$name created"; header("Location: clients.php"); exit; } if (isset($_POST['edit_client'])) { require_once('post/client_model.php'); validateAdminRole(); $client_id = intval($_POST['client_id']); mysqli_query($mysqli, "UPDATE clients SET client_name = '$name', client_type = '$type', client_website = '$website', client_referral = '$referral', client_rate = $rate, client_currency_code = '$currency_code', client_net_terms = $net_terms, client_tax_id_number = '$tax_id_number', client_notes = '$notes' WHERE client_id = $client_id"); //Tags //Delete existing tags mysqli_query($mysqli, "DELETE FROM client_tags WHERE client_tag_client_id = $client_id"); //Add new tags foreach($_POST['tags'] as $tag) { $tag = intval($tag); mysqli_query($mysqli, "INSERT INTO client_tags SET client_tag_client_id = $client_id, client_tag_tag_id = $tag"); } //Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client', log_action = 'Modify', log_description = '$session_name modified client $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $client_id"); $_SESSION['alert_message'] = "Client $client_name updated"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['archive_client'])) { validateAdminRole(); $client_id = intval($_GET['archive_client']); // Get Client Name $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = $client_id"); $row = mysqli_fetch_array($sql); $client_name = sanitizeInput($row['client_name']); mysqli_query($mysqli, "UPDATE clients SET client_archived_at = NOW() WHERE client_id = $client_id"); //Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client', log_action = 'Archive', log_description = '$session_name archived client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $client_id"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Client $client_name archived"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['undo_archive_client'])) { $client_id = intval($_GET['undo_archive_client']); // Get Client Name $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = $client_id"); $row = mysqli_fetch_array($sql); $client_name = sanitizeInput($row['client_name']); mysqli_query($mysqli, "UPDATE clients SET client_archived_at = NULL WHERE client_id = $client_id"); //Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client', log_action = 'Undo Archive', log_description = '$session_name unarchived client $client_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $client_id"); $_SESSION['alert_message'] = "Client $client_name unarchived"; header("Location: " . $_SERVER["HTTP_REFERER"]); } if (isset($_GET['delete_client'])) { validateAdminRole(); // CSRF Check validateCSRFToken($_GET['csrf_token']); $client_id = intval($_GET['delete_client']); //Get Client Name $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = $client_id"); $row = mysqli_fetch_array($sql); $client_name = sanitizeInput($row['client_name']); // Delete Client Data mysqli_query($mysqli, "DELETE FROM api_keys WHERE api_key_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM assets WHERE asset_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM certificates WHERE certificate_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM client_tags WHERE client_tag_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM contacts WHERE contact_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM documents WHERE document_client_id = $client_id"); // Delete Domains and associated records $sql = mysqli_query($mysqli, "SELECT domain_id FROM domains WHERE domain_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $domain_id = $row['domain_id']; mysqli_query($mysqli, "DELETE FROM records WHERE record_domain_id = $domain_id"); } mysqli_query($mysqli, "DELETE FROM domains WHERE domain_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM events WHERE event_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM files WHERE file_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM folders WHERE folder_client_id = $client_id"); //Delete Invoices and Invoice Referencing data $sql = mysqli_query($mysqli, "SELECT invoice_id FROM invoices WHERE invoice_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $invoice_id = $row['invoice_id']; mysqli_query($mysqli, "DELETE FROM invoice_items WHERE item_invoice_id = $invoice_id"); mysqli_query($mysqli, "DELETE FROM payments WHERE payment_invoice_id = $invoice_id"); mysqli_query($mysqli, "DELETE FROM history WHERE history_invoice_id = $invoice_id"); } mysqli_query($mysqli, "DELETE FROM invoices WHERE