset_id=<?php echo $asset_id; ?>" class="btn btn-primary text-bold"><span class="text-white">More Details</span></a>
class="btn btn-primary text-bold"><span class="text-white"><i class="fas fa-info-circle mr-2"></i>More Details</span>
</a>
<a href="#" class="btn btn-secondary ajax-modal" data-modal-url="modals/asset/asset_edit.php?id=<?= $asset_id ?>">
<span class="text-white"><i class="fas fa-edit mr-2"></i>Edit</span>
</a>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button>
</div> </div>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

24
user/modals/asset/asset_edit.php → ajax/ajax_asset_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$asset_id = intval($_GET['id']); $asset_id = intval($_GET['id']);
@@ -25,7 +25,6 @@ $asset_nat_ip = nullable_htmlentities($row['interface_nat_ip']);
$asset_mac = nullable_htmlentities($row['interface_mac']); $asset_mac = nullable_htmlentities($row['interface_mac']);
$asset_uri = nullable_htmlentities($row['asset_uri']); $asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_uri_2 = nullable_htmlentities($row['asset_uri_2']); $asset_uri_2 = nullable_htmlentities($row['asset_uri_2']);
$asset_uri_client = nullable_htmlentities($row['asset_uri_client']);
$asset_status = nullable_htmlentities($row['asset_status']); $asset_status = nullable_htmlentities($row['asset_status']);
$asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']); $asset_purchase_reference = nullable_htmlentities($row['asset_purchase_reference']);
$asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']);
@@ -53,7 +52,7 @@ $sql_asset_history = mysqli_query($mysqli, "SELECT * FROM asset_history
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fa fa-fw fa-<?php echo $device_icon; ?> mr-2'></i>Editing asset: <strong><?php echo $asset_name; ?></strong></h5> <h5 class="modal-title"><i class='fa fa-fw fa-<?php echo $device_icon; ?> mr-2'></i>Editing asset: <strong><?php echo $asset_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -64,7 +63,7 @@ ob_start();
<input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>"> <input type="hidden" name="asset_id" value="<?php echo $asset_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -267,16 +266,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div> </div>
<input type="text" class="form-control" name="uri_2" placeholder="URI http:// ftp:// ssh: etc" maxlength="500" value="<?= $asset_uri_2 ?>"> <input type="text" class="form-control" name="uri_2" placeholder="URI http:// ftp:// ssh: etc" maxlength="500" value="<?php echo $asset_uri_2; ?>">
</div>
</div>
<div class="form-group">
<label>Client URI</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
</div>
<input type="text" class="form-control" name="uri_client" placeholder="URI http:// ftp:// ssh: etc -- viewable in Client Portal" maxlength="500" value="<?= $asset_uri_client ?>">
</div> </div>
</div> </div>
@@ -448,7 +438,7 @@ ob_start();
<div class="mb-3 text-center"> <div class="mb-3 text-center">
<?php if ($asset_photo) { ?> <?php if ($asset_photo) { ?>
<img class="img-fluid" alt="asset_photo" src="<?php echo "../uploads/clients/$client_id/$asset_photo"; ?>"> <img class="img-fluid" alt="asset_photo" src="<?php echo "uploads/clients/$client_id/$asset_photo"; ?>">
<?php } ?> <?php } ?>
</div> </div>
@@ -486,11 +476,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_asset" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
user/modals/asset/asset_interface_edit.php → ajax/ajax_asset_interface_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$interface_id = intval($_GET['id']); $interface_id = intval($_GET['id']);
@@ -48,7 +48,7 @@ if ($link_row = mysqli_fetch_assoc($sql_link)) {
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fa fa-fw fa-ethernet mr-2'></i>Editing Interface: <?php echo $asset_name; ?> - <strong><?php echo $interface_name; ?></strong></h5> <h5 class="modal-title"><i class='fa fa-fw fa-ethernet mr-2'></i>Editing Interface: <?php echo $asset_name; ?> - <strong><?php echo $interface_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -58,7 +58,7 @@ ob_start();
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>"> <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
<input type="hidden" name="interface_id" value="<?php echo $interface_id; ?>"> <input type="hidden" name="interface_id" value="<?php echo $interface_id; ?>">
<div class="modal-body" <?php if (lookupUserPermission('module_support') <= 1) { echo 'inert'; } ?>> <div class="modal-body bg-white" <?php if (lookupUserPermission('module_support') <= 1) { echo 'inert'; } ?>>
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -319,7 +319,7 @@ ob_start();
</div> </div>
<!-- End Footer Section --> <!-- End Footer Section -->
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_asset_interface" class="btn btn-primary text-bold"> <button type="submit" name="edit_asset_interface" class="btn btn-primary text-bold">
<i class="fas fa-check mr-2"></i>Save <i class="fas fa-check mr-2"></i>Save
</button> </button>
@@ -330,4 +330,4 @@ ob_start();
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
user/modals/calendar/calendar_edit.php → ajax/ajax_calendar_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$calendar_id = intval($_GET['id']); $calendar_id = intval($_GET['id']);
@@ -14,7 +14,7 @@ $calendar_color = nullable_htmlentities($row['calendar_color']);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-circle mr-2" style="color:<?php echo $calendar_color; ?>"></i><?php echo $calendar_name; ?></strong></h5> <h5 class="modal-title"><i class="fas fa-fw fa-circle mr-2" style="color:<?php echo $calendar_color; ?>"></i><?php echo $calendar_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -22,7 +22,7 @@ ob_start();
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="calendar_id" value="<?php echo $calendar_id; ?>"> <input type="hidden" name="calendar_id" value="<?php echo $calendar_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Name</label> <label>Name</label>
@@ -45,11 +45,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_calendar" class="btn btn-primary"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_calendar" class="btn btn-primary"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

12
user/modals/calendar/calendar_event_edit.php → ajax/ajax_calendar_event_edit.php
View File

@@ -1,10 +1,10 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$event_id = intval($_GET['id']); $event_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM calendar_events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE event_id = $event_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM events LEFT JOIN calendars ON event_calendar_id = calendar_id WHERE event_id = $event_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$event_title = nullable_htmlentities($row['event_title']); $event_title = nullable_htmlentities($row['event_title']);
@@ -21,7 +21,7 @@ $client_id = intval($row['event_client_id']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-calendar mr-2" style="color:<?php echo $calendar_color; ?>"></i><?php echo $event_title; ?></h5> <h5 class="modal-title"><i class="fa fa-fw fa-calendar mr-2" style="color:<?php echo $calendar_color; ?>"></i><?php echo $event_title; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -31,7 +31,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="event_id" value="<?php echo $event_id; ?>"> <input type="hidden" name="event_id" value="<?php echo $event_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -183,7 +183,7 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<a class="btn btn-default text-danger mr-auto" href="post.php?delete_event=<?php echo $event_id; ?>"><i class="fa fa-calendar-times mr-2"></i>Delete</a> <a class="btn btn-default text-danger mr-auto" href="post.php?delete_event=<?php echo $event_id; ?>"><i class="fa fa-calendar-times mr-2"></i>Delete</a>
<button type="submit" name="edit_event" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_event" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
@@ -191,4 +191,4 @@ ob_start();
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
admin/modals/category/category_edit.php → ajax/ajax_category_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$category_id = intval($_GET['id']); $category_id = intval($_GET['id']);
@@ -14,7 +14,7 @@ $category_type = nullable_htmlentities($row['category_type']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-list-ul mr-2"></i>Editing category: <strong><?php echo $category_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-list-ul mr-2"></i>Editing category: <strong><?php echo $category_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -23,7 +23,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="category_id" value="<?php echo $category_id; ?>"> <input type="hidden" name="category_id" value="<?php echo $category_id; ?>">
<input type="hidden" name="type" value="<?php echo $category_type; ?>"> <input type="hidden" name="type" value="<?php echo $category_type; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Name <strong class="text-danger">*</strong></label> <label>Name <strong class="text-danger">*</strong></label>
@@ -46,11 +46,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

