Merge pull request #1263 from itflow-org/develop

Develop to Master for 26.02 Release Take 2
Add bulk Fav / unfav creds and added fav creds to the client overview page
2026-03-20 20:54:50 +00:00 · 2026-02-08 12:02:43 -05:00 · 2026-02-07 18:42:53 -05:00 · 2026-02-06 15:14:37 -05:00 · 2026-02-06 15:13:54 -05:00 · 2026-02-06 13:12:34 -05:00
572 changed files with 19628 additions and 14617 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -4,8 +4,16 @@ config.php
 uploads/favicon.ico
 uploads/clients/*
 !uploads/clients/index.php
+uploads/custom/*
+!uploads/custom/index.php
+uploads/documents/*
+!uploads/documents/index.php
+uploads/document_templates/*
+!uploads/document_templates/index.php
 uploads/expenses/*
 !uploads/expenses/index.php
+uploads/recurring_tickets/*
+!uploads/recurring_tickets/index.php
 uploads/settings/*
 !uploads/settings/index.php
 uploads/users/*
@@ -14,6 +22,8 @@ uploads/tmp/*
 !uploads/tmp/index.php
 uploads/tickets/*
 !uploads/tickets/index.php
+uploads/ticket_templates/*
+!uploads/ticket_templates/index.php
 .idea/*
 plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/HTML/*
 !plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/HTML/.gitkeep
@@ -22,10 +32,6 @@ plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/URI/*
 plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/*
 !plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/.gitkeep
 .vscode/settings.json
-xcustom/*
-!xcustom/readme.php
-post/xcustom
-!post/xcustom/readme.php
 admin/custom/*
 !admin/custom/readme.php
 agent/custom/*
@@ -43,5 +49,3 @@ setup/custom/*
 api/v1/custom/*
 !api/v1/custom/readme.php
 .zed
-
-
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,134 @@

 This file documents all notable changes made to ITFlow.

-## [25.11] Changelog
+## [26.02] Stable Release
+### Bug Fixes
+- Mail Parser - Do not automatically send new ticket notifications to noreply/donotreply addresses.
+- Ticket: removed newline \n on Parsed emails.
+- Show Trips for everyone if accounting module is enabled.
+- Fix Invoice Exporting.
+- Fix Billable Column not sorting correctly in tickets.
+- Fix Login flow where user agent and client user exists and agent has MFA but will not let them continue.
+- Fix passing missing user_id var in client portal.
+- Fix Ticket Templates not auto filling when selected.
+- Fix Invoices not being sent to all billings contacts when manaully sent.
+- Fix Documents and Files not able to be bulk deleted.
+- Fix Role Archiving, can be archived as long as no users are assigned to the role.
+- Fix showing Powered By ITFlow visibility on the login screen when Whitelabel is enabled.
+- Missing username in audit log on successful login due to missing passed user_id to logging.
+- API: Fix updating all documents instead of the intended document.
+- Documents: Fix Document created at not showing the correct creation date of the master document.
+- Ticket: Fixed Using edit ticket modal agent was not able to be set.
+- Always check if a user is archived and or disabled instead of just during login.
+- Report: Fix Collected tax report not totalling all tax categories.
+
+### New Features & Updates 
+- Task Approval System for ticket tasks: Once an approval is requested, the task cannot be marked as complete until approved. Internal Approvals Any other technician, or Specific technician, Client Approvals Anyone (usually the requestor) Tech contacts Billing contacts.
+- Printable Invoice Packing Slips now available.
+- Drastic Performance Bump: Up to 50% faster queries accross the board and reduced server memory usage by 40% by switching Database Query method from mysqli_fetch_array to mysqli_fetch_assoc.
+- Added Connect to Microsoft 365 Button to mail settings.
+- OAUTH2 support for Microsoft 365 and Google Workspaces is now considered stable and working.
+- Favorites: Assets and Credentials now can be favorited singly or by Bulk action. Favorited items appear in the client overview now.
+- Files/Documents: Collapsable folders feature, collapsed by default with a button to expand all.
+- URL Keys and such are now set to a more manageable 32 Characters by default.
+- Various UI/UX Updates throughout the app, with focus oin ticket details, contact details modal etc.
+- Added Show Archived files and documents to the files section.
+- Added Bulk Archive and restore options to files and documents.
+- Rewrite of the Kanban Ticket view to match our procedural style of coding.
+- All options are available in TinyMCE now in Mobile mode.
+- Agent names appear now in Invoice History section.
+- Mail Parser: Support flowed text.
+- Assets: Keep Purchase reference when copying.
+- Assets: Add basic tracking history: Archiving, restoring, name changes, transferimg to new clients.
+- Mail Parser: NDR Parsing.
+- Allow SVG files in mail attachments.
+- Tickets: Use a more friendly time worked instead of 02:41:00 translates to 2h 41m.
+- Update wording on ticket to invoice item details.
+- Merge Tickets: Now wth a ticket merge dropdown list of tickets instead of a text field.
+- Role Permissions can now be set during role creation, update Permission UI to use radio buttons instead of select boxes.
+- Bump TinyMCE 8.2.2 to 8.3.2.
+- Bump PHPMailer from 7.0.1 to 7.0.2.
+- Bump Datatables from 2.3.4 to 2.3.7.
+
+## [25.12.1] Maint Release
+
+### Major Changes
+- Unified the Client/Agent Login and process (Note only Client Users can Reset passwords from the login page, does not apply to agent users).
+
+### Bug Fixes
+- Fix Payment Provider not adding an account.
+- Fix New ticket button in contact details in the related tickets section.
+
+### New Features & Updates
+- You can now Set Payment Provider income/expense account, expense vendor and expense category upond creation or editing.
+- Moved Saved Payment Provider Methods away from admin side nav to the count link within Payment Providers page.
+- Moved AI Models from the admin side nav to the model count link within AI Providers.
+- Add Favicon Reset.
+
+## [25.12] Stable Release
+
+### Breaking Changes ###
+- For Existing installs: **php-xml** extension needs to be installed for document creation and editing, new install script does this for you as of Dec 6th 2025. To install php-xml: `sudo apt install php-xml`
+
+### Major Changes
+- Consolidated "Files" and "Documents" into a single section called **Files**.
+
+### Bug Fixes
+- Resolved issue with updating asset notes in asset details.
+- Fixed problem with bulk ticket merging.
+- Corrected issue where decimal inputs (e.g., price, cost) weren’t displaying on iPhones in certain forms.
+- Added CSV escaping to the sample export data in areas where a sample CSV template is provided.
+- Fix a race condition where dupe tickets, invoices, recurring invoices, recurring tickets, quotes will be created using the same number if created in parallel espcecially when using the API.
+
+### New Features & Updates
+- Introduced automatic subject-based ticket merging/reply detection. Now, if an email comes from a known contact or domain and the subject matches 95% of a ticket opened in the last 7 days, it will be merged automatically.
+- Added `cleanInput` function to sanitize data before inserting it into the database when using MySQLi prepared statements.
+- Migrated client post functionality to use MySQLi prepared statements.
+- Updated payment method post functionality to use MySQLi prepared statements.
+- Implemented `saveBase64Images()` to convert base64-encoded `<img>` tags into actual image files stored under `/uploads/<module>/<id>/` with secure filenames. Added wrapper functions, and updated document creation to use processed image paths.
+- For new documents and document templates, images are now stored in `/uploads/documents/$document_id` instead of being stored as base64 in the database, using the `saveBase64Images()` function.
+- UI/UX improvements made to the document details page.
+- Removed sidebar quick-add options.
+- Created new folders in the uploads directory: `documents`, `document_templates`, and `recurring_tickets`.
+- Reworked the bulk action function to pass the name arrays, instead of a generic `selected_ids` array. This allows multiple bulk name arrays to be passed at once, currently used for the new file-document merge.
+- Big task: Converted the remaining modals to use the new `ajax-modal` system, enabling more flexible flow expansion going forward.
+- Mail queue: Added a `--no-mx-validation` flag to bypass recipient domain MX validation.
+- Bump PHPMailer from 7.0.0 to 7.0.1.
+- Bump stripe-php from 18.1.0 to 19.0.0.
+- Bump TCPDF from 6.10.0 to 6.10.1.
+- Bump TinyMCE from 8.2.0 to 8.2.2.
+
+## [25.11.1] Maint Release
+
+### Fixes
+- Fix broken edit Payment Method.
+- Fix unable to delete Vendor Template.
+- Fix Mail Queue link in flash alert for testing email and sending a quote.
+- Add Show Category Type select if not defined.
+- Add Show Product Type select if not defined.
+- Fix add ticket watcher.
+- Fix if Client isn't assigned to a ticket dont show client view.
+- Fix missing session client id check when paying an invoice from client portal.
+- Update Composer Webklex-IMAP library dependency symfony/http-foundation from 7.3.3 to 7.3.7 to fix security related issues.
+- Add back delete Payment provider the database will handle cascade deletes to saved cards, recurring payments and client payment provider reference.
+- Don't show Client Tickets Breadcrumb if no client is assigned to a ticket.
+- Don't Show Contact or Assignment Tab in edit ticket if no Client is Assigned.
+- Don't Show add contact, asset, vendor, watcher if not client is assigned to a ticket.
+- Don't Show Public Comment & Email if contact email doesn't exist.
+- Fixed IMAP Test whicn now uses RAW TCP Connection instead of the depracated php-imap extension.
+- Fix Broken Link in Ticket Updates via Client Portal to agent.
+
+### Added / Changed
+- [Feature] Added Asset Tags.
+- [Feature] Added Quick Add Links to most side bar navs example quickly add a client from sidebar.
+- Migrate ticket template add to ajax modal.
+- Add TOTP secret to Client Export PDF in Credential section.
+- Add UserID on hover in users listing.
+- Merge ticket now redirects to the new ticket details page.
+- [Feature] Add Pay via saved card under invoice Listings.
+- Ticket Related Side Items UI Cleanup to use btn-tool class. 
+
+## [25.11] Stable

 ### Deprecation Notice:
 - **Outdated CRON Scripts**: The following scripts are removed.
@@ -256,7 +383,7 @@ We will provide example code with directory structure for each custom directory
 ---

 ### Fixed
- Several security vulnerabilities patched.
+- Several security vulnerabilities patched (with thanks to www.helx.io).
 - Ticket status is no longer updated when scheduling.
 - Client Portal: Tech contacts can no longer edit their own details.
 - Fixed overlapping logo issue in Invoice/Quote PDF exports.
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@
    <br />
    <a href="https://demo.itflow.org"><strong>View demo</strong></a>
    <br />
-    Username: <b>demo@demo</b> | Password: <b>demo</b>
+    Username: <b>demo@demo.com</b> | Password: <b>demo</b>
    <br />
    <br />
    <a href="https://itflow.org/#about">About</a>
@@ -93,6 +93,7 @@ If you want to improve ITFlow, feel free to fork the repo and create a pull requ
 We’re incredibly grateful to the organizations and individuals who support the project - a big thank you to:
 - CompuMatter
 - F1 for HELP
+- digiBandit
 - JetBrains (PhpStorm)

 ## License
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -13,7 +13,7 @@ We operate a rolling release model. Any bug fixes will be released into latest v

 | Version | Supported          |
 |---------| ------------------ |
-| 25.05   | :white_check_mark: |
+| 25.12   | :white_check_mark: |

 ## Reporting a Vulnerability via GitHub Security Advisories

--- a/admin/ai_model.php
+++ b/admin/ai_model.php
@@ -12,6 +12,16 @@ $num_rows = mysqli_num_rows($sql);

 ?>

+<ol class="breadcrumb d-print-none">
+    <li class="breadcrumb-item">
+        <a href="/admin">Admin</a>
+    </li>
+    <li class="breadcrumb-item">
+        <a href="ai_provider.php">AI Providers</a>
+    </li>
+    <li class="breadcrumb-item active">AI Models</li>
+</ol>
+
 <div class="card card-dark">
    <div class="card-header py-2">
        <h3 class="card-title mt-2"><i class="fas fa-fw fa-robot mr-2"></i>AI Models</h3>
@@ -48,7 +58,7 @@ $num_rows = mysqli_num_rows($sql);
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $provider_id = intval($row['ai_provider_id']);
                    $provider_name = nullable_htmlentities($row['ai_provider_name']);
                    $model_id = intval($row['ai_model_id']);
--- a/admin/ai_provider.php
+++ b/admin/ai_provider.php
@@ -39,7 +39,7 @@ $num_rows = mysqli_num_rows($sql);
                            Key <?php if ($sort == 'ai_provider_api_key') { echo $order_icon; } ?>
                        </a>
                    </th>
-                    <th>
+                    <th class="text-center">
                        <a class="text-dark">Models</a>
                    </th>
                    <th class="text-center">Action</th>
@@ -48,7 +48,7 @@ $num_rows = mysqli_num_rows($sql);
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $provider_id = intval($row['ai_provider_id']);
                    $provider_name = nullable_htmlentities($row['ai_provider_name']);
                    $url = nullable_htmlentities($row['ai_provider_api_url']);
@@ -67,7 +67,8 @@ $num_rows = mysqli_num_rows($sql);
                        </td>
                        <td><?php echo $url; ?></td>
                        <td><?php echo $key; ?></td>
-                        <td><?php echo $ai_model_count; ?></td>
+                        <td class="text-center">
+                            <a class="badge badge-dark badge-pill p-2" href="ai_model.php"><?= $ai_model_count ?></a>
                        <td>
                            <div class="dropdown dropleft text-center">
                                <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
--- a/admin/api_keys.php
+++ b/admin/api_keys.php
@@ -49,7 +49,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                            <div class="dropdown-menu">
                                <button class="dropdown-item text-danger text-bold"
                                        type="submit" form="bulkActions" name="bulk_delete_api_keys">
-                                    <i class="fas fa-fw fa-trash mr-2"></i>Revoke
+                                    <i class="fas fa-fw fa-trash mr-2"></i>Delete
                                </button>
                            </div>
                        </div>
@@ -105,7 +105,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $api_key_id = intval($row['api_key_id']);
                        $api_key_name = nullable_htmlentities($row['api_key_name']);
                        $api_key_secret = nullable_htmlentities("************" . substr($row['api_key_secret'], -4));
@@ -139,9 +139,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                        <i class="fas fa-ellipsis-h"></i>
                                    </button>
                                    <div class="dropdown-menu">
-                                        <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_api_key=<?php echo $api_key_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
-                                            <i class="fas fa-fw fa-times mr-2"></i>Revoke
-                                        </a>
+                                        <?php if ($api_key_expire > date("Y-m-d H:i:s")) { ?>
+                                            <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?revoke_api_key=<?php echo $api_key_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
+                                                <i class="fas fa-fw fa-times mr-2"></i>Revoke
+                                            </a>
+                                        <?php } ?>
+                                        <?php if ($api_key_expire < date("Y-m-d H:i:s")) { ?>
+                                            <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_api_key=<?php echo $api_key_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
+                                                <i class="fas fa-fw fa-times mr-2"></i>Delete
+                                            </a>
+                                        <?php } ?>
                                    </div>
                                </div>
                            </td>
@@ -164,4 +171,3 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

 <?php
 require_once "../includes/footer.php";
-
--- a/admin/app_log.php
+++ b/admin/app_log.php
@@ -66,7 +66,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                                <?php
                                $sql_types_filter = mysqli_query($mysqli, "SELECT DISTINCT app_log_type FROM app_logs ORDER BY app_log_type ASC");
-                                while ($row = mysqli_fetch_array($sql_types_filter)) {
+                                while ($row = mysqli_fetch_assoc($sql_types_filter)) {
                                    $log_type = nullable_htmlentities($row['app_log_type']);
                                ?>
                                    <option <?php if ($type_filter == $log_type) { echo "selected"; } ?>><?php echo $log_type; ?></option>
@@ -85,7 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                                <?php
                                $sql_categories_filter = mysqli_query($mysqli, "SELECT DISTINCT app_log_category FROM app_logs ORDER BY app_log_category ASC");
-                                while ($row = mysqli_fetch_array($sql_categories_filter)) {
+                                while ($row = mysqli_fetch_assoc($sql_categories_filter)) {
                                    $log_category = nullable_htmlentities($row['app_log_category']);
                                ?>
                                    <option <?php if ($category_filter == $log_category) { echo "selected"; } ?>><?php echo $log_category; ?></option>
@@ -141,7 +141,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $log_id = intval($row['app_log_id']);
                        $log_type = nullable_htmlentities($row['app_log_type']);
                        $log_category = nullable_htmlentities($row['app_log_category']);
--- a/admin/audit_log.php
+++ b/admin/audit_log.php
@@ -80,7 +80,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                            </div>
                        </div>
                    </div>
-                    
+
                    <div class="col-sm-2">
                        <div class="input-group mb-3 mb-md-0">
                            <select class="form-control select2" name="client" onchange="this.form.submit()">
@@ -88,7 +88,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                                <?php
                                $sql_clients_filter = mysqli_query($mysqli, "SELECT * FROM clients ORDER BY client_name ASC");
-                                while ($row = mysqli_fetch_array($sql_clients_filter)) {
+                                while ($row = mysqli_fetch_assoc($sql_clients_filter)) {
                                    $client_id = intval($row['client_id']);
                                    $client_name = nullable_htmlentities($row['client_name']);
                                ?>
@@ -108,7 +108,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                                <?php
                                $sql_users_filter = mysqli_query($mysqli, "SELECT * FROM users ORDER BY user_name ASC");
-                                while ($row = mysqli_fetch_array($sql_users_filter)) {
+                                while ($row = mysqli_fetch_assoc($sql_users_filter)) {
                                    $user_id = intval($row['user_id']);
                                    $user_name = nullable_htmlentities($row['user_name']);
                                ?>
@@ -128,7 +128,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                                <?php
                                $sql_types_filter = mysqli_query($mysqli, "SELECT DISTINCT log_type FROM logs ORDER BY log_type ASC");
-                                while ($row = mysqli_fetch_array($sql_types_filter)) {
+                                while ($row = mysqli_fetch_assoc($sql_types_filter)) {
                                    $log_type = nullable_htmlentities($row['log_type']);
                                ?>
                                    <option <?php if ($type_filter == $log_type) { echo "selected"; } ?>><?php echo $log_type; ?></option>
@@ -147,7 +147,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                                <?php
                                $sql_actions_filter = mysqli_query($mysqli, "SELECT DISTINCT log_action FROM logs ORDER BY log_action ASC");
-                                while ($row = mysqli_fetch_array($sql_actions_filter)) {
+                                while ($row = mysqli_fetch_assoc($sql_actions_filter)) {
                                    $log_action = nullable_htmlentities($row['log_action']);
                                ?>
                                    <option <?php if ($action_filter == $log_action) { echo "selected"; } ?>><?php echo $log_action; ?></option>
@@ -225,7 +225,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $log_id = intval($row['log_id']);
                        $log_type = nullable_htmlentities($row['log_type']);
                        $log_action = nullable_htmlentities($row['log_action']);
@@ -280,4 +280,3 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

 <?php
 require_once "../includes/footer.php";
-
--- a/admin/category.php
+++ b/admin/category.php
@@ -111,7 +111,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $category_id = intval($row['category_id']);
                        $category_name = nullable_htmlentities($row['category_name']);
                        $category_color = nullable_htmlentities($row['category_color']);
--- a/admin/contract_templates.php
+++ b/admin/contract_templates.php
@@ -59,7 +59,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                </thead>
                <tbody>
                    <?php
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $id = intval($row['contract_template_id']);
                            $name = nullable_htmlentities($row['contract_template_name']);
                            $type = nullable_htmlentities($row['contract_template_type']);
--- a/admin/custom_link.php
+++ b/admin/custom_link.php
@@ -72,7 +72,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $custom_link_id = intval($row['custom_link_id']);
                        $custom_link_name = nullable_htmlentities($row['custom_link_name']);
                        $custom_link_uri = nullable_htmlentities($row['custom_link_uri']);
--- a/admin/database_updates.php
+++ b/admin/database_updates.php
@@ -791,7 +791,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

        // Copy primary_location and primary_contact to their new vars in their own respecting tables
        $sql = mysqli_query($mysqli, "SELECT * FROM clients");
-        while($row = mysqli_fetch_array($sql)) {
+        while($row = mysqli_fetch_assoc($sql)) {
            $primary_contact = $row['primary_contact'];
            $primary_location = $row['primary_location'];

@@ -1666,7 +1666,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
    if (CURRENT_DATABASE_VERSION == '1.3.9') {
        // Migrate all Network Info from Assets to Interface Table and make it primary interface
        $sql = mysqli_query($mysqli, "SELECT * FROM assets");
-        while ($row = mysqli_fetch_array($sql)) {
+        while ($row = mysqli_fetch_assoc($sql)) {
            $asset_id = intval($row['asset_id']);
            $mac = sanitizeInput($row['asset_mac']);
            $ip = sanitizeInput($row['asset_ip']);
@@ -1945,7 +1945,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
    if (CURRENT_DATABASE_VERSION == '1.5.7') {
        // Create Users for contacts that have logins enabled and that are not archived
        $contacts_sql = mysqli_query($mysqli, "SELECT * FROM `contacts` WHERE contact_archived_at IS NULL AND (contact_auth_method = 'local' OR contact_auth_method = 'azure')");
-        while($row = mysqli_fetch_array($contacts_sql)) {
+        while($row = mysqli_fetch_assoc($contacts_sql)) {
            $contact_id = intval($row['contact_id']);
            $contact_name = mysqli_real_escape_string($mysqli, $row['contact_name']);
            $contact_email = mysqli_real_escape_string($mysqli, $row['contact_email']);
@@ -2325,7 +2325,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
                `interface_link_status` VARCHAR(50) NULL,
                `interface_link_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
                `interface_link_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
-                
+
                CONSTRAINT `fk_interface_a`
                    FOREIGN KEY (`interface_a_id`)
                    REFERENCES `asset_interfaces` (`interface_id`)
@@ -3701,8 +3701,8 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
                `ai_model_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
                `ai_model_ai_provider_id` INT(11) NOT NULL,
                PRIMARY KEY (`ai_model_id`),
-                FOREIGN KEY (`ai_model_ai_provider_id`) 
-                    REFERENCES `ai_providers`(`ai_provider_id`) 
+                FOREIGN KEY (`ai_model_ai_provider_id`)
+                    REFERENCES `ai_providers`(`ai_provider_id`)
                    ON DELETE CASCADE
            )
        ");
@@ -3769,7 +3769,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
    }

    if (CURRENT_DATABASE_VERSION == '2.2.3') {
-        
+
        mysqli_query($mysqli, "CREATE TABLE `credits` (
            `credit_id` INT(11) NOT NULL AUTO_INCREMENT,
            `credit_amount` DECIMAL(15,2) NOT NULL,
@@ -3817,19 +3817,19 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
        mysqli_query($mysqli, "ALTER TABLE `credits` ADD INDEX (`credit_client_id`)");
        mysqli_query($mysqli, "ALTER TABLE `credits` ADD INDEX (`credit_invoice_id`)");
        mysqli_query($mysqli, "ALTER TABLE `credits` ADD INDEX (`credit_created_at`)");
-        
+
        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.7'");
    }

    if (CURRENT_DATABASE_VERSION == '2.2.7') {
        mysqli_query($mysqli, "ALTER TABLE `user_settings` ADD `user_config_theme_dark` TINYINT(1) NOT NULL DEFAULT 0 AFTER `user_config_signature`");
        mysqli_query($mysqli, "ALTER TABLE `settings` DROP `config_theme_dark`");
-        
+
        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.8'");
    }

    if (CURRENT_DATABASE_VERSION == '2.2.8') {
-        
+
        mysqli_query($mysqli, "ALTER TABLE `products` ADD `product_type` ENUM('service', 'product') NOT NULL DEFAULT 'service' AFTER `product_name`");
        mysqli_query($mysqli, "ALTER TABLE `products` ADD `product_code` VARCHAR(200) DEFAULT NULL AFTER `product_description`");
        mysqli_query($mysqli, "ALTER TABLE `products` ADD `product_location` VARCHAR(250) DEFAULT NULL AFTER `product_code`");
@@ -3844,7 +3844,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
            `stock_product_id` INT(11) NOT NULL,
            PRIMARY KEY (`stock_id`)
        )");
-        
+
        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.2.9'");
    }

@@ -3853,7 +3853,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

        // Get Current Stripe Settings
        $sql_stripe_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
-        $row = mysqli_fetch_array($sql_stripe_settings);
+        $row = mysqli_fetch_assoc($sql_stripe_settings);
        $config_stripe_enable = intval($row['config_stripe_enable']);
        if ($config_stripe_enable === 1) {
            $config_stripe_publishable = mysqli_real_escape_string($mysqli, $row['config_stripe_publishable']);
@@ -3879,7 +3879,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

            // Migrate Clients and Payment Method over
            $sql_stripe_clients = mysqli_query($mysqli, "SELECT * FROM client_stripe WHERE stripe_pm IS NOT NULL AND stripe_pm != ''");
-            while ($row = mysqli_fetch_array($sql_stripe_clients)) {
+            while ($row = mysqli_fetch_assoc($sql_stripe_clients)) {
                $client_id = intval($row['client_id']);
                $stripe_id = mysqli_real_escape_string($mysqli, $row['stripe_id']);
                $stripe_pm = mysqli_real_escape_string($mysqli, $row['stripe_pm']);
@@ -3931,13 +3931,13 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
    if (CURRENT_DATABASE_VERSION == '2.3.0') {
        // Migrate Payment Methods from Categories Table to new payment_methods table
        $sql_categories = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' AND category_name != 'Stripe' AND category_archived_at IS NULL");
-        
-        while ($row = mysqli_fetch_array($sql_categories)) {
+
+        while ($row = mysqli_fetch_assoc($sql_categories)) {
            $category_name = sanitizeInput($row['category_name']);

            mysqli_query($mysqli,"INSERT INTO payment_methods SET payment_method_name = '$category_name'");
        }
-      
+
        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.1'");
    }

@@ -3971,7 +3971,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

    if (CURRENT_DATABASE_VERSION == '2.3.2') {

-        mysqli_query($mysqli, "ALTER TABLE settings 
+        mysqli_query($mysqli, "ALTER TABLE settings
            ADD `config_imap_provider` ENUM('standard_imap','google_oauth','microsoft_oauth') NULL DEFAULT NULL AFTER `config_mail_from_name`,
            ADD `config_mail_oauth_client_id` VARCHAR(255) NULL AFTER `config_imap_provider`,
            ADD `config_mail_oauth_client_secret` VARCHAR(255) NULL AFTER `config_mail_oauth_client_id`,
@@ -3986,7 +3986,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

    if (CURRENT_DATABASE_VERSION == '2.3.3') {

-        mysqli_query($mysqli, "ALTER TABLE settings 
+        mysqli_query($mysqli, "ALTER TABLE settings
            ADD `config_smtp_provider` ENUM('standard_smtp','google_oauth','microsoft_oauth') NULL DEFAULT NULL AFTER `config_start_page`
        ");

@@ -4026,7 +4026,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.5'");
    }
-    
+
    if (CURRENT_DATABASE_VERSION == '2.3.5') {
        mysqli_query($mysqli, "ALTER TABLE `settings` CHANGE `config_smtp_provider` `config_smtp_provider` VARCHAR(200) DEFAULT NULL");
        mysqli_query($mysqli, "ALTER TABLE `settings` CHANGE `config_imap_provider` `config_imap_provider` VARCHAR(200) DEFAULT NULL");
@@ -4059,9 +4059,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

          `contract_template_created_at` DATETIME DEFAULT CURRENT_TIMESTAMP,
          `contract_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP,
-          `contract_template_archived_at` DATETIME NULL DEFAULT NULL,
-
-          `company_id` INT(11) NOT NULL
+          `contract_template_archived_at` DATETIME NULL DEFAULT NULL
        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;");


@@ -4111,14 +4109,94 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {

            FOREIGN KEY (`contract_client_id`) REFERENCES `clients`(`client_id`)
        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;");
-        
+
        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.7'");
    }

-    // if (CURRENT_DATABASE_VERSION == '2.3.7') {
-    //     // Insert queries here required to update to DB version 2.3.8
+    if (CURRENT_DATABASE_VERSION == '2.3.7') {
+
+        mysqli_query($mysqli, "
+            CREATE TABLE `asset_tags` (
+                `asset_tag_asset_id` INT(11) NOT NULL,
+                `asset_tag_tag_id` INT(11) NOT NULL,
+                PRIMARY KEY (`asset_tag_asset_id`, `asset_tag_tag_id`),
+                CONSTRAINT `fk_asset`
+                    FOREIGN KEY (`asset_tag_asset_id`)
+                    REFERENCES `assets`(`asset_id`)
+                    ON DELETE CASCADE,
+                CONSTRAINT `fk_tag`
+                    FOREIGN KEY (`asset_tag_tag_id`)
+                    REFERENCES `tags`(`tag_id`)
+                    ON DELETE CASCADE
+            ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+        ");
+
+        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.8'");
+    }
+
+     if (CURRENT_DATABASE_VERSION == '2.3.8') {
+
+         mysqli_query($mysqli, "
+            CREATE TABLE `task_approvals` (
+              `approval_id` int(11) NOT NULL AUTO_INCREMENT,
+              `approval_scope` enum('client','internal') NOT NULL,
+              `approval_type` enum('any','technical','billing','specific') NOT NULL,
+              `approval_required_user_id` int(11) DEFAULT NULL,
+              `approval_status` enum('pending','approved','declined') NOT NULL,
+              `approval_created_by` int(11) NOT NULL,
+              `approval_approved_by` varchar(255) DEFAULT NULL,
+              `approval_url_key` varchar(200) NOT NULL,
+              `approval_task_id` int(11) NOT NULL,
+              PRIMARY KEY (`approval_id`)
+            ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+        ");
+
+         mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.9'");
+     }
+
+    if (CURRENT_DATABASE_VERSION == '2.3.9') {
+        mysqli_query($mysqli, "ALTER TABLE `clients` ADD `client_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `client_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `locations` ADD `location_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `location_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `vendors` ADD `vendor_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `vendor_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `software` ADD `software_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `software_notes`");
+
+        mysqli_query(
+            $mysqli,
+            "ALTER TABLE `credentials`
+             CHANGE `credential_important` `credential_favorite`
+             TINYINT(1) NOT NULL DEFAULT 0
+             AFTER `credential_note`"
+        );
+
+        mysqli_query($mysqli, "ALTER TABLE `assets` DROP `asset_important`");
+        mysqli_query($mysqli, "ALTER TABLE `assets` ADD `asset_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `asset_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `documents` DROP `document_important`");
+        mysqli_query($mysqli, "ALTER TABLE `documents` ADD `document_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `document_client_visible`");
+
+        mysqli_query($mysqli, "ALTER TABLE `racks` ADD `rack_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `rack_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `files` DROP `file_important`");
+        mysqli_query($mysqli, "ALTER TABLE `files` ADD `file_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `file_mime_type`");
+
+        mysqli_query($mysqli, "ALTER TABLE `networks` ADD `network_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `network_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `domains` ADD `domain_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `domain_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `certificates` ADD `certificate_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `certificate_notes`");
+
+        mysqli_query($mysqli, "ALTER TABLE `services` ADD `service_favorite` TINYINT(1) NOT NULL DEFAULT '0' AFTER `service_notes`");
+
+        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.4.0'");
+    }
+
+    // if (CURRENT_DATABASE_VERSION == '2.4.0') {
+    //     // Insert queries here required to update to DB version 2.4.1
    //     // Then, update the database to the next sequential version
-    //     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.8'");
+    //     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.4.1'");
    // }

 } else {
--- a/admin/debug.php
+++ b/admin/debug.php
@@ -52,6 +52,7 @@ $extensions = [
    'php-mbstring' => 'mbstring',
    'php-gd' => 'gd',
    'php-zip' => 'zip',
+    'php-xml' => 'xml',
 ];

 foreach ($extensions as $name => $ext) {
@@ -682,7 +683,7 @@ $mysqli->close();
                </tbody>
            </table>
        </div>
-        
+

        <!-- Database Structure Comparison Table -->
        <h3 class="mt-3">Database Structure Comparison</h3>
@@ -765,4 +766,3 @@ $mysqli->close();
 <?php

 require_once "../includes/footer.php";
-
--- a/admin/document_template.php
+++ b/admin/document_template.php
@@ -66,7 +66,7 @@
                <tbody>
                    <?php

-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $document_template_id = intval($row['document_template_id']);
                            $document_template_name = nullable_htmlentities($row['document_template_name']);
                            $document_template_description = nullable_htmlentities($row['document_template_description']);
--- a/admin/document_template_details.php
+++ b/admin/document_template_details.php
@@ -23,7 +23,7 @@ if (mysqli_num_rows($sql_document) == 0) {
    exit();
 }

-$row = mysqli_fetch_array($sql_document);
+$row = mysqli_fetch_assoc($sql_document);

 $document_template_name = nullable_htmlentities($row['document_template_name']);
 $document_template_description = nullable_htmlentities($row['document_template_description']);
--- a/admin/includes/side_nav.php
+++ b/admin/includes/side_nav.php
@@ -27,12 +27,14 @@
                        <p>Roles</p>
                    </a>
                </li>
+                <!-- 2025-12-05 JQ - Hide Permission Modules currently just shows modules
                <li class="nav-item">
                    <a href="/admin/modules.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "modules.php") {echo "active";} ?>">
                        <i class="nav-icon fas fa-puzzle-piece"></i>
                        <p>Modules</p>
                    </a>
                </li>
+                -->
                <li class="nav-item">
                    <a href="/admin/api_keys.php" class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "api_keys.php") {echo "active";} ?>">
                        <i class="nav-icon fas fa-key"></i>
@@ -67,31 +69,21 @@
                        </a>
                    </li>
                    <li class="nav-item">
-                        <a href="/admin/payment_provider.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'payment_provider.php' ? 'active' : ''); ?>">
+                        <a href="/admin/payment_provider.php"
+                           class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['payment_provider.php', 'saved_payment_method.php']) ? 'active' : ''); ?>">
                            <i class="nav-icon far fa-credit-card"></i>
                            <p>Payment Providers</p>
                        </a>
                    </li>
-                    <li class="nav-item">
-                        <a href="/admin/saved_payment_method.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'saved_payment_method.php' ? 'active' : ''); ?>">
-                            <i class="nav-icon far fa-credit-card"></i>
-                            <p>Saved Payments</p>
-                        </a>
-                    </li>
                <?php } ?>
                    <li class="nav-item">
-                        <a href="/admin/ai_provider.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'ai_provider.php' ? 'active' : ''); ?>">
+                        <a href="/admin/ai_provider.php"
+                        class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['ai_provider.php', 'ai_model.php']) ? 'active' : ''); ?>">
                            <i class="nav-icon fas fa-robot"></i>
                            <p>AI Providers</p>
                        </a>
                    </li>
-                    <li class="nav-item">
-                        <a href="/admin/ai_model.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'ai_model.php' ? 'active' : ''); ?>">
-                            <i class="nav-icon fas fa-robot"></i>
-                            <p>AI Models</p>
-                        </a>
-                    </li>
-                
+
                <?php if ($config_module_enable_ticketing) { ?>
                    <li class="nav-item">
                        <a href="/admin/ticket_status.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'ticket_status.php' ? 'active' : ''); ?>">
@@ -110,12 +102,17 @@
                <?php if ($config_module_enable_itdoc) { ?>
                    <li class="nav-header">TEMPLATES</li>

