$name updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_localization'])) { validateAdminRole(); $locale = sanitizeInput($_POST['locale']); $currency_code = sanitizeInput($_POST['currency_code']); $timezone = sanitizeInput($_POST['timezone']); mysqli_query($mysqli,"UPDATE companies SET company_locale = '$locale', company_currency = '$currency_code' WHERE company_id = 1"); mysqli_query($mysqli,"UPDATE settings SET config_timezone = '$timezone' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Company', log_action = 'Edit', log_description = '$session_name edited company localization settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Company localization updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_mail_smtp_settings'])) { validateAdminRole(); $config_smtp_host = sanitizeInput($_POST['config_smtp_host']); $config_smtp_port = intval($_POST['config_smtp_port']); $config_smtp_encryption = sanitizeInput($_POST['config_smtp_encryption']); $config_smtp_username = sanitizeInput($_POST['config_smtp_username']); $config_smtp_password = sanitizeInput($_POST['config_smtp_password']); mysqli_query($mysqli,"UPDATE settings SET config_smtp_host = '$config_smtp_host', config_smtp_port = $config_smtp_port, config_smtp_encryption = '$config_smtp_encryption', config_smtp_username = '$config_smtp_username', config_smtp_password = '$config_smtp_password', config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name' WHERE company_id = 1"); // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified SMTP mail settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "SMTP Mail Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_mail_imap_settings'])) { validateAdminRole(); $config_imap_host = sanitizeInput($_POST['config_imap_host']); $config_imap_username = sanitizeInput($_POST['config_imap_username']); $config_imap_password = sanitizeInput($_POST['config_imap_password']); $config_imap_port = intval($_POST['config_imap_port']); $config_imap_encryption = sanitizeInput($_POST['config_imap_encryption']); mysqli_query($mysqli,"UPDATE settings SET config_imap_host = '$config_imap_host', config_imap_port = $config_imap_port, config_imap_encryption = '$config_imap_encryption', config_imap_username = '$config_imap_username', config_imap_password = '$config_imap_password' WHERE company_id = 1"); // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified IMAP mail settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "IMAP Mail Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_mail_from_settings'])) { validateAdminRole(); $config_mail_from_email = sanitizeInput($_POST['config_mail_from_email']); $config_mail_from_name = sanitizeInput($_POST['config_mail_from_name']); $config_invoice_from_email = sanitizeInput($_POST['config_invoice_from_email']); $config_invoice_from_name = sanitizeInput($_POST['config_invoice_from_name']); $config_quote_from_email = sanitizeInput($_POST['config_quote_from_email']); $config_quote_from_name = sanitizeInput($_POST['config_quote_from_name']); $config_ticket_from_email = sanitizeInput($_POST['config_ticket_from_email']); $config_ticket_from_name = sanitizeInput($_POST['config_ticket_from_name']); mysqli_query($mysqli,"UPDATE settings SET config_mail_from_email = '$config_mail_from_email', config_mail_from_name = '$config_mail_from_name', config_invoice_from_email = '$config_invoice_from_email', config_invoice_from_name = '$config_invoice_from_name', config_quote_from_email = '$config_quote_from_email', config_quote_from_name = '$config_quote_from_name', config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name' WHERE company_id = 1"); // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified Mail From settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Mail From Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['test_email_smtp'])) { validateAdminRole(); $email_from = sanitizeInput($_POST['email_from']); $email_to = sanitizeInput($_POST['email_to']); $subject = "Hi'ya there Chap"; $body = "Hello there Chap ;) Don't worry this won't hurt a bit, it's just a test"; $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, $email_from, $config_mail_from_name, $email_to, $email_to, $subject, $body); if ($mail === true) { $_SESSION['alert_message'] = "Test email sent successfully"; } else { $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Test email failed"; } header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['test_email_imap'])) { validateAdminRole(); // Prepare connection string with encryption (TLS/SSL/) $imap_mailbox = "$config_imap_host:$config_imap_port/imap/readonly/$config_imap_encryption"; // Connect $imap = imap_open("{{$imap_mailbox}}INBOX", $config_imap_username, $config_imap_password); if ($imap) { $_SESSION['alert_message'] = "Connected successfully"; } else { $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Test IMAP connection failed"; } header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_invoice_settings'])) { validateAdminRole(); $config_invoice_prefix = sanitizeInput($_POST['config_invoice_prefix']); $config_invoice_next_number = intval($_POST['config_invoice_next_number']); $config_invoice_footer = sanitizeInput($_POST['config_invoice_footer']); $config_invoice_late_fee_enable = intval($_POST['config_invoice_late_fee_enable']); $config_invoice_late_fee_percent = floatval($_POST['config_invoice_late_fee_percent']); $config_recurring_prefix = sanitizeInput($_POST['config_recurring_prefix']); $config_recurring_next_number = intval($_POST['config_recurring_next_number']); mysqli_query($mysqli,"UPDATE settings SET config_invoice_prefix = '$config_invoice_prefix', config_invoice_next_number = $config_invoice_next_number, config_invoice_footer = '$config_invoice_footer', config_invoice_late_fee_enable = $config_invoice_late_fee_enable, config_invoice_late_fee_percent = $config_invoice_late_fee_percent, config_recurring_prefix = '$config_recurring_prefix', config_recurring_next_number = $config_recurring_next_number WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Edit', log_description = '$session_name edited invoice settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Invoice Settings edited"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_quote_settings'])) { validateAdminRole(); $config_quote_prefix = sanitizeInput($_POST['config_quote_prefix']); $config_quote_next_number = intval($_POST['config_quote_next_number']); $config_quote_footer = sanitizeInput($_POST['config_quote_footer']); mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified quote settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Quote Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_ticket_settings'])) { validateAdminRole(); $config_ticket_prefix = sanitizeInput($_POST['config_ticket_prefix']); $config_ticket_next_number = intval($_POST['config_ticket_next_number']); $config_ticket_email_parse = intval($_POST['config_ticket_email_parse']); $config_ticket_client_general_notifications = intval($_POST['config_ticket_client_general_notifications']); $config_ticket_autoclose = intval($_POST['config_ticket_autoclose']); $config_ticket_autoclose_hours = intval($_POST['config_ticket_autoclose_hours']); $config_ticket_new_ticket_notification_email = sanitizeInput($_POST['config_ticket_new_ticket_notification_email']); mysqli_query($mysqli,"UPDATE settings SET config_ticket_prefix = '$config_ticket_prefix', config_ticket_next_number = $config_ticket_next_number, config_ticket_from_email = '$config_ticket_from_email', config_ticket_from_name = '$config_ticket_from_name', config_ticket_email_parse = '$config_ticket_email_parse', config_ticket_client_general_notifications = $config_ticket_client_general_notifications , config_ticket_autoclose = $config_ticket_autoclose, config_ticket_autoclose_hours = $config_ticket_autoclose_hours, config_ticket_new_ticket_notification_email = '$config_ticket_new_ticket_notification_email' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified ticket settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Ticket Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_default_settings'])) { validateAdminRole(); $start_page = sanitizeInput($_POST['start_page']); $expense_account = intval($_POST['expense_account']); $payment_account = intval($_POST['payment_account']); $payment_method = sanitizeInput($_POST['payment_method']); $expense_payment_method = sanitizeInput($_POST['expense_payment_method']); $transfer_from_account = intval($_POST['transfer_from_account']); $transfer_to_account = intval($_POST['transfer_to_account']); $calendar = intval($_POST['calendar']); $net_terms = intval($_POST['net_terms']); mysqli_query($mysqli,"UPDATE settings SET config_start_page = '$start_page', config_default_expense_account = $expense_account, config_default_payment_account = $payment_account, config_default_payment_method = '$payment_method', config_default_expense_payment_method = '$expense_payment_method', config_default_transfer_from_account = $transfer_from_account, config_default_transfer_to_account = $transfer_to_account, config_default_calendar = $calendar, config_default_net_terms = $net_terms WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified default settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Default settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_theme_settings'])) { validateAdminRole(); $theme = preg_replace("/[^0-9a-zA-Z-]/", "", sanitizeInput($_POST['theme'])); mysqli_query($mysqli,"UPDATE settings SET config_theme = '$theme' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified theme settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Changed theme to $theme"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_alert_settings'])) { validateAdminRole(); $config_enable_cron = intval($_POST['config_enable_cron']); $config_cron_key = sanitizeInput($_POST['config_cron_key']); $config_enable_alert_domain_expire = intval($_POST['config_enable_alert_domain_expire']); $config_send_invoice_reminders = intval($_POST['config_send_invoice_reminders']); $config_invoice_overdue_reminders = sanitizeInput($_POST['config_invoice_overdue_reminders']); mysqli_query($mysqli,"UPDATE settings SET config_send_invoice_reminders = $config_send_invoice_reminders, config_invoice_overdue_reminders = '$config_invoice_overdue_reminders', config_enable_cron = $config_enable_cron, config_enable_alert_domain_expire = $config_enable_alert_domain_expire WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified alert settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Alert Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['generate_cron_key'])) { validateAdminRole(); $key = randomString(32); mysqli_query($mysqli,"UPDATE settings SET config_cron_key = '$key' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name regenerated cron key', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Cron key regenerated!"