48
user/modals/certificate/certificate_edit.php → ajax/ajax_certificate_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$certificate_id = intval($_GET['id']); $certificate_id = intval($_GET['id']);
@@ -12,19 +12,15 @@ $certificate_description = nullable_htmlentities($row['certificate_description']
$certificate_domain = nullable_htmlentities($row['certificate_domain']); $certificate_domain = nullable_htmlentities($row['certificate_domain']);
$certificate_domain_id = intval($row['certificate_domain_id']); $certificate_domain_id = intval($row['certificate_domain_id']);
$certificate_issued_by = nullable_htmlentities($row['certificate_issued_by']); $certificate_issued_by = nullable_htmlentities($row['certificate_issued_by']);
$certificate_public_key = nullable_htmlentities($row['certificate_public_key']);
$certificate_notes = nullable_htmlentities($row['certificate_notes']);
$certificate_expire = nullable_htmlentities($row['certificate_expire']); $certificate_expire = nullable_htmlentities($row['certificate_expire']);
$certificate_created_at = nullable_htmlentities($row['certificate_created_at']); $certificate_created_at = nullable_htmlentities($row['certificate_created_at']);
$client_id = intval($row['certificate_client_id']); $client_id = intval($row['certificate_client_id']);
$history_sql = mysqli_query($mysqli, "SELECT * FROM certificate_history WHERE certificate_history_certificate_id = $certificate_id");
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-lock mr-2"></i>Editing certificate: <span class="text-bold"><?php echo $certificate_name; ?></span></h5> <h5 class="modal-title"><i class="fa fa-fw fa-lock mr-2"></i>Editing certificate: <span class="text-bold"><?php echo $certificate_name; ?></span></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -33,7 +29,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="certificate_id" value="<?php echo $certificate_id; ?>"> <input type="hidden" name="certificate_id" value="<?php echo $certificate_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -45,9 +41,6 @@ ob_start();
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsEditNotes<?php echo $certificate_id; ?>">Notes</a> <a class="nav-link" data-toggle="pill" href="#pillsEditNotes<?php echo $certificate_id; ?>">Notes</a>
</li> </li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pillsEditHistory<?php echo $certificate_id; ?>">History</a>
</li>
</ul> </ul>
<hr> <hr>
@@ -147,51 +140,22 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pillsEditNotes<?php echo $certificate_id; ?>"> <div class="tab-pane fade" id="pillsEditNotes<?php echo $certificate_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" name="notes" rows="12" placeholder="Enter some notes"><?php echo $certificate_notes; ?></textarea> <textarea class="form-control" name="notes" rows="12" placeholder="Enter some notes"><?php echo $certificate_notes; ?></textarea>
</div> </div>
</div>
<div class="tab-pane fade" id="pillsEditHistory<?php echo $certificate_id; ?>">
<div class="table-responsive">
<table class='table table-sm table-striped border table-hover'>
<thead class='thead-dark'>
<tr>
<th>Date</th>
<th>Field</th>
<th>Before</th>
<th>After</th>
</tr>
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($history_sql)) {
$certificate_modified_at = nullable_htmlentities($row['certificate_history_modified_at']);
$certificate_field = nullable_htmlentities($row['certificate_history_column']);
$certificate_before_value = nullable_htmlentities($row['certificate_history_old_value']);
$certificate_after_value = nullable_htmlentities($row['certificate_history_new_value']);
?>
<tr>
<td><?php echo $certificate_modified_at; ?></td>
<td><?php echo $certificate_field; ?></td>
<td><?php echo $certificate_before_value; ?></td>
<td><?php echo $certificate_after_value; ?></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div> </div>
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_certificate" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_certificate" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

56
user/modals/client/client_edit.php → ajax/ajax_client_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$client_id = intval($_GET['id']); $client_id = intval($_GET['id']);
@@ -32,7 +32,7 @@ while ($row = mysqli_fetch_array($sql_client_tags)) {
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fa fa-fw fa-user-edit mr-2'></i>Editing Client: <strong><?php echo $client_name; ?></strong></h5> <h5 class="modal-title"><i class='fa fa-fw fa-user-edit mr-2'></i>Editing Client: <strong><?php echo $client_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -42,21 +42,23 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<ul class="modal-header nav nav-pills nav-justified mb-3"> <div class="modal-body bg-white">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-client-details<?php echo $client_id; ?>">Details</a>
</li>
<?php if ($config_module_enable_accounting) { ?>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-client-billing<?php echo $client_id; ?>">Billing</a>
</li>
<?php } ?>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-client-notes<?php echo $client_id; ?>">Notes</a>
</li>
</ul>
<div class="modal-body"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-client-details<?php echo $client_id; ?>">Details</a>
</li>
<?php if ($config_module_enable_accounting) { ?>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-client-billing<?php echo $client_id; ?>">Billing</a>
</li>
<?php } ?>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-client-notes<?php echo $client_id; ?>">Notes</a>
</li>
</ul>
<hr>
<div class="tab-content"> <div class="tab-content">
@@ -123,12 +125,6 @@ ob_start();
} }
?> ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary ajax-modal" type="button"
data-modal-url="../admin/modals/category/category_add.php?category=Referral">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -161,12 +157,6 @@ ob_start();
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary ajax-modal" type="button"
data-modal-url="../admin/modals/tag/tag_add.php?type=1">
<i class="fas fa-fw fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -244,18 +234,20 @@ ob_start();
<div class="tab-pane fade" id="pills-client-notes<?php echo $client_id; ?>"> <div class="tab-pane fade" id="pills-client-notes<?php echo $client_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" rows="10" placeholder="Enter some notes" name="notes"><?php echo $client_notes; ?></textarea> <textarea class="form-control" rows="10" placeholder="Enter some notes"
name="notes"><?php echo $client_notes; ?>
</textarea>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_client" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_client" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-outline-secondary" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