+                    <!-- 2025-11-16 JQ - Hide Contracts not yet ready
                    <li class="nav-item">
-                        <a href="/admin/contract_templates.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'contract_templates.php' ? 'active' : ''); ?>">
+                        <a href="/admin/contract_template.php" class="nav-link <?php echo (basename($_SERVER['PHP_SELF']) == 'contract_template.php' ? 'active' : ''); ?>">
                            <i class="nav-icon fas fa-file-contract"></i>
-                            <p>Contract Templates</p>
+                            <p>
+                                <span href="#" class="fas fa-plus-circle right ajax-modal" data-modal-url="/admin/modals/contract_template/contract_template_add.php" data-modal-size="lg"></span>
+                                Contract Templates
+                            </p>
                        </a>
                    </li>
+                    -->
                    <li class="nav-item">
                        <a href="/admin/project_template.php" class="nav-link <?php echo (in_array(basename($_SERVER['PHP_SELF']), ['project_template.php', 'project_template_details.php']) ? 'active' : ''); ?>">
                            <i class="nav-icon fas fa-project-diagram"></i>
@@ -291,12 +288,12 @@
                </li>

                <?php
-                $sql_custom_links = mysqli_query($mysqli, "SELECT * FROM custom_links 
+                $sql_custom_links = mysqli_query($mysqli, "SELECT * FROM custom_links
                    WHERE custom_link_location = 4 AND custom_link_archived_at IS NULL
                    ORDER BY custom_link_order ASC, custom_link_name ASC"
                );

-                while ($row = mysqli_fetch_array($sql_custom_links)) {
+                while ($row = mysqli_fetch_assoc($sql_custom_links)) {
                    $custom_link_name = nullable_htmlentities($row['custom_link_name']);
                    $custom_link_uri = sanitize_url($row['custom_link_uri']);
                    $custom_link_icon = nullable_htmlentities($row['custom_link_icon']);
--- a/admin/mail_queue.php
+++ b/admin/mail_queue.php
@@ -116,7 +116,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                        <tbody>
                        <?php

-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $email_id = intval($row['email_id']);
                            $email_from = nullable_htmlentities($row['email_from']);
                            $email_from_name = nullable_htmlentities($row['email_from_name']);
--- a/admin/modals/ai/ai_model_add.php
+++ b/admin/modals/ai/ai_model_add.php
@@ -27,7 +27,7 @@ ob_start();
                    <option value="">- Select an AI Provider -</option>
                    <?php
                        $sql_ai_providers = mysqli_query($mysqli, "SELECT * FROM ai_providers");
-                        while ($row = mysqli_fetch_array($sql_ai_providers)) {
+                        while ($row = mysqli_fetch_assoc($sql_ai_providers)) {
                            $ai_provider_id = intval($row['ai_provider_id']);
                            $ai_provider_name = nullable_htmlentities($row['ai_provider_name']);

--- a/admin/modals/ai/ai_model_edit.php
+++ b/admin/modals/ai/ai_model_edit.php
@@ -6,7 +6,7 @@ $model_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM ai_models WHERE ai_model_id = $model_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $ai_model_ai_provider_id = intval($row['ai_model_ai_provider_id']);
 $model_id = intval($row['ai_model_id']);
 $model_name = nullable_htmlentities($row['ai_model_name']);
@@ -39,7 +39,7 @@ ob_start();
                    <option value="">- Select an AI Provider -</option>
                    <?php
                        $sql_ai_providers = mysqli_query($mysqli, "SELECT * FROM ai_providers");
-                        while ($row = mysqli_fetch_array($sql_ai_providers)) {
+                        while ($row = mysqli_fetch_assoc($sql_ai_providers)) {
                            $ai_provider_id = intval($row['ai_provider_id']);
                            $ai_provider_name = nullable_htmlentities($row['ai_provider_name']);

--- a/admin/modals/ai/ai_provider_edit.php
+++ b/admin/modals/ai/ai_provider_edit.php
@@ -6,7 +6,7 @@ $provider_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM ai_providers WHERE ai_provider_id = $provider_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $provider_name = nullable_htmlentities($row['ai_provider_name']);
 $url = nullable_htmlentities($row['ai_provider_api_url']);
 $key = nullable_htmlentities($row['ai_provider_api_key']);
--- a/admin/modals/api/api_key_add.php
+++ b/admin/modals/api/api_key_add.php
@@ -2,8 +2,8 @@

 require_once '../../../includes/modal_header.php';

-$key = randomString(156);
-$decryptPW = randomString(160);
+$key = randomString(32);
+$decryptPW = randomString(32);

 ob_start();
 ?>
@@ -64,7 +64,7 @@ ob_start();
                            <option value="0"> ALL CLIENTS </option>
                            <?php
                            $sql = mysqli_query($mysqli, "SELECT client_id, client_name FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
-                            while ($row = mysqli_fetch_array($sql)) {
+                            while ($row = mysqli_fetch_assoc($sql)) {
                                $client_id = intval($row['client_id']);
                                $client_name = nullable_htmlentities($row['client_name']); ?>
                                <option value="<?php echo $client_id; ?>"><?php echo "$client_name  (Client ID: $client_id)"; ?></option>
--- a/admin/modals/category/category_add.php
+++ b/admin/modals/category/category_add.php
@@ -2,7 +2,9 @@

 require_once '../../../includes/modal_header.php';

-$category = nullable_htmlentities($_GET['category']);
+$category = nullable_htmlentities($_GET['category'] ?? '');
+
+$category_types_array = ['Expense', 'Income', 'Referral', 'Ticket'];

 ?>

@@ -13,10 +15,30 @@ $category = nullable_htmlentities($_GET['category']);
    </button>
 </div>
 <form action="post.php" method="post" autocomplete="off">
-    <input type="hidden" name="type" value="<?php echo ($category); ?>">

    <div class="modal-body">

+        <?php if ($category) { ?>
+        <input type="hidden" name="type" value="<?= $category ?>">
+        <?php } else { ?>
+
+        <div class="form-group">
+            <label>Type <strong class="text-danger">*</strong></label>
+            <div class="input-group">
+                <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
+                </div>
+                <select class="form-control select2" name="type" required>
+                    <option value="">- Select Type -</option>
+                    <?php foreach ($category_types_array as $type_select) { ?>
+                        <option><?= $type_select ?></option>
+                    <?php } ?>
+                </select>
+            </div>
+        </div>
+
+        <?php } ?>
+
        <div class="form-group">
            <label>Name <strong class="text-danger">*</strong></label>
            <div class="input-group">
@@ -39,7 +61,7 @@ $category = nullable_htmlentities($_GET['category']);

    </div>
    <div class="modal-footer">
-        <button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
+        <button type="submit" name="add_category" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create Category</button>
        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
    </div>
 </form>
--- a/admin/modals/category/category_edit.php
+++ b/admin/modals/category/category_edit.php
@@ -6,7 +6,7 @@ $category_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_id = $category_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $category_name = nullable_htmlentities($row['category_name']);
 $category_color = nullable_htmlentities($row['category_color']);
 $category_type = nullable_htmlentities($row['category_type']);
--- a/admin/modals/contract_template/contract_template_add.php
+++ b/admin/modals/contract_template/contract_template_add.php
@@ -1,15 +1,18 @@
 <?php
 require_once '../../../includes/modal_header.php';
-ob_start();
+

 $contract_types_array = ['Fully Managed', 'Partialy Managed', 'Break/Fix'];
-$update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '7 Year'];
+$renewal_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '7 Year'];
+
+ob_start();
 ?>

 <div class="modal-header bg-dark">
    <h5 class="modal-title"><i class="fa fa-fw fa-file-contract mr-2"></i>New Contract Template</h5>
    <button type="button" class="close text-white" data-dismiss="modal"><span>&times;</span></button>
 </div>
+
 <!-- Tabs Navigation -->
 <ul class="modal-header nav nav-pills nav-justified">
    <li class="nav-item">
@@ -25,37 +28,62 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
        <a class="nav-link" id="details-tab" data-toggle="tab" href="#details" role="tab">Details</a>
    </li>
 </ul>
+
 <form action="post.php" method="post" autocomplete="off">
-
    <div class="modal-body">
-
        <div class="tab-content" id="contractTemplateTabContent">

            <!-- General Info Tab -->
            <div class="tab-pane fade show active" id="general" role="tabpanel">
                <div class="form-group">
                    <label>Template Name <strong class="text-danger">*</strong></label>
-                    <input type="text" class="form-control" name="contract_template_name" placeholder="Contract Template Name" maxlength="200" required autofocus>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-file-contract"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="name" placeholder="Contract Template Name" maxlength="200" required autofocus>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Template Description <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-align-left"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="description"
+                        placeholder="Contract Template Description" maxlength="200" required>
+                    </div>
                </div>

                <div class="form-group">
                    <label>Contract Type <strong class="text-danger">*</strong></label>
-                    <select class="form-control select2" name="contract_template_type" required>
-                        <option value="">- Select Type -</option>
-                        <?php foreach ($contract_types_array as $type) { ?>
-                            <option><?php echo $type; ?></option>
-                        <?php } ?>
-                    </select>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
+                        </div>
+                        <select class="form-control select2" name="type" required>
+                            <option value="">- Select Type -</option>
+                            <?php foreach ($contract_types_array as $type) { ?>
+                                <option><?= $type ?></option>
+                            <?php } ?>
+                        </select>
+                    </div>
                </div>

                <div class="form-group">
-                    <label>Update Frequency</label>
-                    <select class="form-control select2" name="contract_template_update_frequency">
-                        <option value="">- Select Frequency -</option>
-                        <?php foreach ($update_frequency_array as $freq) { ?>
-                            <option><?php echo $freq; ?></option>
-                        <?php } ?>
-                    </select>
+                    <label>Renewal Frequency</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-sync-alt"></i></span>
+                        </div>
+                        <select class="form-control select2" name="renewal_frequency">
+                            <option value="">- Select Frequency -</option>
+                            <?php foreach ($renewal_frequency_array as $renewal_frequency) { ?>
+                                <option><?= $renewal_frequency ?></option>
+                            <?php } ?>
+                        </select>
+                    </div>
                </div>
            </div>

@@ -64,33 +92,63 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
                <div class="form-row">
                    <div class="form-group col-md-6">
                        <label>Low Priority Response (hrs)</label>
-                        <input type="number" class="form-control" name="sla_low_response_time" placeholder="e.g., 24">
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_low_response_time" placeholder="e.g., 24">
+                        </div>
                    </div>
                    <div class="form-group col-md-6">
                        <label>Low Priority Resolution (hrs)</label>
-                        <input type="number" class="form-control" name="sla_low_resolution_time" placeholder="e.g., 48">
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-hourglass-half"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_low_resolution_time" placeholder="e.g., 48">
+                        </div>
                    </div>
                </div>

                <div class="form-row">
                    <div class="form-group col-md-6">
                        <label>Medium Priority Response (hrs)</label>
-                        <input type="number" class="form-control" name="sla_medium_response_time" placeholder="e.g., 12">
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_medium_response_time" placeholder="e.g., 12">
+                        </div>
                    </div>
                    <div class="form-group col-md-6">
                        <label>Medium Priority Resolution (hrs)</label>
-                        <input type="number" class="form-control" name="sla_medium_resolution_time" placeholder="e.g., 24">
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-hourglass-half"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_medium_resolution_time" placeholder="e.g., 24">
+                        </div>
                    </div>
                </div>

                <div class="form-row">
                    <div class="form-group col-md-6">
                        <label>High Priority Response (hrs)</label>
-                        <input type="number" class="form-control" name="sla_high_response_time" placeholder="e.g., 1">
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-bolt"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_high_response_time" placeholder="e.g., 1">
+                        </div>
                    </div>
                    <div class="form-group col-md-6">
                        <label>High Priority Resolution (hrs)</label>
-                        <input type="number" class="form-control" name="sla_high_resolution_time" placeholder="e.g., 4">
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-stopwatch"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_high_resolution_time" placeholder="e.g., 4">
+                        </div>
                    </div>
                </div>
            </div>
@@ -99,29 +157,49 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
            <div class="tab-pane fade" id="rates" role="tabpanel">
                <div class="form-group">
                    <label>Standard Hourly Rate</label>
-                    <input type="text" class="form-control" name="contract_template_hourly_rate" placeholder="e.g., 100">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="rate_standard" placeholder="e.g., 100">
+                    </div>
                </div>

                <div class="form-group">
                    <label>After Hours Hourly Rate</label>
-                    <input type="text" class="form-control" name="contract_template_after_hours_hourly_rate" placeholder="e.g., 150">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-moon"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="rate_after_hours" placeholder="e.g., 150">
+                    </div>
                </div>

                <div class="form-group">
                    <label>Support Hours</label>
-                    <input type="text" class="form-control" name="contract_template_support_hours" placeholder="e.g., Mon-Fri 9am-5pm">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="support_hours" placeholder="e.g., Mon-Fri 9am-5pm">
+                    </div>
                </div>

                <div class="form-group">
                    <label>Net Terms</label>
-                    <input type="text" class="form-control" name="contract_template_net_terms" placeholder="e.g., Net 30">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-file-invoice-dollar"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="net_terms" placeholder="e.g., Net 30">
+                    </div>
                </div>
            </div>

            <!-- Details Tab -->
            <div class="tab-pane fade" id="details" role="tabpanel">
                <div class="form-group">
-                    <textarea class="form-control tinymce" rows="6" name="contract_template_details" placeholder="Enter Contract Details"></textarea>
+                    <textarea class="form-control tinymce" rows="6" name="details" placeholder="Enter Contract Details"></textarea>
                </div>
            </div>

@@ -129,8 +207,12 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    </div>

    <div class="modal-footer">
-        <button type="submit" name="add_contract_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create Template</button>
-        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
+        <button type="submit" name="add_contract_template" class="btn btn-primary text-bold">
+            <i class="fa fa-check mr-2"></i>Create Template
+        </button>
+        <button type="button" class="btn btn-light" data-dismiss="modal">
+            <i class="fa fa-times mr-2"></i>Cancel
+        </button>
    </div>
 </form>

--- a/admin/modals/contract_template/contract_template_edit.php
+++ b/admin/modals/contract_template/contract_template_edit.php
@@ -0,0 +1,265 @@
+<?php
+require_once '../../../includes/modal_header.php';
+
+$contract_template_id = intval($_GET['id']);
+
+$contract_types_array = ['Fully Managed', 'Partialy Managed', 'Break/Fix'];
+$update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '7 Year'];
+
+// Fetch existing template
+$sql = mysqli_query($mysqli, "SELECT * FROM contract_templates WHERE contract_template_id = $contract_template_id LIMIT 1");
+$row = mysqli_fetch_assoc($sql);
+
+// Assign locals
+$name          = nullable_htmlentities($row['contract_template_name']);
+$description   = nullable_htmlentities($row['contract_template_description']);
+$type          = nullable_htmlentities($row['contract_template_type']);
+$renewal_frequency = nullable_htmlentities($row['contract_template_renewal_frequency']);
+$sla_low_resp  = intval($row['contract_template_sla_low_response_time']);
+$sla_med_resp  = intval($row['contract_template_sla_medium_response_time']);
+$sla_high_resp = intval($row['contract_template_sla_high_response_time']);
+$sla_low_res   = intval($row['contract_template_sla_low_resolution_time']);
+$sla_med_res   = intval($row['contract_template_sla_medium_resolution_time']);
+$sla_high_res  = intval($row['contract_template_sla_high_resolution_time']);
+$hourly_rate   = intval($row['contract_template_rate_standard']);
+$after_hours   = intval($row['contract_template_rate_after_hours']);
+$support_hours = nullable_htmlentities($row['contract_template_support_hours']);
+$net_terms     = intval($row['contract_template_net_terms']);
+$details       = nullable_htmlentities($row['contract_template_details']);
+
+ob_start();
+?>
+
+<div class="modal-header bg-dark">
+    <h5 class="modal-title"><i class="fa fa-fw fa-file-contract mr-2"></i>Edit Contract Template</h5>
+    <button type="button" class="close text-white" data-dismiss="modal"><span>&times;</span></button>
+</div>
+
+<!-- Tabs Navigation -->
+<ul class="modal-header nav nav-pills nav-justified">
+    <li class="nav-item">
+        <a class="nav-link active" id="general-tab" data-toggle="tab" href="#general" role="tab">General Info</a>
+    </li>
+    <li class="nav-item">
+        <a class="nav-link" id="sla-tab" data-toggle="tab" href="#sla" role="tab">SLA</a>
+    </li>
+    <li class="nav-item">
+        <a class="nav-link" id="rates-tab" data-toggle="tab" href="#rates" role="tab">Rates & Support</a>
+    </li>
+    <li class="nav-item">
+        <a class="nav-link" id="details-tab" data-toggle="tab" href="#details" role="tab">Details</a>
+    </li>
+</ul>
+
+<form action="post.php" method="post" autocomplete="off">
+    <input type="hidden" name="contract_template_id" value="<?php echo $contract_template_id; ?>">
+
+    <div class="modal-body">
+        <div class="tab-content" id="contractTemplateTabContent">
+
+            <!-- General Info Tab -->
+            <div class="tab-pane fade show active" id="general" role="tabpanel">
+                <div class="form-group">
+                    <label>Template Name <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-file-contract"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="name"
+                            placeholder="Contract Template Name" maxlength="200" required autofocus
+                            value="<?= $name ?>">
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Template Description <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-align-left"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="description"
+                            placeholder="Contract Template Description" maxlength="200" required
+                            value="<?= $description ?>">
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Contract Type <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
+                        </div>
+                        <select class="form-control select2" name="type" required>
+                            <option value="">- Select Type -</option>
+                            <?php foreach ($contract_types_array as $type_select) { ?>
+                                <option <?php if ($type == $type_select) { echo "selected"; } ?>><?= $type_select ?></option>
+                            <?php } ?>
+                        </select>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Renewal Frequency</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-sync-alt"></i></span>
+                        </div>
+                        <select class="form-control select2" name="renewal_frequency">
+                            <option value="">- Select Frequency -</option>
+                            <?php foreach ($renewal_frequency_array as $renewal_frequency_select) { ?>
+                                <option <?php if ($renewal_frequency == $renewal_frequency_select) { echo "selected"; } ?>><?= $renewal_frequency_select ?></option>
+                            <?php } ?>
+                        </select>
+                    </div>
+                </div>
+            </div>
+
+            <!-- SLA Tab -->
+            <div class="tab-pane fade" id="sla" role="tabpanel">
+                <div class="form-row">
+                    <div class="form-group col-md-6">
+                        <label>Low Priority Response (hrs)</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_low_response_time" placeholder="e.g., 24"
+                                value="<?= $sla_low_resp ?>">
+                        </div>
+                    </div>
+                    <div class="form-group col-md-6">
+                        <label>Low Priority Resolution (hrs)</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-hourglass-half"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_low_resolution_time" placeholder="e.g., 48"
+                                value="<?= $sla_low_res ?>">
+                        </div>
+                    </div>
+                </div>
+
+                <div class="form-row">
+                    <div class="form-group col-md-6">
+                        <label>Medium Priority Response (hrs)</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_medium_response_time" placeholder="e.g., 12"
+                                value="<?= $sla_med_resp ?>">
+                        </div>
+                    </div>
+                    <div class="form-group col-md-6">
+                        <label>Medium Priority Resolution (hrs)</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-hourglass-half"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_medium_resolution_time" placeholder="e.g., 24"
+                                value="<?= $sla_med_res ?>">
+                        </div>
+                    </div>
+                </div>
+
+                <div class="form-row">
+                    <div class="form-group col-md-6">
+                        <label>High Priority Response (hrs)</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-bolt"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_high_response_time" placeholder="e.g., 1"
+                                value="<?= $sla_high_resp ?>">
+                        </div>
+                    </div>
+                    <div class="form-group col-md-6">
+                        <label>High Priority Resolution (hrs)</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-stopwatch"></i></span>
+                            </div>
+                            <input type="number" class="form-control" name="sla_high_resolution_time" placeholder="e.g., 4"
+                                value="<?= $sla_high_res ?>">
+                        </div>
+                    </div>
+                </div>
+            </div>
+
+            <!-- Rates & Support Tab -->
+            <div class="tab-pane fade" id="rates" role="tabpanel">
+                <div class="form-group">
+                    <label>Standard Hourly Rate</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-dollar-sign"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="rate_standard" placeholder="e.g., 100"
+                            value="<?= $rate_standard ?>">
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>After Hours Hourly Rate</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-moon"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="rate_after_hours" placeholder="e.g., 150"
+                            value="<?= $rate_after_hours ?>">
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Support Hours</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="support_hours" placeholder="e.g., Mon-Fri 9am-5pm"
+                            value="<?= $support_hours ?>">
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Net Terms</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-file-invoice-dollar"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="net_terms" placeholder="e.g., Net 30"
+                            value="<?= $net_terms ?>">
+                    </div>
+                </div>
+            </div>
+
+            <!-- Details Tab -->
+            <div class="tab-pane fade" id="details" role="tabpanel">
+                <div class="form-group">
+                    <label>Contract Details</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-align-left"></i></span>
+                        </div>
+                        <textarea class="form-control tinymce" rows="6" name="details"
+                            placeholder="Enter Contract Details"><?= $details ?></textarea>
+                    </div>
+                </div>
+            </div>
+
+        </div>
+    </div>
+
+    <div class="modal-footer">
+        <button type="submit" name="edit_contract_template" class="btn btn-primary text-bold">
+            <i class="fa fa-check mr-2"></i>Save Changes
+        </button>
+        <button type="button" class="btn btn-light" data-dismiss="modal">
+            <i class="fa fa-times mr-2"></i>Cancel
+        </button>
+    </div>
+</form>
+
+<?php
+require_once '../../../includes/modal_footer.php';
+?>
--- a/admin/modals/custom_link/custom_link_edit.php
+++ b/admin/modals/custom_link/custom_link_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $custom_link_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM custom_links WHERE custom_link_id = $custom_link_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $custom_link_name = nullable_htmlentities($row['custom_link_name']);
 $custom_link_uri = nullable_htmlentities($row['custom_link_uri']);
 $custom_link_icon = nullable_htmlentities($row['custom_link_icon']);
@@ -24,9 +24,9 @@ ob_start();
    </button>
 </div>
 <form action="post.php" method="post" autocomplete="off">
-    
+
    <input type="hidden" name="custom_link_id" value="<?php echo $custom_link_id; ?>">
-    
+
    <div class="modal-body">

        <div class="form-group">
--- a/admin/modals/document_template/document_template_edit.php
+++ b/admin/modals/document_template/document_template_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $document_template_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $document_template_name = nullable_htmlentities($row['document_template_name']);
 $document_template_description = nullable_htmlentities($row['document_template_description']);
 $document_template_content = nullable_htmlentities($row['document_template_content']);
--- a/admin/modals/mail_queue/mail_queue_message_view.php
+++ b/admin/modals/mail_queue/mail_queue_message_view.php
@@ -17,7 +17,7 @@ $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'htt
 $purifier = new HTMLPurifier($purifier_config);

 $sql = mysqli_query($mysqli, "SELECT * FROM email_queue WHERE email_id = $email_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);

 $email_from = nullable_htmlentities($row['email_from']);
 $email_from_name = nullable_htmlentities($row['email_from_name']);
--- a/admin/modals/payment_method/payment_method_edit.php
+++ b/admin/modals/payment_method/payment_method_edit.php
@@ -6,7 +6,7 @@ $payment_method_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM payment_methods WHERE payment_method_id = $payment_method_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $payment_method_id = intval($row['payment_method_id']);
 $payment_method_name = nullable_htmlentities($row['payment_method_name']);
 $payment_method_description = nullable_htmlentities($row['payment_method_description']);
@@ -22,7 +22,7 @@ ob_start();
 </div>
 <form action="post.php" method="post" autocomplete="off">
    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
-
+    <input type="hidden" name="payment_method_id" value="<?= $payment_method_id ?>">
    <div class="modal-body">

        <div class="form-group">
--- a/admin/modals/payment_provider/payment_provider_add.php
+++ b/admin/modals/payment_provider/payment_provider_add.php
@@ -16,85 +16,182 @@ ob_start();

    <div class="modal-body">

-        <div class="alert alert-info">
-            An income account named after the provider will always be created and used for income of paid invoices.<br>
-            If "Enable Expense" option is enabled, a matching vendor will also be automatically created for expense tracking. Additionally, an expense category named "Payment Processing" will be created.
+        <div class="alert alert-info text-center">
+            <h6>Before Adding a Payment Provider!</h6>
+            We recommend you add an <strong>Account</strong> and <strong>Vendor</strong> based off the Provider name before continuing eg <strong>Stripe</strong>
        </div>

-        <div class="form-group">
-            <label>Provider <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
-                </div>
-                <select class="form-control select2" name="provider">
-                    <option>Stripe</option>
-                </select>
-            </div>
-        </div>
-
-        <div class="form-group">
-            <label>Publishable key <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
-                </div>
-                <input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)">
-            </div>
-        </div>
-
-        <div class="form-group">
-            <label>Secret key <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
-                </div>
-                <input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)">
-            </div>
-        </div>
-
-        <div class="form-group">
-            <label>Threshold</label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
-                </div>
-                <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="threshold" placeholder="1000.00">
-            </div>
-            <small class="form-text text-muted">Will not show as an option at Checkout if invoice amount is above this number, 0 disables the threshold check.</small>
-        </div>
+        <ul class="nav nav-pills nav-justified mb-3">
+            <li class="nav-item">
+                <a class="nav-link active" data-toggle="pill" href="#pills-details">Details</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" data-toggle="pill" href="#pills-expense">Expense</a>
+            </li>
+        </ul>

        <hr>

-        <div class="form-group">
-            <div class="custom-control custom-switch">
-                <input type="checkbox" class="custom-control-input" name="enable_expense" checked value="1" id="enableExpenseSwitch">
-                <label class="custom-control-label" for="enableExpenseSwitch">Enable Expense</label>
-            </div>
-        </div>
+        <div class="tab-content">

-        <div class="form-group">
-            <label>Percentage Fee to expense</label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
+            <div class="tab-pane fade show active" id="pills-details">
+
+                <div class="form-group">
+                    <label>Provider <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-credit-card"></i></span>
+                        </div>
+                        <select class="form-control select2" name="provider">
+                            <option>Stripe</option>
+                        </select>
+                    </div>
                </div>
-                <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" placeholder="Enter Percentage">
-            </div>
-            <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
-        </div>

-        <div class="form-group">
-            <label>Flat Fee to expense</label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                <div class="form-group">
+                    <label>Publishable key <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)">
+                    </div>
                </div>
-                <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" placeholder="0.030">
-            </div>
-            <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
-        </div>

+                <div class="form-group">
+                    <label>Secret key <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)">
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Income / Expense Account <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
+                        </div>
+                        <select class="form-control select2" name="account" required>
+                            <option value="">- Select an Account -</option>
+                            <?php
+
+                            $sql = mysqli_query($mysqli, "SELECT account_id, account_name FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
+                            while ($row = mysqli_fetch_assoc($sql)) {
+                                $account_id = intval($row['account_id']);
+                                $account_name = nullable_htmlentities($row['account_name']);
+                                ?>
+                                <option <?php if ($account_name === 'Stripe') { echo "selected"; } ?> value="<?= $account_id ?>"><?= $account_name ?></option>
+
+                                <?php
+                            }
+                            ?>
+                        </select>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Threshold</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                        </div>
+                        <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,2}" name="threshold" placeholder="1000.00">
+                    </div>
+                    <small class="form-text text-muted">Will not show as an option at Checkout if invoice amount is above this number, 0 disables the threshold check.</small>
+                </div>
+
+            </div>
+
+            <div class="tab-pane fade" id="pills-expense">
+
+                <div class="form-group">
+                    <div class="custom-control custom-switch">
+                        <input type="checkbox" class="custom-control-input" name="enable_expense" checked value="1" id="enableExpenseSwitch">
+                        <label class="custom-control-label" for="enableExpenseSwitch">Enable Expense</label>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Payment Provider Vendor <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
+                        </div>
+                        <select class="form-control select2" name="expense_vendor" required>
+                            <option value="0">Expense Disabled</option>
+                            <?php
+
+                            $sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
+                            while ($row = mysqli_fetch_assoc($sql)) {
+                                $vendor_id = intval($row['vendor_id']);
+                                $vendor_name = nullable_htmlentities($row['vendor_name']);
+                                ?>
+                                <option <?php if ($vendor_name === 'Stripe') { echo "selected"; } ?> value="<?= $vendor_id ?>"><?= $vendor_name ?></option>
+
+                                <?php
+                            }
+                            ?>
+                        </select>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Expense Category <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
+                        </div>
+                        <select class="form-control select2" name="expense_category" required>
+                            <option value="">- Select a Category -</option>
+                            <?php
+
+                            $sql = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL ORDER BY category_name ASC");
+                            while ($row = mysqli_fetch_assoc($sql)) {
+                                $category_id = intval($row['category_id']);
+                                $category_name = nullable_htmlentities($row['category_name']);
+                                ?>
+                                <option <?php if ($category_name === 'Processing Fee') { echo "selected"; } ?> value="<?= $category_id ?>"><?= $category_name ?></option>
+
+                                <?php
+                            }
+                            ?>
+                        </select>
+                        <div class="input-group-append">
+                            <button class="btn btn-secondary ajax-modal" type="button"
+                                data-modal-url="../admin/modals/category/category_add.php?category=Expense">
+                                <i class="fas fa-plus"></i>
+                            </button>
+                        </div>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Percentage Fee to expense</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
+                        </div>
+                        <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" placeholder="Enter Percentage">
+                    </div>
+                    <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
+                </div>
+
+                <div class="form-group">
+                    <label>Flat Fee to expense</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                        </div>
+                        <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" placeholder="0.030">
+                    </div>
+                    <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
+                </div>
+
+            </div>
+        </div>
    </div>
    <div class="modal-footer">
        <button type="submit" name="add_payment_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Add</button>
--- a/admin/modals/payment_provider/payment_provider_edit.php
+++ b/admin/modals/payment_provider/payment_provider_edit.php
@@ -6,14 +6,14 @@ $provider_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM payment_providers WHERE payment_provider_id = $provider_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $provider_name = nullable_htmlentities($row['payment_provider_name']);
 $public_key = nullable_htmlentities($row['payment_provider_public_key']);
 $private_key = nullable_htmlentities($row['payment_provider_private_key']);
-$account_id = nullable_htmlentities($row['payment_provider_account']);
+$account_id = intval($row['payment_provider_account']);
 $threshold = floatval($row['payment_provider_threshold']);
-$vendor_id = nullable_htmlentities($row['payment_provider_expense_vendor']);
-$category_id = nullable_htmlentities($row['payment_provider_expense_category']);
+$vendor_id = intval($row['payment_provider_expense_vendor']);
+$category_id = intval($row['payment_provider_expense_category']);
 $percent_fee = floatval($row['payment_provider_expense_percentage_fee']) * 100;
 $flat_fee = floatval($row['payment_provider_expense_flat_fee']);

@@ -21,80 +21,170 @@ $flat_fee = floatval($row['payment_provider_expense_flat_fee']);
 ob_start();
 ?>
 <div class="modal-header bg-dark">
-    <h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Editing: <strong><?php echo $provider_name; ?></strong></h5>
+    <h5 class="modal-title"><i class="fa fa-fw fa-credit-card mr-2"></i>Editing: <strong><?= $provider_name ?></strong></h5>
    <button type="button" class="close text-white" data-dismiss="modal">
        <span>&times;</span>
    </button>
 </div>
 <form action="post.php" method="post" autocomplete="off">
-    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
-    <input type="hidden" name="provider_id" value="<?php echo $provider_id; ?>">
+    <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
+    <input type="hidden" name="provider_id" value="<?= $provider_id ?>">

    <div class="modal-body">

-        <div class="form-group">
-            <label>Publishable key <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
-                </div>
-                <input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)" value="<?php echo $public_key; ?>">
-            </div>
-        </div>
-
-        <div class="form-group">
-            <label>Secret key <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
-                </div>
-                <input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)" value="<?php echo $private_key; ?>">
-            </div>
-        </div>
-
-        <div class="form-group">
-            <label>Threshold</label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
-                </div>
-                <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="threshold" placeholder="1000.00" value="<?php echo $threshold; ?>">
-            </div>
-            <small class="form-text text-muted">Will not show as an option at Checkout if above this number</small>
-        </div>
+        <ul class="nav nav-pills nav-justified mb-3">
+            <li class="nav-item">
+                <a class="nav-link active" data-toggle="pill" href="#pills-details">Details</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" data-toggle="pill" href="#pills-expense">Expense</a>
+            </li>
+        </ul>

        <hr>

-        <div class="form-group">
-            <div class="custom-control custom-switch">
-                <input type="checkbox" class="custom-control-input" name="enable_expense" <?php if ($vendor_id) { echo "checked";  } ?> value="1" id="enableEditExpenseSwitch">
-                <label class="custom-control-label" for="enableEditExpenseSwitch">Enable Expense</label>
-            </div>
-            <small>(Category: Payment Processing -- Vendor: <?php echo $provider_name; ?></small>
-        </div>
+        <div class="tab-content">

-        <div class="form-group">
-            <label>Percentage Fee to expense</label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
+            <div class="tab-pane fade show active" id="pills-details">
+
+                <div class="form-group">
+                    <label>Publishable key <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="public_key" placeholder="Publishable API Key (pk_...)" value="<?= $public_key ?>">
+                    </div>
                </div>
-                <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" value="<?php echo $percent_fee; ?>" placeholder="Enter Percentage">
-            </div>
-            <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
-        </div>

-        <div class="form-group">
-            <label>Flat Fee to expense</label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                <div class="form-group">
+                    <label>Secret key <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="private_key" placeholder="Secret API Key (sk_...)" value="<?= $private_key ?>">
+                    </div>
                </div>
-                <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" value="<?php echo $flat_fee; ?>" placeholder="0.030">
-            </div>
-            <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
-        </div>