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_online_payment_settings'])) { validateAdminRole(); $config_stripe_enable = intval($_POST['config_stripe_enable']); $config_stripe_publishable = sanitizeInput($_POST['config_stripe_publishable']); $config_stripe_secret = sanitizeInput($_POST['config_stripe_secret']); $config_stripe_account = intval($_POST['config_stripe_account']); mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified online payment settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Online Payment Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_integrations_settings'])) { validateAdminRole(); $azure_client_id = sanitizeInput($_POST['azure_client_id']); $azure_client_secret = sanitizeInput($_POST['azure_client_secret']); mysqli_query($mysqli,"UPDATE settings SET config_azure_client_id = '$azure_client_id', config_azure_client_secret = '$azure_client_secret' WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified integrations settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Integrations Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_module_settings'])) { validateAdminRole(); $config_module_enable_itdoc = intval($_POST['config_module_enable_itdoc']); $config_module_enable_ticketing = intval($_POST['config_module_enable_ticketing']); $config_module_enable_accounting = intval($_POST['config_module_enable_accounting']); $config_client_portal_enable = intval($_POST['config_client_portal_enable']); mysqli_query($mysqli,"UPDATE settings SET config_module_enable_itdoc = $config_module_enable_itdoc, config_module_enable_ticketing = $config_module_enable_ticketing, config_module_enable_accounting = $config_module_enable_accounting, config_client_portal_enable = $config_client_portal_enable WHERE company_id = 1"); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified module settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Module Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_security_settings'])) { validateAdminRole(); $config_login_message = sanitizeInput($_POST['config_login_message']); $config_login_key_required = intval($_POST['config_login_key_required']); $config_login_key_secret = sanitizeInput($_POST['config_login_key_secret']); mysqli_query($mysqli,"UPDATE settings SET config_login_message = '$config_login_message', config_login_key_required = '$config_login_key_required', config_login_key_secret = '$config_login_key_secret' WHERE company_id = 1"); // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified login key settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Login key settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['edit_telemetry_settings'])) { validateAdminRole(); $config_telemetry = intval($_POST['config_telemetry']); mysqli_query($mysqli,"UPDATE settings SET config_telemetry = $config_telemetry WHERE company_id = 1"); // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified telemetry settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Telemetry Settings updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_POST['send_telemetry_data'])) { validateAdminRole(); $comments = sanitizeInput($_POST['comments']); $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); $row = mysqli_fetch_array($sql); $company_name = sanitizeInput($row['company_name']); $city = sanitizeInput($row['company_city']); $state = sanitizeInput($row['company_state']); $country = sanitizeInput($row['company_country']); $currency = sanitizeInput($row['company_currency']); $current_version = exec("git rev-parse HEAD"); // Client Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('client_id') AS num FROM clients")); $client_count = $row['num']; // Ticket Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM tickets")); $ticket_count = $row['num']; // Calendar Event Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events")); $calendar_event_count = $row['num']; // Quote Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes")); $quote_count = $row['num']; // Invoice Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices")); $invoice_count = $row['num']; // Revenue Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('revenue_id') AS num FROM revenues")); $revenue_count = $row['num']; // Recurring Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring")); $recurring_count = $row['num']; // Account Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('account_id') AS num FROM accounts")); $account_count = $row['num']; // Tax Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tax_id') AS num FROM taxes")); $tax_count = $row['num']; // Product Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('product_id') AS num FROM products")); $product_count = $row['num']; // Payment Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0")); $payment_count = $row['num']; // Company Vendor Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0")); $company_vendor_count = $row['num']; // Expense Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0")); $expense_count = $row['num']; // Trip Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips")); $trip_count = $row['num']; // Transfer Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('transfer_id') AS num FROM transfers")); $transfer_count = $row['num']; // Contact Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts")); $contact_count = $row['num']; // Location Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations")); $location_count = $row['num']; // Asset Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets")); $asset_count = $row['num']; // Software Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0")); $software_count = $row['num']; // Software Template Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1")); $software_template_count = $row['num']; // Password Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins")); $password_count = $row['num']; // Network Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks")); $network_count = $row['num']; // Certificate Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates")); $certificate_count = $row['num']; // Domain Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains")); $domain_count = $row['num']; // Service Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services")); $service_count = $row['num']; // Client Vendor Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0")); $client_vendor_count = $row['num']; // Vendor Template Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1")); $vendor_template_count = $row['num']; // File Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files")); $file_count = $row['num']; // Document Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0")); $document_count = $row['num']; // Document Template Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1")); $document_template_count = $row['num']; // Shared Item Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items")); $shared_item_count = $row['num']; // Company Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies")); $company_count = $row['num']; // User Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('user_id') AS num FROM users")); $user_count = $row['num']; // Category Expense Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'")); $category_expense_count = $row['num']; // Category Income Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'")); $category_income_count = $row['num']; // Category Referral Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'")); $category_referral_count = $row['num']; // Category Payment Method Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'")); $category_payment_method_count = $row['num']; // Tag Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tag_id') AS num FROM tags")); $tag_count = $row['num']; // API Key Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('api_key_id') AS num FROM api_keys")); $api_key_count = $row['num']; // Log Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('log_id') AS num FROM logs")); $log_count = $row['num']; $postdata = http_build_query( array( 'installation_id' => "$installation_id", 'version' => "$current_version", 'company_name' => "$company_name", 'city' => "$city", 'state' => "$state", 'country' => "$country", 'currency' => "$currency", 'comments' => "$comments", 'client_count' => $client_count, 'ticket_count' => $ticket_count, 'calendar_event_count' => $calendar_event_count, 'quote_count' => $quote_count, 'invoice_count' => $invoice_count, 'revenue_count' => $revenue_count, 'recurring_count' => $recurring_count, 'account_count' => $account_count, 'tax_count' => $tax_count, 'product_count' => $product_count, 'payment_count' => $payment_count, 'company_vendor_count' => $company_vendor_count, 'expense_count' => $expense_count, 'trip_count' => $trip_count, 'transfer_count' => $transfer_count, 'contact_count' => $contact_count, 'location_count' => $location_count, 'asset_count' => $asset_count, 'software_count' => $software_count, 'software_template_count' => $software_template_count, 'password_count' => $password_count, 'network_count' => $network_count, 'certificate_count' => $certificate_count, 'domain_count' => $domain_count, 'service_count' => $service_count, 'client_vendor_count' => $client_vendor_count, 'vendor_template_count' => $vendor_template_count, 'file_count' => $file_count, 'document_count' => $document_count, 'document_template_count' => $document_template_count, 'shared_item_count' => $shared_item_count, 'company_count' => $company_count, 'user_count' => $user_count, 'category_expense_count' => $category_expense_count, 'category_income_count' => $category_income_count, 'category_referral_count' => $category_referral_count, 'category_payment_method_count' => $category_payment_method_count, 'tag_count' => $tag_count, 'api_key_count' => $api_key_count, 'log_count' => $log_count, 'config_theme' => "$config_theme", 'config_enable_cron' => $config_enable_cron, 'config_ticket_email_parse' => $config_ticket_email_parse, 'config_module_enable_itdoc' => $config_module_enable_itdoc, 'config_module_enable_ticketing' => $config_module_enable_ticketing, 'config_module_enable_accounting' => $config_module_enable_accounting, 'collection_method' => 2 ) ); $opts = array('http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata ) ); $context = stream_context_create($opts); $result = file_get_contents('https://telemetry.itflow.org', false, $context); // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Telemetry', log_action = 'Sent', log_description = '$session_name manually sent telemetry results to the ITFlow Developers', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Telemetry data sent to the ITFlow developers"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['download_database'])) { validateAdminRole(); // Get All Table Names From the Database $tables = array(); $sql = "SHOW TABLES"; $result = mysqli_query($mysqli, $sql); while ($row = mysqli_fetch_row($result)) { $tables[] = $row[0]; } $sqlScript = ""; foreach ($tables as $table) { // Prepare SQLscript for creating table structure $query = "SHOW CREATE TABLE $table"; $result = mysqli_query($mysqli, $query); $row = mysqli_fetch_row($result); $sqlScript .= "\n\n" . $row[1] . ";\n\n"; $query = "SELECT * FROM $table"; $result = mysqli_query($mysqli, $query); $columnCount = mysqli_num_fields($result); // Prepare SQLscript for dumping data for each table for ($i = 0; $i < $columnCount; $i ++) { while ($row = mysqli_fetch_row($result)) { $sqlScript .