190
user/modals/contact/contact_details.php → ajax/ajax_contact_details.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']); $contact_id = intval($_GET['id']);
@@ -9,7 +9,7 @@ $sql = mysqli_query($mysqli, "SELECT * FROM contacts
LEFT JOIN locations ON location_id = contact_location_id LEFT JOIN locations ON location_id = contact_location_id
LEFT JOIN users ON user_id = contact_user_id LEFT JOIN users ON user_id = contact_user_id
WHERE contact_id = $contact_id WHERE contact_id = $contact_id
LIMIT 1 $client_query
"); ");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
@@ -18,11 +18,9 @@ $client_name = nullable_htmlentities($row['client_name']);
$contact_name = nullable_htmlentities($row['contact_name']); $contact_name = nullable_htmlentities($row['contact_name']);
$contact_title = nullable_htmlentities($row['contact_title']); $contact_title = nullable_htmlentities($row['contact_title']);
$contact_department =nullable_htmlentities($row['contact_department']); $contact_department =nullable_htmlentities($row['contact_department']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']); $contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row['contact_extension']); $contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']); $contact_mobile = formatPhoneNumber($row['contact_mobile']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_photo = nullable_htmlentities($row['contact_photo']); $contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_pin = nullable_htmlentities($row['contact_pin']); $contact_pin = nullable_htmlentities($row['contact_pin']);
@@ -53,21 +51,21 @@ $software_count = mysqli_num_rows($sql_linked_software);
$linked_software = array(); $linked_software = array();
// Related Credentials Query 1 to 1 relationship // Related Logins Query 1 to 1 relationship
$sql_related_credentials = mysqli_query($mysqli, " $sql_related_logins = mysqli_query($mysqli, "
SELECT SELECT
credentials.credential_id AS credentials_credential_id, -- Alias for credentials.credential_id logins.login_id AS logins_login_id, -- Alias for logins.login_id
credentials.*, -- All other columns from credentials logins.*, -- All other columns from logins
credential_tags.*, -- All columns from credential_tags login_tags.*, -- All columns from login_tags
tags.* -- All columns from tags tags.* -- All columns from tags
FROM credentials FROM logins
LEFT JOIN credential_tags ON credential_tags.credential_id = credentials.credential_id LEFT JOIN login_tags ON login_tags.login_id = logins.login_id
LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id LEFT JOIN tags ON tags.tag_id = login_tags.tag_id
WHERE credential_contact_id = $contact_id WHERE login_contact_id = $contact_id
GROUP BY credentials.credential_id GROUP BY logins.login_id
ORDER BY credential_name DESC ORDER BY login_name DESC
"); ");
$credential_count = mysqli_num_rows($sql_related_credentials); $credential_count = mysqli_num_rows($sql_related_logins);
// Related Tickets Query - 1 to 1 relationship // Related Tickets Query - 1 to 1 relationship
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
@@ -77,9 +75,9 @@ $sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets
$ticket_count = mysqli_num_rows($sql_related_tickets); $ticket_count = mysqli_num_rows($sql_related_tickets);
// Related Recurring Tickets Query // Related Recurring Tickets Query
$sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM recurring_tickets $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets
WHERE recurring_ticket_contact_id = $contact_id WHERE scheduled_ticket_contact_id = $contact_id
ORDER BY recurring_ticket_next_run DESC" ORDER BY scheduled_ticket_next_run DESC"
); );
$recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets); $recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets);
@@ -116,7 +114,7 @@ $sql_linked_services = mysqli_query($mysqli, "SELECT * FROM service_contacts, se
AND service_contacts.service_id = services.service_id AND service_contacts.service_id = services.service_id
ORDER BY service_name ASC" ORDER BY service_name ASC"
); );
$services_count = mysqli_num_rows($sql_linked_services); $service_count = mysqli_num_rows($sql_linked_services);
$linked_services = array(); $linked_services = array();
@@ -125,6 +123,7 @@ $sql_linked_documents = mysqli_query($mysqli, "SELECT * FROM contact_documents,
LEFT JOIN users ON document_created_by = user_id LEFT JOIN users ON document_created_by = user_id
WHERE contact_documents.contact_id = $contact_id WHERE contact_documents.contact_id = $contact_id
AND contact_documents.document_id = documents.document_id AND contact_documents.document_id = documents.document_id
AND document_template = 0
AND document_archived_at IS NULL AND document_archived_at IS NULL
ORDER BY document_name ASC" ORDER BY document_name ASC"
); );
@@ -152,14 +151,14 @@ if (isset($_GET['client_id'])) {
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-user mr-2"></i><strong><?php echo $contact_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-user mr-2"></i><strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -190,6 +189,11 @@ ob_start();
<a class="nav-link" data-toggle="pill" href="#pills-contact-recurring-tickets<?php echo $contact_id; ?>"><i class="fas fa-fw fa-redo-alt fa-2x"></i><br>Rcr Tickets (<?php echo $recurring_ticket_count; ?>)</a> <a class="nav-link" data-toggle="pill" href="#pills-contact-recurring-tickets<?php echo $contact_id; ?>"><i class="fas fa-fw fa-redo-alt fa-2x"></i><br>Rcr Tickets (<?php echo $recurring_ticket_count; ?>)</a>
</li> </li>
<?php } ?> <?php } ?>
<?php if ($services_count) { ?>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-contact-services<?php echo $contact_id; ?>"><i class="fas fa-fw fa-stream fa-2x"></i><br>Services (<?php echo $services_count; ?>)</a>
</li>
<?php } ?>
<?php if ($document_count) { ?> <?php if ($document_count) { ?>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-contact-documents<?php echo $contact_id; ?>"><i class="fas fa-fw fa-file-alt fa-2x"></i><br>Documents (<?php echo $document_count; ?>)</a> <a class="nav-link" data-toggle="pill" href="#pills-contact-documents<?php echo $contact_id; ?>"><i class="fas fa-fw fa-file-alt fa-2x"></i><br>Documents (<?php echo $document_count; ?>)</a>
@@ -221,7 +225,7 @@ ob_start();
<div class="text-center"> <div class="text-center">
<?php if ($contact_photo) { ?> <?php if ($contact_photo) { ?>
<img class="img-thumbnail img-circle col-3" alt="contact_photo" src="<?php echo "../uploads/clients/$client_id/$contact_photo"; ?>"> <img class="img-thumbnail img-circle col-3" alt="contact_photo" src="<?php echo "uploads/clients/$client_id/$contact_photo"; ?>">
<?php } else { ?> <?php } else { ?>
<span class="fa-stack fa-4x"> <span class="fa-stack fa-4x">
<i class="fa fa-circle fa-stack-2x text-secondary"></i> <i class="fa fa-circle fa-stack-2x text-secondary"></i>
@@ -240,7 +244,7 @@ ob_start();
<div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name; ?></div> <div><i class="fa fa-fw fa-map-marker-alt text-secondary mr-2"></i><?php echo $location_name; ?></div>
<?php } <?php }
if ($contact_email) { ?> if ($contact_email) { ?>
<div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button type="button" class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div> <div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php } <?php }
if ($contact_phone) { ?> if ($contact_phone) { ?>
<div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><a href="tel:<?php echo "$contact_phone"?>"><?php echo $contact_phone; ?></a></div> <div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><a href="tel:<?php echo "$contact_phone"?>"><?php echo $contact_phone; ?></a></div>
@@ -398,9 +402,9 @@ ob_start();
<?php } ?> <?php } ?>
<?php if ($credential_count) { ?> <?php if ($credential_count) { ?>
<div class="tab-pane fade" id="pills-contact-credentials<?php echo $contact_id; ?>"> <div class="tab-pane fade" id="pills-contact-credentials<?php echo $asset_id; ?>">
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover table-sm dataTables" style="width:100%"> <table class="table table-striped table-borderless table-hover table-sm">
<thead> <thead>
<tr> <tr>
<th>Name</th> <th>Name</th>
@@ -414,70 +418,70 @@ ob_start();
<tbody> <tbody>
<?php <?php
while ($row = mysqli_fetch_array($sql_related_credentials)) { while ($row = mysqli_fetch_array($sql_related_logins)) {
$credential_id = intval($row['credentials_credential_id']); $login_id = intval($row['logins_login_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $login_name = nullable_htmlentities($row['login_name']);
$credential_description = nullable_htmlentities($row['credential_description']); $login_description = nullable_htmlentities($row['login_description']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $login_uri = nullable_htmlentities($row['login_uri']);
if (empty($credential_uri)) { if (empty($login_uri)) {
$credential_uri_display = "-"; $login_uri_display = "-";
} else { } else {
