ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Invoice Ticket design update, Added functionality for vendor ticket number, asset, login description and contact pin codes

Browse Source
This commit is contained in:
johnnyq
2023-06-14 18:39:24 -04:00
parent cdbff0d7f6
commit 32c9a933ea
23 changed files with 271 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client_asset_add_modal.php
+11 -1
View File
@@ -44,7 +44,17 @@
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div> </div>
<input type="text" class="form-control" name="name" placeholder="Name the asset" required autofocus> <input type="text" class="form-control" name="name" placeholder="Asset name or asset tag" required autofocus>
</div>
</div>
<div class="form-group">
<label>Description</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div>
<input type="text" class="form-control" name="description" placeholder="Description of the asset">
</div> </div>
</div> </div>
client_asset_copy_modal.php
+10
View File
@@ -46,6 +46,16 @@
</div> </div>
</div> </div>
<div class="form-group">
<label>Description</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div>
<input type="text" class="form-control" name="description" placeholder="Description of the asset" value="<?php echo $asset_description; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Type <strong class="text-danger">*</strong></label> <label>Type <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
client_asset_edit_modal.php
+10
View File
@@ -48,6 +48,16 @@
</div> </div>
</div> </div>
<div class="form-group">
<label>Description</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div>
<input type="text" class="form-control" name="description" placeholder="Description of the asset" value="<?php echo $asset_description; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Type <strong class="text-danger">*</strong></label> <label>Type <strong class="text-danger">*</strong></label>
<div class="input-group"> <div class="input-group">
client_asset_import_modal.php
+1 -1
View File
@@ -10,7 +10,7 @@
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off"> <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<p><strong>Format csv file with headings & data:</strong><br>Name, Type, Make, Model, Serial, OS, Assigned To, Location</p> <p><strong>Format csv file with headings & data:</strong><br>Name, Description, Type, Make, Model, Serial, OS, Assigned To, Location</p>
<hr> <hr>
<div class="form-group my-4"> <div class="form-group my-4">
<input type="file" class="form-control-file" name="file" accept=".csv"> <input type="file" class="form-control-file" name="file" accept=".csv">
client_assets.php
+9 -1
View File
@@ -62,7 +62,7 @@ $sql = mysqli_query(
LEFT JOIN logins ON login_asset_id = asset_id LEFT JOIN logins ON login_asset_id = asset_id
WHERE asset_client_id = $client_id WHERE asset_client_id = $client_id
AND asset_archived_at IS NULL AND asset_archived_at IS NULL
AND (asset_name LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%') AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR asset_ip LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%')
AND ($type_query) AND ($type_query)
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
@@ -134,6 +134,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="thead-light <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>"> <thead class="thead-light <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_name&o=<?php echo $disp; ?>">Name</a></th> <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_description&o=<?php echo $disp; ?>">Description</a></th>
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?> <?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_type&o=<?php echo $disp; ?>">Type</a></th> <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=asset_type&o=<?php echo $disp; ?>">Type</a></th>
<?php } <?php }
@@ -163,6 +164,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$asset_id = intval($row['asset_id']); $asset_id = intval($row['asset_id']);
$asset_type = nullable_htmlentities($row['asset_type']); $asset_type = nullable_htmlentities($row['asset_type']);
$asset_name = nullable_htmlentities($row['asset_name']); $asset_name = nullable_htmlentities($row['asset_name']);
$asset_description = nullable_htmlentities($row['asset_description']);
if (empty($asset_description)) {
$asset_description_display = "-";
} else {
$asset_description_display = $asset_description;
}
$asset_make = nullable_htmlentities($row['asset_make']); $asset_make = nullable_htmlentities($row['asset_make']);
$asset_model = nullable_htmlentities($row['asset_model']); $asset_model = nullable_htmlentities($row['asset_model']);
