Oops, something went wrong! Please raise a ticket if you believe this is an error.

"; require_once("guest_footer.php"); exit(); } $url_key = sanitizeInput($_GET['url_key']); $quote_id = intval($_GET['quote_id']); $sql = mysqli_query( $mysqli, "SELECT * FROM quotes LEFT JOIN clients ON quote_client_id = client_id LEFT JOIN locations ON primary_location = location_id LEFT JOIN contacts ON primary_contact = contact_id WHERE quote_id = $quote_id AND quote_url_key = '$url_key'" ); if (mysqli_num_rows($sql) !== 1) { // Invalid quote/key echo "

Oops, something went wrong! Please raise a ticket if you believe this is an error.

"; require_once("guest_footer.php"); exit(); } $row = mysqli_fetch_array($sql); $quote_id = intval($row['quote_id']); $quote_prefix = htmlentities($row['quote_prefix']); $quote_number = intval($row['quote_number']); $quote_status = htmlentities($row['quote_status']); $quote_date = htmlentities($row['quote_date']); $quote_amount = floatval($row['quote_amount']); $quote_currency_code = htmlentities($row['quote_currency_code']); $quote_note = htmlentities($row['quote_note']); $category_id = intval($row['category_id']); $client_id = intval($row['client_id']); $client_name = htmlentities($row['client_name']); $client_name_escaped = sanitizeInput($row['client_name']); $location_address = htmlentities($row['location_address']); $location_city = htmlentities($row['location_city']); $location_state = htmlentities($row['location_state']); $location_zip = htmlentities($row['location_zip']); $contact_email = htmlentities($row['contact_email']); $contact_phone = formatPhoneNumber($row['contact_phone']); $contact_extension = htmlentities($row['contact_extension']); $contact_mobile = formatPhoneNumber($row['contact_mobile']); $client_website = htmlentities($row['client_website']); $client_currency_code = htmlentities($row['client_currency_code']); $client_net_terms = intval($row['client_net_terms']); if ($client_net_terms == 0) { $client_net_terms = intval($row['config_default_net_terms']); } $sql = mysqli_query($mysqli, "SELECT * FROM companies, settings WHERE companies.company_id = settings.company_id AND companies.company_id = 1"); $row = mysqli_fetch_array($sql); $company_name = htmlentities($row['company_name']); $company_address = htmlentities($row['company_address']); $company_city = htmlentities($row['company_city']); $company_state = htmlentities($row['company_state']); $company_zip = htmlentities($row['company_zip']); $company_phone = formatPhoneNumber($row['company_phone']); $company_email = htmlentities($row['company_email']); $company_website = htmlentities($row['company_website']); $company_logo = htmlentities($row['company_logo']); if (!empty($company_logo)) { $company_logo_base64 = base64_encode(file_get_contents("uploads/settings/$company_logo")); } $company_locale = htmlentities($row['company_locale']); $config_quote_footer = htmlentities($row['config_quote_footer']); //Set Currency Format $currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY); //Update status to Viewed only if invoice_status = "Sent" if ($quote_status == 'Sent') { mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Viewed' WHERE quote_id = $quote_id"); } //Mark viewed in history mysqli_query($mysqli, "INSERT INTO history SET history_status = '$quote_status', history_description = 'Quote viewed - $ip - $os - $browser', history_quote_id = $quote_id"); if ($quote_status == "Draft" || $quote_status == "Sent" || $quote_status == "Viewed") { mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Quote Viewed', notification = 'Quote $quote_prefix$quote_number has been viewed by $client_name_escaped - $ip - $os - $browser', notification_client_id = $client_id, notification_entity_id = $quote_id"); } ?>

Accept Decline

Print ');"> Download

Quote

Date

Product	Description	Qty	Price	Tax	Total

0) { ?>

Subtotal
Tax
Total