$credential_uri_display = "$credential_uri"; $login_uri_display = "$login_uri";
} }
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']); $login_uri_2 = nullable_htmlentities($row['login_uri_2']);
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username'])); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
if (empty($credential_username)) { if (empty($login_username)) {
$credential_username_display = "-"; $login_username_display = "-";
} else { } else {
$credential_username_display = "$credential_username <button type='button' class='btn btn-sm clipboardjs' data-clipboard-text='$credential_username'><i class='far fa-copy text-secondary'></i></button>"; $login_username_display = "$login_username";
} }
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']);
$credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"'; $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"';
if (empty($credential_otp_secret)) { if (empty($login_otp_secret)) {
$otp_display = "-"; $otp_display = "-";
} else { } else {
$otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>"; $otp_display = "<span onmouseenter='showOTPViaLoginID($login_id)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
} }
$credential_note = nullable_htmlentities($row['credential_note']); $login_note = nullable_htmlentities($row['login_note']);
$credential_important = intval($row['credential_important']); $login_important = intval($row['login_important']);
$credential_contact_id = intval($row['credential_contact_id']); $login_contact_id = intval($row['login_contact_id']);
$credential_asset_id = intval($row['credential_asset_id']); $login_vendor_id = intval($row['login_vendor_id']);
$login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
// Tags // Tags
$credential_tag_name_display_array = array(); $login_tag_name_display_array = array();
$credential_tag_id_array = array(); $login_tag_id_array = array();
$sql_credential_tags = mysqli_query($mysqli, "SELECT * FROM credential_tags LEFT JOIN tags ON credential_tags.tag_id = tags.tag_id WHERE credential_id = $credential_id ORDER BY tag_name ASC"); $sql_login_tags = mysqli_query($mysqli, "SELECT * FROM login_tags LEFT JOIN tags ON login_tags.tag_id = tags.tag_id WHERE login_id = $login_id ORDER BY tag_name ASC");
while ($row = mysqli_fetch_array($sql_credential_tags)) { while ($row = mysqli_fetch_array($sql_login_tags)) {
$credential_tag_id = intval($row['tag_id']); $login_tag_id = intval($row['tag_id']);
$credential_tag_name = nullable_htmlentities($row['tag_name']); $login_tag_name = nullable_htmlentities($row['tag_name']);
$credential_tag_color = nullable_htmlentities($row['tag_color']); $login_tag_color = nullable_htmlentities($row['tag_color']);
if (empty($credential_tag_color)) { if (empty($login_tag_color)) {
$credential_tag_color = "dark"; $login_tag_color = "dark";
} }
$credential_tag_icon = nullable_htmlentities($row['tag_icon']); $login_tag_icon = nullable_htmlentities($row['tag_icon']);
if (empty($credential_tag_icon)) { if (empty($login_tag_icon)) {
$credential_tag_icon = "tag"; $login_tag_icon = "tag";
} }
$credential_tag_id_array[] = $credential_tag_id; $login_tag_id_array[] = $login_tag_id;
$credential_tag_name_display_array[] = "<a href='credentials.php?client_id=$client_id&tags[]=$credential_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $credential_tag_color;'><i class='fa fa-fw fa-$credential_tag_icon mr-2'></i>$credential_tag_name</span></a>"; $login_tag_name_display_array[] = "<a href='client_logins.php?client_id=$client_id&tags[]=$login_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $login_tag_color;'><i class='fa fa-fw fa-$login_tag_icon mr-2'></i>$login_tag_name</span></a>";
} }
$credential_tags_display = implode('', $credential_tag_name_display_array); $login_tags_display = implode('', $login_tag_name_display_array);
?> ?>
<tr> <tr>
<td><i class="fa fa-fw fa-key text-secondary mr-2"></i><?php echo $credential_name; ?></td> <td><i class="fa fa-fw fa-key text-secondary mr-2"></i><?php echo $login_name; ?></td>
<td><?php echo $credential_description; ?></td> <td><?php echo $login_description; ?></td>
<td><?php echo $credential_username_display; ?></td> <td><?php echo $login_username_display; ?></td>
<td> <td>
<button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $credential_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button> <button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button>
<button type="button" class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $credential_password; ?>'><i class='far fa-copy text-secondary'></i></button>
</td> </td>
<td><?php echo $otp_display; ?></td> <td><?php echo $otp_display; ?></td>
<td><?php echo $credential_uri_display; ?></td> <td><?php echo $login_uri_display; ?></td>
</tr> </tr>
<?php <?php
@@ -490,12 +494,12 @@ ob_start();
</table> </table>
</div> </div>
</div> </div>
<!-- Include script to get TOTP code via the credential ID --> <!-- Include script to get TOTP code via the login ID -->
<script src="js/credential_show_otp_via_id.js"></script> <script src="js/credential_show_otp_via_id.js"></script>
<?php } ?> <?php } ?>
<?php if ($ticket_count) { ?> <?php if ($ticket_count) { ?>
<div class="tab-pane fade" id="pills-contact-tickets<?php echo $contact_id; ?>"> <div class="tab-pane fade" id="pills-contact-tickets<?php echo $asset_id; ?>">
<div class="table-responsive-sm"> <div class="table-responsive-sm">
<table class="table table-striped table-borderless table-hover table-sm"> <table class="table table-striped table-borderless table-hover table-sm">
<thead class="text-dark"> <thead class="text-dark">
@@ -595,18 +599,18 @@ ob_start();
<?php <?php
while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) { while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) {
$recurring_ticket_id = intval($row['recurring_ticket_id']); $scheduled_ticket_id = intval($row['scheduled_ticket_id']);
$recurring_ticket_subject = nullable_htmlentities($row['recurring_ticket_subject']); $scheduled_ticket_subject = nullable_htmlentities($row['scheduled_ticket_subject']);
$recurring_ticket_priority = nullable_htmlentities($row['recurring_ticket_priority']); $scheduled_ticket_priority = nullable_htmlentities($row['scheduled_ticket_priority']);
$recurring_ticket_frequency = nullable_htmlentities($row['recurring_ticket_frequency']); $scheduled_ticket_frequency = nullable_htmlentities($row['scheduled_ticket_frequency']);
$recurring_ticket_next_run = nullable_htmlentities($row['recurring_ticket_next_run']); $scheduled_ticket_next_run = nullable_htmlentities($row['scheduled_ticket_next_run']);
?> ?>
<tr> <tr>
<td class="text-bold"><?php echo $recurring_ticket_subject ?></td> <td class="text-bold"><?php echo $scheduled_ticket_subject ?></td>
<td><?php echo $recurring_ticket_priority ?></td> <td><?php echo $scheduled_ticket_priority ?></td>
<td><?php echo $recurring_ticket_frequency ?></td> <td><?php echo $scheduled_ticket_frequency ?></td>
<td><?php echo $recurring_ticket_next_run ?></td> <td><?php echo $scheduled_ticket_next_run ?></td>
</tr> </tr>
<?php } ?> <?php } ?>
@@ -716,9 +720,11 @@ ob_start();
<tr> <tr>
<td> <td>
<a class="ajax-modal" href="#" <a href="#"
data-toggle="ajax-modal"
data-modal-size="lg" data-modal-size="lg"
data-modal-url="modals/document/document_view.php?id=<?= $document_id ?>"> data-ajax-url="ajax/ajax_document_view.php"
data-ajax-id="<?php echo $document_id; ?>">
<?php echo $document_name; ?> <?php echo $document_name; ?>
</a> </a>
<div class="text-secondary"><?php echo $document_description; ?></div> <div class="text-secondary"><?php echo $document_description; ?></div>
@@ -771,7 +777,7 @@ ob_start();
<tr> <tr>
<td> <td>
<div><a href="../uploads/clients/<?php echo $client_id; ?>/<?php echo $file_reference_name; ?>"><?php echo $file_name; ?></a></div> <div><a href="uploads/clients/<?php echo $client_id; ?>/<?php echo $file_reference_name; ?>"><?php echo $file_name; ?></a></div>
<div class="text-secondary"><?php echo $file_description; ?></div> <div class="text-secondary"><?php echo $file_description; ?></div>
</td> </td>
<td><?php echo $file_mime_type; ?></td> <td><?php echo $file_mime_type; ?></td>
@@ -841,16 +847,10 @@ ob_start();
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<a href="contact_details.php?client_id=<?php echo $client_id; ?>&contact_id=<?php echo $contact_id; ?>" class="btn btn-primary text-bold"> <a href="contact_details.php?<?php echo $client_url; ?>contact_id=<?php echo $contact_id; ?>" class="btn btn-primary text-bold"><span class="text-white">More Details</span></a>
<span class="text-white"><i class="fas fa-info-circle mr-2"></i>More Details</span>
</a>
<a href="#" class="btn btn-secondary"
data-toggle="ajax-modal" data-ajax-url="ajax/ajax_contact_edit.php" data-ajax-id="<?php echo $contact_id; ?>">
<span class="text-white"><i class="fas fa-edit mr-2"></i>Edit</span>
</a>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Close</button>
</div> </div>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