+                <div class="form-group">
+                    <label>Income / Expense Account <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-piggy-bank"></i></span>
+                        </div>
+                        <select class="form-control select2" name="account" required>
+                            <option value="">- Select an Account -</option>
+                            <?php
+
+                            $sql = mysqli_query($mysqli, "SELECT account_id, account_name FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
+                            while ($row = mysqli_fetch_assoc($sql)) {
+                                $account_id_select = intval($row['account_id']);
+                                $account_name = nullable_htmlentities($row['account_name']);
+                                ?>
+                                <option <?php if ($account_id === $account_id_select) { echo "selected"; } ?> value="<?= $account_id_select ?>"><?= $account_name ?></option>
+
+                                <?php
+                            }
+                            ?>
+                        </select>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Threshold</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                        </div>
+                        <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,2}" name="threshold" placeholder="1000.00" value="<?php echo $threshold; ?>">
+                    </div>
+                    <small class="form-text text-muted">Will not show as an option at Checkout if above this number</small>
+                </div>
+
+            </div>
+
+            <div class="tab-pane fade" id="pills-expense">
+
+                <div class="form-group">
+                    <label>Payment Provider Vendor <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
+                        </div>
+                        <select class="form-control select2" name="expense_vendor" required>
+                            <option value="0">Expense Disabled</option>
+                            <?php
+
+                            $sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_archived_at IS NULL ORDER BY vendor_name ASC");
+                            while ($row = mysqli_fetch_assoc($sql)) {
+                                $vendor_id_select = intval($row['vendor_id']);
+                                $vendor_name = nullable_htmlentities($row['vendor_name']);
+                                ?>
+                                <option <?php if ($vendor_id === $vendor_id_select) { echo "selected"; } ?>
+                                    value="<?= $vendor_id_select ?>"><?= $vendor_name ?>
+                                </option>
+
+                                <?php
+                            }
+                            ?>
+                        </select>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Expense Category <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-list"></i></span>
+                        </div>
+                        <select class="form-control select2" name="expense_category" required>
+                            <option value="">- Select a Category -</option>
+                            <?php
+
+                            $sql_category = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Expense' AND category_archived_at IS NULL ORDER BY category_name ASC");
+                            while ($row = mysqli_fetch_assoc($sql_category)) {
+                                $category_id_select = intval($row['category_id']);
+                                $category_name = nullable_htmlentities($row['category_name']);
+                                ?>
+                                <option <?php if ($category_id === $category_id_select) { echo "selected"; } ?> value="<?= $category_id_select ?>"><?= $category_name ?></option>
+
+                                <?php
+                            }
+                            ?>
+                        </select>
+                        <div class="input-group-append">
+                            <button class="btn btn-secondary ajax-modal" type="button"
+                                data-modal-url="../admin/modals/category/category_add.php?category=Expense">
+                                <i class="fas fa-plus"></i>
+                            </button>
+                        </div>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Percentage Fee to expense</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-percent"></i></span>
+                        </div>
+                        <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,2}" name="percentage_fee" value="<?php echo $percent_fee; ?>" placeholder="Enter Percentage">
+                    </div>
+                    <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
+                </div>
+
+                <div class="form-group">
+                    <label>Flat Fee to expense</label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                        </div>
+                        <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,3}" name="flat_fee" value="<?php echo $flat_fee; ?>" placeholder="0.030">
+                    </div>
+                    <small class="form-text text-muted">See <a href="https://stripe.com/pricing" target="_blank">here <i class="fas fa-fw fa-external-link-alt"></i></a> for the latest Stripe Fees.</small>
+                </div>
+            </div>
+        </div>
    </div>
    <div class="modal-footer">
        <button type="submit" name="edit_payment_provider" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
--- a/admin/modals/project_template/project_template_edit.php
+++ b/admin/modals/project_template/project_template_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $project_template_id = intval($_GET['project_template_id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM project_templates WHERE project_template_id = $project_template_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $project_template_name = nullable_htmlentities($row['project_template_name']);
 $project_template_description = nullable_htmlentities($row['project_template_description']);

@@ -44,7 +44,7 @@ ob_start();
        </div>

    </div>
-    
+
    <div class="modal-footer">
        <button type="submit" name="edit_project_template" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
--- a/admin/modals/project_template/project_template_ticket_template_add.php
+++ b/admin/modals/project_template/project_template_ticket_template_add.php
@@ -36,7 +36,7 @@ ob_start();
                        AND ticket_template_archived_at IS NULL
                        ORDER BY ticket_template_name ASC"
                    );
-                    while ($row = mysqli_fetch_array($sql_ticket_templates_select)) {
+                    while ($row = mysqli_fetch_assoc($sql_ticket_templates_select)) {
                        $ticket_template_id_select = intval($row['ticket_template_id']);
                        $ticket_template_name_select = nullable_htmlentities($row['ticket_template_name']);
                        ?>
--- a/admin/modals/role/role_add.php
+++ b/admin/modals/role/role_add.php
@@ -11,52 +11,203 @@ ob_start();
        <span>&times;</span>
    </button>
 </div>
+
 <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
-    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
+    <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
+
    <div class="modal-body">
+
+        <ul class="nav nav-pills nav-justified mb-3">
+            <li class="nav-item">
+                <a class="nav-link active" data-toggle="pill" href="#pills-role-details">Details</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" data-toggle="pill" href="#pills-role-permissions">Permissions</a>
+            </li>
+        </ul>
+
+        <hr>
+
        <div class="tab-content">

-            <div class="form-group">
-                <label>Name <strong class="text-danger">*</strong></label>
-                <div class="input-group">
-                    <div class="input-group-prepend">
-                        <span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
+            <!-- DETAILS TAB -->
+            <div class="tab-pane fade show active" id="pills-role-details">
+
+                <div class="form-group">
+                    <label>Name <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="role_name" placeholder="Role Name" maxlength="200" required>
                    </div>
-                    <input type="text" class="form-control" name="role_name" placeholder="Role Name" maxlength="200" required>
                </div>
+
+                <div class="form-group">
+                    <label>Description <strong class="text-danger">*</strong></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-chevron-right"></i></span>
+                        </div>
+                        <input type="text" class="form-control" name="role_description" placeholder="Role Description" maxlength="200" required>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <label>Admin Access <strong class="text-danger">*</strong></label>
+
+                    <div class="custom-control custom-radio mb-2">
+                        <input type="radio" class="custom-control-input" id="admin_no" name="role_is_admin" value="0" checked required>
+                        <label class="custom-control-label" for="admin_no">
+                            No - use permissions on the next tab
+                        </label>
+                    </div>
+
+                    <div class="custom-control custom-radio">
+                        <input type="radio" class="custom-control-input" id="admin_yes" name="role_is_admin" value="1" required>
+                        <label class="custom-control-label" for="admin_yes">
+                            Yes - this role should have full admin access
+                        </label>
+                    </div>
+
+                </div>
+
            </div>

-            <div class="form-group">
-                <label>Description <strong class="text-danger">*</strong></label>
-                <div class="input-group">
-                    <div class="input-group-prepend">
-                        <span class="input-group-text"><i class="fa fa-fw fa-chevron-right"></i></span>
-                    </div>
-                    <input type="text" class="form-control" name="role_description" placeholder="Role Description" maxlength="200" required>
-                </div>
-            </div>
+            <!-- PERMISSIONS TAB -->
+            <div class="tab-pane fade" id="pills-role-permissions">

-            <div class="form-group">
-                <label>Admin Access <strong class="text-danger">*</strong></label>
-                <div class="input-group">
-                    <div class="input-group-prepend">
-                        <span class="input-group-text"><i class="fa fa-fw fa-tools"></i></span>
+                <?php
+                // Enumerate modules
+                $sql_modules = mysqli_query($mysqli, "SELECT * FROM modules");
+                while ($row_modules = mysqli_fetch_assoc($sql_modules)) {
+
+                    $module_id = intval($row_modules['module_id']);
+
+                    // raw for name, escaped for display
+                    $module_name_raw = $row_modules['module_name'];
+                    $module_name_display = ucfirst(str_replace("module_", "", $module_name_raw));
+
+                    $module_name_display_safe = nullable_htmlentities($module_name_display);
+                    $module_description = nullable_htmlentities($row_modules['module_description']);
+
+                    // default for new role
+                    $module_permission = 0;
+
+                    $field_name = $module_id . "##" . $module_name_raw;
+                    $group_id = "perm_group_$module_id";
+                    ?>
+
+                    <div class="form-group">
+                        <label><?= $module_name_display_safe ?> <strong class="text-danger">*</strong></label>
+
+                        <div class="btn-group btn-group-toggle btn-block" data-toggle="buttons" role="group"
+                             aria-label="Permissions for <?= $module_name_display_safe ?>">
+
+                            <label class="btn btn-outline-secondary btn-sm active" title="No Access">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_0"
+                                    value="0"
+                                    autocomplete="off"
+                                    checked
+                                    required
+                                >
+                                None
+                            </label>
+
+                            <label class="btn btn-outline-primary btn-sm" title="Viewing Only">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_1"
+                                    value="1"
+                                    autocomplete="off"
+                                >
+                                <i class="fas fa-fw fa-eye mr-1"></i>Read
+                            </label>
+
+                            <label class="btn btn-outline-warning btn-sm" title="Read, Edit, Archive">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_2"
+                                    value="2"
+                                    autocomplete="off"
+                                >
+                                <i class="fas fa-fw fa-edit mr-1"></i>Modify
+                            </label>
+
+                            <label class="btn btn-outline-danger btn-sm" title="Read, Edit, Archive, Delete">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_3"
+                                    value="3"
+                                    autocomplete="off"
+                                >
+                                <i class="fas fa-fw fa-trash mr-1"></i>Full
+                            </label>
+
+                        </div>
+
+                        <small class="form-text text-muted mt-2"><?= $module_description ?></small>
                    </div>
-                    <select class="form-control select2" name="role_is_admin" required>
-                        <option value="0">No - edit after creation to set permissions</option>
-                        <option value="1">Yes - this role should have full admin access</option>
-                    </select>
-                </div>
+
+                <?php } // end while ?>
            </div>

        </div>

    </div>
+
    <div class="modal-footer">
-        <button type="submit" name="add_role" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
-        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
+        <button type="submit" name="add_role" class="btn btn-primary text-bold">
+            <i class="fas fa-check mr-2"></i>Create
+        </button>
+        <button type="button" class="btn btn-light" data-dismiss="modal">
+            <i class="fas fa-times mr-2"></i>Cancel
+        </button>
    </div>
 </form>

+<script>
+    // Optional: when Admin Yes is selected, disable permission radios + switch to Details tab
+    (function () {
+        function setPermissionsEnabled(enabled) {
+            const permsTab = document.getElementById('pills-role-permissions');
+            if (!permsTab) return;
+
+            permsTab.querySelectorAll('input[type="radio"]').forEach(function (el) {
+                el.disabled = !enabled;
+            });
+
+            // also visually dim the tab content
+            permsTab.style.opacity = enabled ? '1' : '0.5';
+        }
+
+        const adminYes = document.getElementById('admin_yes');
+        const adminNo  = document.getElementById('admin_no');
+
+        function refresh() {
+            const isAdmin = adminYes && adminYes.checked;
+            setPermissionsEnabled(!isAdmin);
+
+            if (isAdmin) {
+                // move user back to Details tab (avoids confusion)
+                const detailsTab = document.querySelector('a[href="#pills-role-details"]');
+                if (detailsTab) detailsTab.click();
+            }
+        }
+
+        if (adminYes && adminNo) {
+            adminYes.addEventListener('change', refresh);
+            adminNo.addEventListener('change', refresh);
+            refresh();
+        }
+    })();
+</script>
+
 <?php
 require_once '../../../includes/modal_footer.php';
--- a/admin/modals/role/role_edit.php
+++ b/admin/modals/role/role_edit.php
@@ -6,7 +6,7 @@ $role_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_id = $role_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $role_name = nullable_htmlentities($row['role_name']);
 $role_description = nullable_htmlentities($row['role_description']);
 $role_admin = intval($row['role_is_admin']);
@@ -31,36 +31,36 @@ if (empty($user_names_string)) {
    $user_names_string = "-";
 }

-
-// Generate the HTML form content using output buffering.
 ob_start();
+
 ?>
 <div class="modal-header bg-dark">
    <h5 class="modal-title"><i class="fas fa-fw fa-user-shield mr-2"></i>Editing role:
-        <strong><?php echo $role_name; ?></strong></h5>
+        <strong><?= $role_name ?></strong></h5>
    <button type="button" class="close text-white" data-dismiss="modal">
        <span>&times;</span>
    </button>
 </div>
 <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
-    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
-    <input type="hidden" name="role_id" value="<?php echo $role_id; ?>">
+    <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
+    <input type="hidden" name="role_id" value="<?= $role_id ?>">
    <div class="modal-body">
-
        <ul class="nav nav-pills nav-justified mb-3">
            <li class="nav-item">
-                <a class="nav-link active" data-toggle="pill" href="#pills-role-details<?php echo $role_id; ?>">Details</a>
+                <a class="nav-link active" data-toggle="pill" href="#pills-role-details">Details</a>
            </li>
+            <?php if (!$role_admin) { ?>
            <li class="nav-item">
-                <a class="nav-link" data-toggle="pill" href="#pills-role-access<?php echo $role_id; ?>">Access</a>
+                <a class="nav-link" data-toggle="pill" href="#pills-role-permissions">Permissions</a>
            </li>
+            <?php } ?>
        </ul>

        <hr>

        <div class="tab-content">

-            <div class="tab-pane fade show active" id="pills-role-details<?php echo $role_id; ?>">
+            <div class="tab-pane fade show active" id="pills-role-details">

                <div class="form-group">
                    <label>Name <strong class="text-danger">*</strong></label>
@@ -68,7 +68,7 @@ ob_start();
                        <div class="input-group-prepend">
                            <span class="input-group-text"><i class="fa fa-fw fa-user-shield"></i></span>
                        </div>
-                        <input type="text" class="form-control" name="role_name" placeholder="Role Name" maxlength="200" value="<?php echo $role_name; ?>" required>
+                        <input type="text" class="form-control" name="role_name" placeholder="Role Name" maxlength="200" value="<?= $role_name ?>" required>
                    </div>
                </div>

@@ -78,27 +78,33 @@ ob_start();
                        <div class="input-group-prepend">
                            <span class="input-group-text"><i class="fa fa-fw fa-chevron-right"></i></span>
                        </div>
-                        <input type="text" class="form-control" name="role_description" placeholder="Role Description" maxlength="200" value="<?php echo $role_description; ?>" required>
+                        <input type="text" class="form-control" name="role_description" placeholder="Role Description" maxlength="200" value="<?= $role_description ?>" required>
                    </div>
                </div>


                <div class="form-group">
                    <label>Admin Access <strong class="text-danger">*</strong></label>
-                    <div class="input-group">
-                        <div class="input-group-prepend">
-                            <span class="input-group-text"><i class="fa fa-fw fa-tools"></i></span>
-                        </div>
-                        <select class="form-control select2" name="role_is_admin" required>
-                            <option value="1" <?php if ($role_admin) { echo 'selected'; } ?> >Yes - this role should have full admin access</option>
-                            <option value="0" <?php if (!$role_admin) { echo 'selected'; } ?>>No - use permissions on the next tab</option>
-                        </select>
+                    <div class="custom-control custom-radio mb-2">
+                        <input type="radio" class="custom-control-input" id="admin_yes" name="role_is_admin" value="1"
+                            <?php if ($role_admin) { echo 'checked'; } ?> required>
+                        <label class="custom-control-label" for="admin_yes">
+                            Yes - this role should have full admin access
+                        </label>
+                    </div>
+
+                    <div class="custom-control custom-radio">
+                        <input type="radio" class="custom-control-input" id="admin_no" name="role_is_admin" value="0"
+                            <?php if (!$role_admin) { echo 'checked'; } ?> required>
+                        <label class="custom-control-label" for="admin_no">
+                            No - use permissions on the next tab
+                        </label>
                    </div>
                </div>

            </div>
-
-            <div class="tab-pane fade" id="pills-role-access<?php echo $role_id; ?>">
+            <?php if (!$role_admin) { ?>
+            <div class="tab-pane fade" id="pills-role-permissions">

                <?php if ($role_admin) { ?>
                    <div class="alert alert-warning"><strong>Module permissions do not apply to Admins.</strong></div>
@@ -108,14 +114,14 @@ ob_start();

                // Enumerate modules
                $sql_modules = mysqli_query($mysqli, "SELECT * FROM modules");
-                while ($row_modules = mysqli_fetch_array($sql_modules)) {
+                while ($row_modules = mysqli_fetch_assoc($sql_modules)) {
                    $module_id = intval($row_modules['module_id']);
                    $module_name = nullable_htmlentities($row_modules['module_name']);
                    $module_name_display = ucfirst(str_replace("module_","",$module_name));
                    $module_description = nullable_htmlentities($row_modules['module_description']);

                    // Get permission level for module
-                    $module_permission_row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT user_role_permission_level FROM user_role_permissions WHERE module_id = $module_id AND user_role_id = $role_id LIMIT 1"));
+                    $module_permission_row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT user_role_permission_level FROM user_role_permissions WHERE module_id = $module_id AND user_role_id = $role_id LIMIT 1"));
                    $module_permission = 0;
                    if ($module_permission_row) {
                        $module_permission = $module_permission_row['user_role_permission_level'];
@@ -123,22 +129,73 @@ ob_start();
                    ?>

                    <div class="form-group">
-                        <label> <?php echo $module_name_display ?> <strong class="text-danger">*</strong></label>
-                        <div class="input-group">
-                            <select class="form-control select2" name="<?php echo "$module_id##$module_name" ?>" required>
-                                <option value="0" <?php if ($module_permission == 0) { echo 'selected'; } ?> >None</option>
-                                <option value="1" <?php if ($module_permission == 1) { echo 'selected'; } ?> >Read</option>
-                                <option value="2" <?php if ($module_permission == 2) { echo 'selected'; } ?>>Modify (Read, Edit, Archive)</option>
-                                <option value="3" <?php if ($module_permission == 3) { echo 'selected'; } ?>>Full (Read, Edit, Archive, Delete)</option>
-                            </select>
+                        <label> <?= $module_name_display ?> <strong class="text-danger">*</strong></label>
+                        <?php
+                        $field_name = "$module_id##$module_name";
+                        $group_id = "perm_group_$module_id";
+                        ?>
+
+                        <div class="btn-group btn-group-toggle btn-block" data-toggle="buttons" role="group" aria-label="Permissions for <?= $module_name_display ?>">
+
+                            <label class="btn btn-outline-secondary btn-sm <?php if ($module_permission == 0) { echo 'active'; } ?>" title="No Access">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_0"
+                                    value="0"
+                                    autocomplete="off"
+                                    <?php if ($module_permission == 0) { echo 'checked'; } ?>
+                                    required
+                                >
+                                None
+                            </label>
+
+                            <label class="btn btn-outline-primary btn-sm <?php if ($module_permission == 1) { echo 'active'; } ?>" title="Viewing Only">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_1"
+                                    value="1"
+                                    autocomplete="off"
+                                    <?php if ($module_permission == 1) { echo 'checked'; } ?>
+                                >
+                                <i class="fas fa-fw fa-eye mr-1"></i>Read
+                            </label>
+
+                            <label class="btn btn-outline-warning btn-sm <?php if ($module_permission == 2) { echo 'active'; } ?>" title="Read, Edit, Archive">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_2"
+                                    value="2"
+                                    autocomplete="off"
+                                    <?php if ($module_permission == 2) { echo 'checked'; } ?>
+                                >
+                                <i class="fas fa-fw fa-edit mr-1"></i>Modify
+                            </label>
+
+                            <label class="btn btn-outline-danger btn-sm <?php if ($module_permission == 3) { echo 'active'; } ?>" title="Read, Edit, Archive, Delete">
+                                <input
+                                    type="radio"
+                                    name="<?= $field_name ?>"
+                                    id="<?= $group_id ?>_3"
+                                    value="3"
+                                    autocomplete="off"
+                                    <?php if ($module_permission == 3) { echo 'checked'; } ?>
+                                >
+                                <i class="fas fa-fw fa-trash mr-1"></i>Full
+                            </label>
+
                        </div>
-                        <small class="form-text text-muted"><?php echo $module_description ?></small>
+
+                        <small class="form-text text-muted mt-2"><?= $module_description ?></small>

                    </div>

                <?php } // End while ?>

            </div>
+            <?php } ?>

        </div>

--- a/admin/modals/software_template/software_template_edit.php
+++ b/admin/modals/software_template/software_template_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $software_template_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM software_templates WHERE software_template_id = $software_template_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $software_name = nullable_htmlentities($row['software_template_name']);
 $software_version = nullable_htmlentities($row['software_template_version']);
 $software_description = nullable_htmlentities($row['software_template_description']);
--- a/admin/modals/tag/tag_add.php
+++ b/admin/modals/tag/tag_add.php
@@ -15,6 +15,8 @@ if (isset($_GET['type'])) {
        $type_display = "Contact";
    } elseif ($type === 4) {
        $type_display = "Credential";
+    } elseif ($type === 5) {
+        $type_display = "Asset";
    }
 }
 ob_start();
@@ -58,6 +60,7 @@ ob_start();
                    <option value="2">Location Tag</option>
                    <option value="3">Contact Tag</option>
                    <option value="4">Credential Tag</option>
+                    <option value="5">Asset Tag</option>
                </select>
            </div>
        </div>
@@ -86,7 +89,7 @@ ob_start();

    </div>
    <div class="modal-footer">
-        <button type="submit" name="add_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create</button>
+        <button type="submit" name="add_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Create Tag</button>
        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
    </div>
 </form>
--- a/admin/modals/tag/tag_edit.php
+++ b/admin/modals/tag/tag_edit.php
@@ -6,17 +6,30 @@ $tag_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM tags WHERE tag_id = $tag_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $tag_name = nullable_htmlentities($row['tag_name']);
 $tag_type = intval($row['tag_type']);
 $tag_color = nullable_htmlentities($row['tag_color']);
 $tag_icon = nullable_htmlentities($row['tag_icon']);

-// Generate the HTML form content using output buffering.
+if ($tag_type == 1) {
+    $tag_type_display = "Client";
+} elseif ( $tag_type == 2) {
+    $tag_type_display = "Location";
+} elseif ( $tag_type == 3) {
+    $tag_type_display = "Contact";
+} elseif ( $tag_type == 4) {
+    $tag_type_display = "Credential";
+ } elseif ( $tag_type == 5) {
+    $tag_type_display = "Asset";
+} else {
+    $tag_type_display = "Unknown";
+}
+
 ob_start();
 ?>
 <div class="modal-header bg-dark">
-    <h5 class="modal-title"><i class="fas fa-fw fa-tag mr-2"></i>Editing tag: <strong><?php echo $tag_name; ?></strong></h5>
+    <h5 class="modal-title"><i class="fas fa-fw fa-tag mr-2"></i><?= $tag_type_display ?> Tag: <strong><?php echo $tag_name; ?></strong></h5>
    <button type="button" class="close text-white" data-dismiss="modal">
        <span>&times;</span>
    </button>
@@ -35,22 +48,6 @@ ob_start();
            </div>
        </div>

-        <div class="form-group">
-            <label>Type <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-                <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fa fa-fw fa-th"></i></span>
-                </div>
-                <select class="form-control select2" name="type" required>
-                    <option value="">- Type -</option>
-                    <option value="1" <?php if ($tag_type == 1) { echo "selected"; } ?>>Client Tag</option>
-                    <option value="2" <?php if ($tag_type == 2) { echo "selected"; } ?>>Location Tag</option>
-                    <option value="3" <?php if ($tag_type == 3) { echo "selected"; } ?>>Contact Tag</option>
-                    <option value="4" <?php if ($tag_type == 4) { echo "selected"; } ?>>Credential Tag</option>
-                </select>
-            </div>
-        </div>
-
        <div class="form-group">
            <label>Color <strong class="text-danger">*</strong></label>
            <div class="input-group">
@@ -73,7 +70,7 @@ ob_start();

    </div>
    <div class="modal-footer">
-        <button type="submit" name="edit_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
+        <button type="submit" name="edit_tag" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save changes</button>
        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
    </div>
 </form>
--- a/admin/modals/tax/tax_edit.php
+++ b/admin/modals/tax/tax_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $tax_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE tax_id = $tax_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $tax_name = nullable_htmlentities($row['tax_name']);
 $tax_percent = floatval($row['tax_percent']);

--- a/admin/modals/ticket_status/ticket_status_edit.php
+++ b/admin/modals/ticket_status/ticket_status_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $ticket_status_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_id = $ticket_status_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
 $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
 $ticket_status_order = intval($row['ticket_status_order']);
--- a/admin/modals/ticket_template/ticket_template_add.php
+++ b/admin/modals/ticket_template/ticket_template_add.php
@@ -1,75 +1,79 @@
-<div class="modal" id="addTicketTemplateModal" tabindex="-1">
-    <div class="modal-dialog modal-lg">
-        <div class="modal-content">
-            <div class="modal-header bg-dark">
-                <h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>Creating Ticket Template</h5>
-                <button type="button" class="close text-white" data-dismiss="modal">
-                    <span>&times;</span>
-                </button>
+<?php
+
+require_once '../../../includes/modal_header.php';
+
+ob_start();
+
+?>
+<div class="modal-header bg-dark">
+    <h5 class="modal-title"><i class="fa fa-fw fa-life-ring mr-2"></i>New Ticket Template</h5>
+    <button type="button" class="close text-white" data-dismiss="modal">
+        <span>&times;</span>
+    </button>
+</div>
+<form action="post.php" method="post" autocomplete="off">
+    <div class="modal-body">
+
+        <div class="form-group">
+            <label>Template Name <strong class="text-danger">*</strong></label>
+            <div class="input-group">
+                <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-life-ring"></i></span>
+                </div>
+                <input type="text" class="form-control" name="name" placeholder="Template name" maxlength="200" required autofocus>
            </div>
-            <form action="post.php" method="post" autocomplete="off">
-                <div class="modal-body">
+        </div>

-                    <div class="form-group">
-                        <label>Template Name <strong class="text-danger">*</strong></label>
-                        <div class="input-group">
-                            <div class="input-group-prepend">
-                                <span class="input-group-text"><i class="fa fa-fw fa-life-ring"></i></span>
-                            </div>
-                            <input type="text" class="form-control" name="name" placeholder="Template name" maxlength="200" required autofocus>
-                        </div>
-                    </div>
-
-                    <div class="form-group">
-                        <label>Subject</label>
-                        <div class="input-group">
-                            <div class="input-group-prepend">
-                                <span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
-                            </div>
-                            <input type="text" class="form-control" name="subject" placeholder="Subject" maxlength="500">
-                        </div>
-                    </div>
-
-                   <div class="form-group">
-                        <textarea class="form-control tinymceTicket" name="details"></textarea>
-                    </div>
-
-                    <div class="form-group">
-                        <label>Description</label>
-                        <div class="input-group">
-                            <div class="input-group-prepend">
-                                <span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
-                            </div>
-                            <input type="text" class="form-control" name="description" placeholder="Short description">
-                        </div>
-                    </div>
-
-                    <div class="form-group">
-                        <label>Add it to a Project Template?</label>
-                        <div class="input-group">
-                            <div class="input-group-prepend">
-                                <span class="input-group-text"><i class="fa fa-fw fa-project-diagram"></i></span>
-                            </div>
-                            <select class="form-control select2" name="project_template">
-                                <option value="0">- No -</option>
-                                <?php
-
-                                $sql_project_templates = mysqli_query($mysqli, "SELECT * FROM project_templates WHERE project_template_archived_at IS NULL ORDER BY project_template_name ASC");
-                                while ($row = mysqli_fetch_array($sql_project_templates)) {
-                                    $project_template_id_select = intval($row['project_template_id']);
-                                    $project_template_name_select = nullable_htmlentities($row['project_template_name']); ?>
-                                    <option value="<?php echo $project_template_id_select; ?>"><?php echo $project_template_name_select; ?></option>
-
-                                <?php } ?>
-                            </select>
-                        </div>
-                    </div>
+        <div class="form-group">
+            <label>Subject</label>
+            <div class="input-group">
+                <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
                </div>
-                <div class="modal-footer">
-                    <button type="submit" name="add_ticket_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create</button>
-                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
+                <input type="text" class="form-control" name="subject" placeholder="Subject" maxlength="500">
+            </div>
+        </div>
+
+       <div class="form-group">
+            <textarea class="form-control tinymceTicket" name="details"></textarea>
+        </div>
+
+        <div class="form-group">
+            <label>Description</label>
+            <div class="input-group">
+                <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
                </div>
-            </form>
+                <input type="text" class="form-control" name="description" placeholder="Short description">
+            </div>
+        </div>
+
+        <div class="form-group">
+            <label>Add it to a Project Template?</label>
+            <div class="input-group">
+                <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-project-diagram"></i></span>
+                </div>
+                <select class="form-control select2" name="project_template">
+                    <option value="0">- No -</option>
+                    <?php
+
+                    $sql_project_templates = mysqli_query($mysqli, "SELECT * FROM project_templates WHERE project_template_archived_at IS NULL ORDER BY project_template_name ASC");
+                    while ($row = mysqli_fetch_assoc($sql_project_templates)) {
+                        $project_template_id_select = intval($row['project_template_id']);
+                        $project_template_name_select = nullable_htmlentities($row['project_template_name']); ?>
+                        <option value="<?php echo $project_template_id_select; ?>"><?php echo $project_template_name_select; ?></option>
+
+                    <?php } ?>
+                </select>
+            </div>
        </div>
    </div>
-</div>
+    <div class="modal-footer">
+        <button type="submit" name="add_ticket_template" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create Template</button>
+        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
+    </div>
+</form>
+
+<?php
+require_once '../../../includes/modal_footer.php';
--- a/admin/modals/ticket_template/ticket_template_task_edit.php
+++ b/admin/modals/ticket_template/ticket_template_task_edit.php
@@ -6,7 +6,7 @@ $task_template_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_id = $task_template_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $task_template_name = nullable_htmlentities($row['task_template_name']);
 $task_template_order = intval($row['task_template_order']);
 $task_template_completion_estimate = intval($row['task_template_completion_estimate']);
@@ -25,7 +25,7 @@ ob_start();
 </div>
 <form action="post.php" method="post" autocomplete="off">
    <input type="hidden" name="task_template_id" value="<?php echo $task_template_id; ?>">
-    
+
    <div class="modal-body">

        <div class="form-group">
@@ -47,7 +47,7 @@ ob_start();
                <input type="number" class="form-control" name="completion_estimate" placeholder="Estimated time to complete task in mins" value="<?php echo $task_template_completion_estimate; ?>">
            </div>
        </div>
-    
+
    </div>

    <div class="modal-footer">
--- a/admin/modals/user/user_add.php
+++ b/admin/modals/user/user_add.php
@@ -76,7 +76,7 @@ ob_start();
                            <option value="">- Role -</option>
                            <?php
                                $sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_archived_at IS NULL");
-                                while ($row = mysqli_fetch_array($sql_user_roles)) {
+                                while ($row = mysqli_fetch_assoc($sql_user_roles)) {
                                    $role_id = intval($row['role_id']);
                                    $role_name = nullable_htmlentities($row['role_name']);

@@ -129,7 +129,7 @@ ob_start();
                    <?php

                    $sql_client_select = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
-                    while ($row = mysqli_fetch_array($sql_client_select)) {
+                    while ($row = mysqli_fetch_assoc($sql_client_select)) {
                        $client_id = intval($row['client_id']);
                        $client_name = nullable_htmlentities($row['client_name']);

--- a/admin/modals/user/user_archive.php
+++ b/admin/modals/user/user_archive.php
@@ -6,7 +6,7 @@ $user_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE users.user_id = $user_id LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $user_name = nullable_htmlentities($row['user_name']);
 $user_email = nullable_htmlentities($row['user_email']);
 $user_avatar = nullable_htmlentities($row['user_avatar']);
@@ -60,7 +60,7 @@ ob_start();
                    <option value="0">No one</option>
                    <?php
                    $sql_users = mysqli_query($mysqli, "SELECT * FROM users WHERE user_type = 1 AND user_archived_at IS NULL");
-                    while ($row = mysqli_fetch_array($sql_users)) {
+                    while ($row = mysqli_fetch_assoc($sql_users)) {
                        $user_id_select = intval($row['user_id']);
                        $user_name_select = nullable_htmlentities($row['user_name']);

--- a/admin/modals/user/user_edit.php
+++ b/admin/modals/user/user_edit.php
@@ -4,12 +4,12 @@ require_once '../../../includes/modal_header.php';

 $user_id = intval($_GET['id']);

-$sql = mysqli_query($mysqli, "SELECT * FROM users 
+$sql = mysqli_query($mysqli, "SELECT * FROM users
    LEFT JOIN user_settings ON users.user_id = user_settings.user_id
    WHERE users.user_id = $user_id LIMIT 1"
 );

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $user_name = nullable_htmlentities($row['user_name']);
 $user_email = nullable_htmlentities($row['user_email']);
 $user_avatar = nullable_htmlentities($row['user_avatar']);
@@ -114,7 +114,7 @@ ob_start();
                        <select class="form-control select2" name="role" required>
                            <?php
                            $sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_archived_at IS NULL");
-                            while ($row = mysqli_fetch_array($sql_user_roles)) {
+                            while ($row = mysqli_fetch_assoc($sql_user_roles)) {
                                $role_id = intval($row['role_id']);
                                $role_name = nullable_htmlentities($row['role_name']);

@@ -175,7 +175,7 @@ ob_start();
                    <?php

                    $sql_client_select = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC");
-                    while ($row = mysqli_fetch_array($sql_client_select)) {
+                    while ($row = mysqli_fetch_assoc($sql_client_select)) {
                        $client_id_select = intval($row['client_id']);
                        $client_name_select = nullable_htmlentities($row['client_name']);

--- a/admin/modals/user/user_export.php
+++ b/admin/modals/user/user_export.php
@@ -1,21 +1,26 @@
-<div class="modal" id="exportUserModal" tabindex="-1">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header bg-dark">
-                <h5 class="modal-title"><i class="fas fa-fw fa-download mr-2"></i>Export Users to CSV</h5>
-                <button type="button" class="close text-white" data-dismiss="modal">
-                    <span>&times;</span>
-                </button>
-            </div>
-            <form action="post.php" method="post" autocomplete="off">
-                <div class="modal-body">
+<?php