$asset_serial = nullable_htmlentities($row['asset_serial']); $asset_serial = nullable_htmlentities($row['asset_serial']);
@@ -279,6 +286,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php } ?> <?php } ?>
</th> </th>
<td><?php echo $asset_description_display; ?></td>
<?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?> <?php if ($_GET['type'] !== 'virtual' && $_GET['type'] !== 'servers') { ?>
<td><?php echo $asset_type; ?></td> <td><?php echo $asset_type; ?></td>
<?php } ?> <?php } ?>
client_contact_add_modal.php
+12 -2
View File
@@ -25,7 +25,7 @@
<a class="nav-link" data-toggle="pill" href="#pills-photo"><i class="fa fa-fw fa-image mr-2"></i>Photo</a> <a class="nav-link" data-toggle="pill" href="#pills-photo"><i class="fa fa-fw fa-image mr-2"></i>Photo</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-portal"><i class="fa fa-fw fa-lock mr-2"></i>Portal</a> <a class="nav-link" data-toggle="pill" href="#pills-secure"><i class="fa fa-fw fa-lock mr-2"></i>Secure</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a> <a class="nav-link" data-toggle="pill" href="#pills-notes"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a>
@@ -172,7 +172,17 @@
</div> </div>
<div class="tab-pane fade" id="pills-portal"> <div class="tab-pane fade" id="pills-secure">
<div class="form-group">
<label>Pin</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="pin" placeholder="Security code or pin">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Login</label> <label>Login</label>
client_contact_details.php
+4
View File
@@ -19,6 +19,7 @@ if (isset($_GET['contact_id'])) {
$contact_mobile = formatPhoneNumber($row['contact_mobile']); $contact_mobile = formatPhoneNumber($row['contact_mobile']);
$contact_email = nullable_htmlentities($row['contact_email']); $contact_email = nullable_htmlentities($row['contact_email']);
$contact_photo = nullable_htmlentities($row['contact_photo']); $contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_pin = nullable_htmlentities($row['contact_pin']);
$contact_initials = initials($contact_name); $contact_initials = initials($contact_name);
$contact_notes = nullable_htmlentities($row['contact_notes']); $contact_notes = nullable_htmlentities($row['contact_notes']);
$contact_important = intval($row['contact_important']); $contact_important = intval($row['contact_important']);
@@ -99,6 +100,9 @@ if (isset($_GET['contact_id'])) {
<?php } <?php }
if (!empty($contact_mobile)) { ?> if (!empty($contact_mobile)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div> <div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
<?php }
if (!empty($contact_pin)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-key text-secondary mr-3"></i><?php echo $contact_pin; ?></div>
<?php } ?> <?php } ?>
<div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div> <div class="mb-2"><i class="fa fa-fw fa-clock text-secondary mr-3"></i><?php echo date('Y-m-d', strtotime($contact_created_at)); ?></div>
<hr> <hr>
client_contact_edit_modal.php
+12 -2
View File
@@ -26,7 +26,7 @@
<a class="nav-link" data-toggle="pill" href="#pills-photo<?php echo $contact_id; ?>"><i class="fa fa-fw fa-image mr-2"></i>Photo</a> <a class="nav-link" data-toggle="pill" href="#pills-photo<?php echo $contact_id; ?>"><i class="fa fa-fw fa-image mr-2"></i>Photo</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-portal<?php echo $contact_id; ?>"><i class="fa fa-fw fa-lock mr-2"></i>Portal</a> <a class="nav-link" data-toggle="pill" href="#pills-secure<?php echo $contact_id; ?>"><i class="fa fa-fw fa-lock mr-2"></i>Secure</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $contact_id; ?>"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a> <a class="nav-link" data-toggle="pill" href="#pills-notes<?php echo $contact_id; ?>"><i class="fa fa-fw fa-edit mr-2"></i>Notes</a>
@@ -164,7 +164,17 @@
</div> </div>
<div class="tab-pane fade" id="pills-portal<?php echo $contact_id; ?>"> <div class="tab-pane fade" id="pills-secure<?php echo $contact_id; ?>">
<div class="form-group">
<label>Pin</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<input type="text" class="form-control" name="pin" placeholder="Security code or pin" value="<?php echo $contact_pin; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Login</label> <label>Login</label>
client_contacts.php
+1
View File
@@ -112,6 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if (empty($contact_info_display)) { if (empty($contact_info_display)) {
$contact_info_display = "-"; $contact_info_display = "-";
} }
$contact_pin = nullable_htmlentities($row['contact_pin']);
$contact_photo = nullable_htmlentities($row['contact_photo']); $contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_initials = initials($contact_name); $contact_initials = initials($contact_name);