56
user/modals/contact/contact_edit.php → ajax/ajax_contact_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']); $contact_id = intval($_GET['id']);
@@ -16,10 +16,8 @@ $contact_name = nullable_htmlentities($row['contact_name']);
$contact_title = nullable_htmlentities($row['contact_title']); $contact_title = nullable_htmlentities($row['contact_title']);
$contact_department = nullable_htmlentities($row['contact_department']); $contact_department = nullable_htmlentities($row['contact_department']);
$contact_extension = nullable_htmlentities($row['contact_extension']); $contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']); $contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code)); $contact_mobile = formatPhoneNumber($row['contact_mobile']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_pin = nullable_htmlentities($row['contact_pin']); $contact_pin = nullable_htmlentities($row['contact_pin']);
$contact_photo = nullable_htmlentities($row['contact_photo']); $contact_photo = nullable_htmlentities($row['contact_photo']);
@@ -46,7 +44,7 @@ while ($row = mysqli_fetch_array($sql_contact_tags)) {
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fas fa-user-edit mr-2'></i>Editing Contact: <strong><?php echo $contact_name; ?></strong></h5> <h5 class="modal-title"><i class='fas fa-user-edit mr-2'></i>Editing Contact: <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -55,7 +53,7 @@ ob_start();
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off"> <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>"> <input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -113,38 +111,30 @@ ob_start();
</div> </div>
</div> </div>
<label>Phone / <span class="text-secondary">Extension</span></label> <label>Phone</label>
<div class="form-row"> <div class="form-row">
<div class="col-9"> <div class="col-8">
<div class="form-group"> <div class="form-group">
<div class="input-group"> <div class="input-group">
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div> </div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "$contact_phone_country_code"; ?>" placeholder="+" maxlength="4"> <input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200" value="<?php echo $contact_phone; ?>">
<input type="tel" class="form-control" name="phone" value="<?php echo $contact_phone; ?>" placeholder="Phone Number" maxlength="200">
</div> </div>
</div> </div>
</div> </div>
<div class="col-3"> <div class="col-4">
<div class="form-group"> <input type="text" class="form-control" name="extension" placeholder="Extension" maxlength="200" value="<?php echo $contact_extension; ?>">
<input type="text" class="form-control" name="extension" value="<?php echo $contact_extension; ?>" placeholder="ext." maxlength="200">
</div>
</div> </div>
</div> </div>
<label>Mobile</label> <div class="form-group">
<div class="form-row"> <label>Mobile</label>
<div class="col-9"> <div class="input-group">
<div class="form-group"> <div class="input-group-prepend">
<div class="input-group"> <span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
</div>
<input type="tel" class="form-control col-2" name="mobile_country_code" value="<?php echo "$contact_mobile_country_code"; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="mobile" value="<?php echo $contact_mobile; ?>" placeholder="Phone Number">
</div>
</div> </div>
<input type="text" class="form-control" name="mobile" placeholder="Mobile Phone Number" maxlength="200" value="<?php echo $contact_mobile; ?>">
</div> </div>
</div> </div>
@@ -282,7 +272,7 @@ ob_start();
<div class="mb-3 text-center"> <div class="mb-3 text-center">
<?php if ($contact_photo) { ?> <?php if ($contact_photo) { ?>
<img class="img-fluid" alt="contact_photo" src="<?php echo "../uploads/clients/$client_id/$contact_photo"; ?>"> <img class="img-fluid" alt="contact_photo" src="<?php echo "uploads/clients/$client_id/$contact_photo"; ?>">
<?php } else { ?> <?php } else { ?>
<span class="fa-stack fa-4x"> <span class="fa-stack fa-4x">
<i class="fa fa-circle fa-stack-2x text-secondary"></i> <i class="fa fa-circle fa-stack-2x text-secondary"></i>
@@ -321,12 +311,6 @@ ob_start();
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary ajax-modal" type="button"
data-modal-url="../admin/modals/tag/tag_add.php?type=3">
<i class="fas fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -337,7 +321,7 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_contact" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
@@ -349,7 +333,7 @@ ob_start();
function generatePassword(type, id) { function generatePassword(type, id) {
// Send a GET request to ajax.php as ajax.php?get_readable_pass=true // Send a GET request to ajax.php as ajax.php?get_readable_pass=true
jQuery.get( jQuery.get(
"ajax.php", { "../ajax.php", {
get_readable_pass: 'true' get_readable_pass: 'true'
}, },
function(data) { function(data) {
@@ -382,7 +366,7 @@ $(document).ready(function() {
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";
?> ?>