-                </div>
-                <div class="modal-footer">
-                    <button type="submit" name="export_users_csv" class="btn btn-primary text-bold"><i class="fas fa-fw fa-download mr-2"></i>Download CSV</button>
-                    <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
-                </div>
-            </form>
-        </div>
-    </div>
+require_once '../../../includes/modal_header.php';
+
+ob_start();
+
+?>
+
+<div class="modal-header bg-dark">
+    <h5 class="modal-title"><i class="fas fa-fw fa-download mr-2"></i>Export Users to CSV</h5>
+    <button type="button" class="close text-white" data-dismiss="modal">
+        <span>&times;</span>
+    </button>
 </div>
+<form action="post.php" method="post" autocomplete="off">
+    <div class="modal-body">
+
+    </div>
+    <div class="modal-footer">
+        <button type="submit" name="export_users_csv" class="btn btn-primary text-bold"><i class="fas fa-fw fa-download mr-2"></i>Download CSV</button>
+        <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fas fa-times mr-2"></i>Cancel</button>
+    </div>
+</form>
+
+<?php
+require_once '../../../includes/modal_footer.php';
--- a/admin/modals/user/user_restore.php
+++ b/admin/modals/user/user_restore.php
@@ -6,7 +6,7 @@ $user_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id AND user_archived_at IS NOT NULL LIMIT 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $user_name = str_replace(" (archived)", "", $row['user_name']); //Removed (archived) from user_name
 $user_name = nullable_htmlentities($user_name);
 $user_email = nullable_htmlentities($row['user_email']);
@@ -64,7 +64,7 @@ ob_start();
                <select class="form-control select2" name="role" required>
                    <?php
                    $sql_user_roles = mysqli_query($mysqli, "SELECT * FROM user_roles WHERE role_archived_at IS NULL");
-                    while ($row = mysqli_fetch_array($sql_user_roles)) {
+                    while ($row = mysqli_fetch_assoc($sql_user_roles)) {
                        $role_id = intval($row['role_id']);
                        $role_name = nullable_htmlentities($row['role_name']);

--- a/admin/modals/vendor_template/vendor_template_edit.php
+++ b/admin/modals/vendor_template/vendor_template_edit.php
@@ -5,7 +5,7 @@ require_once '../../../includes/modal_header.php';
 $vendor_template_id = intval($_GET['id']);

 $sql = mysqli_query($mysqli, "SELECT * FROM vendor_templates WHERE vendor_template_id = $vendor_template_id LIMIT 1");
-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $vendor_name = nullable_htmlentities($row['vendor_template_name']);
 $vendor_description = nullable_htmlentities($row['vendor_template_description']);
 $vendor_account_number = nullable_htmlentities($row['vendor_template_account_number']);
@@ -233,7 +233,7 @@ ob_start();
                <div class="form-group">
                    <textarea class="form-control" rows="8" placeholder="Enter some notes" name="notes"><?php echo $vendor_notes; ?></textarea>
                </div>
-                
+
                <div class="form-group">
                    <label>Update Notes Globally?</label>
                    <input type="checkbox" name="global_update_vendor_notes" value="1">
--- a/admin/modules.php
+++ b/admin/modules.php
@@ -57,7 +57,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $module_id = intval($row['module_id']);
                    $module_name = nullable_htmlentities($row['module_name']);
                    $module_description = nullable_htmlentities($row['module_description']);
--- a/admin/oauth_microsoft_mail_callback.php
+++ b/admin/oauth_microsoft_mail_callback.php
@@ -0,0 +1,103 @@
+<?php
+
+require_once "../config.php";
+require_once "../functions.php";
+require_once "../includes/check_login.php";
+
+$settings_mail_path = '/admin/settings_mail.php';
+
+if (!isset($session_is_admin) || !$session_is_admin) {
+    flash_alert("Admin access required.", 'error');
+    redirect($settings_mail_path);
+}
+
+$state = sanitizeInput($_GET['state'] ?? '');
+$code = $_GET['code'] ?? '';
+$error = sanitizeInput($_GET['error'] ?? '');
+$error_description = sanitizeInput($_GET['error_description'] ?? '');
+
+$session_state = $_SESSION['mail_oauth_state'] ?? '';
+$session_state_expires = intval($_SESSION['mail_oauth_state_expires_at'] ?? 0);
+
+unset($_SESSION['mail_oauth_state'], $_SESSION['mail_oauth_state_expires_at']);
+
+if (!empty($error)) {
+    $msg = "Microsoft OAuth authorization failed: $error";
+    if (!empty($error_description)) {
+        $msg .= " ($error_description)";
+    }
+
+    flash_alert($msg, 'error');
+    redirect($settings_mail_path);
+}
+
+if (empty($state) || empty($code) || empty($session_state) || !hash_equals($session_state, $state) || time() > $session_state_expires) {
+    flash_alert("Microsoft OAuth callback validation failed. Please try connecting again.", 'error');
+    redirect($settings_mail_path);
+}
+
+if (empty($config_mail_oauth_client_id) || empty($config_mail_oauth_client_secret) || empty($config_mail_oauth_tenant_id)) {
+    flash_alert("Microsoft OAuth settings are incomplete. Please fill Client ID, Client Secret, and Tenant ID.", 'error');
+    redirect($settings_mail_path);
+}
+
+if (defined('BASE_URL') && !empty(BASE_URL)) {
+    $base_url = rtrim((string) BASE_URL, '/');
+} else {
+    $base_url = 'https://' . rtrim((string) $config_base_url, '/');
+}
+
+$redirect_uri = $base_url . '/admin/oauth_microsoft_mail_callback.php';
+$token_url = 'https://login.microsoftonline.com/' . rawurlencode($config_mail_oauth_tenant_id) . '/oauth2/v2.0/token';
+$scope = 'offline_access openid profile https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send';
+
+$ch = curl_init($token_url);
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($ch, CURLOPT_POST, true);
+curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
+    'client_id' => $config_mail_oauth_client_id,
+    'client_secret' => $config_mail_oauth_client_secret,
+    'grant_type' => 'authorization_code',
+    'code' => $code,
+    'redirect_uri' => $redirect_uri,
+    'scope' => $scope,
+], '', '&'));
+curl_setopt($ch, CURLOPT_TIMEOUT, 20);
+
+$raw_body = curl_exec($ch);
+$curl_err = curl_error($ch);
+$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+curl_close($ch);
+
+if ($raw_body === false || $http_code < 200 || $http_code >= 300) {
+    $reason = !empty($curl_err) ? $curl_err : "HTTP $http_code";
+    flash_alert("Microsoft OAuth token exchange failed: $reason", 'error');
+    redirect($settings_mail_path);
+}
+
+$json = json_decode($raw_body, true);
+if (!is_array($json) || empty($json['refresh_token']) || empty($json['access_token'])) {
+    flash_alert("Microsoft OAuth token exchange failed: refresh token or access token missing.", 'error');
+    redirect($settings_mail_path);
+}
+
+$refresh_token = (string) $json['refresh_token'];
+$access_token = (string) $json['access_token'];
+$expires_at = date('Y-m-d H:i:s', time() + (int)($json['expires_in'] ?? 3600));
+
+$refresh_token_esc = mysqli_real_escape_string($mysqli, $refresh_token);
+$access_token_esc = mysqli_real_escape_string($mysqli, $access_token);
+$expires_at_esc = mysqli_real_escape_string($mysqli, $expires_at);
+
+mysqli_query($mysqli, "UPDATE settings SET
+    config_imap_provider = 'microsoft_oauth',
+    config_smtp_provider = 'microsoft_oauth',
+    config_mail_oauth_refresh_token = '$refresh_token_esc',
+    config_mail_oauth_access_token = '$access_token_esc',
+    config_mail_oauth_access_token_expires_at = '$expires_at_esc'
+    WHERE company_id = 1
+");
+
+logAction("Settings", "Edit", "$session_name completed Microsoft OAuth connect flow for mail settings");
+flash_alert("Microsoft OAuth connected successfully. Token expires at $expires_at.");
+redirect($settings_mail_path);
--- a/admin/payment_method.php
+++ b/admin/payment_method.php
@@ -45,7 +45,7 @@ $num_rows = mysqli_num_rows($sql);
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $payment_method_id = intval($row['payment_method_id']);
                    $payment_method_name = nullable_htmlentities($row['payment_method_name']);
                    $payment_method_description = nullable_htmlentities($row['payment_method_description']);
--- a/admin/payment_provider.php
+++ b/admin/payment_provider.php
@@ -6,10 +6,10 @@ $order = "ASC";

 require_once "includes/inc_all_admin.php";

-$sql = mysqli_query($mysqli, "SELECT * FROM payment_providers 
+$sql = mysqli_query($mysqli, "SELECT * FROM payment_providers
    LEFT JOIN accounts ON payment_provider_account = account_id
    LEFT JOIN vendors ON payment_provider_expense_vendor = vendor_id
-    LEFT JOIN categories ON payment_provider_expense_category = category_id 
+    LEFT JOIN categories ON payment_provider_expense_category = category_id
    ORDER BY $sort $order"
 );

@@ -57,7 +57,7 @@ $num_rows = mysqli_num_rows($sql);
                    <th>
                        <a class="text-dark">Expensed Fee</a>
                    </th>
-                    <th>
+                    <th class="text-center">
                        <a class="text-dark">Saved Payment Methods</a>
                    </th>
                    <th class="text-center">Action</th>
@@ -66,13 +66,13 @@ $num_rows = mysqli_num_rows($sql);
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $provider_id = intval($row['payment_provider_id']);
                    $provider_name = nullable_htmlentities($row['payment_provider_name']);
                    $provider_description = nullable_htmlentities($row['payment_provider_description']);
                    $account_name = nullable_htmlentities($row['account_name']);
                    $threshold = floatval($row['payment_provider_threshold']);
-                    $vendor_name = nullable_htmlentities($row['vendor_name']);
+                    $vendor_name = nullable_htmlentities($row['vendor_name'] ?? "Expense Disabled");
                    $category = nullable_htmlentities($row['category_name']);
                    $percent_fee = floatval($row['payment_provider_expense_percentage_fee']) * 100;
                    $flat_fee = floatval($row['payment_provider_expense_flat_fee']);
@@ -94,7 +94,9 @@ $num_rows = mysqli_num_rows($sql);
                        <td><?php echo $vendor_name; ?></td>
                        <td><?php echo $category; ?></td>
                        <td><?php echo $percent_fee; ?>% + <?php echo numfmt_format_currency($currency_format, $flat_fee, $session_company_currency); ?></td>
-                        <td><?php echo $saved_payment_count; ?></td>
+                        <td class="text-center">
+                            <a class="badge badge-dark badge-pill p-2" href="saved_payment_method.php"><?= $saved_payment_count ?></a>
+                        </td>
                        <td>
                            <div class="dropdown dropleft text-center">
                                <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@@ -106,12 +108,14 @@ $num_rows = mysqli_num_rows($sql);
                                        <i class="fas fa-fw fa-edit mr-2"></i>Edit
                                    </a>
                                    <div class="dropdown-divider"></div>
-<!--                                    <a class="dropdown-item text-danger confirm-link" href="post.php?disable_payment_provider=--><?php //echo $provider_id; ?><!--&csrf_token=--><?php //echo $_SESSION['csrf_token'] ?><!--">-->
-<!--                                        <i class="fas fa-fw fa-thumbs-down mr-2"></i>Disable-->
-<!--                                    </a>-->
-<!--                                    <a class="dropdown-item text-danger confirm-link" href="post.php?delete_payment_provider=--><?php //echo $provider_id; ?><!--&csrf_token=--><?php //echo $_SESSION['csrf_token'] ?><!--">-->
-<!--                                        <i class="fas fa-fw fa-trash mr-2"></i>Delete-->
-<!--                                    </a>-->
+                                    <a class="dropdown-item text-danger confirm-link" href="post.php?delete_payment_provider=<?= $provider_id ?>&csrf_token=<?= $_SESSION['csrf_token'] ?>">
+                                        <i class="fas fa-fw fa-trash mr-2"></i><strong>Delete Provider and</strong>
+                                        <ul class="text-xs">
+                                            <li>Related Recurring Payments</li>
+                                            <li>Related Saved cards</li>
+                                            <li>Client Provider Relations</li>
+                                        </ul>
+                                    </a>
                                </div>
                            </div>
                        </td>
--- a/admin/post/ai_model.php
+++ b/admin/post/ai_model.php
@@ -49,7 +49,7 @@ if (isset($_POST['edit_ai_model'])) {
 if (isset($_GET['delete_ai_model'])) {

    validateCSRFToken($_GET['csrf_token']);
-    
+
    $model_id = intval($_GET['delete_ai_model']);

    $model_name = sanitizeInput(getFieldById('ai_models', $model_id, 'ai_model_name'));
--- a/admin/post/api_keys.php
+++ b/admin/post/api_keys.php
@@ -31,6 +31,27 @@ if (isset($_POST['add_api_key'])) {

 }

+if (isset($_GET['revoke_api_key'])) {
+
+    validateCSRFToken($_GET['csrf_token']);
+
+    $api_key_id = intval($_GET['revoke_api_key']);
+
+    // Get API Key Name
+    $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
+    $api_key_name = sanitizeInput($row['api_key_name']);
+    $client_id = intval($row['api_key_client_id']);
+
+    mysqli_query($mysqli,"UPDATE api_keys SET api_key_expire = NOW() WHERE api_key_id = $api_key_id");
+
+    logAction("API Key", "Revoke", "$session_name revoked API key $name", $client_id);
+
+    flash_alert("API Key <strong>$name</strong> revoked", 'error');
+
+    redirect();
+
+}
+
 if (isset($_GET['delete_api_key'])) {

    validateCSRFToken($_GET['csrf_token']);
@@ -38,7 +59,7 @@ if (isset($_GET['delete_api_key'])) {
    $api_key_id = intval($_GET['delete_api_key']);

    // Get API Key Name
-    $row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
+    $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
    $api_key_name = sanitizeInput($row['api_key_name']);
    $client_id = intval($row['api_key_client_id']);

@@ -64,9 +85,9 @@ if (isset($_POST['bulk_delete_api_keys'])) {
        foreach ($_POST['api_key_ids'] as $api_key_id) {

            $api_key_id = intval($api_key_id);
-            
+
            // Get API Key Name
-            $row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
+            $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT api_key_name, api_key_client_id FROM api_keys WHERE api_key_id = $api_key_id"));
            $api_key_name = sanitizeInput($row['api_key_name']);
            $client_id = intval($row['api_key_client_id']);

--- a/admin/post/backup.php
+++ b/admin/post/backup.php
@@ -307,11 +307,11 @@ if (isset($_POST['backup_master_key'])) {
    $password = $_POST['password'];

    $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);

    if (password_verify($password, $row['user_password'])) {
        $site_encryption_master_key = decryptUserSpecificKey($row['user_specific_encryption_ciphertext'], $password);
-        
+
        logAction("Master Key", "Download", "$session_name retrieved the master encryption key");

        appNotify("Master Key", "$session_name retrieved the master encryption key");
@@ -320,13 +320,12 @@ if (isset($_POST['backup_master_key'])) {
        echo "<br>Master encryption key:<br>";
        echo "<b>$site_encryption_master_key</b>";
        echo "<br>==============================";
-    
+
    } else {
        logAction("Master Key", "Download", "$session_name attempted to retrieve the master encryption key but failed");

        flash_alert("Incorrect password.", 'error');
-        
+
        redirect();
    }
 }
-
--- a/admin/post/category.php
+++ b/admin/post/category.php
@@ -39,12 +39,12 @@ if (isset($_POST['edit_category'])) {
 }

 if (isset($_GET['archive_category'])) {
-    
+
    $category_id = intval($_GET['archive_category']);

    // Get Category Name and Type for logging
    $sql = mysqli_query($mysqli,"SELECT category_name, category_type FROM categories WHERE category_id = $category_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $category_name = sanitizeInput($row['category_name']);
    $category_type = sanitizeInput($row['category_type']);

@@ -59,12 +59,12 @@ if (isset($_GET['archive_category'])) {
 }

 if (isset($_GET['unarchive_category'])) {
-    
+
    $category_id = intval($_GET['unarchive_category']);

    // Get Category Name and Type for logging
    $sql = mysqli_query($mysqli,"SELECT category_name, category_type FROM categories WHERE category_id = $category_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $category_name = sanitizeInput($row['category_name']);
    $category_type = sanitizeInput($row['category_type']);

@@ -79,12 +79,12 @@ if (isset($_GET['unarchive_category'])) {
 }

 if (isset($_GET['delete_category'])) {
-    
+
    $category_id = intval($_GET['delete_category']);

    // Get Category Name and Type for logging
    $sql = mysqli_query($mysqli,"SELECT category_name, category_type FROM categories WHERE category_id = $category_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $category_name = sanitizeInput($row['category_name']);
    $category_type = sanitizeInput($row['category_type']);

--- a/admin/post/contract_template.php
+++ b/admin/post/contract_template.php
@@ -9,11 +9,12 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
 if (isset($_POST['add_contract_template'])) {

    // Sanitize text inputs
-    $name = sanitizeInput($_POST['contract_template_name']);
-    $type = sanitizeInput($_POST['contract_template_type']);
-    $update_frequency = sanitizeInput($_POST['contract_template_update_frequency']);
-    $support_hours = sanitizeInput($_POST['contract_template_support_hours']);
-    $details = mysql_escape_string($mysqli, $_POST['contract_template_details']);
+    $name = sanitizeInput($_POST['name']);
+    $description = sanitizeInput($_POST['description']);
+    $type = sanitizeInput($_POST['type']);
+    $renewal_frequency = sanitizeInput($_POST['renewal_frequency']);
+    $support_hours = sanitizeInput($_POST['support_hours']);
+    $details = mysqli_escape_string($mysqli, $_POST['details']);

    // Numeric fields cast to integer
    $sla_low_resp = intval($_POST['sla_low_response_time']);
@@ -22,9 +23,9 @@ if (isset($_POST['add_contract_template'])) {
    $sla_low_res = intval($_POST['sla_low_resolution_time']);
    $sla_med_res = intval($_POST['sla_medium_resolution_time']);
    $sla_high_res = intval($_POST['sla_high_resolution_time']);
-    $hourly_rate = intval($_POST['contract_template_hourly_rate']);
-    $after_hours_rate = intval($_POST['contract_template_after_hours_hourly_rate']);
-    $net_terms = intval($_POST['contract_template_net_terms']);
+    $rate_standard = intval($_POST['rate_standard']);
+    $rate_after_hours = intval($_POST['hourly_rate_after_hours']);
+    $net_terms = intval($_POST['net_terms']);

    // Insert into database (numbers not quoted)
    mysqli_query($mysqli, "
@@ -33,19 +34,17 @@ if (isset($_POST['add_contract_template'])) {
        contract_template_description = '$description',
        contract_template_details = '$details',
        contract_template_type = '$type',
-        contract_template_update_frequency = '$update_frequency',
-        sla_low_response_time = $sla_low_resp,
-        sla_medium_response_time = $sla_med_resp,
-        sla_high_response_time = $sla_high_resp,
-        sla_low_resolution_time = $sla_low_res,
-        sla_medium_resolution_time = $sla_med_res,
-        sla_high_resolution_time = $sla_high_res,
-        contract_template_hourly_rate = $hourly_rate,
-        contract_template_after_hours_hourly_rate = $after_hours_rate,
+        contract_template_renewal_frequency = '$renewal_frequency',
+        contract_template_sla_low_response_time = $sla_low_resp,
+        contract_template_sla_medium_response_time = $sla_med_resp,
+        contract_template_sla_high_response_time = $sla_high_resp,
+        contract_template_sla_low_resolution_time = $sla_low_res,
+        contract_template_sla_medium_resolution_time = $sla_med_res,
+        contract_template_sla_high_resolution_time = $sla_high_res,
+        contract_template_rate_standard = $rate_standard,
+        contract_template_rate_after_hours = $rate_after_hours,
        contract_template_support_hours = '$support_hours',
-        contract_template_net_terms = $net_terms,
-        contract_template_created_by = $session_user_id,
-        contract_template_created_at = NOW()
+        contract_template_net_terms = $net_terms
    ");

    $contract_template_id = mysqli_insert_id($mysqli);
@@ -60,4 +59,99 @@ if (isset($_POST['add_contract_template'])) {
    redirect();
 }

+if (isset($_POST['edit_contract_template'])) {
+
+    $contract_template_id = intval($_POST['contract_template_id']);
+    $name            = sanitizeInput($_POST['name']);
+    $description     = sanitizeInput($_POST['description']);
+    $type            = sanitizeInput($_POST['type']);
+    $renewal_frequency= sanitizeInput($_POST['renewal_frequency']);
+    $support_hours   = sanitizeInput($_POST['support_hours']);
+    $details         = mysqli_escape_string($mysqli, $_POST['details']);
+    $sla_low_resp  = intval($_POST['sla_low_response_time']);
+    $sla_med_resp  = intval($_POST['sla_medium_response_time']);
+    $sla_high_resp = intval($_POST['sla_high_response_time']);
+    $sla_low_res   = intval($_POST['sla_low_resolution_time']);
+    $sla_med_res   = intval($_POST['sla_medium_resolution_time']);
+    $sla_high_res  = intval($_POST['sla_high_resolution_time']);
+    $rate_standard   = intval($_POST['rate_standard']);
+    $rate_after_hours = intval($_POST['rate_after_hours']);
+    $net_terms     = intval($_POST['net_terms']);
+
+    mysqli_query($mysqli, "
+        UPDATE contract_templates SET
+            contract_template_name = '$name',
+            contract_template_description = '$description',
+            contract_template_details = '$details',
+            contract_template_type = '$type',
+            contract_template_renewal_frequency = '$renewal_frequency',
+            contract_template_sla_low_response_time = $sla_low_resp,
+            contract_template_sla_medium_response_time = $sla_med_resp,
+            contract_template_sla_high_response_time = $sla_high_resp,
+            contract_template_sla_low_resolution_time = $sla_low_res,
+            contract_template_sla_medium_resolution_time = $sla_med_res,
+            contract_template_sla_high_resolution_time = $sla_high_res,
+            contract_template_rate_standard = $rate_standard,
+            contract_template_rate_after_hours = $rate_after_hours,
+            contract_template_support_hours = '$support_hours',
+            contract_template_net_terms = $net_terms
+        WHERE contract_template_id = $contract_template_id
+    ");
+
+    // Log action
+    logAction("Contract Template", "Update", "$session_name updated contract template $name", 0, $contract_template_id);
+
+    // Flash + redirect
+    flash_alert("Contract Template <strong>$name</strong> updated");
+    redirect();
+}
+
+if (isset($_GET['archive_contract_template'])) {
+    $contract_template_id = intval($_GET['archive_contract_template']);
+
+    $name = getFieldById('contract_templates', $contract_template_id, 'contract_template_name');
+
+    mysqli_query($mysqli, "
+        UPDATE contract_templates SET contract_template_archived_at = NOW()
+        WHERE contract_template_id = $contract_template_id
+        LIMIT 1
+    ");
+
+    logAction("Contract Template", "Archive", "$session_name archived contract template $name", 0, $contract_template_id);
+    flash_alert("Contract Template <strong>$name</strong> archived", "danger");
+    redirect();
+}
+
+if (isset($_GET['restore_contract_template'])) {
+    $contract_template_id = intval($_GET['restore_contract_template']);
+
+    $name = getFieldById('contract_templates', $contract_template_id, 'contract_template_name');
+
+    mysqli_query($mysqli, "
+        UPDATE contract_templates SET contract_template_archived_at = NULL
+        WHERE contract_template_id = $contract_template_id
+        LIMIT 1
+    ");
+
+    logAction("Contract Template", "Restore", "$session_name restored contract template $name", 0, $contract_template_id);
+    flash_alert("Contract Template <strong>$name</strong> restored");
+    redirect();
+}
+
+if (isset($_GET['delete_contract_template'])) {
+    $contract_template_id = intval($_GET['delete_contract_template']);
+
+    $name = getFieldById('contract_templates', $contract_template_id, 'contract_template_name');
+
+    mysqli_query($mysqli, "
+        DELETE FROM contract_templates
+        WHERE contract_template_id = $contract_template_id
+        LIMIT 1
+    ");
+
+    logAction("Contract Template", "Delete", "$session_name deleted contract template $name", 0, $contract_template_id);
+    flash_alert("Contract Template <strong>$name</strong> deleted", "danger");
+    redirect();
+}
+
 ?>
--- a/admin/post/custom_link.php
+++ b/admin/post/custom_link.php
@@ -48,12 +48,12 @@ if (isset($_POST['edit_custom_link'])) {
 }

 if (isset($_GET['delete_custom_link'])) {
-    
+
    $custom_link_id = intval($_GET['delete_custom_link']);

    // Get Custom Link name and uri for logging
    $sql = mysqli_query($mysqli,"SELECT custom_link_name, custom_link_uri FROM custom_links WHERE custom_link_id = $custom_link_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $custom_link_name = sanitizeInput($row['custom_link_name']);
    $custom_link_uri = sanitizeInput($row['custom_link_uri']);

--- a/admin/post/document_template.php
+++ b/admin/post/document_template.php
@@ -8,12 +8,24 @@ if (isset($_POST['add_document_template'])) {

    $name = sanitizeInput($_POST['name']);
    $description = sanitizeInput($_POST['description']);
-    $content = mysqli_real_escape_string($mysqli,$_POST['content']);

-    mysqli_query($mysqli,"INSERT INTO document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$content', document_template_created_by = $session_user_id");
+    mysqli_query($mysqli,"INSERT INTO document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '', document_template_created_by = $session_user_id");
    
    $document_template_id = mysqli_insert_id($mysqli);

+    $processed_content = mysqli_escape_string(
+        $mysqli,
+        saveBase64Images(
+            $_POST['content'],
+            $_SERVER['DOCUMENT_ROOT'] . "/uploads/document_templates/",
+            "uploads/document_templates/",
+            $document_template_id
+        )
+    );
+
+    // Document template update content
+    mysqli_query($mysqli,"UPDATE document_templates SET document_template_content = '$processed_content' WHERE document_template_id = $document_template_id");
+
    logAction("Document Template", "Create", "$session_name created document template $name", 0, $document_template_id);

    flash_alert("Document template <strong>$name</strong> created");
@@ -27,10 +39,25 @@ if (isset($_POST['edit_document_template'])) {
    $document_template_id = intval($_POST['document_template_id']);
    $name = sanitizeInput($_POST['name']);
    $description = sanitizeInput($_POST['description']);
-    $content = mysqli_real_escape_string($mysqli,$_POST['content']);
+
+    $processed_content = saveBase64Images(
+        $_POST['content'],
+        $_SERVER['DOCUMENT_ROOT'] . "/uploads/document_templates/",
+        "uploads/document_templates/",
+        $document_template_id
+    );
+
+    $processed_content_escaped = mysqli_escape_string($mysqli, $processed_content);
+
+    // CLEAN UP unused images
+    cleanupUnusedImages(
+        $processed_content,
+        $_SERVER['DOCUMENT_ROOT'] . "/uploads/document_templates/" . $document_template_id,
+        "/uploads/document_templates/" . $document_template_id
+    );

    // Document edit query
-    mysqli_query($mysqli,"UPDATE document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$content', document_template_updated_by = $session_user_id WHERE document_template_id = $document_template_id");
+    mysqli_query($mysqli,"UPDATE document_templates SET document_template_name = '$name', document_template_description = '$description', document_template_content = '$processed_content_escaped', document_template_updated_by = $session_user_id WHERE document_template_id = $document_template_id");

    logAction("Document Template", "Edit", "$session_name edited document template $name", 0, $document_template_id);

@@ -48,6 +75,9 @@ if (isset($_GET['delete_document_template'])) {

    mysqli_query($mysqli,"DELETE FROM document_templates WHERE document_template_id = $document_template_id");

+    // Delete uploads/document_templates/$document_template_id if exists
+    removeDirectory($_SERVER['DOCUMENT_ROOT'] . "/uploads/document_templates/" . $document_template_id);
+
    logAction("Document Template", "Delete", "$session_name deleted document template $document_template_name");

    flash_alert("Document Template <strong>$document_template_name</strong> deleted", 'error');
--- a/admin/post/payment_method.php
+++ b/admin/post/payment_method.php
@@ -10,10 +10,17 @@ if (isset($_POST['add_payment_method'])) {

    validateCSRFToken($_POST['csrf_token']);

-    $name = sanitizeInput($_POST['name']);
-    $description = sanitizeInput($_POST['description']);
+    $name = cleanInput($_POST['name']);
+    $description = cleanInput($_POST['description']);

-    mysqli_query($mysqli,"INSERT INTO payment_methods SET payment_method_name = '$name', payment_method_description = '$description'");
+    $query = mysqli_prepare(
+        $mysqli, "INSERT INTO payment_methods
+        SET payment_method_name = ?, payment_method_description = ?"
+    );
+
+    mysqli_stmt_bind_param($query, "ss", $name, $description);
+    
+    mysqli_stmt_execute($query);

    logAction("Payment Method", "Create", "$session_name created Payment Method $name");

@@ -26,12 +33,21 @@ if (isset($_POST['add_payment_method'])) {
 if (isset($_POST['edit_payment_method'])) {

    validateCSRFToken($_POST['csrf_token']);
-
+    
    $payment_method_id = intval($_POST['payment_method_id']);
-    $name = sanitizeInput($_POST['name']);
-    $description = sanitizeInput($_POST['description']);
+    $name = cleanInput($_POST['name']);
+    $description = cleanInput($_POST['description']);

-    mysqli_query($mysqli,"UPDATE payment_methods SET payment_method_name = '$name', payment_method_description = '$description' WHERE payment_method_id = $payment_method_id");
+    $query = mysqli_prepare(
+        $mysqli,
+        "UPDATE payment_methods 
+         SET payment_method_name = ?, payment_method_description = ? 
+         WHERE payment_method_id = ?"
+    );
+
+    mysqli_stmt_bind_param($query, "ssi", $name, $description, $payment_method_id);
+
+    mysqli_stmt_execute($query);

    logAction("Payment Method", "Edit", "$session_name edited Payment Method $name");

--- a/admin/post/payment_provider.php
+++ b/admin/post/payment_provider.php
@@ -14,53 +14,20 @@ if (isset($_POST['add_payment_provider'])) {
    $public_key = sanitizeInput($_POST['public_key']);
    $private_key = sanitizeInput($_POST['private_key']);
    $threshold = floatval($_POST['threshold']);
-    $enable_expense = intval($_POST['enable_expense'] ?? 0);
+    $account = intval($_POST['account']);
+    $expense_vendor = intval($_POST['expense_vendor']) ?? 0;
+    $expense_category = intval($_POST['expense_category']) ?? 0;
    $percentage_fee = floatval($_POST['percentage_fee']) / 100 ?? 0;
    $flat_fee = floatval($_POST['flat_fee']) ?? 0;

    // Check to ensure provider isn't added twice
-    $sql = "SELECT 1 FROM payment_providers WHERE payment_provider_name = '$provider' LIMIT 1";
-    $result = mysqli_query($mysqli, $sql);
-    if (mysqli_num_rows($result) > 0) {
+    $sql = mysqli_query($mysqli, "SELECT 1 FROM payment_providers WHERE payment_provider_name = '$provider' LIMIT 1");
+    if (mysqli_num_rows($sql) > 0) {
        flash_alert("Payment Provider <strong>$provider</strong> already exists", 'error');
        redirect();
    }

-    // Check for Stripe Account, if not create it
-    $sql_account = mysqli_query($mysqli,"SELECT account_id FROM accounts WHERE account_name = '$provider' AND account_archived_at IS NULL LIMIT 1");
-    if (mysqli_num_rows($sql_account) == 0) {
-        $account_id = mysqli_insert_id($mysqli);
-    } else {
-        $row = mysqli_fetch_array($sql_account);
-        $account_id = intval($row['account_id']);
-    }
-
-    // Expense defaults
-    $category_id = 0;
-    $vendor_id = 0;
-
-    if ($enable_expense) {
-        // Category
-        $sql_category = mysqli_query($mysqli,"SELECT category_id FROM categories WHERE category_name = 'Payment Processing' AND category_type = 'Expense' AND category_archived_at IS NULL LIMIT 1");
-        if (mysqli_num_rows($sql_category) == 0) {
-            mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Processing Fee', category_type = 'Payment Processing', category_color = 'gray'");
-            $category_id = mysqli_insert_id($mysqli);
-        } else {
-            $row = mysqli_fetch_array($sql_category);
-            $category_id = intval($row['category_id']);
-        }
-        // Vendor
-        $sql_vendor = mysqli_query($mysqli,"SELECT vendor_id FROM vendors WHERE vendor_name = '$provider' AND vendor_client_id = 0 AND vendor_archived_at IS NULL LIMIT 1");
-        if (mysqli_num_rows($sql_vendor) == 0) {
-            mysqli_query($mysqli,"INSERT INTO vendors SET vendor_name = '$provider', vendor_description = 'Payment Processor Provider', vendor_client_id = 0");
-            $vendor_id = mysqli_insert_id($mysqli);
-        } else {
-            $row = mysqli_fetch_array($sql_vendor);
-            $vendor_id = intval($row['vendor_id']);
-        }
-    }
-
-    mysqli_query($mysqli,"INSERT INTO payment_providers SET payment_provider_name = '$provider', payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_threshold = $threshold, payment_provider_account = $account_id, payment_provider_expense_vendor = $vendor_id, payment_provider_expense_category = $category_id, payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee");
+    mysqli_query($mysqli,"INSERT INTO payment_providers SET payment_provider_name = '$provider', payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_threshold = $threshold, payment_provider_account = $account, payment_provider_expense_vendor = $expense_vendor, payment_provider_expense_category = $expense_category, payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee");

    $provider_id = mysqli_insert_id($mysqli);

@@ -81,11 +48,13 @@ if (isset($_POST['edit_payment_provider'])) {
    $public_key = sanitizeInput($_POST['public_key']);
    $private_key = sanitizeInput($_POST['private_key']);
    $threshold = floatval($_POST['threshold']);
-    $enable_expense = intval($_POST['enable_expense'] ?? 0);
+    $account = intval($_POST['account']);
+    $expense_vendor = intval($_POST['expense_vendor']) ?? 0;
+    $expense_category = intval($_POST['expense_category']) ?? 0;
    $percentage_fee = floatval($_POST['percentage_fee']) / 100;
    $flat_fee = floatval($_POST['flat_fee']);