= "INSERT INTO $table VALUES("; for ($j = 0; $j < $columnCount; $j ++) { if (isset($row[$j])) { $sqlScript .= '"' . $row[$j] . '"'; } else { $sqlScript .= '""'; } if ($j < ($columnCount - 1)) { $sqlScript .= ','; } } $sqlScript .= ");\n"; } } $sqlScript .= "\n"; } if (!empty($sqlScript)) { // Save the SQL script to a backup file $backup_file_name = date('Y-m-d') . '_' . $config_company_name . '_backup.sql'; $fileHandler = fopen($backup_file_name, 'w+'); $number_of_lines = fwrite($fileHandler, $sqlScript); fclose($fileHandler); // Download the SQL backup file to the browser header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($backup_file_name)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($backup_file_name)); ob_clean(); flush(); readfile($backup_file_name); exec('rm ' . $backup_file_name); } //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Database', log_action = 'Download', log_description = '$session_name downloaded the database', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Database downloaded"; } if (isset($_POST['backup_master_key'])) { validateCSRFToken($_POST['csrf_token']); validateAdminRole(); $password = $_POST['password']; $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $session_user_id"); $userRow = mysqli_fetch_array($sql); if (password_verify($password, $userRow['user_password'])) { $site_encryption_master_key = decryptUserSpecificKey($userRow['user_specific_encryption_ciphertext'], $password); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Master Key', log_action = 'Download', log_description = '$session_name retrieved the master encryption key', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Settings', notification = '$session_name retrieved the master encryption key'"); echo "=============================="; echo "
Master encryption key:
"; echo "$site_encryption_master_key"; echo "
=============================="; } else { //Log the failure mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Master Key', log_action = 'Download', log_description = '$session_name attempted to retrieve the master encryption key (failure)', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Incorrect password."; header("Location: " . $_SERVER["HTTP_REFERER"]); } } if (isset($_GET['update'])) { validateAdminRole(); exec("git pull"); //FORCE UPDATE FUNCTION (Will be added later as a checkbox) //git fetch downloads the latest from remote without trying to merge or rebase anything. Then the git reset resets the master branch to what you just fetched. The --hard option changes all the files in your working tree to match the files in origin/master //exec("git fetch --all"); //exec("git reset --hard origin/master"); //header("Location: post.php?update_db"); // Send Telemetry if enabled during update if ($config_telemetry == 1) { $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); $row = mysqli_fetch_array($sql); $company_name = sanitizeInput($row['company_name']); $city = sanitizeInput($row['company_city']); $state = sanitizeInput($row['company_state']); $country = sanitizeInput($row['company_country']); $currency = sanitizeInput($row['company_currency']); $current_version = exec("git rev-parse HEAD"); // Client Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('client_id') AS num FROM clients")); $client_count = $row['num']; // Ticket Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM tickets")); $ticket_count = $row['num']; // Calendar Event Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('event_id') AS num FROM events")); $calendar_event_count = $row['num']; // Quote Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('quote_id') AS num FROM quotes")); $quote_count = $row['num']; // Invoice Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices")); $invoice_count = $row['num']; // Revenue Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('revenue_id') AS num FROM revenues")); $revenue_count = $row['num']; // Recurring Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('recurring_id') AS num FROM recurring")); $recurring_count = $row['num']; // Account Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('account_id') AS num FROM accounts")); $account_count = $row['num']; // Tax Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tax_id') AS num FROM taxes")); $tax_count = $row['num']; // Product Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('product_id') AS num FROM products")); $product_count = $row['num']; // Payment Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0")); $payment_count = $row['num']; // Company Vendor Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0")); $company_vendor_count = $row['num']; // Expense Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0")); $expense_count = $row['num']; // Trip Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('trip_id') AS num FROM trips")); $trip_count = $row['num']; // Transfer Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('transfer_id') AS num FROM transfers")); $transfer_count = $row['num']; // Contact Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('contact_id') AS num FROM contacts")); $contact_count = $row['num']; // Location Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('location_id') AS num FROM locations")); $location_count = $row['num']; // Asset Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('asset_id') AS num FROM assets")); $asset_count = $row['num']; // Software Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0")); $software_count = $row['num']; // Software Template Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1")); $software_template_count = $row['num']; // Password Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('login_id') AS num FROM logins")); $password_count = $row['num']; // Network Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('network_id') AS num FROM networks")); $network_count = $row['num']; // Certificate Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('certificate_id') AS num FROM certificates")); $certificate_count = $row['num']; // Domain Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('domain_id') AS num FROM domains")); $domain_count = $row['num']; // Service Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('service_id') AS num FROM services")); $service_count = $row['num']; // Client Vendor Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0")); $client_vendor_count = $row['num']; // Vendor Template Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1")); $vendor_template_count = $row['num']; // File Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('file_id') AS num FROM files")); $file_count = $row['num']; // Document Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0")); $document_count = $row['num']; // Document Template Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1")); $document_template_count = $row['num']; // Shared Item Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('item_id') AS num FROM shared_items")); $shared_item_count = $row['num']; // Company Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('company_id') AS num FROM companies")); $company_count = $row['num']; // User Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('user_id') AS num FROM users")); $user_count = $row['num']; // Category Expense Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'")); $category_expense_count = $row['num']; // Category Income Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'")); $category_income_count = $row['num']; // Category Referral Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'")); $category_referral_count = $row['num']; // Category Payment Method Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'")); $category_payment_method_count = $row['num']; // Tag Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('tag_id') AS num FROM tags")); $tag_count = $row['num']; // API Key Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('api_key_id') AS num FROM api_keys")); $api_key_count = $row['num']; // Log Count $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('log_id') AS num FROM logs")); $log_count = $row['num']; $postdata = http_build_query( array( 'installation_id' => "$installation_id", 'version' => "$current_version", 'company_name' => "$company_name", 'city' => "$city", 'state' => "$state", 'country' => "$country", 'currency' => "$currency", 'comments' => "$comments", 'client_count' => $client_count, 'ticket_count' => $ticket_count, 'calendar_event_count' => $calendar_event_count, 'quote_count' => $quote_count, 'invoice_count' => $invoice_count, 'revenue_count' => $revenue_count, 'recurring_count' => $recurring_count, 'account_count' => $account_count, 'tax_count' => $tax_count, 'product_count' => $product_count, 'payment_count' => $payment_count, 'company_vendor_count' => $company_vendor_count, 'expense_count' => $expense_count, 'trip_count' => $trip_count, 'transfer_count' => $transfer_count, 'contact_count' => $contact_count, 'location_count' => $location_count, 'asset_count' => $asset_count, 'software_count' => $software_count, 'software_template_count' => $software_template_count, 'password_count' => $password_count, 'network_count' => $network_count, 'certificate_count' => $certificate_count, 'domain_count' => $domain_count, 'service_count' => $service_count, 'client_vendor_count' => $client_vendor_count, 'vendor_template_count' => $vendor_template_count, 'file_count' => $file_count, 'document_count' => $document_count, 'document_template_count' => $document_template_count, 'shared_item_count' => $shared_item_count, 'company_count' => $company_count, 'user_count' => $user_count, 'category_expense_count' => $category_expense_count, 'category_income_count' => $category_income_count, 'category_referral_count' => $category_referral_count, 'category_payment_method_count' => $category_payment_method_count, 'tag_count' => $tag_count, 'api_key_count' => $api_key_count, 'log_count' => $log_count, 'config_theme' => "$config_theme", 'config_enable_cron' => $config_enable_cron, 'config_ticket_email_parse' => $config_ticket_email_parse, 'config_module_enable_itdoc' => $config_module_enable_itdoc, 'config_module_enable_ticketing' => $config_module_enable_ticketing, 'config_module_enable_accounting' => $config_module_enable_accounting, 'config_telemetry' => $config_telemetry, 'collection_method' => 4 ) ); $opts = array('http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata ) ); $context = stream_context_create($opts); $result = file_get_contents('https://telemetry.itflow.org', false, $context); } //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Update', log_description = '$session_name ran updates', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Update successful"; sleep(1); header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['update_db'])) { validateAdminRole(); // Get the current version require_once ('database_version.php'); // Perform upgrades, if required require_once ('database_updates.php'); //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Update', log_description = '$session_name updated the database structure', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Database structure update successful"; sleep(1); header("Location: " . $_SERVER["HTTP_REFERER"]); }