10
user/modals/contact/contact_note_add.php → ajax/ajax_contact_note_create.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$contact_id = intval($_GET['id']); $contact_id = intval($_GET['id']);
@@ -12,7 +12,7 @@ $contact_name = nullable_htmlentities($row['contact_name']);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fa fa-fw fa-sticky-note mr-2'></i>Creating note: <strong><?php echo $contact_name; ?></strong></h5> <h5 class="modal-title"><i class='fa fa-fw fa-sticky-note mr-2'></i>Creating note: <strong><?php echo $contact_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -22,7 +22,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>"> <input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Type</label> <label>Type</label>
@@ -44,11 +44,11 @@ ob_start();
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="add_contact_note" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button> <button type="submit" name="add_contact_note" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

163
user/modals/credential/credential_edit.php → ajax/ajax_credential_edit.php
View File

@@ -1,62 +1,63 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$credential_id = intval($_GET['id']); $login_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_id = $credential_id LIMIT 1"); $sql = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_id = $login_id LIMIT 1");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$client_id = intval($row['credential_client_id']); $client_id = intval($row['login_client_id']);
$credential_name = nullable_htmlentities($row['credential_name']); $login_id = intval($row['login_id']);
$credential_description = nullable_htmlentities($row['credential_description']); $login_name = nullable_htmlentities($row['login_name']);
$credential_uri = nullable_htmlentities($row['credential_uri']); $login_description = nullable_htmlentities($row['login_description']);
$credential_uri_2 = nullable_htmlentities($row['credential_uri_2']); $login_uri = nullable_htmlentities($row['login_uri']);
$credential_uri_link = sanitize_url($row['credential_uri']); $login_uri_2 = nullable_htmlentities($row['login_uri_2']);
$credential_uri_2_link = sanitize_url($row['credential_uri_2']); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
$credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
$credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password'])); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']);
$credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']); $login_note = nullable_htmlentities($row['login_note']);
$credential_note = nullable_htmlentities($row['credential_note']); $login_created_at = nullable_htmlentities($row['login_created_at']);
$credential_created_at = nullable_htmlentities($row['credential_created_at']); $login_archived_at = nullable_htmlentities($row['login_archived_at']);
$credential_archived_at = nullable_htmlentities($row['credential_archived_at']); $login_important = intval($row['login_important']);
$credential_important = intval($row['credential_important']); $login_contact_id = intval($row['login_contact_id']);
$credential_contact_id = intval($row['credential_contact_id']); $login_vendor_id = intval($row['login_vendor_id']);
$credential_asset_id = intval($row['credential_asset_id']); $login_asset_id = intval($row['login_asset_id']);
$login_software_id = intval($row['login_software_id']);
// Tags // Tags
$credential_tag_id_array = array(); $login_tag_id_array = array();
$sql_credential_tags = mysqli_query($mysqli, "SELECT tag_id FROM credential_tags WHERE credential_id = $credential_id"); $sql_login_tags = mysqli_query($mysqli, "SELECT tag_id FROM login_tags WHERE login_id = $login_id");
while ($row = mysqli_fetch_array($sql_credential_tags)) { while ($row = mysqli_fetch_array($sql_login_tags)) {
$credential_tag_id = intval($row['tag_id']); $login_tag_id = intval($row['tag_id']);
$credential_tag_id_array[] = $credential_tag_id; $login_tag_id_array[] = $login_tag_id;
} }
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class='fas fa-fw fa-key mr-2'></i>Editing credential: <strong><?php echo $credential_name; ?></strong></h5> <h5 class="modal-title"><i class='fas fa-fw fa-key mr-2'></i>Editing credential: <strong><?php echo $login_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="credential_id" value="<?php echo $credential_id; ?>"> <input type="hidden" name="login_id" value="<?php echo $login_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-credential-details<?php echo $credential_id; ?>">Details</a> <a class="nav-link active" data-toggle="pill" href="#pills-login-details<?php echo $login_id; ?>">Details</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-credential-relation<?php echo $credential_id; ?>">Relation</a> <a class="nav-link" data-toggle="pill" href="#pills-login-relation<?php echo $login_id; ?>">Relation</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-credential-notes<?php echo $credential_id; ?>">Notes</a> <a class="nav-link" data-toggle="pill" href="#pills-login-notes<?php echo $login_id; ?>">Notes</a>
</li> </li>
</ul> </ul>
@@ -64,7 +65,7 @@ ob_start();
<div class="tab-content" <?php if (lookupUserPermission('module_credential') <= 1) { echo 'inert'; } ?>> <div class="tab-content" <?php if (lookupUserPermission('module_credential') <= 1) { echo 'inert'; } ?>>
<div class="tab-pane fade show active" id="pills-credential-details<?php echo $credential_id; ?>"> <div class="tab-pane fade show active" id="pills-login-details<?php echo $login_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Name <strong class="text-danger">*</strong> / <span class="text-secondary">Important?</span></label> <label>Name <strong class="text-danger">*</strong> / <span class="text-secondary">Important?</span></label>
@@ -72,10 +73,10 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div> </div>
<input type="text" class="form-control" name="name" placeholder="Name of Credential" maxlength="200" value="<?php echo $credential_name; ?>" required> <input type="text" class="form-control" name="name" placeholder="Name of Login" maxlength="200" value="<?php echo $login_name; ?>" required>
<div class="input-group-append"> <div class="input-group-append">
<div class="input-group-text"> <div class="input-group-text">
<input type="checkbox" name="important" value="1" <?php if ($credential_important == 1) { echo "checked"; } ?>> <input type="checkbox" name="important" value="1" <?php if ($login_important == 1) { echo "checked"; } ?>>
</div> </div>
</div> </div>
</div> </div>
@@ -87,7 +88,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div> </div>
<input type="text" class="form-control" name="description" placeholder="Description" value="<?php echo $credential_description; ?>"> <input type="text" class="form-control" name="description" placeholder="Description" value="<?php echo $login_description; ?>">
</div> </div>
</div> </div>
@@ -97,7 +98,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div> </div>
<input type="text" class="form-control" name="username" placeholder="Username or ID" maxlength="350" value="<?php echo $credential_username; ?>"> <input type="text" class="form-control" name="username" placeholder="Username or ID" maxlength="350" value="<?php echo $login_username; ?>">
</div> </div>
</div> </div>
@@ -107,12 +108,12 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
</div> </div>
<input type="password" class="form-control" data-toggle="password" name="password" placeholder="Password or Key" maxlength="350" value="<?php echo $credential_password; ?>" required autocomplete="new-password"> <input type="password" class="form-control" data-toggle="password" name="password" placeholder="Password or Key" maxlength="350" value="<?php echo $login_password; ?>" required autocomplete="new-password">
<div class="input-group-append"> <div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div> </div>
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $credential_password; ?>"><i class="fa fa-fw fa-copy"></i></button> <button class="btn btn-default clipboardjs" type="button" data-clipboard-text="<?php echo $login_password; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div> </div>
</div> </div>
</div> </div>
@@ -123,7 +124,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div> </div>
<input type="password" class="form-control" data-toggle="password" name="otp_secret" maxlength="200" value="<?php echo $credential_otp_secret; ?>" placeholder="Insert secret key"> <input type="password" class="form-control" data-toggle="password" name="otp_secret" maxlength="200" value="<?php echo $login_otp_secret; ?>" placeholder="Insert secret key">
<div class="input-group-append"> <div class="input-group-append">
<span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
</div> </div>
@@ -136,13 +137,13 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-link"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-link"></i></span>
</div> </div>
<input type="text" class="form-control" name="uri" placeholder="ex. http://192.168.1.1" maxlength="500" value="<?php echo $credential_uri; ?>"> <input type="text" class="form-control" name="uri" placeholder="ex. http://192.168.1.1" maxlength="500" value="<?php echo $login_uri; ?>">
<div class="input-group-append"> <div class="input-group-append">
<a href="<?php echo $credential_uri_link; ?>" target="_blank" class="input-group-text"><i class="fa fa-fw fa-link"></i></a> <a href="<?php echo $login_uri; ?>" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
</div> </div>
<div class="input-group-append"> <div class="input-group-append">
<button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $credential_uri; ?>"><i class="fa fa-fw fa-copy"></i></button> <button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $login_uri; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div> </div>
</div> </div>
</div> </div>
@@ -153,19 +154,19 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-link"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-link"></i></span>
</div> </div>
<input type="text" class="form-control" name="uri_2" placeholder="ex. https://server.company.com:5001" maxlength="500" value="<?php echo $credential_uri_2; ?>"> <input type="text" class="form-control" name="uri_2" placeholder="ex. https://server.company.com:5001" maxlength="500" value="<?php echo $login_uri_2; ?>">
<div class="input-group-append"> <div class="input-group-append">
<a href="<?php echo $credential_uri_2_link; ?>" target="_blank" class="input-group-text"><i class="fa fa-fw fa-link"></i></a> <a href="<?php echo $login_uri_2; ?>" class="input-group-text"><i class="fa fa-fw fa-link"></i></a>
</div> </div>
<div class="input-group-append"> <div class="input-group-append">
<button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $credential_uri_2; ?>"><i class="fa fa-fw fa-copy"></i></button> <button class="input-group-text clipboardjs" type="button" data-clipboard-text="<?php echo $login_uri_2; ?>"><i class="fa fa-fw fa-copy"></i></button>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<div class="tab-pane fade" id="pills-credential-relation<?php echo $credential_id; ?>"> <div class="tab-pane fade" id="pills-login-relation<?php echo $login_id; ?>">
<div class="form-group"> <div class="form-group">
<label>Contact</label> <label>Contact</label>
@@ -174,7 +175,7 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div> </div>
<select class="form-control select2" name="contact"> <select class="form-control select2" name="contact">
<option value="">- Select Contact -</option> <option value="">- Contact -</option>
<?php <?php
$sql_contacts = mysqli_query($mysqli, "SELECT contact_id, contact_name FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_contacts = mysqli_query($mysqli, "SELECT contact_id, contact_name FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC");
@@ -182,12 +183,34 @@ ob_start();
$contact_id_select = intval($row['contact_id']); $contact_id_select = intval($row['contact_id']);
$contact_name_select = nullable_htmlentities($row['contact_name']); $contact_name_select = nullable_htmlentities($row['contact_name']);
?> ?>
<option <?php if ($credential_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option> <option <?php if ($login_contact_id == $contact_id_select) { echo "selected"; } ?> value="<?php echo $contact_id_select; ?>"><?php echo $contact_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
</div> </div>
</div> </div>
<div class="form-group">
<label>Vendor</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<select class="form-control select2" name="vendor">
<option value="0">- None -</option>
<?php
$sql_vendors = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC");
while ($row = mysqli_fetch_array($sql_vendors)) {
$vendor_id_select = intval($row['vendor_id']);
$vendor_name_select = nullable_htmlentities($row['vendor_name']);
?>
<option <?php if ($login_vendor_id == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Asset</label> <label>Asset</label>
<div class="input-group"> <div class="input-group">
@@ -195,7 +218,7 @@ ob_start();
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div> </div>
<select class="form-control select2" name="asset"> <select class="form-control select2" name="asset">
<option value="0">- Select Asset -</option> <option value="0">- None -</option>
<?php <?php
$sql_assets = mysqli_query($mysqli, "SELECT asset_id, asset_name, location_name FROM assets LEFT JOIN locations on asset_location_id = location_id WHERE asset_client_id = $client_id AND asset_archived_at IS NULL ORDER BY asset_name ASC"); $sql_assets = mysqli_query($mysqli, "SELECT asset_id, asset_name, location_name FROM assets LEFT JOIN locations on asset_location_id = location_id WHERE asset_client_id = $client_id AND asset_archived_at IS NULL ORDER BY asset_name ASC");
@@ -210,7 +233,29 @@ ob_start();
} }
?> ?>
<option <?php if ($credential_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo $asset_select_display_string; ?></option> <option <?php if ($login_asset_id == $asset_id_select) { echo "selected"; } ?> value="<?php echo $asset_id_select; ?>"><?php echo $asset_select_display_string; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label>Software</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-box"></i></span>
</div>
<select class="form-control select2" name="software">
<option value="0">- None -</option>
<?php
$sql_software = mysqli_query($mysqli, "SELECT software_id, software_name FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC");
while ($row = mysqli_fetch_array($sql_software)) {
$software_id_select = intval($row['software_id']);
$software_name_select = nullable_htmlentities($row['software_name']);
?>
<option <?php if ($login_software_id == $software_id_select) { echo "selected"; } ?> value="<?php echo $software_id_select; ?>"><?php echo $software_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
@@ -219,10 +264,10 @@ ob_start();
</div> </div>
<div class="tab-pane fade" id="pills-credential-notes<?php echo $credential_id; ?>"> <div class="tab-pane fade" id="pills-login-notes<?php echo $login_id; ?>">
<div class="form-group"> <div class="form-group">
<textarea class="form-control" rows="12" placeholder="Enter some notes" name="note"><?php echo $credential_note; ?></textarea> <textarea class="form-control" rows="12" placeholder="Enter some notes" name="note"><?php echo $login_note; ?></textarea>
</div> </div>
<div class="form-group"> <div class="form-group">
@@ -239,16 +284,10 @@ ob_start();
$tag_id_select = intval($row['tag_id']); $tag_id_select = intval($row['tag_id']);
$tag_name_select = nullable_htmlentities($row['tag_name']); $tag_name_select = nullable_htmlentities($row['tag_name']);
?> ?>
<option value="<?php echo $tag_id_select; ?>" <?php if (in_array($tag_id_select, $credential_tag_id_array)) { echo "selected"; } ?>><?php echo $tag_name_select; ?></option> <option value="<?php echo $tag_id_select; ?>" <?php if (in_array($tag_id_select, $login_tag_id_array)) { echo "selected"; } ?>><?php echo $tag_name_select; ?></option>
<?php } ?> <?php } ?>
</select> </select>
<div class="input-group-append">
<button class="btn btn-secondary ajax-modal" type="button"
data-modal-url="../admin/modals/tag/tag_add.php?type=4">
<i class="fas fa-plus"></i>
</button>
</div>
</div> </div>
</div> </div>
@@ -256,11 +295,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_credential" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_login" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
admin/modals/custom_link/custom_link_edit.php → ajax/ajax_custom_link_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$custom_link_id = intval($_GET['id']); $custom_link_id = intval($_GET['id']);
@@ -17,7 +17,7 @@ $custom_link_location = intval($row['custom_link_location']);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-external-link-alt mr-2"></i>Editing link: <strong><?php echo $custom_link_name; ?></strong></h5> <h5 class="modal-title"><i class="fas fa-fw fa-external-link-alt mr-2"></i>Editing link: <strong><?php echo $custom_link_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -27,7 +27,7 @@ ob_start();
<input type="hidden" name="custom_link_id" value="<?php echo $custom_link_id; ?>"> <input type="hidden" name="custom_link_id" value="<?php echo $custom_link_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Name <strong class="text-danger">*</strong></label> <label>Name <strong class="text-danger">*</strong></label>
@@ -89,11 +89,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_custom_link" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_custom_link" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