-    mysqli_query($mysqli,"UPDATE payment_providers SET payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_threshold = $threshold, payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee WHERE payment_provider_id = $provider_id");
+    mysqli_query($mysqli,"UPDATE payment_providers SET payment_provider_public_key = '$public_key', payment_provider_private_key = '$private_key', payment_provider_threshold = $threshold, payment_provider_account = $account, payment_provider_expense_vendor = $expense_vendor, payment_provider_expense_category = $expense_category, payment_provider_expense_percentage_fee = $percentage_fee, payment_provider_expense_flat_fee = $flat_fee WHERE payment_provider_id = $provider_id");

    logAction("Payment Provider", "Edit", "$session_name edited Payment Provider $provider");

@@ -98,9 +67,14 @@ if (isset($_POST['edit_payment_provider'])) {
 if (isset($_GET['delete_payment_provider'])) {

    validateCSRFToken($_GET['csrf_token']);
-    
+
    $provider_id = intval($_GET['delete_payment_provider']);

+    // When deleted it cascades deletes
+    // all Recurring paymentes related to payment provider
+    // Delete all Saved Cards related
+    // Delete Client Payment Provider Releation
+
    $provider_name = sanitizeInput(getFieldById('payment_providers', $provider_id, 'provider_name'));

    // Delete provider
--- a/admin/post/roles.php
+++ b/admin/post/roles.php
@@ -18,9 +18,23 @@ if (isset($_POST['add_role'])) {

    $role_id = mysqli_insert_id($mysqli);

+    // Insert role permissions (only if not admin)
+    if ($admin == 0) {
+        foreach ($_POST as $key => $value) {
+            if (str_contains($key, '##module_')) {
+                $module_id = intval(explode('##', $key)[0]);
+                $access_level = intval($value);
+
+                if ($access_level > 0) {
+                    mysqli_query($mysqli, "INSERT INTO user_role_permissions SET user_role_id = $role_id, module_id = $module_id, user_role_permission_level = $access_level");
+                }
+            }
+        }
+    }
+
    logAction("User Role", "Create", "$session_name created user role $name", 0, $role_id);

-    flash_alert("User Role <strong$name</strong> created");
+    flash_alert("User Role <strong>$name</strong> created");

    redirect();

@@ -34,7 +48,7 @@ if (isset($_POST['edit_role'])) {
    $name = sanitizeInput($_POST['role_name']);
    $description = sanitizeInput($_POST['role_description']);
    $admin = intval($_POST['role_is_admin']);
-    
+
    mysqli_query($mysqli, "UPDATE user_roles SET role_name = '$name', role_description = '$description', role_is_admin = $admin WHERE role_id = $role_id");

    // Update role access levels
@@ -70,18 +84,18 @@ if (isset($_GET['archive_role'])) {
    $role_user_count = mysqli_fetch_row($sql_role_user_count)[0];
    if ($role_user_count != 0) {
        flash_alert("Role must not in use to archive it", 'error');
-        
+
        redirect();
    }

    mysqli_query($mysqli, "UPDATE user_roles SET role_archived_at = NOW() WHERE role_id = $role_id");

-    $role_name = sanitizeInput(getFieldById('roles', $role_id, 'role_name'));
+    $role_name = sanitizeInput(getFieldById('user_roles', $role_id, 'role_name'));

    logAction("User Role", "Archive", "$session_name archived user role $role_name", 0, $role_id);

    flash_alert("User Role <strong>$role_name</strong> archived", 'error');
-    
+
    redirect();

-}
+}
--- a/admin/post/saved_payment_method.php
+++ b/admin/post/saved_payment_method.php
@@ -3,13 +3,13 @@
 defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");

 if (isset($_GET['delete_saved_payment'])) {
-    
+
    validateCSRFToken($_GET['csrf_token']);

    $saved_payment_id = intval($_GET['delete_saved_payment']);

    $sql = mysqli_query($mysqli, "
-        SELECT 
+        SELECT
            client_saved_payment_methods.saved_payment_id,
            client_saved_payment_methods.saved_payment_client_id,
            client_saved_payment_methods.saved_payment_provider_id,
@@ -27,7 +27,7 @@ if (isset($_GET['delete_saved_payment'])) {
        WHERE client_saved_payment_methods.saved_payment_id = $saved_payment_id"
    );

-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $client_id = intval($row['saved_payment_client_id']);
    $provider_id = intval($row['saved_payment_provider_id']);
    $payment_provider_name = nullable_htmlentities($row['payment_provider_name']);
@@ -42,7 +42,7 @@ if (isset($_GET['delete_saved_payment'])) {

        try {
            // Initialize stripe
-            require_once 'plugins/stripe-php/init.php';
+            require_once '../plugins/stripe-php/init.php';
            $stripe = new \Stripe\StripeClient($private_key);

            // Detach PM
@@ -56,15 +56,15 @@ if (isset($_GET['delete_saved_payment'])) {

    }

-    // Remove payment method from ITFlow
+    // Remove payment method from ITFlow. This will also cascade delete related recurring payments setup
    mysqli_query($mysqli, "DELETE FROM client_saved_payment_methods WHERE saved_payment_id = $saved_payment_id");

    // SQL Cascade delete will Remove All Associated Auto Payment Methods on recurring invoices in the recurring payments table.

    logAction("Payment Provider", "Update", "$session_name deleted saved payment method $saved_payment_description (PM: $payment_method)", $client_id);
-    
+
    flash_alert("Payment method <strong>$saved_payment_description</strong> removed", 'error');
-    
+
    redirect();

 }
--- a/admin/post/settings_company.php
+++ b/admin/post/settings_company.php
@@ -19,7 +19,7 @@ if (isset($_POST['edit_company'])) {
    $tax_id = sanitizeInput($_POST['tax_id']);

    $sql = mysqli_query($mysqli,"SELECT company_logo FROM companies WHERE company_id = 1");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $existing_file_name = sanitizeInput($row['company_logo']);

    // Company logo
@@ -55,7 +55,7 @@ if (isset($_POST['edit_company'])) {
 if (isset($_GET['remove_company_logo'])) {

    $sql = mysqli_query($mysqli,"SELECT company_logo FROM companies");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $company_logo = $row['company_logo']; // FileSystem Operation Logo is already sanitized

    unlink("../uploads/settings/$company_logo");
--- a/admin/post/settings_mail.php
+++ b/admin/post/settings_mail.php
@@ -1,186 +1,582 @@
-<?php
-
-defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
-
-if (isset($_POST['edit_mail_smtp_settings'])) {
-    
-    validateCSRFToken($_POST['csrf_token']);
-
-    $config_smtp_provider            = sanitizeInput($_POST['config_smtp_provider']);
-    $config_smtp_host                = sanitizeInput($_POST['config_smtp_host']);
-    $config_smtp_port                = intval($_POST['config_smtp_port'] ?? 0);
-    $config_smtp_encryption          = sanitizeInput($_POST['config_smtp_encryption']);
-    $config_smtp_username            = sanitizeInput($_POST['config_smtp_username']);
-    $config_smtp_password            = sanitizeInput($_POST['config_smtp_password']);
-
-    // Shared OAuth fields
-    $config_mail_oauth_client_id     = sanitizeInput($_POST['config_mail_oauth_client_id']);
-    $config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret']);
-    $config_mail_oauth_tenant_id     = sanitizeInput($_POST['config_mail_oauth_tenant_id']);
-    $config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token']);
-    $config_mail_oauth_access_token  = sanitizeInput($_POST['config_mail_oauth_access_token']);
-
-    mysqli_query($mysqli, "
-        UPDATE settings SET
-            config_smtp_provider              = '$config_smtp_provider',
-            config_smtp_host                  = '$config_smtp_host',
-            config_smtp_port                  = $config_smtp_port,
-            config_smtp_encryption            = '$config_smtp_encryption',
-            config_smtp_username              = '$config_smtp_username',
-            config_smtp_password              = '$config_smtp_password',
-            config_mail_oauth_client_id       = '$config_mail_oauth_client_id',
-            config_mail_oauth_client_secret   = '$config_mail_oauth_client_secret',
-            config_mail_oauth_tenant_id       = '$config_mail_oauth_tenant_id',
-            config_mail_oauth_refresh_token   = '$config_mail_oauth_refresh_token',
-            config_mail_oauth_access_token    = '$config_mail_oauth_access_token'
-        WHERE company_id = 1
-    ");
-
-    logAction("Settings", "Edit", "$session_name edited SMTP settings");
-    
-    flash_alert("SMTP Mail Settings updated");
-    
-    redirect();
-
-}
-
-if (isset($_POST['edit_mail_imap_settings'])) {
-    
-    validateCSRFToken($_POST['csrf_token']);
-
-    $config_imap_provider            = sanitizeInput($_POST['config_imap_provider']);
-    $config_imap_host                = sanitizeInput($_POST['config_imap_host']);
-    $config_imap_port                = intval($_POST['config_imap_port'] ?? 0);
-    $config_imap_encryption          = sanitizeInput($_POST['config_imap_encryption']);
-    $config_imap_username            = sanitizeInput($_POST['config_imap_username']);
-    $config_imap_password            = sanitizeInput($_POST['config_imap_password']);
-
-    // Shared OAuth fields
-    $config_mail_oauth_client_id     = sanitizeInput($_POST['config_mail_oauth_client_id']);
-    $config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret']);
-    $config_mail_oauth_tenant_id     = sanitizeInput($_POST['config_mail_oauth_tenant_id']);
-    $config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token']);
-    $config_mail_oauth_access_token  = sanitizeInput($_POST['config_mail_oauth_access_token']);
-
-    mysqli_query($mysqli, "
-        UPDATE settings SET
-            config_imap_provider              = '$config_imap_provider',
-            config_imap_host                  = '$config_imap_host',
-            config_imap_port                  = $config_imap_port,
-            config_imap_encryption            = '$config_imap_encryption',
-            config_imap_username              = '$config_imap_username',
-            config_imap_password              = '$config_imap_password',
-            config_mail_oauth_client_id       = '$config_mail_oauth_client_id',
-            config_mail_oauth_client_secret   = '$config_mail_oauth_client_secret',
-            config_mail_oauth_tenant_id       = '$config_mail_oauth_tenant_id',
-            config_mail_oauth_refresh_token   = '$config_mail_oauth_refresh_token',
-            config_mail_oauth_access_token    = '$config_mail_oauth_access_token'
-        WHERE company_id = 1
-    ");
-
-    logAction("Settings", "Edit", "$session_name edited IMAP settings");
-    
-    flash_alert("IMAP Mail Settings updated");
-    
-    redirect();
-
-}
-
-if (isset($_POST['edit_mail_from_settings'])) {
-
-    validateCSRFToken($_POST['csrf_token']);
-
-    $config_mail_from_email = sanitizeInput(filter_var($_POST['config_mail_from_email'], FILTER_VALIDATE_EMAIL));
-    $config_mail_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_mail_from_name']));
-
-    $config_invoice_from_email = sanitizeInput(filter_var($_POST['config_invoice_from_email'], FILTER_VALIDATE_EMAIL));
-    $config_invoice_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_invoice_from_name']));
-
-    $config_quote_from_email = sanitizeInput(filter_var($_POST['config_quote_from_email'], FILTER_VALIDATE_EMAIL));
-    $config_quote_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_quote_from_name']));
-
-    $config_ticket_from_email = sanitizeInput(filter_var($_POST['config_ticket_from_email'], FILTER_VALIDATE_EMAIL));
-    $config_ticket_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_ticket_from_name']));
-
-    mysqli_query($mysqli,"UPDATE settings SET config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_from_email = '$config_invoice_from_email', config_invoice_from_name = '$config_invoice_from_name', config_quote_from_email = '$config_quote_from_email', config_quote_from_name = '$config_quote_from_name', config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name' WHERE company_id = 1");
-
-    logAction("Settings", "Edit", "$session_name edited mail from settings");
-
-    flash_alert("Mail From Settings updated");
-
-    redirect();
-
-}
-
-if (isset($_POST['test_email_smtp'])) {
-
-    validateCSRFToken($_POST['csrf_token']);
-
-    $test_email = intval($_POST['test_email']);
-    
-    if($test_email == 1) {
-        $email_from = sanitizeInput($config_mail_from_email);
-        $email_from_name = sanitizeInput($config_mail_from_name);
-    } elseif ($test_email == 2) {
-        $email_from = sanitizeInput($config_invoice_from_email);
-        $email_from_name = sanitizeInput($config_invoice_from_name);
-    } elseif ($test_email == 3) {
-        $email_from = sanitizeInput($config_quote_from_email);
-        $email_from_name = sanitizeInput($config_quote_from_name);
-    } else {
-        $email_from = sanitizeInput($config_ticket_from_email);
-        $email_from_name = sanitizeInput($config_ticket_from_name);
-    }
-
-    $email_to = sanitizeInput($_POST['email_to']);
-    $subject = "Test email from ITFlow";
-    $body = "This is a test email from ITFlow. If you are reading this, it worked!";
-
-    $data = [
-        [
-            'from' => $email_from,
-            'from_name' => $email_from_name,
-            'recipient' => $email_to,
-            'recipient_name' => 'Chap',
-            'subject' => $subject,
-            'body' => $body
-        ]
-    ];
-    
-    $mail = addToMailQueue($data);
-
-    if ($mail === true) {
-        flash_alert("Test email queued! <a class='text-bold text-light' href='admin_mail_queue.php'>Check Admin > Mail queue</a>");
-    } else {
-        flash_alert("Failed to add test mail to queue", 'error');
-    }
-
-    redirect();
-
-}
-
-if (isset($_POST['test_email_imap'])) {
-    
-    validateCSRFToken($_POST['csrf_token']);
-
-    // Setup your IMAP connection parameters
-    $hostname = "{" . $config_imap_host . ":" . $config_imap_port . "/" . $config_imap_encryption . "/novalidate-cert}INBOX";
-    $username = $config_imap_username;
-    $password = $config_imap_password;
-
-    try {
-        $inbox = @imap_open($hostname, $username, $password);
-
-        if ($inbox) {
-            imap_close($inbox);
-            flash_alert("Connected successfully");
-        } else {
-            throw new Exception(imap_last_error());
-        }
-    } catch (Exception $e) {
-        flash_alert("<strong>IMAP connection failed:</strong> " . $e->getMessage(), 'error');
-    }
-
-    redirect();
-
-}
+<?php
+
+defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
+
+if (!defined('MICROSOFT_OAUTH_BASE_URL')) {
+    define('MICROSOFT_OAUTH_BASE_URL', 'https://login.microsoftonline.com/');
+}
+
+if (isset($_POST['oauth_connect_microsoft_mail'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    // Save current IMAP/OAuth form values first so auth flow always uses latest inputs.
+    $config_imap_provider = sanitizeInput($_POST['config_imap_provider'] ?? '');
+    $config_imap_username = sanitizeInput($_POST['config_imap_username'] ?? '');
+    $config_mail_oauth_client_id = sanitizeInput($_POST['config_mail_oauth_client_id'] ?? '');
+    $config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret'] ?? '');
+    $config_mail_oauth_tenant_id = sanitizeInput($_POST['config_mail_oauth_tenant_id'] ?? '');
+    $config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token'] ?? '');
+    $config_mail_oauth_access_token = sanitizeInput($_POST['config_mail_oauth_access_token'] ?? '');
+
+    mysqli_query($mysqli, "UPDATE settings SET
+        config_imap_provider = '$config_imap_provider',
+        config_imap_username = '$config_imap_username',
+        config_mail_oauth_client_id = '$config_mail_oauth_client_id',
+        config_mail_oauth_client_secret = '$config_mail_oauth_client_secret',
+        config_mail_oauth_tenant_id = '$config_mail_oauth_tenant_id',
+        config_mail_oauth_refresh_token = '$config_mail_oauth_refresh_token',
+        config_mail_oauth_access_token = '$config_mail_oauth_access_token'
+        WHERE company_id = 1
+    ");
+
+    if ($config_imap_provider !== 'microsoft_oauth') {
+        flash_alert("Please set IMAP Provider to Microsoft 365 (OAuth) before connecting.", 'error');
+        redirect();
+    }
+
+    if (empty($config_mail_oauth_client_id) || empty($config_mail_oauth_client_secret) || empty($config_mail_oauth_tenant_id)) {
+        flash_alert("Missing Microsoft OAuth settings. Please provide Client ID, Client Secret, and Tenant ID first.", 'error');
+        redirect();
+    }
+
+    if (defined('BASE_URL') && !empty(BASE_URL)) {
+        $base_url = rtrim((string) BASE_URL, '/');
+    } else {
+        $base_url = 'https://' . rtrim((string) $config_base_url, '/');
+    }
+
+    $redirect_uri = $base_url . '/admin/oauth_microsoft_mail_callback.php';
+
+    try {
+        $state = bin2hex(random_bytes(32));
+    } catch (Throwable $e) {
+        $state = sha1(uniqid((string) mt_rand(), true));
+    }
+
+    $_SESSION['mail_oauth_state'] = $state;
+    $_SESSION['mail_oauth_state_expires_at'] = time() + 600;
+
+    $scope = 'offline_access openid profile https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send';
+
+    $authorize_url = MICROSOFT_OAUTH_BASE_URL . rawurlencode($config_mail_oauth_tenant_id) . '/oauth2/v2.0/authorize?'
+        . http_build_query([
+            'client_id' => $config_mail_oauth_client_id,
+            'response_type' => 'code',
+            'redirect_uri' => $redirect_uri,
+            'response_mode' => 'query',
+            'scope' => $scope,
+            'state' => $state,
+            'prompt' => 'consent',
+        ], '', '&', PHP_QUERY_RFC3986);
+
+    logAction("Settings", "Edit", "$session_name started Microsoft OAuth connect flow for mail settings");
+
+    redirect($authorize_url);
+}
+
+if (isset($_POST['edit_mail_smtp_settings'])) {
+    
+    validateCSRFToken($_POST['csrf_token']);
+
+    $config_smtp_provider            = sanitizeInput($_POST['config_smtp_provider']);
+    $config_smtp_host                = sanitizeInput($_POST['config_smtp_host']);
+    $config_smtp_port                = intval($_POST['config_smtp_port'] ?? 0);
+    $config_smtp_encryption          = sanitizeInput($_POST['config_smtp_encryption']);
+    $config_smtp_username            = sanitizeInput($_POST['config_smtp_username']);
+    $config_smtp_password            = sanitizeInput($_POST['config_smtp_password']);
+
+    // Shared OAuth fields
+    $config_mail_oauth_client_id     = sanitizeInput($_POST['config_mail_oauth_client_id']);
+    $config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret']);
+    $config_mail_oauth_tenant_id     = sanitizeInput($_POST['config_mail_oauth_tenant_id']);
+    $config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token']);
+    $config_mail_oauth_access_token  = sanitizeInput($_POST['config_mail_oauth_access_token']);
+
+    mysqli_query($mysqli, "
+        UPDATE settings SET
+            config_smtp_provider              = '$config_smtp_provider',
+            config_smtp_host                  = '$config_smtp_host',
+            config_smtp_port                  = $config_smtp_port,
+            config_smtp_encryption            = '$config_smtp_encryption',
+            config_smtp_username              = '$config_smtp_username',
+            config_smtp_password              = '$config_smtp_password',
+            config_mail_oauth_client_id       = '$config_mail_oauth_client_id',
+            config_mail_oauth_client_secret   = '$config_mail_oauth_client_secret',
+            config_mail_oauth_tenant_id       = '$config_mail_oauth_tenant_id',
+            config_mail_oauth_refresh_token   = '$config_mail_oauth_refresh_token',
+            config_mail_oauth_access_token    = '$config_mail_oauth_access_token'
+        WHERE company_id = 1
+    ");
+
+    logAction("Settings", "Edit", "$session_name edited SMTP settings");
+    
+    flash_alert("SMTP Mail Settings updated");
+    
+    redirect();
+
+}
+
+if (isset($_POST['edit_mail_imap_settings'])) {
+    
+    validateCSRFToken($_POST['csrf_token']);
+
+    $config_imap_provider            = sanitizeInput($_POST['config_imap_provider']);
+    $config_imap_host                = sanitizeInput($_POST['config_imap_host']);
+    $config_imap_port                = intval($_POST['config_imap_port'] ?? 0);
+    $config_imap_encryption          = sanitizeInput($_POST['config_imap_encryption']);
+    $config_imap_username            = sanitizeInput($_POST['config_imap_username']);
+    $config_imap_password            = sanitizeInput($_POST['config_imap_password']);
+
+    // Shared OAuth fields
+    $config_mail_oauth_client_id     = sanitizeInput($_POST['config_mail_oauth_client_id']);
+    $config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret']);
+    $config_mail_oauth_tenant_id     = sanitizeInput($_POST['config_mail_oauth_tenant_id']);
+    $config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token']);
+    $config_mail_oauth_access_token  = sanitizeInput($_POST['config_mail_oauth_access_token']);
+
+    mysqli_query($mysqli, "
+        UPDATE settings SET
+            config_imap_provider              = '$config_imap_provider',
+            config_imap_host                  = '$config_imap_host',
+            config_imap_port                  = $config_imap_port,
+            config_imap_encryption            = '$config_imap_encryption',
+            config_imap_username              = '$config_imap_username',
+            config_imap_password              = '$config_imap_password',
+            config_mail_oauth_client_id       = '$config_mail_oauth_client_id',
+            config_mail_oauth_client_secret   = '$config_mail_oauth_client_secret',
+            config_mail_oauth_tenant_id       = '$config_mail_oauth_tenant_id',
+            config_mail_oauth_refresh_token   = '$config_mail_oauth_refresh_token',
+            config_mail_oauth_access_token    = '$config_mail_oauth_access_token'
+        WHERE company_id = 1
+    ");
+
+    logAction("Settings", "Edit", "$session_name edited IMAP settings");
+    
+    flash_alert("IMAP Mail Settings updated");
+    
+    redirect();
+
+}
+
+if (isset($_POST['edit_mail_from_settings'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    $config_mail_from_email = sanitizeInput(filter_var($_POST['config_mail_from_email'], FILTER_VALIDATE_EMAIL));
+    $config_mail_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_mail_from_name']));
+
+    $config_invoice_from_email = sanitizeInput(filter_var($_POST['config_invoice_from_email'], FILTER_VALIDATE_EMAIL));
+    $config_invoice_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_invoice_from_name']));
+
+    $config_quote_from_email = sanitizeInput(filter_var($_POST['config_quote_from_email'], FILTER_VALIDATE_EMAIL));
+    $config_quote_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_quote_from_name']));
+
+    $config_ticket_from_email = sanitizeInput(filter_var($_POST['config_ticket_from_email'], FILTER_VALIDATE_EMAIL));
+    $config_ticket_from_name = sanitizeInput(preg_replace('/[^a-zA-Z0-9\s]/', '', $_POST['config_ticket_from_name']));
+
+    mysqli_query($mysqli,"UPDATE settings SET config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_from_email = '$config_invoice_from_email', config_invoice_from_name = '$config_invoice_from_name', config_quote_from_email = '$config_quote_from_email', config_quote_from_name = '$config_quote_from_name', config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name' WHERE company_id = 1");
+
+    logAction("Settings", "Edit", "$session_name edited mail from settings");
+
+    flash_alert("Mail From Settings updated");
+
+    redirect();
+
+}
+
+if (isset($_POST['test_email_smtp'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    $test_email = intval($_POST['test_email']);
+    
+    if($test_email == 1) {
+        $email_from = sanitizeInput($config_mail_from_email);
+        $email_from_name = sanitizeInput($config_mail_from_name);
+    } elseif ($test_email == 2) {
+        $email_from = sanitizeInput($config_invoice_from_email);
+        $email_from_name = sanitizeInput($config_invoice_from_name);
+    } elseif ($test_email == 3) {
+        $email_from = sanitizeInput($config_quote_from_email);
+        $email_from_name = sanitizeInput($config_quote_from_name);
+    } else {
+        $email_from = sanitizeInput($config_ticket_from_email);
+        $email_from_name = sanitizeInput($config_ticket_from_name);
+    }
+
+    $email_to = sanitizeInput($_POST['email_to']);
+    $subject = "Test email from ITFlow";
+    $body = "This is a test email from ITFlow. If you are reading this, it worked!";
+
+    $data = [
+        [
+            'from' => $email_from,
+            'from_name' => $email_from_name,
+            'recipient' => $email_to,
+            'recipient_name' => 'Chap',
+            'subject' => $subject,
+            'body' => $body
+        ]
+    ];
+    
+    $mail = addToMailQueue($data);
+
+    if ($mail === true) {
+        flash_alert("Test email queued! <a class='text-bold text-light' href='mail_queue.php'>Check Admin > Mail queue</a>");
+    } else {
+        flash_alert("Failed to add test mail to queue", 'error');
+    }
+
+    redirect();
+
+}
+
+if (isset($_POST['test_email_imap'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    $provider = sanitizeInput($config_imap_provider ?? '');
+
+    $host       = $config_imap_host;
+    $port       = (int) $config_imap_port;
+    $encryption = strtolower(trim($config_imap_encryption)); // e.g. "ssl", "tls", "none"
+    $username   = $config_imap_username;
+    $password   = $config_imap_password;
+
+    // Shared OAuth fields
+    $config_mail_oauth_client_id               = $config_mail_oauth_client_id ?? '';
+    $config_mail_oauth_client_secret           = $config_mail_oauth_client_secret ?? '';
+    $config_mail_oauth_tenant_id               = $config_mail_oauth_tenant_id ?? '';
+    $config_mail_oauth_refresh_token           = $config_mail_oauth_refresh_token ?? '';
+    $config_mail_oauth_access_token            = $config_mail_oauth_access_token ?? '';
+    $config_mail_oauth_access_token_expires_at = $config_mail_oauth_access_token_expires_at ?? '';
+
+    $is_oauth = ($provider === 'google_oauth' || $provider === 'microsoft_oauth');
+
+    if ($provider === 'google_oauth') {
+        if (empty($host)) {
+            $host = 'imap.gmail.com';
+        }
+        if (empty($port)) {
+            $port = 993;
+        }
+        if (empty($encryption)) {
+            $encryption = 'ssl';
+        }
+    } elseif ($provider === 'microsoft_oauth') {
+        if (empty($host)) {
+            $host = 'outlook.office365.com';
+        }
+        if (empty($port)) {
+            $port = 993;
+        }
+        if (empty($encryption)) {
+            $encryption = 'ssl';
+        }
+    }
+
+    if (empty($host) || empty($port) || empty($username)) {
+        flash_alert("<strong>IMAP connection failed:</strong> Missing host, port, or username.", 'error');
+        redirect();
+    }
+
+    $token_is_expired = function (?string $expires_at): bool {
+        if (empty($expires_at)) {
+            return true;
+        }
+
+        $ts = strtotime($expires_at);
+
+        if ($ts === false) {
+            return true;
+        }
+
+        return ($ts - 60) <= time();
+    };
+
+    $http_form_post = function (string $url, array $fields): array {
+        $ch = curl_init($url);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_POST, true);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields, '', '&'));
+        curl_setopt($ch, CURLOPT_TIMEOUT, 20);
+
+        $raw = curl_exec($ch);
+        $err = curl_error($ch);
+        $code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+
+        curl_close($ch);
+
+        return [
+            'ok' => ($raw !== false && $code >= 200 && $code < 300),
+            'body' => $raw,
+            'code' => $code,
+            'err' => $err,
+        ];
+    };
+
+    if ($is_oauth) {
+        if (!empty($config_mail_oauth_access_token) && !$token_is_expired($config_mail_oauth_access_token_expires_at)) {
+            $password = $config_mail_oauth_access_token;
+        } else {
+            if (empty($config_mail_oauth_client_id) || empty($config_mail_oauth_client_secret) || empty($config_mail_oauth_refresh_token)) {
+                flash_alert("<strong>IMAP OAuth failed:</strong> Missing OAuth client credentials or refresh token.", 'error');
+                redirect();
+            }
+
+            if ($provider === 'google_oauth') {
+                $response = $http_form_post('https://oauth2.googleapis.com/token', [
+                    'client_id' => $config_mail_oauth_client_id,
+                    'client_secret' => $config_mail_oauth_client_secret,
+                    'refresh_token' => $config_mail_oauth_refresh_token,
+                    'grant_type' => 'refresh_token',
+                ]);
+            } else {
+                if (empty($config_mail_oauth_tenant_id)) {
+                    flash_alert("<strong>IMAP OAuth failed:</strong> Microsoft tenant ID is required.", 'error');
+                    redirect();
+                }
+
+                $token_url = MICROSOFT_OAUTH_BASE_URL . rawurlencode($config_mail_oauth_tenant_id) . "/oauth2/v2.0/token";
+                $response = $http_form_post($token_url, [
+                    'client_id' => $config_mail_oauth_client_id,
+                    'client_secret' => $config_mail_oauth_client_secret,
+                    'refresh_token' => $config_mail_oauth_refresh_token,
+                    'grant_type' => 'refresh_token',
+                ]);
+            }
+
+            if (!$response['ok']) {
+                flash_alert("<strong>IMAP OAuth failed:</strong> Could not refresh access token.", 'error');
+                redirect();
+            }
+
+            $json = json_decode($response['body'], true);
+            if (!is_array($json) || empty($json['access_token'])) {
+                flash_alert("<strong>IMAP OAuth failed:</strong> Token response did not include an access token.", 'error');
+                redirect();
+            }
+
+            $password = $json['access_token'];
+            $expires_at = date('Y-m-d H:i:s', time() + (int)($json['expires_in'] ?? 3600));
+            $refresh_token_to_save = $json['refresh_token'] ?? null;
+
+            $token_esc = mysqli_real_escape_string($mysqli, $password);
+            $expires_at_esc = mysqli_real_escape_string($mysqli, $expires_at);
+
+            $refresh_sql = '';
+            if (!empty($refresh_token_to_save)) {
+                $refresh_token_esc = mysqli_real_escape_string($mysqli, $refresh_token_to_save);
+                $refresh_sql = ", config_mail_oauth_refresh_token = '{$refresh_token_esc}'";
+            }
+
+            mysqli_query($mysqli, "UPDATE settings SET config_mail_oauth_access_token = '{$token_esc}', config_mail_oauth_access_token_expires_at = '{$expires_at_esc}'{$refresh_sql} WHERE company_id = 1");
+        }
+    }
+
+    // Build remote socket (implicit SSL vs plain TCP)
+    $transport = 'tcp';
+    if ($encryption === 'ssl') {
+        $transport = 'ssl';
+    }
+
+    $remote_socket = $transport . '://' . $host . ':' . $port;
+
+    // Stream context (you can tighten these if you want strict validation)
+    $context_options = [];
+    if (in_array($encryption, ['ssl', 'tls'], true)) {
+        $context_options['ssl'] = [
+            'verify_peer' => false,
+            'verify_peer_name' => false,
+            'allow_self_signed' => true,
+        ];
+    }
+
+    $context = stream_context_create($context_options);
+
+    try {
+        $errno = 0;
+        $errstr = '';
+
+        // 10-second timeout, adjust as needed
+        $fp = @stream_socket_client(
+            $remote_socket,
+            $errno,
+            $errstr,
+            10,
+            STREAM_CLIENT_CONNECT,
+            $context
+        );
+
+        if (!$fp) {
+            throw new Exception("Could not connect to IMAP server: [$errno] $errstr");
+        }
+
+        stream_set_timeout($fp, 10);
+
+        // Read server greeting (IMAP servers send something like: * OK Dovecot ready)
+        $greeting = fgets($fp, 1024);
+        if ($greeting === false || strpos($greeting, '* OK') !== 0) {
+            fclose($fp);
+            throw new Exception("Invalid IMAP greeting: " . trim((string) $greeting));
+        }
+        // If you really want STARTTLS for "tls" (port 143), you can do it here
+        if ($encryption === 'tls' && stripos($greeting, 'STARTTLS') !== false) {
+            fwrite($fp, "A0001 STARTTLS\r\n");
+            $line = fgets($fp, 1024);
+            if ($line === false || stripos($line, 'A0001 OK') !== 0) {
+                fclose($fp);
+                throw new Exception("STARTTLS failed: " . trim((string) $line));
+            }
+
+            if (!stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
+                fclose($fp);
+                throw new Exception("Unable to enable TLS encryption on IMAP connection.");
+            }
+        }
+
+        $tag = 'A0002';
+
+        if ($is_oauth) {
+            $oauth_b64 = base64_encode("user={$username}\x01auth=Bearer {$password}\x01\x01");
+            $auth_cmd = sprintf("%s AUTHENTICATE XOAUTH2 %s\r\n", $tag, $oauth_b64);
+            fwrite($fp, $auth_cmd);
+        } else {
+            $login_cmd = sprintf(
+                "%s LOGIN \"%s\" \"%s\"\r\n",
+                $tag,
+                addcslashes($username, "\\\""),
+                addcslashes($password, "\\\"")
+            );
+
+            fwrite($fp, $login_cmd);
+        }
+
+        $success = false;
+        $error_line = '';
+
+        while (!feof($fp)) {
+            $line = fgets($fp, 2048);
+            if ($line === false) {
+                break;
+            }
+
+            if (strpos($line, $tag . ' ') === 0) {
+                if (stripos($line, $tag . ' OK') === 0) {
+                    $success = true;
+                } else {
+                    $error_line = trim($line);
+                }
+                break;
+            }
+        }
+
+        // Always logout / close
+        fwrite($fp, "A0003 LOGOUT\r\n");
+        fclose($fp);
+
+        if ($success) {
+            if ($is_oauth) {
+                flash_alert("Connected successfully using OAuth");
+            } else {
+                flash_alert("Connected successfully");
+            }
+        } else {
+            if (!$error_line) {
+                $error_line = 'Unknown IMAP authentication error';
+            }
+            throw new Exception($error_line);
+        }
+
+    } catch (Exception $e) {
+        flash_alert("<strong>IMAP connection failed:</strong> " . htmlspecialchars($e->getMessage()), 'error');
+    }
+
+    redirect();
+}
+
+
+if (isset($_POST['test_oauth_token_refresh'])) {
+
+    validateCSRFToken($_POST['csrf_token']);
+
+    $provider = sanitizeInput($_POST['oauth_provider'] ?? '');
+
+    if ($provider !== 'google_oauth' && $provider !== 'microsoft_oauth') {
+        flash_alert("OAuth token test failed: unsupported provider.", 'error');
+        redirect();
+    }
+
+    $oauth_client_id = sanitizeInput($config_mail_oauth_client_id ?? '');
+    $oauth_client_secret = sanitizeInput($config_mail_oauth_client_secret ?? '');
+    $oauth_tenant_id = sanitizeInput($config_mail_oauth_tenant_id ?? '');
+    $oauth_refresh_token = sanitizeInput($config_mail_oauth_refresh_token ?? '');
+
+    if (empty($oauth_client_id) || empty($oauth_client_secret) || empty($oauth_refresh_token)) {
+        flash_alert("OAuth token test failed: missing client ID, client secret, or refresh token.", 'error');
+        redirect();
+    }
+
+    if ($provider === 'microsoft_oauth' && empty($oauth_tenant_id)) {
+        flash_alert("OAuth token test failed: Microsoft tenant ID is required.", 'error');
+        redirect();
+    }
+
+    $token_url = 'https://oauth2.googleapis.com/token';
+    if ($provider === 'microsoft_oauth') {
+        $token_url = MICROSOFT_OAUTH_BASE_URL . rawurlencode($oauth_tenant_id) . "/oauth2/v2.0/token";
+    }
+
+    $post_fields = http_build_query([
+        'client_id' => $oauth_client_id,
+        'client_secret' => $oauth_client_secret,
+        'refresh_token' => $oauth_refresh_token,
+        'grant_type' => 'refresh_token',
+    ]);
+
+    $ch = curl_init($token_url);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($ch, CURLOPT_POST, true);
+    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
+    curl_setopt($ch, CURLOPT_TIMEOUT, 20);
+
+    $raw_body = curl_exec($ch);
+    $curl_err = curl_error($ch);
+    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+    curl_close($ch);
+
+    if ($raw_body === false || $http_code < 200 || $http_code >= 300) {
+        $err_msg = !empty($curl_err) ? $curl_err : "HTTP $http_code";
+        flash_alert("OAuth token test failed: $err_msg", 'error');
+        redirect();
+    }
+
+    $json = json_decode($raw_body, true);
+
+    if (!is_array($json) || empty($json['access_token'])) {
+        flash_alert("OAuth token test failed: access token missing in provider response.", 'error');
+        redirect();
+    }
+
+    $new_access_token = sanitizeInput($json['access_token']);
+    $new_expires_at = date('Y-m-d H:i:s', time() + (int)($json['expires_in'] ?? 3600));
+    $new_refresh_token = !empty($json['refresh_token']) ? sanitizeInput($json['refresh_token']) : '';
+
+    $new_access_token_esc = mysqli_real_escape_string($mysqli, $new_access_token);
+    $new_expires_at_esc = mysqli_real_escape_string($mysqli, $new_expires_at);
+
+    $refresh_sql = '';
+    if (!empty($new_refresh_token)) {
+        $new_refresh_token_esc = mysqli_real_escape_string($mysqli, $new_refresh_token);
+        $refresh_sql = ", config_mail_oauth_refresh_token = '$new_refresh_token_esc'";
+    }
+
+    mysqli_query($mysqli, "UPDATE settings SET config_mail_oauth_access_token = '$new_access_token_esc', config_mail_oauth_access_token_expires_at = '$new_expires_at_esc'$refresh_sql WHERE company_id = 1");
+
+    $provider_label = $provider === 'microsoft_oauth' ? 'Microsoft 365' : 'Google Workspace';
+    logAction("Settings", "Edit", "$session_name tested OAuth token refresh for $provider_label mail settings");
+
+    flash_alert("OAuth token refresh successful for $provider_label. Access token expires at $new_expires_at.");
+    redirect();
+}
--- a/admin/post/settings_online_payment_clients.php
+++ b/admin/post/settings_online_payment_clients.php
@@ -3,7 +3,7 @@
 defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");

 if (isset($_GET['stripe_remove_pm'])) {
-    
+
    validateCSRFToken($_GET['csrf_token']);

    if (!$config_stripe_enable) {
@@ -34,21 +34,21 @@ if (isset($_GET['stripe_remove_pm'])) {
    // Remove Auto Pay on recurring invoices that are stripe
    $sql_recurring_invoices = mysqli_query($mysqli, "SELECT recurring_invoice_id FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id");