invoice_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM locations WHERE location_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM logins WHERE login_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM logs WHERE log_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM networks WHERE network_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM notifications WHERE notification_client_id = $client_id"); //Delete Quote and related items $sql = mysqli_query($mysqli, "SELECT quote_id FROM quotes WHERE quote_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $quote_id = $row['quote_id']; mysqli_query($mysqli, "DELETE FROM invoice_items WHERE item_quote_id = $quote_id"); } mysqli_query($mysqli, "DELETE FROM quotes WHERE quote_client_id = $client_id"); // Delete Recurring Invoices and associated items $sql = mysqli_query($mysqli, "SELECT recurring_id FROM recurring WHERE recurring_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $recurring_id = $row['recurring_id']; mysqli_query($mysqli, "DELETE FROM invoice_items WHERE item_recurring_id = $recurring_id"); } mysqli_query($mysqli, "DELETE FROM recurring WHERE recurring_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM revenues WHERE revenue_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM scheduled_tickets WHERE scheduled_ticket_client_id = $client_id"); // Delete Services and items associated with services $sql = mysqli_query($mysqli, "SELECT service_id FROM services WHERE service_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $service_id = $row['service_id']; mysqli_query($mysqli, "DELETE FROM service_assets WHERE service_id = $service_id"); mysqli_query($mysqli, "DELETE FROM service_certificates WHERE service_id = $service_id"); mysqli_query($mysqli, "DELETE FROM service_contacts WHERE service_id = $service_id"); mysqli_query($mysqli, "DELETE FROM service_documents WHERE service_id = $service_id"); mysqli_query($mysqli, "DELETE FROM service_domains WHERE service_id = $service_id"); mysqli_query($mysqli, "DELETE FROM service_logins WHERE service_id = $service_id"); mysqli_query($mysqli, "DELETE FROM service_vendors WHERE service_id = $service_id"); } mysqli_query($mysqli, "DELETE FROM services WHERE service_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM shared_items WHERE item_client_id = $client_id"); $sql = mysqli_query($mysqli, "SELECT software_id FROM software WHERE software_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $software_id = $row['software_id']; mysqli_query($mysqli, "DELETE FROM software_assets WHERE software_id = $software_id"); mysqli_query($mysqli, "DELETE FROM software_contacts WHERE software_id = $software_id"); } mysqli_query($mysqli, "DELETE FROM software WHERE software_client_id = $client_id"); // Delete tickets and related data $sql = mysqli_query($mysqli, "SELECT ticket_id FROM tickets WHERE ticket_client_id = $client_id"); while($row = mysqli_fetch_array($sql)) { $ticket_id = $row['ticket_id']; mysqli_query($mysqli, "DELETE FROM ticket_replies WHERE ticket_reply_ticket_id = $ticket_id"); mysqli_query($mysqli, "DELETE FROM ticket_views WHERE view_ticket_id = $ticket_id"); } mysqli_query($mysqli, "DELETE FROM tickets WHERE ticket_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM trips WHERE trip_client_id = $client_id"); mysqli_query($mysqli, "DELETE FROM vendors WHERE vendor_client_id = $client_id"); //Delete Client Files removeDirectory('uploads/clients/$client_id'); //Finally Remove the Client mysqli_query($mysqli, "DELETE FROM clients WHERE client_id = $client_id"); //Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client', log_action = 'Delete', log_description = '$session_name deleted client $client_name and all associated data', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Client $client_name deleted along with all associated data"; header("Location: clients.php"); } if (isset($_POST['export_clients_csv'])) { //get records from database $sql = mysqli_query($mysqli, "SELECT * FROM clients LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 ORDER BY client_name ASC "); if ($sql->num_rows > 0) { $delimiter = ", "; $filename = $session_company_name . "-Clients-" . date('Y-m-d') . ".csv"; //create a file pointer $f = fopen('php://memory', 'w'); //set column headers $fields = array('Client Name', 'Industry', 'Referral', 'Website', 'Primary Address', 'Contact Name', 'Contact Phone', 'Extension', 'Contact Mobile', 'Contact Email', 'Creation Date'); fputcsv($f, $fields, $delimiter); //output