25
admin/modals/ticket_status/ticket_status_edit.php → ajax/ajax_custom_ticket_status_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$ticket_status_id = intval($_GET['id']); $ticket_status_id = intval($_GET['id']);
@@ -8,14 +8,13 @@ $sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
$ticket_status_color = nullable_htmlentities($row['ticket_status_color']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
$ticket_status_order = intval($row['ticket_status_order']);
$ticket_status_active = intval($row['ticket_status_active']); $ticket_status_active = intval($row['ticket_status_active']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fas fa-fw fa-info-circle mr-2"></i>Editing Ticket Status: <strong><?php echo $ticket_status_name; ?></strong></h5> <h5 class="modal-title"><i class="fas fa-fw fa-info-circle mr-2"></i>Editing Ticket Status: <strong><?php echo $ticket_status_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -23,7 +22,7 @@ ob_start();
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_status_id" value="<?php echo $ticket_status_id; ?>"> <input type="hidden" name="ticket_status_id" value="<?php echo $ticket_status_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Name <strong class="text-danger">*</strong></label> <label>Name <strong class="text-danger">*</strong></label>
@@ -31,7 +30,7 @@ ob_start();
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div> </div>
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $ticket_status_name; ?>" required <?php if ($ticket_status_id <= 5) { echo "readonly"; } ?>> <input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $ticket_status_name; ?>" required>
</div> </div>
</div> </div>
@@ -45,16 +44,6 @@ ob_start();
</div> </div>
</div> </div>
<div class="form-group">
<label>Order</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-sort-numeric-down"></i></span>
</div>
<input type="number" class="form-control" name="order" placeholder="Leave blank for no order" value="<?php echo $ticket_status_order; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Status <strong class="text-danger">*</strong></label> <label>Status <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
@@ -63,17 +52,17 @@ ob_start();
</div> </div>
<select class="form-control select2" name="status" required> <select class="form-control select2" name="status" required>
<option <?php if ($ticket_status_active == 1) { echo "selected"; } ?> value="1">Active</option> <option <?php if ($ticket_status_active == 1) { echo "selected"; } ?> value="1">Active</option>
<option <?php if ($ticket_status_active == 0) { echo "selected"; } ?> value="0" <?php if ($ticket_status_id <= 5) { echo "disabled"; } ?>>Inactive</option> <option <?php if ($ticket_status_active == 0) { echo "selected"; } ?> value="0">Disabled</option>
</select> </select>
</div> </div>
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_ticket_status" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button> <button type="submit" name="edit_ticket_status" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