-    while ($row = mysqli_fetch_array($sql_recurring_invoices)) {
+    while ($row = mysqli_fetch_assoc($sql_recurring_invoices)) {
        $recurring_invoice_id = intval($row['recurring_invoice_id']);
        mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe' AND recurring_payment_recurring_invoice_id = $recurring_invoice_id");
    }

    logAction("Stripe", "Update", "$session_name deleted saved Stripe payment method (PM: $payment_method)", $client_id);
-    
+
    flash_alert("Payment method removed", 'error');
-    
+
    redirect();

 }

 if (isset($_GET['stripe_reset_customer'])) {
-    
+
    validateCSRFToken($_GET['csrf_token']);

    $client_id = intval($_GET['client_id']);
@@ -59,7 +59,7 @@ if (isset($_GET['stripe_reset_customer'])) {
    // Remove Auto Pay on recurring invoices that are stripe
    $sql_recurring_invoices = mysqli_query($mysqli, "SELECT recurring_invoice_id FROM recurring_invoices WHERE recurring_invoice_client_id = $client_id");

-    while ($row = mysqli_fetch_array($sql_recurring_invoices)) {
+    while ($row = mysqli_fetch_assoc($sql_recurring_invoices)) {
        $recurring_invoice_id = intval($row['recurring_invoice_id']);
        mysqli_query($mysqli, "DELETE FROM recurring_payments WHERE recurring_payment_method = 'Stripe' AND recurring_payment_recurring_invoice_id = $recurring_invoice_id");
    }
@@ -67,7 +67,7 @@ if (isset($_GET['stripe_reset_customer'])) {
    logAction("Stripe", "Delete", "$session_name reset Stripe settings for client", $client_id);

    flash_alert("Reset client Stripe settings", 'error');
-    
+
    redirect();

 }
--- a/admin/post/settings_theme.php
+++ b/admin/post/settings_theme.php
@@ -49,3 +49,17 @@ if (isset($_POST['edit_favicon_settings'])) {
    redirect();

 }
+
+if (isset($_GET['reset_favicon'])) {
+
+    if (file_exists("../uploads/favicon.ico")) {
+        unlink("../uploads/favicon.ico");
+    }
+
+    logAction("Settings", "Edit", "$session_name reset Favicon");
+
+    flash_alert("Favicon reset", 'error');
+
+    redirect();
+
+}
--- a/admin/post/software_template.php
+++ b/admin/post/software_template.php
@@ -51,7 +51,7 @@ if (isset($_GET['delete_software_template'])) {

    // Get Software Template Name for logging and alert message
    $sql = mysqli_query($mysqli,"SELECT software_template_name FROM software_templates WHERE software_template_id = $software_template_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $software_template_name = sanitizeInput($row['software_template_name']);

    mysqli_query($mysqli,"DELETE FROM software_templates WHERE software_template_id = $software_template_id");
--- a/admin/post/tag.php
+++ b/admin/post/tag.php
@@ -28,7 +28,7 @@ if (isset($_POST['edit_tag'])) {

    $tag_id = intval($_POST['tag_id']);

-    mysqli_query($mysqli,"UPDATE tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon' WHERE tag_id = $tag_id");
+    mysqli_query($mysqli,"UPDATE tags SET tag_name = '$name', tag_color = '$color', tag_icon = '$icon' WHERE tag_id = $tag_id");

    logAction("Tag", "Edit", "$session_name edited tag $name", 0, $tag_id);

--- a/admin/post/update.php
+++ b/admin/post/update.php
@@ -21,7 +21,7 @@ if (isset($_GET['update'])) {
    if ($config_telemetry > 0 OR $config_telemetry = 2) {

        $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
-        $row = mysqli_fetch_array($sql);
+        $row = mysqli_fetch_assoc($sql);

        $company_name = sanitizeInput($row['company_name']);
        $website = sanitizeInput($row['company_website']);
--- a/admin/post/users.php
+++ b/admin/post/users.php
@@ -53,7 +53,7 @@ if (isset($_POST['add_user'])) {
    mysqli_query($mysqli, "INSERT INTO user_settings SET user_id = $user_id, user_config_force_mfa = $force_mfa");

    $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $company_name = sanitizeInput($row['company_name']);

    // Sanitize Config vars from load_global_settings.php
@@ -118,7 +118,7 @@ if (isset($_POST['edit_user'])) {

    // Get current Avatar
    $sql = mysqli_query($mysqli, "SELECT user_avatar FROM users WHERE user_id = $user_id");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $existing_file_name = sanitizeInput($row['user_avatar']);

    $extended_log_description = '';
@@ -148,7 +148,7 @@ if (isset($_POST['edit_user'])) {
            // Set Avatar
            mysqli_query($mysqli, "UPDATE users SET user_avatar = '$new_file_name' WHERE user_id = $user_id");
            $extended_alert_description = '. File successfully uploaded.';
-        
+
        }
    }

@@ -353,8 +353,8 @@ if (isset($_POST['ir_reset_user_password'])) {
    // Confirm logged-in user password, for security
    $admin_password = $_POST['admin_password'];
    $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id");
-    $userRow = mysqli_fetch_array($sql);
-    
+    $userRow = mysqli_fetch_assoc($sql);
+
    if (!password_verify($admin_password, $userRow['user_password'])) {
        flash_alert("Incorrect password.", 'error');
        redirect();
@@ -364,7 +364,7 @@ if (isset($_POST['ir_reset_user_password'])) {
    $sql_users = mysqli_query($mysqli, "SELECT * FROM users WHERE (user_archived_at IS NULL AND user_id != $session_user_id)");

    // Reset passwords
-    while ($row = mysqli_fetch_array($sql_users)) {
+    while ($row = mysqli_fetch_assoc($sql_users)) {
        $user_id = intval($row['user_id']);
        $user_email = sanitizeInput($row['user_email']);
        $new_password = randomString();
--- a/admin/project_template.php
+++ b/admin/project_template.php
@@ -61,7 +61,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while($row = mysqli_fetch_array($sql)){
+                while($row = mysqli_fetch_assoc($sql)){
                    $project_template_id = intval($row['project_template_id']);
                    $project_template_name = nullable_htmlentities($row['project_template_name']);
                    $project_template_description = nullable_htmlentities($row['project_template_description']);
@@ -124,7 +124,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    </tr>

                <?php
-                
+
                }

                ?>
--- a/admin/project_template_details.php
+++ b/admin/project_template_details.php
@@ -19,7 +19,7 @@ if (isset($_GET['project_template_id'])) {
        exit;
    }

-    $row = mysqli_fetch_array($sql_project_templates);
+    $row = mysqli_fetch_assoc($sql_project_templates);

    $project_template_name = nullable_htmlentities($row['project_template_name']);
    $project_template_description = nullable_htmlentities($row['project_template_description']);
@@ -143,7 +143,7 @@ if (isset($_GET['project_template_id'])) {
                        <tbody>
                        <?php

-                        while ($row = mysqli_fetch_array($sql_ticket_templates)) {
+                        while ($row = mysqli_fetch_assoc($sql_ticket_templates)) {
                            $ticket_template_id = intval($row['ticket_template_id']);
                            $ticket_template_order = intval($row['ticket_template_order']);
                            $ticket_template_name = nullable_htmlentities($row['ticket_template_name']);
@@ -199,7 +199,7 @@ if (isset($_GET['project_template_id'])) {
            <h5 class="text-secondary"><i class="fas fa-fw fa-tasks mr-2"></i>Project Task Templates</h5>
            <table class="table">
                <?php
-                while($row = mysqli_fetch_array($sql_task_templates)){
+                while($row = mysqli_fetch_assoc($sql_task_templates)){
                    $task_template_id = intval($row['task_template_id']);
                    $task_template_name = nullable_htmlentities($row['task_template_name']);
                ?>
--- a/admin/roles.php
+++ b/admin/roles.php
@@ -65,7 +65,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $role_id = intval($row['role_id']);
                        $role_name = nullable_htmlentities($row['role_name']);
                        $role_description = nullable_htmlentities($row['role_description']);
--- a/admin/saved_payment_method.php
+++ b/admin/saved_payment_method.php
@@ -13,18 +13,18 @@ $sql = mysqli_query($mysqli, "
        clients.client_name,
        client_payment_provider.payment_provider_client
    FROM client_saved_payment_methods
-    LEFT JOIN payment_providers 
+    LEFT JOIN payment_providers
        ON client_saved_payment_methods.saved_payment_provider_id = payment_providers.payment_provider_id
-    LEFT JOIN clients 
+    LEFT JOIN clients
        ON client_saved_payment_methods.saved_payment_client_id = clients.client_id
    LEFT JOIN client_payment_provider
        ON client_payment_provider.client_id = client_saved_payment_methods.saved_payment_client_id
        AND client_payment_provider.payment_provider_id = client_saved_payment_methods.saved_payment_provider_id
-    WHERE 
-        client_name LIKE '%$q%' 
-        OR payment_provider_name LIKE '%$q%' 
-        OR saved_payment_description LIKE '%$q%' 
-        OR payment_provider_client LIKE '%$q%' 
+    WHERE
+        client_name LIKE '%$q%'
+        OR payment_provider_name LIKE '%$q%'
+        OR saved_payment_description LIKE '%$q%'
+        OR payment_provider_client LIKE '%$q%'
        OR saved_payment_provider_method LIKE '%$q%'
    ORDER BY $sort $order
 ");
@@ -33,6 +33,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

 ?>

+<ol class="breadcrumb d-print-none">
+    <li class="breadcrumb-item">
+        <a href="/admin">Admin</a>
+    </li>
+    <li class="breadcrumb-item">
+        <a href="payment_provider.php">Payment Providers</a>
+    </li>
+    <li class="breadcrumb-item active">Saved Payment Methods (Stripe)</li>
+</ol>
+
 <div class="card card-dark">
    <div class="card-header">
        <h3 class="card-title"><i class="fas fa-fw fa-credit-card mr-2"></i>Saved Payment Methods</h3>
@@ -94,7 +104,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $saved_payment_id = intval($row['saved_payment_id']);
                    $client_id = intval($row['saved_payment_client_id']);
                    $client_name = nullable_htmlentities($row['client_name']);
@@ -107,8 +117,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                    ?>
                    <tr>
-                        <td><?php echo $client_name; ?> (<?php echo $client_id; ?>)</td>
-                        <td><?php echo $provider_name; ?> (<?php echo $provider_id; ?>)</td>
+                        <td>
+                            <?= $client_name ?>
+                            <br>
+                            <small class="text-secondary">ID: <?= $client_id ?></small>
+                        </td>
+                        <td>
+                            <?= $provider_name ?>
+                            <br>
+                            <small class="text-secondary">ID: <?= $provider_id ?></small>
+                        </td>
                        <td><?php echo $saved_payment_description; ?></td>
                        <td><?php echo $provider_client; ?></td>
                        <td><?php echo $provider_payment_method; ?></td>
--- a/admin/settings_company.php
+++ b/admin/settings_company.php
@@ -4,7 +4,7 @@ require_once "includes/inc_all_admin.php";

 $sql = mysqli_query($mysqli,"SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $company_id = intval($row['company_id']);
 $company_name = nullable_htmlentities($row['company_name']);
 $company_country = nullable_htmlentities($row['company_country']);
--- a/admin/settings_custom_fields.php
+++ b/admin/settings_custom_fields.php
@@ -66,13 +66,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $custom_field_id = intval($row['custom_field_id']);
                        $custom_field_label = nullable_htmlentities($row['custom_field_label']);
                        $custom_field_type = nullable_htmlentities($row['custom_field_type']);
                        $custom_field_location = intval($row['custom_field_location']);
                        $custom_field_order = intval($row['custom_field_order']);
-                        
+
                        ?>
                        <tr>
                            <td><a class="text-dark" href="#" data-toggle="modal" data-target="#editCustomFieldModal<?php echo $custom_field_id; ?>"><?php echo $custom_field_label; ?></a></td>
@@ -118,4 +118,3 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 require_once "custom_field_create_modal.php";

 require_once "../includes/footer.php";
-
--- a/admin/settings_default.php
+++ b/admin/settings_default.php
@@ -42,7 +42,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM calendars ORDER BY calendar_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $calendar_id = intval($row['calendar_id']);
                            $calendar_name = nullable_htmlentities($row['calendar_name']); ?>
                            <option <?php if ($config_default_calendar == $calendar_id) {
@@ -65,7 +65,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $account_id = intval($row['account_id']);
                            $account_name = nullable_htmlentities($row['account_name']); ?>
                            <option <?php if ($config_default_transfer_from_account == $account_id) {
@@ -88,7 +88,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $account_id = intval($row['account_id']);
                            $account_name = nullable_htmlentities($row['account_name']); ?>
                            <option <?php if ($config_default_transfer_to_account == $account_id) {
@@ -111,7 +111,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $account_id = intval($row['account_id']);
                            $account_name = nullable_htmlentities($row['account_name']); ?>
                            <option <?php if ($config_default_payment_account == $account_id) {
@@ -136,7 +136,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM accounts WHERE account_archived_at IS NULL ORDER BY account_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $account_id = intval($row['account_id']);
                            $account_name = nullable_htmlentities($row['account_name']); ?>
                            <option <?php if ($config_default_expense_account == $account_id) {
@@ -159,7 +159,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' ORDER BY category_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $payment_method = nullable_htmlentities($row['category_name']); ?>
                            <option <?php if ($config_default_payment_method == $payment_method) {
                                        echo "selected";
@@ -181,7 +181,7 @@ require_once "includes/inc_all_admin.php";
                        <?php

                        $sql = mysqli_query($mysqli, "SELECT * FROM categories WHERE category_type = 'Payment Method' ORDER BY category_name ASC");
-                        while ($row = mysqli_fetch_array($sql)) {
+                        while ($row = mysqli_fetch_assoc($sql)) {
                            $payment_method = nullable_htmlentities($row['category_name']); ?>
                            <option <?php if ($config_default_expense_payment_method == $payment_method) {
                                        echo "selected";
@@ -214,7 +214,7 @@ require_once "includes/inc_all_admin.php";
                    <div class="input-group-prepend">
                        <span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
                    </div>
-                    <input type="text" class="form-control" inputmode="numeric" pattern="[0-9]*\.?[0-9]{0,2}" name="hourly_rate" value="<?php echo number_format($config_default_hourly_rate, 2, '.', ''); ?>" placeholder="0.00" required>
+                    <input type="text" class="form-control" inputmode="decimal" pattern="[0-9]*\.?[0-9]{0,2}" name="hourly_rate" value="<?php echo number_format($config_default_hourly_rate, 2, '.', ''); ?>" placeholder="0.00" required>
                </div>
            </div>

--- a/admin/settings_localization.php
+++ b/admin/settings_localization.php
@@ -4,7 +4,7 @@ require_once "includes/inc_all_admin.php";

 $sql = mysqli_query($mysqli,"SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1");

-$row = mysqli_fetch_array($sql);
+$row = mysqli_fetch_assoc($sql);
 $company_locale = nullable_htmlentities($row['company_locale']);
 $company_currency = nullable_htmlentities($row['company_currency']);

@@ -76,4 +76,3 @@ $timezones = DateTimeZone::listIdentifiers();

 <?php
 require_once "../includes/footer.php";
-
--- a/admin/settings_mail.php
+++ b/admin/settings_mail.php
--- a/admin/settings_theme.php
+++ b/admin/settings_theme.php
@@ -57,11 +57,12 @@ require_once "includes/inc_all_admin.php";
                <hr>

                <button type="submit" name="edit_favicon_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Upload Icon</button>
-
+                <?php if(file_exists("../uploads/favicon.ico")) { ?>
+                <a href="post.php?reset_favicon" class="btn btn-outline-danger"><i class="fas fa-redo-alt mr-2"></i>Reset Favicon</a>
+                <?php } ?>
            </form>
        </div>
    </div>

 <?php
 require_once "../includes/footer.php";
-
--- a/admin/settings_ticket.php
+++ b/admin/settings_ticket.php
@@ -97,7 +97,7 @@ require_once "includes/inc_all_admin.php";
                <label>Kanban Settings</label>
                    <div class="custom-control custom-switch">
                        <input type="checkbox" class="custom-control-input" name="config_ticket_ordering" <?php if ($config_ticket_ordering == 1) { echo "checked"; } ?> value="1" id="ticketOrderingSwitch">
-                        <label class="custom-control-label" for="ticketOrderingSwitch">Allow ticket ordering within its column<small class="text-secondary">(uncheked will result in ordering it by priority and id)</small></label>
+                        <label class="custom-control-label" for="ticketOrderingSwitch">Allow ticket ordering within its column<small class="text-secondary"> (unchecked = order by priority and id)</small></label>
                    </div>
                    <div class="custom-control custom-switch">
                    <input type="checkbox" class="custom-control-input" name="config_ticket_moving_columns" <?php if ($config_ticket_moving_columns == 1) { echo "checked"; } ?> value="1" id="ticketMovingColumnsSwitch">
--- a/admin/software_template.php
+++ b/admin/software_template.php
@@ -9,7 +9,7 @@ require_once "includes/inc_all_admin.php";
 $sql = mysqli_query(
    $mysqli,
    "SELECT SQL_CALC_FOUND_ROWS * FROM software_templates
-    WHERE software_template_name LIKE '%$q%' OR software_template_type LIKE '%$q%' 
+    WHERE software_template_name LIKE '%$q%' OR software_template_type LIKE '%$q%'
    ORDER BY $sort $order LIMIT $record_from, $record_to"
 );

@@ -68,7 +68,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while($row = mysqli_fetch_array($sql)){
+                while($row = mysqli_fetch_assoc($sql)){
                    $software_template_id = intval($row['software_template_id']);
                    $software_template_name = nullable_htmlentities($row['software_template_name']);
                    $software_template_version = nullable_htmlentities($row['software_template_version']);
--- a/admin/tag.php
+++ b/admin/tag.php
@@ -6,10 +6,31 @@ $order = "ASC";

 require_once "includes/inc_all_admin.php";

+if (isset($_GET['type'])) {
+    $type_filter = intval($_GET['type']);
+} else {
+    $type_filter = 1;
+}
+
+if ($type_filter == 1) {
+    $tag_type_display = "Client";
+} elseif ( $type_filter == 2) {
+    $tag_type_display = "Location";
+} elseif ( $type_filter == 3) {
+    $tag_type_display = "Contact";
+} elseif ( $type_filter == 4) {
+    $tag_type_display = "Credential";
+ } elseif ( $type_filter == 5) {
+    $tag_type_display = "Asset";
+} else {
+    $tag_type_display = "Unknown";
+}
+
 $sql = mysqli_query(
    $mysqli,
    "SELECT SQL_CALC_FOUND_ROWS * FROM tags
    WHERE tag_name LIKE '%$q%'
+    AND tag_type = $type_filter
    ORDER BY $sort $order LIMIT $record_from, $record_to"
 );

@@ -19,9 +40,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

    <div class="card card-dark">
        <div class="card-header py-2">
-            <h3 class="card-title mt-2"><i class="fas fa-fw fa-tags mr-2"></i>Tags</h3>
+            <h3 class="card-title mt-2"><i class="fas fa-fw fa-tags mr-2"></i><?= $tag_type_display ?> Tags</h3>
            <div class="card-tools">
-                <button type="button" class="btn btn-primary ajax-modal" data-modal-url="modals/tag/tag_add.php"><i class="fas fa-plus mr-2"></i>New Tag</button>
+                <button type="button" class="btn btn-primary ajax-modal" data-modal-url="modals/tag/tag_add.php?type=<?= $type_filter ?>"><i class="fas fa-plus mr-2"></i>New <?= $tag_type_display ?> Tag</button>
            </div>
        </div>

@@ -30,7 +51,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <div class="col-sm-4 mb-2">
                    <form autocomplete="off">
                        <div class="input-group">
-                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search Tags">
+                            <input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo stripslashes(nullable_htmlentities($q)); } ?>" placeholder="Search <?= $tag_type_display ?> Tags">
                            <div class="input-group-append">
                                <button class="btn btn-primary"><i class="fa fa-search"></i></button>
                            </div>
@@ -38,6 +59,45 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    </form>
                </div>
                <div class="col-sm-8">
+                    <div class="btn-group float-right">
+                        <a href="?type=1"
+                            class="btn <?php if ($type_filter == 1) {
+                                echo 'btn-primary';
+                            } else {
+                                echo 'btn-default';
+                            } ?>">Client</a>
+                        <a href="?type=2"
+                            class="btn <?php if ($type_filter == 2) {
+                                echo 'btn-primary';
+                            } else {
+                                echo 'btn-default';
+                            } ?>">Location</a>
+                        <a href="?type=3"
+                            class="btn <?php if ($type_filter == 3) {
+                                echo 'btn-primary';
+                            } else {
+                                echo 'btn-default';
+                            } ?>">Contact</a>
+                        <a href="?type=4"
+                           class="btn <?php if ($type_filter == 4) {
+                               echo 'btn-primary';
+                           } else {
+                               echo 'btn-default';
+                           } ?>">Credential</a>
+                        <a href="?type=5"
+                           class="btn <?php if ($type_filter == 5) {
+                               echo 'btn-primary';
+                           } else {
+                               echo 'btn-default';
+                           } ?>">Asset</a>
+                        <a href="?<?= $url_query_strings_sort ?>&archived=1"
+                            class="btn <?php if (isset($_GET['archived'])) {
+                                echo 'btn-primary';
+                            } else {
+                                echo 'btn-default';
+                            } ?>"><i
+                                class="fas fa-fw fa-archive mr-2"></i>Archived</a>
+                    </div>
                </div>
            </div>

@@ -51,32 +111,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                Name <?php if ($sort == 'tag_name') { echo $order_icon; } ?>
                            </a>
                        </th>
-                        <th>
-                            <a class="text-dark" href="?<?php echo $url_query_strings_sort; ?>&sort=tag_type&order=<?php echo $disp; ?>">
-                                Type <?php if ($sort == 'tag_type') { echo $order_icon; } ?>
-                            </a>
-                        </th>
                        <th class="text-center">Action</th>
                    </tr>
                    </thead>
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $tag_id = intval($row['tag_id']);
                        $tag_name = nullable_htmlentities($row['tag_name']);
-                        $tag_type = intval($row['tag_type']);
-                        if ( $tag_type == 1) {
-                            $tag_type_display = "Client Tag";
-                        } elseif ( $tag_type == 2) {
-                            $tag_type_display = "Location Tag";
-                        } elseif ( $tag_type == 3) {
-                            $tag_type_display = "Contact Tag";
-                        } elseif ( $tag_type == 4) {
-                            $tag_type_display = "Credential Tag";
-                        } else {
-                            $tag_type_display = "Unknown Tag";
-                        }
                        $tag_color = nullable_htmlentities($row['tag_color']);
                        $tag_icon = nullable_htmlentities($row['tag_icon']);

@@ -88,7 +131,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                    <span class='badge text-light p-2 mr-1' style="background-color: <?php echo $tag_color; ?>"><i class="fa fa-fw fa-<?php echo $tag_icon; ?> mr-2"></i><?php echo $tag_name; ?></span>
                                </a>
                            </td>
-                            <td><?php echo $tag_type_display; ?></td>
                            <td>
                                <div class="dropdown dropleft text-center">
                                    <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@@ -117,8 +159,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    </tbody>
                </table>
            </div>
-            <?php require_once "../includes/filter_footer.php";
- ?>
+            <?php require_once "../includes/filter_footer.php"; ?>
        </div>
    </div>

--- a/admin/tax.php
+++ b/admin/tax.php
@@ -45,7 +45,7 @@ $num_rows = mysqli_num_rows($sql);
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $tax_id = intval($row['tax_id']);
                    $tax_name = nullable_htmlentities($row['tax_name']);
                    $tax_percent = floatval($row['tax_percent']);
--- a/admin/ticket_status.php
+++ b/admin/ticket_status.php
@@ -67,7 +67,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $ticket_status_id = intval($row['ticket_status_id']);
                    $ticket_status_name = nullable_htmlentities($row['ticket_status_name']);
                    $ticket_status_color = nullable_htmlentities($row['ticket_status_color']);
@@ -81,7 +81,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    ?>
                    <tr>
                        <td>
-                            <a href="#" 
+                            <a href="#"
                                <?php if ( $ticket_status_id > 5 ) { ?>
                                class="ajax-modal" data-modal-url="modals/ticket_status/ticket_status_edit.php?id=<?= $ticket_status_id ?>"
                                <?php } ?>
--- a/admin/ticket_template.php
+++ b/admin/ticket_template.php
@@ -8,14 +8,14 @@ require_once "includes/inc_all_admin.php";

 $sql = mysqli_query(
    $mysqli,
-    "SELECT SQL_CALC_FOUND_ROWS *, 
+    "SELECT SQL_CALC_FOUND_ROWS *,
            COUNT(task_template_id) AS task_count
     FROM ticket_templates
     LEFT JOIN task_templates ON task_template_ticket_template_id = ticket_template_id
     WHERE (ticket_template_name LIKE '%$q%' OR ticket_template_description LIKE '%$q%')
     AND ticket_template_archived_at IS NULL
     GROUP BY ticket_template_id
-     ORDER BY $sort $order 
+     ORDER BY $sort $order
     LIMIT $record_from, $record_to"
 );

@@ -27,7 +27,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    <div class="card-header py-2">
        <h3 class="card-title mt-2"><i class="fas fa-fw fa-life-ring mr-2"></i>Ticket Templates</h3>
        <div class="card-tools">
-            <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addTicketTemplateModal"><i class="fas fa-plus mr-2"></i>New Ticket Template</button>
+            <button type="button" class="btn btn-primary ajax-modal" data-modal-url="modals/ticket_template/ticket_template_add.php" data-modal-size="lg"><i class="fas fa-plus mr-2"></i>New Ticket Template</button>
        </div>
    </div>
    <div class="card-body">
@@ -69,7 +69,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while($row = mysqli_fetch_array($sql)){
+                while($row = mysqli_fetch_assoc($sql)){
                    $ticket_template_id = intval($row['ticket_template_id']);
                    $ticket_template_name = nullable_htmlentities($row['ticket_template_name']);
                    $ticket_template_description = nullable_htmlentities($row['ticket_template_description']);
@@ -120,5 +120,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 </div>

 <?php
-require_once "modals/ticket_template/ticket_template_add.php";
 require_once "../includes/footer.php";
--- a/admin/ticket_template_details.php
+++ b/admin/ticket_template_details.php
@@ -23,7 +23,7 @@ if (mysqli_num_rows($sql_ticket_template) == 0) {
    exit();
 }

-$row = mysqli_fetch_array($sql_ticket_template);
+$row = mysqli_fetch_assoc($sql_ticket_template);

 $ticket_template_name = nullable_htmlentities($row['ticket_template_name']);
 $ticket_template_description = nullable_htmlentities($row['ticket_template_description']);
@@ -98,7 +98,7 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
                </form>
                <table class="table table-sm" id="tasks">
                    <?php
-                    while($row = mysqli_fetch_array($sql_task_templates)){
+                    while($row = mysqli_fetch_assoc($sql_task_templates)){
                        $task_id = intval($row['task_template_id']);
                        $task_name = nullable_htmlentities($row['task_template_name']);
                        $task_completion_estimate = intval($row['task_template_completion_estimate']);
--- a/admin/users.php
+++ b/admin/users.php
@@ -33,9 +33,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <div class="dropdown-menu">
                    <!--<a class="dropdown-item text-dark ajax-modal" href="#" data-modal-url="modals/user/user_invite.php"><i class="fas fa-paper-plane mr-2"></i>Invite User</a>-->
                    <?php if ($num_rows[0] > 1) { ?>
-                        <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#exportUserModal"><i class="fa fa-fw fa-download mr-2"></i>Export</a>
+                        <a class="dropdown-item text-dark ajax-modal" href="#"
+                            data-modal-url="modals/user/user_export.php">
+                            <i class="fa fa-fw fa-download mr-2"></i>Export
+                        </a>
                        <div class="dropdown-divider"></div>
-                        <a class="dropdown-item text-danger ajax-modal" href="#" data-modal-url="modals/user/user_all_reset_password.php" data-modal-size="lg"><i class="fas fa-skull-crossbones mr-2"></i>IR</a>
+                        <a class="dropdown-item text-danger ajax-modal" href="#"
+                            data-modal-url="modals/user/user_all_reset_password.php"
+                            data-modal-size="lg">
+                            <i class="fas fa-skull-crossbones mr-2"></i>IR
+                        </a>
                    <?php } ?>
                </div>
            </div>
@@ -54,7 +61,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                </div>
                <div class="col-md-8">
                    <div class="btn-group float-right">
-                        <a href="?archived=<?php if($archived == 1){ echo 0; } else { echo 1; } ?>" 
+                        <a href="?archived=<?php if($archived == 1){ echo 0; } else { echo 1; } ?>"
                            class="btn btn-<?php if($archived == 1){ echo "primary"; } else { echo "default"; } ?>">
                            <i class="fa fa-fw fa-archive mr-2"></i>Archived
                        </a>
@@ -97,7 +104,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $user_id = intval($row['user_id']);
                    $user_name = nullable_htmlentities($row['user_name']);
                    $user_email = nullable_htmlentities($row['user_email']);
@@ -132,7 +139,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    if (mysqli_num_rows($sql_last_login) == 0) {
                        $last_login = "<span class='text-bold'>Never logged in</span>";
                    } else {
-                        $row = mysqli_fetch_array($sql_last_login);
+                        $row = mysqli_fetch_assoc($sql_last_login);
                        $log_created_at = nullable_htmlentities($row['log_created_at']);
                        $log_ip = nullable_htmlentities($row['log_ip']);
                        $log_user_agent = nullable_htmlentities($row['log_user_agent']);
@@ -156,7 +163,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    ?>
                    <tr>
                        <td class="text-center">
-                            <a href="#" 
+                            <a href="#" title="UserID: <?= $user_id ?>"
                                <?php if ($user_id !== $session_user_id) { // Prevent modifying self ?>
                                class="ajax-modal"
                                data-modal-url="modals/user/user_edit.php?id=<?= $user_id ?>"
@@ -235,5 +242,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 </div>

 <?php
-require_once "modals/user/user_export.php";
 require_once "../includes/footer.php";
--- a/admin/vendor_template.php
+++ b/admin/vendor_template.php
@@ -64,7 +64,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <tbody>
                <?php

-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $vendor_template_id = intval($row['vendor_template_id']);
                    $vendor_template_name = nullable_htmlentities($row['vendor_template_name']);
                    $vendor_template_description = nullable_htmlentities($row['vendor_template_description']);
@@ -140,7 +140,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                    </a>
                                    <?php if ($session_user_role == 3) { ?>
                                        <div class="dropdown-divider"></div>
-                                        <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor=<?php echo $vendor_template_id; ?>">
+                                        <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_vendor_template=<?= $vendor_template_id ?>">
                                            <i class="fas fa-fw fa-trash mr-2"></i>Delete
                                        </a>
                                    <?php } ?>
--- a/agent/accounts.php
+++ b/agent/accounts.php
@@ -59,7 +59,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $account_id = intval($row['account_id']);
                        $account_name = nullable_htmlentities($row['account_name']);
                        $opening_balance = floatval($row['opening_balance']);
@@ -67,15 +67,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                        $account_notes = nullable_htmlentities($row['account_notes']);