each row of the data, format line as csv and write to file pointer while($row = $sql->fetch_assoc()) { $lineData = array($row['client_name'], $row['client_type'], $row['client_referral'], $row['client_website'], $row['location_address'] . ' ' . $row['location_city'] . ' ' . $row['location_state'] . ' ' . $row['location_zip'], $row['contact_name'], formatPhoneNumber($row['contact_phone']), $row['contact_extension'], formatPhoneNumber($row['contact_mobile']), $row['contact_email'], $row['client_created_at']); fputcsv($f, $lineData, $delimiter); } //move back to beginning of file fseek($f, 0); //set headers to download file rather than displayed header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename="' . $filename . '";'); //output all remaining data on a file pointer fpassthru($f); } exit; } if (isset($_POST['export_client_pdf'])) { validateAdminRole(); $client_id = intval($_POST['client_id']); $export_contacts = intval($_POST['export_contacts']); $export_locations = intval($_POST['export_locations']); $export_assets = intval($_POST['export_assets']); $export_software = intval($_POST['export_software']); $export_logins = intval($_POST['export_logins']); $export_networks = intval($_POST['export_networks']); $export_certificates = intval($_POST['export_certificates']); $export_domains = intval($_POST['export_domains']); $export_tickets = intval($_POST['export_tickets']); $export_scheduled_tickets = intval($_POST['export_scheduled_tickets']); $export_vendors = intval($_POST['export_vendors']); $export_invoices = intval($_POST['export_invoices']); $export_recurring = intval($_POST['export_recurring']); $export_quotes = intval($_POST['export_quotes']); $export_payments = intval($_POST['export_payments']); $export_trips = intval($_POST['export_trips']); $export_logs = intval($_POST['export_logs']); //get records from database $sql = mysqli_query($mysqli,"SELECT * FROM clients LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 WHERE client_id = $client_id "); $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; $location_address = $row['location_address']; $location_city = $row['location_city']; $location_state = $row['location_state']; $location_zip = $row['location_zip']; $contact_name = $row['contact_name']; $contact_phone = formatPhoneNumber($row['contact_phone']); $contact_email = $row['contact_email']; $client_website = $row['client_website']; $sql_contacts = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_client_id = $client_id ORDER BY contact_name ASC"); $sql_locations = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_client_id = $client_id ORDER BY location_name ASC"); $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id ORDER BY vendor_name ASC"); $sql_logins = mysqli_query($mysqli,"SELECT * FROM logins WHERE login_client_id = $client_id ORDER BY login_name ASC"); $sql_assets = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id ORDER BY asset_type ASC"); $sql_asset_workstations = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id AND (asset_type = 'desktop' OR asset_type = 'laptop') ORDER BY asset_name ASC"); $sql_asset_servers = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id AND asset_type = 'server' ORDER BY asset_name ASC"); $sql_asset_vms = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id AND asset_type = 'virtual machine' ORDER BY asset_name ASC"); $sql_asset_network = mysqli_query($mysqli,"SELECT * FROM assets WHERE asset_client_id = $client_id AND (asset_type = 'Firewall/Router' OR asset_type = 'Switch' OR asset_type = 'Access Point') ORDER BY asset_type ASC"); $sql_asset_other = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id WHERE asset_client_id = $client_id AND (asset_type NOT LIKE 'laptop' AND asset_type NOT LIKE 'desktop' AND asset_type NOT LIKE 'server' AND asset_type NOT LIKE 'virtual machine' AND asset_type NOT LIKE 'firewall/router' AND asset_type NOT LIKE 'switch' AND asset_type NOT LIKE 'access point') ORDER BY asset_type ASC"); $sql_networks = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_client_id = $client_id ORDER BY network_name ASC"); $sql_domains = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_client_id = $client_id ORDER BY domain_name ASC"); $sql_certficates = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_client_id = $client_id ORDER BY certificate_name ASC"); $sql_software = mysqli_query($mysqli,"SELECT * FROM software WHERE software_client_id = $client_id ORDER BY software_name ASC"); ?>