19
user/modals/document/document_edit.php → ajax/ajax_document_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$document_id = intval($_GET['id']); $document_id = intval($_GET['id']);
@@ -10,7 +10,12 @@ $row = mysqli_fetch_array($sql);
$document_name = nullable_htmlentities($row['document_name']); $document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']); $document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']); $document_content = nullable_htmlentities($row['document_content']);
$document_created_by_id = intval($row['document_created_by']);
$document_created_at = nullable_htmlentities($row['document_created_at']);
$document_updated_at = nullable_htmlentities($row['document_updated_at']);
$document_archived_at = nullable_htmlentities($row['document_archived_at']);
$document_folder_id = intval($row['document_folder_id']); $document_folder_id = intval($row['document_folder_id']);
$document_parent = intval($row['document_parent']);
$document_client_visible = intval($row['document_client_visible']); $document_client_visible = intval($row['document_client_visible']);
$client_id = intval($row['document_client_id']); $client_id = intval($row['document_client_id']);
@@ -18,16 +23,18 @@ $client_id = intval($row['document_client_id']);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing document: <strong><?php echo $document_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing document: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>"> <input type="hidden" name="document_id" value="<?php if($document_parent == 0){ echo $document_id; } else { echo $document_parent; } ?>">
<input type="hidden" name="document_parent" value="<?php echo $document_parent; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <input type="hidden" name="created_by" value="<?php echo $document_created_by_id; ?>">
<div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_name; ?>" placeholder="Name" required> <input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_name; ?>" placeholder="Name" required>
@@ -63,11 +70,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
user/modals/document/document_move.php → ajax/ajax_document_move.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$document_id = intval($_GET['id']); $document_id = intval($_GET['id']);
@@ -15,7 +15,7 @@ $document_name = nullable_htmlentities($row['document_name']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Moving document: <strong><?php echo $document_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Moving document: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -23,7 +23,7 @@ ob_start();
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>"> <input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Move Document to</label> <label>Move Document to</label>
@@ -99,11 +99,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="move_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Move</button> <button type="submit" name="move_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Move</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
user/modals/document/document_rename.php → ajax/ajax_document_rename.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$document_id = intval($_GET['id']); $document_id = intval($_GET['id']);
@@ -14,7 +14,7 @@ $document_name = nullable_htmlentities($row['document_name']);
// Generate the HTML form content using output buffering. // Generate the HTML form content using output buffering.
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Renaming document: <strong><?php echo $document_name; ?></strong></h5> <h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Renaming document: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -23,7 +23,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>"> <input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<div class="form-group"> <div class="form-group">
<label>Document Name <strong class="text-danger">*</strong></label> <label>Document Name <strong class="text-danger">*</strong></label>
@@ -36,11 +36,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="rename_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Rename</button> <button type="submit" name="rename_document" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Rename</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

47
ajax/ajax_document_template_edit.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
require_once '../includes/ajax_header.php';
$document_id = intval($_GET['id']);
$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1");
$row = mysqli_fetch_array($sql);
$document_name = nullable_htmlentities($row['document_name']);
$document_description = nullable_htmlentities($row['document_description']);
$document_content = nullable_htmlentities($row['document_content']);
// Generate the HTML form content using output buffering.
ob_start();
?>
<div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-file-alt mr-2"></i>Editing template: <strong><?php echo $document_name; ?></strong></h5>
<button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span>
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="document_id" value="<?php echo $document_id; ?>">
<div class="modal-body bg-white">
<div class="form-group">
<input type="text" class="form-control" name="name" maxlength="200" value="<?php echo $document_name; ?>" placeholder="Name" required>
</div>
<div class="form-group">
<textarea class="form-control tinymce" name="content"><?php echo $document_content; ?></textarea>
</div>
<div class="form-group">
<input type="text" class="form-control" name="description" value="<?php echo $document_description; ?>" placeholder="Short summary">
</div>
</div>
<div class="modal-footer bg-white">
<button type="submit" name="edit_document_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
<?php
require_once "../includes/ajax_footer.php";

12
user/modals/document/document_view.php → ajax/ajax_document_view.php
View File

@@ -1,9 +1,9 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
// Initialize the HTML Purifier to prevent XSS // Initialize the HTML Purifier to prevent XSS
require_once "../../../plugins/htmlpurifier/HTMLPurifier.standalone.php"; require_once "../plugins/htmlpurifier/HTMLPurifier.standalone.php";
$purifier_config = HTMLPurifier_Config::createDefault(); $purifier_config = HTMLPurifier_Config::createDefault();
$purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one $purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting a non-existent directory or an invalid one
@@ -23,17 +23,15 @@ $document_content = $purifier->purify($row['document_content']);
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title text-white"><i class="fa fa-fw fa-file-alt mr-2"></i><?php echo $document_name; ?></h5> <h5 class="modal-title text-white"><i class="fa fa-fw fa-file-alt mr-2"></i><?php echo $document_name; ?></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
</button> </button>
</div> </div>
<div class="modal-body prettyContent"> <div class="modal-body bg-white prettyContent">
<?php echo $document_content; ?> <?php echo $document_content; ?>
</div> </div>
<script src="../js/pretty_content.js"></script>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

10
user/modals/domain/domain_edit.php → ajax/ajax_domain_edit.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once '../../../includes/modal_header.php'; require_once '../includes/ajax_header.php';
$domain_id = intval($_GET['id']); $domain_id = intval($_GET['id']);
@@ -30,7 +30,7 @@ $history_sql = mysqli_query($mysqli, "SELECT * FROM domain_history WHERE domain_
ob_start(); ob_start();
?> ?>
<div class="modal-header bg-dark"> <div class="modal-header">
<h5 class="modal-title"><i class="fa fa-fw fa-globe mr-2"></i>Editing domain: <span class="text-bold"><?php echo $domain_name; ?></span></h5> <h5 class="modal-title"><i class="fa fa-fw fa-globe mr-2"></i>Editing domain: <span class="text-bold"><?php echo $domain_name; ?></span></h5>
<button type="button" class="close text-white" data-dismiss="modal"> <button type="button" class="close text-white" data-dismiss="modal">
<span>&times;</span> <span>&times;</span>
@@ -39,7 +39,7 @@ ob_start();
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="domain_id" value="<?php echo $domain_id; ?>"> <input type="hidden" name="domain_id" value="<?php echo $domain_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body"> <div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item"> <li class="nav-item">
@@ -276,11 +276,11 @@ ob_start();
</div> </div>
</div> </div>
<div class="modal-footer"> <div class="modal-footer bg-white">
<button type="submit" name="edit_domain" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button> <button type="submit" name="edit_domain" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
<?php <?php
require_once '../../../includes/modal_footer.php'; require_once "../includes/ajax_footer.php";

Some files were not shown because too many files have changed in this diff Show More