                        $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id");
-                        $row = mysqli_fetch_array($sql_payments);
+                        $row = mysqli_fetch_assoc($sql_payments);
                        $total_payments = floatval($row['total_payments']);

                        $sql_revenues = mysqli_query($mysqli, "SELECT SUM(revenue_amount) AS total_revenues FROM revenues WHERE revenue_account_id = $account_id");
-                        $row = mysqli_fetch_array($sql_revenues);
+                        $row = mysqli_fetch_assoc($sql_revenues);
                        $total_revenues = floatval($row['total_revenues']);

                        $sql_expenses = mysqli_query($mysqli, "SELECT SUM(expense_amount) AS total_expenses FROM expenses WHERE expense_account_id = $account_id");
-                        $row = mysqli_fetch_array($sql_expenses);
+                        $row = mysqli_fetch_assoc($sql_expenses);
                        $total_expenses = floatval($row['total_expenses']);

                        $balance = $opening_balance + $total_payments + $total_revenues - $total_expenses;
--- a/agent/ajax.php
+++ b/agent/ajax.php
@@ -40,31 +40,6 @@ if (isset($_GET['certificate_fetch_parse_json_details'])) {

 }

-/*
- * Looks up info on the ticket number provided, used to populate the ticket merge modal
- */
-if (isset($_GET['merge_ticket_get_json_details'])) {
-    enforceUserPermission('module_support');
-
-    $merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
-
-    $sql = mysqli_query($mysqli, "SELECT ticket_id, ticket_number, ticket_prefix, ticket_subject, ticket_priority, ticket_status, ticket_status_name, client_name, contact_name FROM tickets
-        LEFT JOIN clients ON ticket_client_id = client_id 
-        LEFT JOIN contacts ON ticket_contact_id = contact_id
-        LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
-        WHERE ticket_number = $merge_into_ticket_number");
-
-    if (mysqli_num_rows($sql) == 0) {
-        //Do nothing.
-        echo "No ticket found!";
-    } else {
-        //Return ticket, client and contact details for the given ticket number
-        $response = mysqli_fetch_array($sql);
-
-        echo json_encode($response);
-    }
-}
-
 if (isset($_POST['client_set_notes'])) {
    enforceUserPermission('module_client', 2);

@@ -86,10 +61,10 @@ if (isset($_POST['contact_set_notes'])) {
    $notes = sanitizeInput($_POST['notes']);

    // Get Contact Details and Client ID for Logging
-    $sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id 
+    $sql = mysqli_query($mysqli,"SELECT contact_name, contact_client_id
        FROM contacts WHERE contact_id = $contact_id"
    );
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $contact_name = sanitizeInput($row['contact_name']);
    $client_id = intval($row['contact_client_id']);

@@ -108,10 +83,10 @@ if (isset($_POST['asset_set_notes'])) {
    $notes = sanitizeInput($_POST['notes']);

    // Get Asset Details and Client ID for Logging
-    $sql = mysqli_query($mysqli,"SELECT asset_name, asset_client_id 
+    $sql = mysqli_query($mysqli,"SELECT asset_name, asset_client_id
        FROM assets WHERE asset_id = $asset_id"
    );
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $asset_name = sanitizeInput($row['asset_name']);
    $client_id = intval($row['asset_client_id']);

@@ -143,7 +118,7 @@ if (isset($_GET['ticket_query_views'])) {
    $ticket_id = intval($_GET['ticket_id']);

    $query = mysqli_query($mysqli, "SELECT user_name FROM ticket_views LEFT JOIN users ON view_user_id = user_id WHERE view_ticket_id = $ticket_id AND view_user_id != $session_user_id AND view_timestamp > DATE_SUB(NOW(), INTERVAL 2 MINUTE)");
-    while ($row = mysqli_fetch_array($query)) {
+    while ($row = mysqli_fetch_assoc($query)) {
        $users[] = $row['user_name'];
    }

@@ -195,21 +170,21 @@ if (isset($_GET['share_generate_link'])) {
        $item_expires_friendly = "1 month";
    }

-    $item_key = randomString(156);
+    $item_key = randomString(32);

    if ($item_type == "Document") {
-        $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = $item_id AND document_client_id = $client_id LIMIT 1"));
+        $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = $item_id AND document_client_id = $client_id LIMIT 1"));
        $item_name = sanitizeInput($row['document_name']);
    }

    if ($item_type == "File") {
-        $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = $item_id AND file_client_id = $client_id LIMIT 1"));
+        $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = $item_id AND file_client_id = $client_id LIMIT 1"));
        $item_name = sanitizeInput($row['file_name']);
    }

    if ($item_type == "Credential") {
        $credential = mysqli_query($mysqli, "SELECT credential_name, credential_username, credential_password FROM credentials WHERE credential_id = $item_id AND credential_client_id = $client_id LIMIT 1");
-        $row = mysqli_fetch_array($credential);
+        $row = mysqli_fetch_assoc($credential);

        $item_name = sanitizeInput($row['credential_name']);

@@ -240,7 +215,7 @@ if (isset($_GET['share_generate_link'])) {
    }

    $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1");
-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $company_name = sanitizeInput($row['company_name']);
    $company_phone = sanitizeInput(formatPhoneNumber($row['company_phone'], $row['company_phone_country_code']));

@@ -298,7 +273,7 @@ if (isset($_GET['get_active_clients'])) {
        ORDER BY client_accessed_at DESC"
    );

-    while ($row = mysqli_fetch_array($client_sql)) {
+    while ($row = mysqli_fetch_assoc($client_sql)) {
        $response['clients'][] = $row;
    }

@@ -322,7 +297,7 @@ if (isset($_GET['get_client_contacts'])) {
        ORDER BY contact_primary DESC, contact_technical DESC, contact_important DESC, contact_name"
    );

-    while ($row = mysqli_fetch_array($contact_sql)) {
+    while ($row = mysqli_fetch_assoc($contact_sql)) {
        $response['contacts'][] = $row;
    }

@@ -347,7 +322,7 @@ if (isset($_GET['get_client_assets'])) {
        ORDER BY asset_important DESC, asset_name"
    );

-    while ($row = mysqli_fetch_array($asset_sql)) {
+    while ($row = mysqli_fetch_assoc($asset_sql)) {
        $response['assets'][] = $row;
    }

@@ -371,7 +346,7 @@ if (isset($_GET['get_client_locations'])) {
        ORDER BY location_primary DESC, location_name ASC"
    );

-    while ($row = mysqli_fetch_array($locations_sql)) {
+    while ($row = mysqli_fetch_assoc($locations_sql)) {
        $response['locations'][] = $row;
    }

@@ -395,7 +370,7 @@ if (isset($_GET['get_client_vendors'])) {
        ORDER BY vendor_name ASC"
    );

-    while ($row = mysqli_fetch_array($vendors_sql)) {
+    while ($row = mysqli_fetch_assoc($vendors_sql)) {
        $response['vendors'][] = $row;
    }

@@ -496,13 +471,13 @@ if (isset($_POST['update_kanban_ticket'])) {
                if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1) {

                    // Get details
-                    $ticket_sql = mysqli_query($mysqli, "SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, ticket_status_name, ticket_assigned_to, ticket_url_key, ticket_client_id FROM tickets 
-                        LEFT JOIN clients ON ticket_client_id = client_id 
+                    $ticket_sql = mysqli_query($mysqli, "SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, ticket_status_name, ticket_assigned_to, ticket_url_key, ticket_client_id FROM tickets
+                        LEFT JOIN clients ON ticket_client_id = client_id
                        LEFT JOIN contacts ON ticket_contact_id = contact_id
                        LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
                        WHERE ticket_id = $ticket_id
                    ");
-                    $row = mysqli_fetch_array($ticket_sql);
+                    $row = mysqli_fetch_assoc($ticket_sql);

                    $contact_name = sanitizeInput($row['contact_name']);
                    $contact_email = sanitizeInput($row['contact_email']);
@@ -521,7 +496,7 @@ if (isset($_POST['update_kanban_ticket'])) {

                    // Get Company Info
                    $sql = mysqli_query($mysqli, "SELECT company_name, company_phone, company_phone_country_code FROM companies WHERE company_id = 1");
-                    $row = mysqli_fetch_array($sql);
+                    $row = mysqli_fetch_assoc($sql);
                    $company_name = sanitizeInput($row['company_name']);
                    $company_phone = sanitizeInput(formatPhoneNumber($row['company_phone'], $row['company_phone_country_code']));

@@ -550,7 +525,7 @@ if (isset($_POST['update_kanban_ticket'])) {
                    // Also Email all the watchers
                    $sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
                    $body .= "<br><br>----------------------------------------<br>YOU ARE A COLLABORATOR ON THIS TICKET";
-                    while ($row = mysqli_fetch_array($sql_watchers)) {
+                    while ($row = mysqli_fetch_assoc($sql_watchers)) {
                        $watcher_email = sanitizeInput($row['watcher_email']);

                        // Queue Mail
@@ -691,7 +666,7 @@ if (isset($_GET['client_duplicate_check'])) {
        );

        if (mysqli_num_rows($sql_clients) > 0) {
-            while ($row = mysqli_fetch_array($sql_clients)) {
+            while ($row = mysqli_fetch_assoc($sql_clients)) {
                $response['message'] = "<i class='fas fa-fw fa-copy mr-2'></i> Potential duplicate: <i>" . nullable_htmlentities($row['client_name']) . "</i> already exists.";
            }
        }
@@ -713,7 +688,7 @@ if (isset($_GET['contact_email_check'])) {
        // 1. Duplicate check
        $sql_contacts = mysqli_query($mysqli, "SELECT contact_email FROM contacts WHERE contact_email = '$email' LIMIT 1");
        if (mysqli_num_rows($sql_contacts) > 0) {
-            while ($row = mysqli_fetch_array($sql_contacts)) {
+            while ($row = mysqli_fetch_assoc($sql_contacts)) {
                $response['message'] = "<i class='fas fa-fw fa-copy mr-2'></i> Potential duplicate: <i>" . nullable_htmlentities($row['contact_email']) . "</i> already exists.";
            }
        }
@@ -734,7 +709,7 @@ if (isset($_GET['ai_reword'])) {

    $sql = mysqli_query($mysqli, "SELECT * FROM ai_models LEFT JOIN ai_providers ON ai_model_ai_provider_id = ai_provider_id WHERE ai_model_use_case = 'General' LIMIT 1");

-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $model_name = $row['ai_model_name'];
    $promptText = $row['ai_model_prompt'];
    $url = $row['ai_provider_api_url'];
@@ -805,7 +780,7 @@ if (isset($_GET['ai_create_document_template'])) {

    $sql = mysqli_query($mysqli, "SELECT * FROM ai_models LEFT JOIN ai_providers ON ai_model_ai_provider_id = ai_provider_id WHERE ai_model_use_case = 'General' LIMIT 1");

-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $model_name = $row['ai_model_name'];
    $url = $row['ai_provider_api_url'];
    $key = $row['ai_provider_api_key'];
@@ -861,7 +836,7 @@ if (isset($_GET['ai_ticket_summary'])) {

    $sql = mysqli_query($mysqli, "SELECT * FROM ai_models LEFT JOIN ai_providers ON ai_model_ai_provider_id = ai_provider_id WHERE ai_model_use_case = 'General' LIMIT 1");

-    $row = mysqli_fetch_array($sql);
+    $row = mysqli_fetch_assoc($sql);
    $model_name = $row['ai_model_name'];
    $url = $row['ai_provider_api_url'];
    $key = $row['ai_provider_api_key'];
@@ -905,7 +880,7 @@ if (isset($_GET['ai_ticket_summary'])) {
    }

    $prompt = "
-    Summarize the following IT support ticket and its responses in a concise, clear, and professional manner. 
+    Summarize the following IT support ticket and its responses in a concise, clear, and professional manner.
    The summary should include:

    1. Main Issue: What was the problem reported by the user?
@@ -992,3 +967,23 @@ if (isset($_GET['apex_domain_check'])) {

    echo json_encode($response);
 }
+
+// Get internal users/techs
+if (isset($_GET['get_internal_users'])) {
+    enforceUserPermission('module_support');
+
+    $sql = mysqli_query(
+        $mysqli,
+        "SELECT user_id, user_name
+         FROM users
+         WHERE user_type = 1 AND user_status = 1 AND user_archived_at IS NULL
+         ORDER BY user_name"
+    );
+
+    while ($row = mysqli_fetch_assoc($sql)) {
+        $response['users'][] = $row;
+    }
+
+    echo json_encode($response);
+    exit;
+}
--- a/agent/asset_details.php
+++ b/agent/asset_details.php
@@ -15,8 +15,8 @@ if (isset($_GET['asset_id'])) {
    $asset_id = intval($_GET['asset_id']);

    $sql = mysqli_query($mysqli, "SELECT * FROM assets
-        LEFT JOIN clients ON client_id = asset_client_id 
-        LEFT JOIN contacts ON asset_contact_id = contact_id 
+        LEFT JOIN clients ON client_id = asset_client_id
+        LEFT JOIN contacts ON asset_contact_id = contact_id
        LEFT JOIN locations ON asset_location_id = location_id
        LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1
        WHERE asset_id = $asset_id
@@ -29,7 +29,7 @@ if (isset($_GET['asset_id'])) {

    } else {

-        $row = mysqli_fetch_array($sql);
+        $row = mysqli_fetch_assoc($sql);
        $client_id = intval($row['client_id']);
        $client_name = nullable_htmlentities($row['client_name']);
        $asset_id = intval($row['asset_id']);
@@ -51,6 +51,7 @@ if (isset($_GET['asset_id'])) {
        $asset_photo = nullable_htmlentities($row['asset_photo']);
        $asset_physical_location = nullable_htmlentities($row['asset_physical_location']);
        $asset_notes = nullable_htmlentities($row['asset_notes']);
+        $asset_favorite = intval($row['asset_favorite']);
        $asset_created_at = nullable_htmlentities($row['asset_created_at']);
        $asset_vendor_id = intval($row['asset_vendor_id']);
        $asset_location_id = intval($row['asset_location_id']);
@@ -66,8 +67,11 @@ if (isset($_GET['asset_id'])) {

        $contact_name = nullable_htmlentities($row['contact_name']);
        $contact_email = nullable_htmlentities($row['contact_email']);
-        $contact_phone = nullable_htmlentities($row['contact_phone']);
-        $contact_mobile = nullable_htmlentities($row['contact_mobile']);
+        $contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']);
+        $contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
+        $contact_extension = nullable_htmlentities($row['contact_extension']);
+        $contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
+        $contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
        $contact_archived_at = nullable_htmlentities($row['contact_archived_at']);
        if ($contact_archived_at) {
            $contact_name_display = "<span class='text-danger' title='Archived'><s>$contact_name</s></span>";
@@ -101,7 +105,7 @@ if (isset($_GET['asset_id'])) {
        $ticket_count = mysqli_num_rows($sql_related_tickets);

        // Related Recurring Tickets Query
-        $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT recurring_tickets.* FROM recurring_tickets 
+        $sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT recurring_tickets.* FROM recurring_tickets
            LEFT JOIN recurring_ticket_assets ON recurring_tickets.recurring_ticket_id = recurring_ticket_assets.recurring_ticket_id
            WHERE recurring_ticket_asset_id = $asset_id OR recurring_ticket_assets.asset_id = $asset_id
            GROUP BY recurring_tickets.recurring_ticket_id
@@ -110,17 +114,39 @@ if (isset($_GET['asset_id'])) {
        $recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets);

        // Related Documents
-        $sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents 
+        $sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents
            LEFT JOIN documents ON asset_documents.document_id = documents.document_id
-            WHERE asset_documents.asset_id = $asset_id 
-            AND document_archived_at IS NULL 
+            WHERE asset_documents.asset_id = $asset_id
+            AND document_archived_at IS NULL
            ORDER BY document_name DESC"
        );
        $document_count = mysqli_num_rows($sql_related_documents);

+        // Tags - many to many relationship
+        $asset_tag_name_display_array = array();
+        $asset_tag_id_array = array();
+        $sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC");
+        while ($row = mysqli_fetch_assoc($sql_asset_tags)) {
+
+            $asset_tag_id = intval($row['tag_id']);
+            $asset_tag_name = nullable_htmlentities($row['tag_name']);
+            $asset_tag_color = nullable_htmlentities($row['tag_color']);
+            if (empty($asset_tag_color)) {
+                $asset_tag_color = "dark";
+            }
+            $asset_tag_icon = nullable_htmlentities($row['tag_icon']);
+            if (empty($asset_tag_icon)) {
+                $asset_tag_icon = "tag";
+            }
+
+            $asset_tag_id_array[] = $asset_tag_id;
+            $asset_tag_name_display_array[] = "<a href='client_assets.php?client_id=$client_id&q=$asset_tag_name'><span class='badge text-light p-1 mr-1' style='background-color: $asset_tag_color;'><i class='fa fa-fw fa-$asset_tag_icon mr-2'></i>$asset_tag_name</span></a>";
+        }
+        $asset_tags_display = implode('', $asset_tag_name_display_array);
+
        // Network Interfaces
        $sql_related_interfaces = mysqli_query($mysqli, "
-            SELECT 
+            SELECT
                ai.interface_id,
                ai.interface_name,
                ai.interface_description,
@@ -151,7 +177,7 @@ if (isset($_GET['asset_id'])) {
              )
            LEFT JOIN assets AS connected_assets
              ON connected_assets.asset_id = connected_interfaces.interface_asset_id
-            WHERE 
+            WHERE
                ai.interface_asset_id = $asset_id
                AND ai.interface_archived_at IS NULL
            ORDER BY ai.interface_name ASC
@@ -160,7 +186,7 @@ if (isset($_GET['asset_id'])) {
        $interface_count = mysqli_num_rows($sql_related_interfaces);

        // Related Files
-        $sql_related_files = mysqli_query($mysqli, "SELECT * FROM asset_files 
+        $sql_related_files = mysqli_query($mysqli, "SELECT * FROM asset_files
            LEFT JOIN files ON asset_files.file_id = files.file_id
            WHERE asset_files.asset_id = $asset_id
            AND file_archived_at IS NULL
@@ -182,7 +208,7 @@ if (isset($_GET['asset_id'])) {
        // Related Documents
        $sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents, documents
            LEFT JOIN users ON document_created_by = user_id
-            WHERE asset_documents.asset_id = $asset_id 
+            WHERE asset_documents.asset_id = $asset_id
            AND asset_documents.document_id = documents.document_id
            AND document_archived_at IS NULL
            ORDER BY document_name ASC"
@@ -192,7 +218,7 @@ if (isset($_GET['asset_id'])) {

        // Related Credentials Query
        $sql_related_credentials = mysqli_query($mysqli, "
-            SELECT 
+            SELECT
                credentials.credential_id AS credential_id,
                credentials.credential_name,
                credentials.credential_description,
@@ -201,7 +227,7 @@ if (isset($_GET['asset_id'])) {
                credentials.credential_password,
                credentials.credential_otp_secret,
                credentials.credential_note,
-                credentials.credential_important,
+                credentials.credential_favorite,
                credentials.credential_contact_id,
                credentials.credential_asset_id
            FROM credentials
@@ -217,8 +243,8 @@ if (isset($_GET['asset_id'])) {
        // Related Software Query
        $sql_related_software = mysqli_query(
            $mysqli,
-            "SELECT * FROM software_assets 
-            LEFT JOIN software ON software_assets.software_id = software.software_id 
+            "SELECT * FROM software_assets
+            LEFT JOIN software ON software_assets.software_id = software.software_id
            WHERE software_assets.asset_id = $asset_id
            AND software_archived_at IS NULL
            ORDER BY software_name DESC"
@@ -228,7 +254,7 @@ if (isset($_GET['asset_id'])) {

        // Linked Services
        $sql_linked_services = mysqli_query($mysqli, "SELECT * FROM service_assets, services
-            WHERE service_assets.asset_id = $asset_id 
+            WHERE service_assets.asset_id = $asset_id
            AND service_assets.service_id = services.service_id
            ORDER BY service_name ASC"
        );
@@ -248,7 +274,9 @@ if (isset($_GET['asset_id'])) {
                            data-modal-url="modals/asset/asset_edit.php?id=<?= $asset_id ?>">
                            <i class="fas fa-fw fa-edit"></i>
                        </button>
-                        <h4 class="text-bold"><i class="fa fa-fw text-secondary fa-<?= $device_icon; ?> mr-3"></i><?= $asset_name; ?></h4>
+                        <h4 class="text-bold"><i class="fa fa-fw text-secondary fa-<?= $device_icon; ?> mr-2"></i><?= $asset_name; ?>
+                            <?php if ($asset_favorite) { ?><i class="fas fa-fw text-warning fa-star" title="Favorite"></i><?php } ?>
+                        </h4>
                        <?php if ($asset_photo) { ?>
                            <img class="img-fluid img-circle p-3" alt="asset_photo" src="<?= "../uploads/clients/$client_id/$asset_photo"; ?>">
                        <?php } ?>
@@ -257,26 +285,31 @@ if (isset($_GET['asset_id'])) {
                        <?php } ?>
                    </div>
                    <div class="card-body">
+                        <?php if ($asset_tags_display) { ?>
+                            <div>
+                                <?= $asset_tags_display ?>
+                            </div>
+                        <?php } ?>
                        <?php if ($asset_type) { ?>
-                            <div><i class="fa fa-fw fa-tag text-secondary mr-3"></i><?= $asset_type; ?></div>
+                            <div class="mt-1"><i class="fa fa-fw fa-tag text-secondary mr-2"></i><?= $asset_type; ?></div>
                        <?php }
                        if ($asset_make) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-3"></i><?= "$asset_make $asset_model"; ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-circle text-secondary mr-2"></i><?= "$asset_make $asset_model"; ?></div>
                        <?php }
                        if ($asset_os) { ?>
-                            <div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-3"></i><?= "$asset_os"; ?></div>
+                            <div class="mt-2"><i class="fab fa-fw fa-windows text-secondary mr-2"></i><?= "$asset_os"; ?></div>
                        <?php }
                        if ($asset_serial) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-3"></i><?= $asset_serial; ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-barcode text-secondary mr-2"></i><?= $asset_serial; ?></div>
                        <?php }
                        if ($asset_purchase_date) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-3"></i><?= date('Y-m-d', strtotime($asset_purchase_date)); ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-shopping-cart text-secondary mr-2"></i><?= date('Y-m-d', strtotime($asset_purchase_date)); ?></div>
                        <?php }
                        if ($asset_install_date) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-3"></i><?= date('Y-m-d', strtotime($asset_install_date)); ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-calendar-check text-secondary mr-2"></i><?= date('Y-m-d', strtotime($asset_install_date)); ?></div>
                        <?php }
                        if ($asset_warranty_expire) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-3"></i><?= date('Y-m-d', strtotime($asset_warranty_expire)); ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-exclamation-triangle text-secondary mr-2"></i><?= date('Y-m-d', strtotime($asset_warranty_expire)); ?></div>
                        <?php } ?>
                    </div>
                </div>
@@ -324,10 +357,13 @@ if (isset($_GET['asset_id'])) {
                            <div class="mt-2"><i class="fa fa-fw fa-envelope text-secondary mr-2"></i><a href='mailto:<?= $contact_email; ?>'><?= $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?= $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
                        <?php }
                        if ($contact_phone) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><?= formatPhoneNumber($contact_phone); echo " $contact_extension"; ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-phone text-secondary mr-2"></i><?= $contact_phone ?></div>
+                        <?php }
+                        if ($contact_extension) { ?>
+                            <div class="mt-1"><i class="fa fa-fw text-secondary mr-2"></i><?= "ext. $contact_extension" ?></div>
                        <?php }
                        if ($contact_mobile) { ?>
-                            <div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><?= formatPhoneNumber($contact_mobile); ?></div>
+                            <div class="mt-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-2"></i><?= $contact_mobile ?></div>
                        <?php } ?>

                    </div>
@@ -442,11 +478,15 @@ if (isset($_GET['asset_id'])) {
                                        <i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount">0</span>)
                                    </button>
                                    <div class="dropdown-menu">
-                                        <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#bulkAssignNetworkModal">
+                                        <a class="dropdown-item text-dark ajax-modal" href="#"
+                                            data-modal-url="modals/asset/asset_interface_bulk_edit_network.php?client_id=<?= $client_id ?>"
+                                            data-bulk="true">
                                            <i class="fas fa-fw fa-network-wired mr-2"></i>Assign Network
                                        </a>
                                        <div class="dropdown-divider"></div>
-                                        <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#bulkSetInterfaceTypeModal">
+                                        <a class="dropdown-item text-dark ajax-modal" href="#"
+                                            data-modal-url="modals/asset/asset_interface_bulk_edit_type.php?client_id=<?= $client_id ?>"
+                                            data-bulk="true">
                                            <i class="fas fa-fw fa-ethernet mr-2"></i>Set Type
                                        </a>
                                        <div class="dropdown-divider"></div>
@@ -486,7 +526,7 @@ if (isset($_GET['asset_id'])) {
                                        </tr>
                                    </thead>
                                    <tbody>
-                                    <?php while ($row = mysqli_fetch_array($sql_related_interfaces)) { ?>
+                                    <?php while ($row = mysqli_fetch_assoc($sql_related_interfaces)) { ?>
                                        <?php
                                            $interface_id       = intval($row['interface_id']);
                                            $interface_name     = nullable_htmlentities($row['interface_name']);
@@ -570,8 +610,6 @@ if (isset($_GET['asset_id'])) {
                                    </tbody>
                                </table>
                            </div>
-                            <?php require_once "modals/asset/asset_interface_bulk_edit_type.php"; ?>
-                            <?php require_once "modals/asset/asset_interface_bulk_edit_network.php"; ?>
                        </form>
                    </div>
                </div>
@@ -597,7 +635,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_related_credentials)) {
+                                while ($row = mysqli_fetch_assoc($sql_related_credentials)) {
                                    $credential_id = intval($row['credential_id']);
                                    $credential_name = nullable_htmlentities($row['credential_name']);
                                    $credential_description = nullable_htmlentities($row['credential_description']);
@@ -622,7 +660,7 @@ if (isset($_GET['asset_id'])) {
                                        $otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>";
                                    }
                                    $credential_note = nullable_htmlentities($row['credential_note']);
-                                    $credential_important = intval($row['credential_important']);
+                                    $credential_favorite = intval($row['credential_favorite']);
                                    $credential_contact_id = intval($row['credential_contact_id']);
                                    $credential_asset_id = intval($row['credential_asset_id']);

@@ -630,7 +668,7 @@ if (isset($_GET['asset_id'])) {
                                    $credential_tag_name_display_array = array();
                                    $credential_tag_id_array = array();
                                    $sql_credential_tags = mysqli_query($mysqli, "SELECT * FROM credential_tags LEFT JOIN tags ON credential_tags.tag_id = tags.tag_id WHERE credential_id = $credential_id ORDER BY tag_name ASC");
-                                    while ($row = mysqli_fetch_array($sql_credential_tags)) {
+                                    while ($row = mysqli_fetch_assoc($sql_credential_tags)) {

                                        $credential_tag_id = intval($row['tag_id']);
                                        $credential_tag_name = nullable_htmlentities($row['tag_name']);
@@ -729,7 +767,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_related_software)) {
+                                while ($row = mysqli_fetch_assoc($sql_related_software)) {
                                    $software_id = intval($row['software_id']);
                                    $software_name = nullable_htmlentities($row['software_name']);
                                    $software_version = nullable_htmlentities($row['software_version']);
@@ -746,7 +784,7 @@ if (isset($_GET['asset_id'])) {
                                    // Asset Licenses
                                    $asset_licenses_sql = mysqli_query($mysqli, "SELECT asset_id FROM software_assets WHERE software_id = $software_id");
                                    $asset_licenses_array = array();
-                                    while ($row = mysqli_fetch_array($asset_licenses_sql)) {
+                                    while ($row = mysqli_fetch_assoc($asset_licenses_sql)) {
                                        $asset_licenses_array[] = intval($row['asset_id']);
                                        $seat_count = $seat_count + 1;
                                    }
@@ -755,7 +793,7 @@ if (isset($_GET['asset_id'])) {
                                    // Contact Licenses
                                    $contact_licenses_sql = mysqli_query($mysqli, "SELECT contact_id FROM software_contacts WHERE software_id = $software_id");
                                    $contact_licenses_array = array();
-                                    while ($row = mysqli_fetch_array($contact_licenses_sql)) {
+                                    while ($row = mysqli_fetch_assoc($contact_licenses_sql)) {
                                        $contact_licenses_array[] = intval($row['contact_id']);
                                        $seat_count = $seat_count + 1;
                                    }
@@ -815,7 +853,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_related_documents)) {
+                                while ($row = mysqli_fetch_assoc($sql_related_documents)) {
                                    $document_id = intval($row['document_id']);
                                    $document_name = nullable_htmlentities($row['document_name']);
                                    $document_description = nullable_htmlentities($row['document_description']);
@@ -894,7 +932,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_related_files)) {
+                                while ($row = mysqli_fetch_assoc($sql_related_files)) {
                                    $file_id = intval($row['file_id']);
                                    $file_name = nullable_htmlentities($row['file_name']);
                                    $file_description = nullable_htmlentities($row['file_description']);
@@ -966,7 +1004,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_related_recurring_tickets)) {
+                                while ($row = mysqli_fetch_assoc($sql_related_recurring_tickets)) {
                                    $recurring_ticket_id = intval($row['recurring_ticket_id']);
                                    $recurring_ticket_subject = nullable_htmlentities($row['recurring_ticket_subject']);
                                    $recurring_ticket_priority = nullable_htmlentities($row['recurring_ticket_priority']);
@@ -1045,7 +1083,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_related_tickets)) {
+                                while ($row = mysqli_fetch_assoc($sql_related_tickets)) {
                                    $ticket_id = intval($row['ticket_id']);
                                    $ticket_prefix = nullable_htmlentities($row['ticket_prefix']);
                                    $ticket_number = intval($row['ticket_number']);
@@ -1136,7 +1174,7 @@ if (isset($_GET['asset_id'])) {
                                <tbody>
                                <?php

-                                while ($row = mysqli_fetch_array($sql_linked_services)) {
+                                while ($row = mysqli_fetch_assoc($sql_linked_services)) {
                                    $service_id = intval($row['service_id']);
                                    $service_name = nullable_htmlentities($row['service_name']);
                                    $service_description = nullable_htmlentities($row['service_description']);
--- a/agent/assets.php
+++ b/agent/assets.php
@@ -78,9 +78,21 @@ if ($client_url && isset($_GET['location']) && !empty($_GET['location'])) {
    $location_filter = 0;
 }

+// Tags Filter
+if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) {
+    // Sanitize each element of the tags array
+    $sanitizedTags = array_map('intval', $_GET['tags']);
+    // Convert the sanitized tags into a comma-separated string
+    $tag_filter = implode(",", $sanitizedTags);
+    $tag_query = "AND tag_id IN ($tag_filter)";
+} else {
+    $tag_filter = 0;
+    $tag_query = '';
+}
+
 //Get Asset Counts
 $row = mysqli_fetch_assoc(mysqli_query($mysqli, "
-    SELECT 
+    SELECT
        COUNT(*) AS all_count,
        SUM(CASE WHEN asset_type IN ('laptop', 'desktop') THEN 1 ELSE 0 END) AS workstation_count,
        SUM(CASE WHEN asset_type = 'server' THEN 1 ELSE 0 END) AS server_count,
@@ -90,12 +102,16 @@ $row = mysqli_fetch_assoc(mysqli_query($mysqli, "
    FROM (
        SELECT assets.* FROM assets
        LEFT JOIN clients ON client_id = asset_client_id
-        LEFT JOIN contacts ON asset_contact_id = contact_id 
-        LEFT JOIN locations ON asset_location_id = location_id 
+        LEFT JOIN contacts ON asset_contact_id = contact_id
+        LEFT JOIN locations ON asset_location_id = location_id
        LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1
+        LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id
+        LEFT JOIN tags ON tag_id = asset_tag_tag_id
        WHERE $archive_query
+        $tag_query
        $access_permission_query
        $client_query
+        GROUP BY asset_id
    ) AS filtered_assets;
 "));

@@ -117,23 +133,23 @@ $network_count = intval($row['network_count']);
 //Other Count
 $other_count = intval($row['other_count']);

-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
    $mysqli,
    "SELECT SQL_CALC_FOUND_ROWS * FROM assets
    LEFT JOIN clients ON asset_client_id = client_id
-    LEFT JOIN contacts ON asset_contact_id = contact_id 
-    LEFT JOIN locations ON asset_location_id = location_id 
+    LEFT JOIN contacts ON asset_contact_id = contact_id
+    LEFT JOIN locations ON asset_location_id = location_id
    LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1
+    LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id
+    LEFT JOIN tags ON tag_id = asset_tag_tag_id
    WHERE $archive_query
-    AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR interface_ip LIKE '%$q%' OR interface_ipv6 LIKE '%$q%' OR interface_mac LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%')
+    $tag_query
+    AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR interface_ip LIKE '%$q%' OR interface_ipv6 LIKE '%$q%' OR interface_mac LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%' OR tag_name LIKE '%$q%')
    AND ($type_query)
    $access_permission_query
    $location_query
    $client_query
-
+    GROUP BY asset_id
    ORDER BY $sort $order LIMIT $record_from, $record_to"
 );

@@ -184,14 +200,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
                <div class="dropdown-menu">
                    <?php if ($client_url) { ?>
-                    <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#importAssetModal">
+                    <a class="dropdown-item text-dark ajax-modal" href="#"
+                        data-modal-url="modals/asset/asset_import.php?<?= $client_url ?>">
                        <i class="fa fa-fw fa-upload mr-2"></i>Import
                    </a>
                    <div class="dropdown-divider"></div>
                    <?php } ?>
                    <?php if ($num_rows[0] > 0) { ?>

-                        <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#exportAssetModal">
+                        <a class="dropdown-item text-dark ajax-modal" href="#"
+                            data-modal-url="modals/asset/asset_export.php?<?= $client_url ?>">
                            <i class="fa fa-fw fa-download mr-2"></i>Export
                        </a>
                    <?php } ?>
@@ -226,11 +244,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                            $sql_locations_filter = mysqli_query($mysqli, "
                                SELECT DISTINCT location_id, location_name
                                FROM locations
-                                WHERE location_client_id = $client_id 
+                                WHERE location_client_id = $client_id
                                AND ( EXISTS (SELECT 1 FROM assets WHERE asset_location_id = location_id  AND $archive_query) OR location_id = $location_filter)
                                ORDER BY location_name ASC
                            ");
-                            while ($row = mysqli_fetch_array($sql_locations_filter)) {
+                            while ($row = mysqli_fetch_assoc($sql_locations_filter)) {
                                $location_id = intval($row['location_id']);
                                $location_name = nullable_htmlentities($row['location_name']);
                            ?>
@@ -250,14 +268,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                            <?php
                            $sql_clients_filter = mysqli_query($mysqli, "
-                                SELECT DISTINCT client_id, client_name 
+                                SELECT DISTINCT client_id, client_name
                                FROM clients
                                JOIN assets ON asset_client_id = client_id
                                WHERE $archive_query
                                $access_permission_query
                                ORDER BY client_name ASC
                            ");
-                            while ($row = mysqli_fetch_array($sql_clients_filter)) {
+                            while ($row = mysqli_fetch_assoc($sql_clients_filter)) {
                                $client_id = intval($row['client_id']);
                                $client_name = nullable_htmlentities($row['client_name']);
                            ?>
@@ -270,7 +288,32 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    </div>
                </div>
                <?php } ?>
-                <div class="col-md-3">
+                <div class="col-md-2">
+                    <div class="input-group mb-3 mb-md-0">
+                        <select onchange="this.form.submit()" class="form-control select2" name="tags[]" data-placeholder="- Select Tags -" multiple>
+
+                            <?php
+                            $sql_tags_filter = mysqli_query($mysqli, "
+                                SELECT tag_id, tag_name
+                                FROM tags
+                                LEFT JOIN asset_tags ON asset_tag_tag_id = tag_id
+                                LEFT JOIN assets ON asset_tag_asset_id = asset_id
+                                WHERE tag_type = 5
+                                $client_query OR tag_id IN ($tag_filter)
+                                GROUP BY tag_id
+                                HAVING COUNT(asset_tag_asset_id) > 0 OR tag_id IN ($tag_filter)
+                            ");
+                            while ($row = mysqli_fetch_assoc($sql_tags_filter)) {
+                                $tag_id = intval($row['tag_id']);
+                                $tag_name = nullable_htmlentities($row['tag_name']); ?>
+
+                                <option value="<?php echo $tag_id ?>" <?php if (isset($_GET['tags']) && in_array($tag_id, $_GET['tags'])) { echo 'selected'; } ?>> <?php echo $tag_name ?> </option>
+
+                            <?php } ?>
+                        </select>
+                    </div>
+                </div>
+                <div class="col-md-2">
                    <div class="form-group">
                        <select onchange="this.form.submit()" class="form-control select2" name="show_column[]" data-placeholder="- Show Additional Columns -" multiple>
                            <option
@@ -291,7 +334,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                        </select>
                    </div>
                </div>
-                <div class="col-md-3">
+                <div class="col-md-2">
                    <div class="btn-group float-right">
                        <a href="?<?php echo $client_url; ?>&archived=<?php if($archived == 1){ echo 0; } else { echo 1; } ?>"
                            class="btn btn-<?php if($archived == 1){ echo "primary"; } else { echo "default"; } ?>">
@@ -302,6 +345,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                <i class="fas fa-fw fa-layer-group mr-2"></i>Bulk Action (<span id="selectedCount"></span>)
                            </button>
                            <div class="dropdown-menu">
+                                <button class="dropdown-item"
+                                    type="submit" form="bulkActions" name="bulk_favorite_assets">
+                                    <i class="fas fa-fw fa-star text-warning mr-2"></i>Favorite
+                                </button>
+                                <div class="dropdown-divider"></div>
+                                <button class="dropdown-item"
+                                    type="submit" form="bulkActions" name="bulk_unfavorite_assets">
+                                    <i class="far fa-fw fa-star mr-2"></i>Unfavorite
+                                </button>
+                                <div class="dropdown-divider"></div>
                                <?php if ($client_url) { ?>
                                <a class="dropdown-item ajax-modal" href="#"
                                    data-modal-url="modals/asset/asset_bulk_assign_contact.php?<?= $client_url ?>"
@@ -314,7 +367,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                    data-bulk="true">
                                    <i class="fas fa-fw fa-map-marker-alt mr-2"></i>Assign Location
                                </a>
+                                <div class="dropdown-divider"></div>
                                <?php } ?>
+                                <a class="dropdown-item ajax-modal" href="#"
+                                    data-modal-url="modals/asset/asset_bulk_assign_tags.php"
+                                    data-bulk="true">
+                                    <i class="fas fa-fw fa-tags mr-2"></i>Assign Tags
+                                </a>
+                                <div class="dropdown-divider"></div>
                                <a class="dropdown-item ajax-modal" href="#"
                                    data-modal-url="modals/asset/asset_bulk_assign_physical_location.php"
                                    data-bulk="true">
@@ -415,7 +475,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                    IP <?php if ($sort == 'interface_ip') { echo $order_icon; } ?>
                                </a>
                            </th>
-                        <?php if (isset($_GET['show_column']) && is_array($_GET['show_column']) && in_array('Mac_Address', $_GET['show_column'])) { ?> 
+                        <?php if (isset($_GET['show_column']) && is_array($_GET['show_column']) && in_array('Mac_Address', $_GET['show_column'])) { ?>
                            <th>
                                <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=interface_mac&order=<?php echo $disp; ?>">
                                    MAC Address <?php if ($sort == 'interface_mac') { echo $order_icon; } ?>
@@ -474,7 +534,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $client_id = intval($row['client_id']);
                        $client_name = nullable_htmlentities($row['client_name']);
                        $asset_id = intval($row['asset_id']);
@@ -540,6 +600,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                            $asset_physical_location_display = "";
                        }
                        $asset_notes = nullable_htmlentities($row['asset_notes']);
+                        $asset_favorite = intval($row['asset_favorite']);
                        $asset_created_at = nullable_htmlentities($row['asset_created_at']);
                        $asset_archived_at = nullable_htmlentities($row['asset_archived_at']);
                        $asset_vendor_id = intval($row['asset_vendor_id']);
@@ -557,7 +618,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                        }
                        $contact_name = nullable_htmlentities($row['contact_name']);
                        if ($contact_name) {
-                            $contact_name_display = "<a class='ajax-modal' href='#' data-modal-url='modals/contact/contact_details.php?id=$asset_contact_id' data-modal-size='lg'>$contact_name $contact_archive_display</a>";    
+                            $contact_name_display = "<a class='ajax-modal' href='#' data-modal-url='modals/contact/contact_details.php?id=$asset_contact_id' data-modal-size='lg'>$contact_name $contact_archive_display</a>";
                        } else {
                            $contact_name_display = "-";
                        }
@@ -576,20 +637,48 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                        $sql_credentials = mysqli_query($mysqli, "SELECT * FROM credentials WHERE credential_asset_id = $asset_id");
                        $credential_count = mysqli_num_rows($sql_credentials);

+                        // Tags
+                        $asset_tag_name_display_array = array();
+                        $asset_tag_id_array = array();
+                        $sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC");
+                        while ($row = mysqli_fetch_assoc($sql_asset_tags)) {
+
+                            $asset_tag_id = intval($row['tag_id']);
+                            $asset_tag_name = nullable_htmlentities($row['tag_name']);
+                            $asset_tag_color = nullable_htmlentities($row['tag_color']);
+                            if (empty($asset_tag_color)) {
+                                $asset_tag_color = "dark";
+                            }
+                            $asset_tag_icon = nullable_htmlentities($row['tag_icon']);
+                            if (empty($asset_tag_icon)) {
+                                $asset_tag_icon = "tag";
+                            }
+
+                            $asset_tag_id_array[] = $asset_tag_id;
+                            $asset_tag_name_display_array[] = "<a href='assets.php?$client_url tags[]=$asset_tag_id'><span class='badge text-light p-1 mr-1' style='background-color: $asset_tag_color;'><i class='fa fa-fw fa-$asset_tag_icon mr-2'></i>$asset_tag_name</span></a>";
+                        }
+                        $asset_tags_display = implode('', $asset_tag_name_display_array);
+
                        ?>
                        <tr>
                            <td class="pr-0 bg-light">
                                <div class="form-check">
-                                    <input class="form-check-input bulk-select" type="checkbox" name="asset_ids[]" value="<?php echo $asset_id ?>">
+                                    <input class="form-check-input bulk-select" type="checkbox" name="asset_ids[]" value="<?= $asset_id ?>">
                                </div>
                            </td>
                            <td>
-                                <a class="text-dark" href="asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>">
+                                <a class="text-dark" href="asset_details.php?client_id=<?= $client_id ?>&asset_id=<?= $asset_id ?>">
                                    <div class="media">
-                                        <i class="fa fa-fw fa-2x fa-<?php echo $device_icon; ?> mr-3 mt-1"></i>
+                                        <i class="fa fa-fw fa-2x fa-<?= $device_icon ?> mr-3 mt-1"></i>
                                        <div class="media-body">
-                                            <div><?php echo $asset_name; ?></div>
-                                            <div><small class="text-secondary"><?php echo $asset_description; ?></small></div>
+                                            <div><?= $asset_name ?> <?php if ($asset_favorite) { echo "<i class='fas fa-fw fa-star text-warning' title='Favorite'></i>"; } ?></div>
+                                            <div><small class="text-secondary"><?= $asset_description ?></small></div>
+                                            <?php
+                                            if ($asset_tags_display) { ?>
+                                                <div class="mt-1">
+                                                    <?= $asset_tags_display ?>
+                                                </div>
+                                            <?php } ?>
                                        </div>
                                    </div>
                                </a>
@@ -713,8 +802,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
 <script src="../js/bulk_actions.js"></script>

 <?php
-require_once "modals/asset/asset_export.php";
-if ($client_url) {
-    require_once "modals/asset/asset_import.php";
-}
 require_once "../includes/footer.php";
--- a/agent/blank.php
+++ b/agent/blank.php
@@ -1,72 +0,0 @@
-<?php require_once "includes/inc_all.php"; ?>
-
-    <!-- Breadcrumbs-->
-    <ol class="breadcrumb">
-        <li class="breadcrumb-item">
-            <a href="index.html">Dashboard</a>
-        </li>
-        <li class="breadcrumb-item active">Blank Page</li>
-    </ol>
-
-    <!-- Page Content -->
-    <h1>Blank Page</h1>
-    <hr>
-    <p>This is a great starting point for new custom pages.</p>
-    <h1><?php echo $session_user_role; ?></h1>
-    <?php validateAdminRole(); ?>
-
-<?php
-
-$start_date = date('Y') . "-10-10";
-
-echo "<H1>$start_date</H1>";
-
-echo "<H2>User Agent</H2>";
-echo getUserAgent();
-
-
-?>
-    <br>
-
-    <input type="tel" name="phone" id="phone">
-
-     <div class="form-group">
-                  <label>Minimal</label>
-                  <select class="form-control select2 select2-hidden-accessible" style="width: 100%;" data-select2-id="1" tabindex="-1" aria-hidden="true">
-                    <option selected="selected" data-select2-id="3">Alabama</option>
-                    <option data-select2-id="35">Alaska</option>
-                    <option data-select2-id="36">California</option>
-                    <option data-select2-id="37">Delaware</option>
-                    <option data-select2-id="38">Tennessee</option>
-                    <option data-select2-id="39">Texas</option>
-                    <option data-select2-id="40">Washington</option>
-                  </select><span class="select2 select2-container select2-container--default select2-container--below" dir="ltr" data-select2-id="2" style="width: 100%;"><span class="selection"><span class="select2-selection select2-selection--single" role="combobox" aria-haspopup="true" aria-expanded="false" tabindex="0" aria-disabled="false" aria-labelledby="select2-nbex-container"><span class="select2-selection__rendered" id="select2-nbex-container" role="textbox" aria-readonly="true" title="Alabama">Alabama</span><span class="select2-selection__arrow" role="presentation"><b role="presentation"></b></span></span></span><span class="dropdown-wrapper" aria-hidden="true"></span></span>
-                </div>
-
-    <dl>
-        <dt>Requester</dt>
-        <dd>Sam Adams</dd>
-
-        <dt>Created</dt>
-        <dd><time datetime="2024-04-11T17:52:30+00:00" title="2024-04-11 13:52" data-datetime="calendar">Today at 13:52</time></dd>
-
-        <dt>Last activity</dt>
-        <dd><time datetime="2024-04-11T18:08:55+00:00" title="2024-04-11 14:08" data-datetime="calendar">Today at 14:08</time></dd>
-    </dl>
-
-    <?php echo randomString(100); ?>
-    <br>
-    <textarea class="tinymceTest"></textarea>
-
-    <textarea class="tinymce"></textarea>
-
-    <textarea class="tinymceTicket"></textarea>
-<?php
-// show the current Date and Time
-$date_time = date('Y-m-d H:i:s');
-echo "Current Date and Time: <strong>$date_time</strong>";
-?>
-
-<script>toastr.success('Have Fun Wozz!!')</script>
-
-<?php require_once "../includes/footer.php";
--- a/agent/calendar.php
+++ b/agent/calendar.php
@@ -27,7 +27,7 @@ if (isset($_GET['calendar_id'])) {
 </style>

 <div class="row">
-    
+
    <div class="col-md-3">
        <div class="card">
            <div class="card-header py-2">
@@ -37,11 +37,11 @@ if (isset($_GET['calendar_id'])) {
                </div>
            </div>
            <div class="card-body">
-                
+
                <form>
                    <?php
                    $sql = mysqli_query($mysqli, "SELECT * FROM calendars");
-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $calendar_id = intval($row['calendar_id']);
                        $calendar_name = nullable_htmlentities($row['calendar_name']);
                        $calendar_color = nullable_htmlentities($row['calendar_color']);
@@ -70,7 +70,7 @@ if (isset($_GET['calendar_id'])) {
            </div>
        </div>
    </div>
-    
+
    <div class="col-md-9">
        <div class="card">
            <div id='calendar'></div>
@@ -85,7 +85,7 @@ require_once "modals/calendar/calendar_event_add.php";

 //loop through IDs and create a modal for each
 $sql = mysqli_query($mysqli, "SELECT * FROM calendar_events LEFT JOIN calendars ON event_calendar_id = calendar_id $client_event_query");
-while ($row = mysqli_fetch_array($sql)) {
+while ($row = mysqli_fetch_assoc($sql)) {
    $event_id = intval($row['event_id']);
    $event_title = nullable_htmlentities($row['event_title']);
    $event_description = nullable_htmlentities($row['event_description']);
@@ -166,7 +166,7 @@ while ($row = mysqli_fetch_array($sql)) {
        events: [
            <?php
            $sql = mysqli_query($mysqli, "SELECT * FROM calendar_events LEFT JOIN calendars ON event_calendar_id = calendar_id $client_event_query");
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['event_id']);
                $event_title = json_encode($row['event_title']);
                $event_start = json_encode($row['event_start']);
@@ -180,7 +180,7 @@ while ($row = mysqli_fetch_array($sql)) {

            //Invoices Created
            $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN invoices ON client_id = invoice_client_id $client_query");
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['invoice_id']);
                $scope = strval($row['invoice_scope']);
                if (empty($scope)) {
@@ -195,7 +195,7 @@ while ($row = mysqli_fetch_array($sql)) {

            //Quotes Created
            $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN quotes ON client_id = quote_client_id $client_query");
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['quote_id']);
                $event_title = json_encode($row['quote_prefix'] . $row['quote_number'] . " " . $row['quote_scope']);
                $event_start = json_encode($row['quote_date']);
@@ -210,7 +210,7 @@ while ($row = mysqli_fetch_array($sql)) {
                LEFT JOIN users ON ticket_assigned_to = user_id
                $client_query"
            );
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['ticket_id']);
                $ticket_status = intval($row['ticket_status']);
                $ticket_status_name = strval($row['ticket_status_name']);
@@ -244,7 +244,7 @@ while ($row = mysqli_fetch_array($sql)) {
                LEFT JOIN users ON recurring_ticket_assigned_to = user_id
                $client_query"
            );
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['recurring_ticket_id']);
                $client_id = intval($row['client_id']);
                $username = $row['user_name'];
@@ -263,13 +263,13 @@ while ($row = mysqli_fetch_array($sql)) {
            }

            //Tickets Scheduled
-            $sql = mysqli_query($mysqli, "SELECT * FROM clients 
+            $sql = mysqli_query($mysqli, "SELECT * FROM clients
                LEFT JOIN tickets ON client_id = ticket_client_id
                LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
                LEFT JOIN users ON ticket_assigned_to = user_id
                $client_query AND ticket_schedule IS NOT NULL"
            );
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['ticket_id']);
                $username = $row['user_name'];
                if (empty($username)) {
@@ -299,7 +299,7 @@ while ($row = mysqli_fetch_array($sql)) {

            //Vendors Added Created
            $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN vendors ON client_id = vendor_client_id $client_query");
-            while ($row = mysqli_fetch_array($sql)) {
+            while ($row = mysqli_fetch_assoc($sql)) {
                $event_id = intval($row['vendor_id']);
                $client_id = intval($row['client_id']);
                $event_title = json_encode("Vendor : '" . $row['vendor_name'] . "' created");
@@ -311,7 +311,7 @@ while ($row = mysqli_fetch_array($sql)) {
            if (!isset($_GET['client_id'])) {
                //Clients Added
                $sql = mysqli_query($mysqli, "SELECT * FROM clients");
-                while ($row = mysqli_fetch_array($sql)) {
+                while ($row = mysqli_fetch_assoc($sql)) {
                    $event_id = intval($row['client_id']);
                    $event_title = json_encode("Client: '" . $row['client_name'] . "' created");
                    $event_start = json_encode($row['client_created_at']);
@@ -326,7 +326,7 @@ while ($row = mysqli_fetch_array($sql)) {
        <?php
        // User preference for Calendar start day (Sunday/Monday)
        // Fetch User Dashboard Settings
-        $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT user_config_calendar_first_day FROM user_settings WHERE user_id = $session_user_id"));
+        $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT user_config_calendar_first_day FROM user_settings WHERE user_id = $session_user_id"));
        $user_config_calendar_first_day = intval($row['user_config_calendar_first_day']);
        ?>
        firstDay: <?php echo $user_config_calendar_first_day ?>,
--- a/agent/certificates.php
+++ b/agent/certificates.php
@@ -68,7 +68,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                <?php if ($num_rows[0] > 0) { ?>
                    <button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
                    <div class="dropdown-menu">
-                        <a class="dropdown-item text-dark" href="#" data-toggle="modal" data-target="#exportCertificateModal">
+                        <a class="dropdown-item text-dark ajax-modal" href="#"\
+                            data-modal-url="modals/certificate/certificate_export.php?<?= $client_url ?>">
                            <i class="fa fa-fw fa-download mr-2"></i>Export
                        </a>
                    </div>
@@ -78,7 +79,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    </div>
    <div class="card-body">
        <form autocomplete="off">
-            <?php if ($client_url) { ?> 
+            <?php if ($client_url) { ?>
            <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
            <?php } ?>
            <input type="hidden" name="archived" value="<?php echo $archived; ?>">
@@ -103,14 +104,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                            <?php
                            $sql_clients_filter = mysqli_query($mysqli, "
-                                SELECT DISTINCT client_id, client_name 
+                                SELECT DISTINCT client_id, client_name
                                FROM clients
                                JOIN certificates ON certificate_client_id = client_id
                                WHERE $archive_query
                                $access_permission_query
                                ORDER BY client_name ASC
                            ");
-                            while ($row = mysqli_fetch_array($sql_clients_filter)) {
+                            while ($row = mysqli_fetch_assoc($sql_clients_filter)) {
                                $client_id = intval($row['client_id']);
                                $client_name = nullable_htmlentities($row['client_name']);
                            ?>
@@ -126,7 +127,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

                <div class="col-md-6">
                    <div class="btn-group float-right">
-                        <a href="?<?php echo $client_url; ?>archived=<?php if($archived == 1){ echo 0; } else { echo 1; } ?>" 
+                        <a href="?<?php echo $client_url; ?>archived=<?php if($archived == 1){ echo 0; } else { echo 1; } ?>"
                            class="btn btn-<?php if($archived == 1){ echo "primary"; } else { echo "default"; } ?>">
                            <i class="fa fa-fw fa-archive mr-2"></i>Archived
                        </a>
@@ -193,7 +194,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                    <tbody>
                    <?php

-                    while ($row = mysqli_fetch_array($sql)) {
+                    while ($row = mysqli_fetch_assoc($sql)) {
                        $client_id = intval($row['client_id']);
                        $client_name = nullable_htmlentities($row['client_name']);
                        $certificate_id = intval($row['certificate_id']);
@@ -283,7 +284,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                                <i class="fas fa-fw fa-archive mr-2"></i>Archive
                                            </a>
                                            <?php } ?>
-                                            
+
                                        <?php } ?>
                                    </div>
                                </div>
@@ -299,15 +300,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

            </form>
        </div>
-        <?php require_once "../includes/filter_footer.php";
- ?>
+        <?php require_once "../includes/filter_footer.php"; ?>
    </div>
 </div>

-<?php
-require_once "modals/certificate/certificate_export.php";
-?>
-
 <script src="../js/bulk_actions.js"></script>

 <?php require_once "../includes/footer.php";
--- a/agent/client_autopay.php
+++ b/agent/client_autopay.php
@@ -9,13 +9,13 @@ enforceUserPermission('module_sales');
 require_once 'plugins/stripe-php/init.php';

 // Get Stripe vars
-$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
+$stripe_vars = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
 $config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
 $config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
 $config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);

 // Get client's StripeID from database
-$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT * FROM client_stripe WHERE client_id = $client_id LIMIT 1"));
+$stripe_client_details = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM client_stripe WHERE client_id = $client_id LIMIT 1"));
 if ($stripe_client_details) {
    $stripe_id = sanitizeInput($stripe_client_details['stripe_id']);
    $stripe_pm = sanitizeInput($stripe_client_details['stripe_pm']);
--- a/agent/client_overview.php
+++ b/agent/client_overview.php
@@ -19,10 +19,28 @@ $sql_important_contacts = mysqli_query(
            OR contact_technical = 1
            OR contact_primary = 1
        )
-        AND contact_archived_at IS NULL 
+        AND contact_archived_at IS NULL
    ORDER BY contact_primary DESC, contact_name DESC LIMIT 5"
 );

+$sql_favorite_assets = mysqli_query(
+    $mysqli,
+    "SELECT * FROM assets
+    WHERE asset_client_id = $client_id
+        AND asset_favorite = 1
+        AND asset_archived_at IS NULL
+    ORDER BY asset_type ASC, asset_name ASC"
+);
+
+$sql_favorite_credentials = mysqli_query(
+    $mysqli,
+    "SELECT * FROM credentials
+    WHERE credential_client_id = $client_id
+        AND credential_favorite = 1
+        AND credential_archived_at IS NULL
+        ORDER BY credential_name ASC"
+);
+
 $sql_recent_tickets = mysqli_query(
    $mysqli,
    "SELECT * FROM tickets
@@ -215,7 +233,7 @@ $sql_asset_retired = mysqli_query(
                <table class="table table-borderless table-sm">
                    <?php

-                    while ($row = mysqli_fetch_array($sql_important_contacts)) {
+                    while ($row = mysqli_fetch_assoc($sql_important_contacts)) {
                        $contact_id = intval($row['contact_id']);
                        $contact_name = nullable_htmlentities($row['contact_name']);
                        $contact_title = nullable_htmlentities($row['contact_title']);
@@ -288,6 +306,111 @@ $sql_asset_retired = mysqli_query(

    </div>

+    <?php if (mysqli_num_rows($sql_favorite_assets) > 0) { ?>
+
+    <div class="col-md-4">
+
+        <div class="card card-dark mb-3">
+            <div class="card-header">
+                <h5 class="card-title"><i class="fas fa-fw fa-star mr-2"></i>Favorite Assets</h5>
+            </div>
+            <div class="card-body p-2">
+                <table class="table table-borderless table-sm">
+                    <?php
+
+                    while ($row = mysqli_fetch_assoc($sql_favorite_assets)) {
+                        $asset_id = intval($row['asset_id']);
+                        $asset_name = nullable_htmlentities($row['asset_name']);
+                        $asset_type = nullable_htmlentities($row['asset_type']);
+                        $asset_icon = getAssetIcon($asset_type);
+
+                        ?>
+                        <tr>
+                            <td>
+                                <a href="#" class="ajax-modal"
+                                    data-modal-size="lg"
+                                    data-modal-url="modals/asset/asset_details.php?id=<?= $asset_id ?>">
+                                        <i class="fas fa-fw fa-<?= $asset_icon ?> text-muted mr-2"></i><?= $asset_name ?>
+                                </a>
+
+                            </td>
+                        </tr>
+                        <?php
+                    }
+                    ?>
+
+                </table>
+            </div>
+        </div>
+
+    </div>
+
+    <?php } ?>
+
+    <?php if (mysqli_num_rows($sql_favorite_credentials) > 0) { ?>
+
+    <div class="col-md-4">
+
+        <div class="card card-dark mb-3">
+            <div class="card-header">
+                <h5 class="card-title"><i class="fas fa-fw fa-star mr-2"></i>Favorite Credentials</h5>
+            </div>
+            <div class="card-body p-2">
+                <table class="table table-borderless table-sm">
+                    <?php
+
+                    while ($row = mysqli_fetch_assoc($sql_favorite_credentials)) {
+                        $credential_id = intval($row['credential_id']);
+                        $credential_name = nullable_htmlentities($row['credential_name']);
+                        $credential_description = nullable_htmlentities($row['credential_description']);
+                        $credential_uri = sanitize_url($row['credential_uri']);
+                        if (empty($credential_uri)) {
+                            $credential_uri_display = "-";
+                        } else {
+                            $credential_uri_display = "<a href='$credential_uri'>" . truncate($credential_uri,40) . "</a><button class='btn btn-sm clipboardjs' type='button' title='$credential_uri' data-clipboard-text='$credential_uri'><i class='far fa-copy text-secondary'></i></button>";
+                        }
+                        $credential_uri_2 = sanitize_url($row['credential_uri_2']);
+                        $credential_username = nullable_htmlentities(decryptCredentialEntry($row['credential_username']));
+                        if (empty($credential_username)) {
+                            $credential_username_display = "-";
+                        } else {
+                            $credential_username_display = "$credential_username<button class='btn btn-sm clipboardjs' type='button' data-clipboard-text='$credential_username'><i class='far fa-copy text-secondary'></i></button>";
+                        }
+                        $credential_password = nullable_htmlentities(decryptCredentialEntry($row['credential_password']));
+                        $credential_otp_secret = nullable_htmlentities($row['credential_otp_secret']);
+                        $credential_id_with_secret = '"' . $row['credential_id'] . '","' . $row['credential_otp_secret'] . '"';
+                        if (empty($credential_otp_secret)) {
+                            $otp_display = "-";
+                        } else {
+                            $otp_display = "<span onmouseenter='showOTPViaCredentialID($credential_id)'><i class='far fa-clock'></i> <span id='otp_$credential_id'><i>Hover..</i></span></span>";
+                        }
+
+                        ?>
+                        <tr>
+                            <td>
+                                <a href="#" class="ajax-modal"
+                                    data-modal-url="modals/credential/credential_edit.php?id=<?= $credential_id ?>">
+                                        <i class="fas fa-fw fa-key text-muted mr-2"></i><?= $credential_name ?>
+                                </a>
+                            </td>
+                            <td><?= $credential_username_display ?></td>
+                            <td class="text-nowrap">
+                                <button class="btn p-0" type="button" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $credential_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></button><button class="btn btn-sm clipboardjs" type="button" data-clipboard-text="<?php echo $credential_password; ?>"><i class="far fa-copy text-secondary"></i></button>
+                            </td>
+                            <td><?= $otp_display ?></td>
+                        </tr>
+                        <?php
+                    }
+                    ?>
+
+                </table>
+            </div>
+        </div>
+
+    </div>
+
+    <?php } ?>
+
    <?php if (mysqli_num_rows($sql_shared_items) > 0) { ?>

        <div class="col-md-4">
@@ -301,7 +424,7 @@ $sql_asset_retired = mysqli_query(
                        <tbody>
                        <?php

-                        while ($row = mysqli_fetch_array($sql_shared_items)) {
+                        while ($row = mysqli_fetch_assoc($sql_shared_items)) {
                            $item_id = intval($row['item_id']);
                            $item_active = nullable_htmlentities($row['item_active']);
                            $item_key = nullable_htmlentities($row['item_key']);
@@ -317,17 +440,17 @@ $sql_asset_retired = mysqli_query(

                            if ($item_type == 'Credential') {
                                $share_item_sql = mysqli_query($mysqli, "SELECT credential_name FROM credentials WHERE credential_id = $item_related_id AND credential_client_id = $client_id");
-                                $share_item = mysqli_fetch_array($share_item_sql);
+                                $share_item = mysqli_fetch_assoc($share_item_sql);
                                $item_name = nullable_htmlentities($share_item['credential_name']);
                                $item_icon = "fas fa-key";
                            } elseif ($item_type == 'Document') {
                                $share_item_sql = mysqli_query($mysqli, "SELECT document_name FROM documents WHERE document_id = $item_related_id AND document_client_id = $client_id");
-                                $share_item = mysqli_fetch_array($share_item_sql);
+                                $share_item = mysqli_fetch_assoc($share_item_sql);
                                $item_name = nullable_htmlentities($share_item['document_name']);
                                $item_icon = "fas fa-folder";
                            } elseif ($item_type == 'File') {
                                $share_item_sql = mysqli_query($mysqli, "SELECT file_name FROM files WHERE file_id = $item_related_id AND file_client_id = $client_id");
-                                $share_item = mysqli_fetch_array($share_item_sql);
+                                $share_item = mysqli_fetch_assoc($share_item_sql);
                                $item_name = nullable_htmlentities($share_item['file_name']);
                                $item_icon = "fas fa-paperclip";
                            }
@@ -377,7 +500,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_domains_expiring)) {
+                    while ($row = mysqli_fetch_assoc($sql_domains_expiring)) {
                        $domain_id = intval($row['domain_id']);
                        $domain_name = nullable_htmlentities($row['domain_name']);
                        $domain_expire = nullable_htmlentities($row['domain_expire']);
@@ -395,7 +518,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_certificates_expiring)) {
+                    while ($row = mysqli_fetch_assoc($sql_certificates_expiring)) {
                        $certificate_id = intval($row['certificate_id']);
                        $certificate_name = nullable_htmlentities($row['certificate_name']);
                        $certificate_expire = nullable_htmlentities($row['certificate_expire']);
@@ -413,7 +536,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_asset_warranties_expiring)) {
+                    while ($row = mysqli_fetch_assoc($sql_asset_warranties_expiring)) {
                        $asset_id = intval($row['asset_id']);
                        $asset_name = nullable_htmlentities($row['asset_name']);
                        $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']);
@@ -433,7 +556,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_asset_retire)) {
+                    while ($row = mysqli_fetch_assoc($sql_asset_retire)) {
                        $asset_id = intval($row['asset_id']);
                        $asset_name = nullable_htmlentities($row['asset_name']);
                        $asset_install_date = nullable_htmlentities($row['asset_install_date']);
@@ -452,7 +575,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_licenses_expiring)) {
+                    while ($row = mysqli_fetch_assoc($sql_licenses_expiring)) {
                        $software_id = intval($row['software_id']);
                        $software_name = nullable_htmlentities($row['software_name']);
                        $software_expire = nullable_htmlentities($row['software_expire']);
@@ -495,7 +618,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_domains_expired)) {
+                    while ($row = mysqli_fetch_assoc($sql_domains_expired)) {
                        $domain_id = intval($row['domain_id']);
                        $domain_name = nullable_htmlentities($row['domain_name']);
                        $domain_expire = nullable_htmlentities($row['domain_expire']);
@@ -513,7 +636,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_certificates_expired)) {
+                    while ($row = mysqli_fetch_assoc($sql_certificates_expired)) {
                        $certificate_id = intval($row['certificate_id']);
                        $certificate_name = nullable_htmlentities($row['certificate_name']);
                        $certificate_expire = nullable_htmlentities($row['certificate_expire']);
@@ -531,7 +654,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_asset_warranties_expired)) {
+                    while ($row = mysqli_fetch_assoc($sql_asset_warranties_expired)) {
                        $asset_id = intval($row['asset_id']);
                        $asset_name = nullable_htmlentities($row['asset_name']);
                        $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']);
@@ -551,7 +674,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_asset_retired)) {
+                    while ($row = mysqli_fetch_assoc($sql_asset_retired)) {
                        $asset_id = intval($row['asset_id']);
                        $asset_name = nullable_htmlentities($row['asset_name']);
                        $asset_install_date = nullable_htmlentities($row['asset_install_date']);
@@ -570,7 +693,7 @@ $sql_asset_retired = mysqli_query(

                    <?php

-                    while ($row = mysqli_fetch_array($sql_licenses_expired)) {
+                    while ($row = mysqli_fetch_assoc($sql_licenses_expired)) {
                        $software_id = intval($row['software_id']);
                        $software_name = nullable_htmlentities($row['software_name']);
                        $software_expire = nullable_htmlentities($row['software_expire']);
@@ -609,7 +732,7 @@ $sql_asset_retired = mysqli_query(
                        <tbody>
                        <?php

-                        while ($row = mysqli_fetch_array($sql_stale_tickets)) {
+                        while ($row = mysqli_fetch_assoc($sql_stale_tickets)) {
                            $ticket_id = intval($row['ticket_id']);
                            $ticket_prefix = nullable_htmlentities($row['ticket_prefix']);
                            $ticket_number = intval($row['ticket_number']);
@@ -652,7 +775,7 @@ $sql_asset_retired = mysqli_query(
                        <tbody>
                        <?php

-                        while ($row = mysqli_fetch_array($sql_recent_activities)) {
+                        while ($row = mysqli_fetch_assoc($sql_recent_activities)) {
                            $log_created_at_time_ago = timeAgo($row['log_created_at']);
                            $log_description = nullable_htmlentities($row['log_description']);

@@ -681,6 +804,9 @@ $sql_asset_retired = mysqli_query(

 </div>

+<!-- Include script to get TOTP code via the login ID -->
+<script src="js/credential_show_otp_via_id.js"></script>
+
 <script>
    function updateClientNotes(client_id) {
        var notes = document.getElementById("clientNotes").value;
--- a/Show More
+++ b/Show More