$contact_notes = nullable_htmlentities($row['contact_notes']); $contact_notes = nullable_htmlentities($row['contact_notes']);
client_login_add_modal.php
+10
View File
@@ -44,6 +44,16 @@
</div> </div>
</div> </div>
<div class="form-group">
<label>Description</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div>
<input type="text" class="form-control" name="description" placeholder="Description">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Username</label> <label>Username</label>
<div class="input-group"> <div class="input-group">
client_login_edit_modal.php
+10
View File
@@ -45,6 +45,16 @@
</div> </div>
</div> </div>
<div class="form-group">
<label>Description</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-angle-right"></i></span>
</div>
<input type="text" class="form-control" name="description" placeholder="Description" value="<?php echo $login_description; ?>">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Username</label> <label>Username</label>
<div class="input-group"> <div class="input-group">
client_login_import_modal.php
+1 -1
View File
@@ -10,7 +10,7 @@
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off"> <form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>"> <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<p><strong>Format csv file with headings & data:</strong><br>Name, Username, Password, URL</p> <p><strong>Format csv file with headings & data:</strong><br>Name, Description, Username, Password, URL</p>
<hr> <hr>
<div class="form-group my-4"> <div class="form-group my-4">
<input type="file" class="form-control-file" name="file" accept=".csv"> <input type="file" class="form-control-file" name="file" accept=".csv">
client_logins.php
+10 -2
View File
@@ -13,7 +13,7 @@ $sql = mysqli_query(
$mysqli, $mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM logins "SELECT SQL_CALC_FOUND_ROWS * FROM logins
WHERE login_client_id = $client_id WHERE login_client_id = $client_id
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%') AND (login_name LIKE '%$q%' OR login_description LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
@@ -25,7 +25,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<div class="card-header py-2"> <div class="card-header py-2">
<h3 class="card-title mt-2"><i class="fa fa-fw fa-key mr-2"></i>Passwords</h3> <h3 class="card-title mt-2"><i class="fa fa-fw fa-key mr-2"></i>Passwords</h3>
<div class="card-tools"> <div class="card-tools">
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLoginModal"><i class="fas fa-plus mr-2"></i>New Login</button> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLoginModal"><i class="fas fa-plus mr-2"></i>Create</button>
</div> </div>
</div> </div>
<div class="card-body"> <div class="card-body">
@@ -57,6 +57,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>"> <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
<tr> <tr>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_name&o=<?php echo $disp; ?>">Name</a></th> <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_name&o=<?php echo $disp; ?>">Name</a></th>
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_description&o=<?php echo $disp; ?>">Description</a></th>
<th>Username</th> <th>Username</th>
<th>Password</th> <th>Password</th>
<th>OTP</th> <th>OTP</th>
@@ -70,6 +71,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
while ($row = mysqli_fetch_array($sql)) { while ($row = mysqli_fetch_array($sql)) {
$login_id = intval($row['login_id']); $login_id = intval($row['login_id']);
$login_name = nullable_htmlentities($row['login_name']); $login_name = nullable_htmlentities($row['login_name']);
$login_description = nullable_htmlentities($row['login_description']);
if (empty($login_description)) {
$login_description_display = "-";
} else {
$login_description_display = $login_description;
}
$login_uri = nullable_htmlentities($row['login_uri']); $login_uri = nullable_htmlentities($row['login_uri']);
if (empty($login_uri)) { if (empty($login_uri)) {
$login_uri_display = "-"; $login_uri_display = "-";
@@ -105,6 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
<?php echo $login_name; ?> <?php echo $login_name; ?>
</a> </a>
</td> </td>
<td><?php echo $login_description_display; ?></td>
<td><?php echo $login_username_display; ?></td> <td><?php echo $login_username_display; ?></td>
<td> <td>
<a tabindex="0" href="#" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></a><button class="btn btn-sm clipboardjs" data-clipboard-text="<?php echo $login_password; ?>"><i class="far fa-copy text-secondary"></i></button> <a tabindex="0" href="#" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></a><button class="btn btn-sm clipboardjs" data-clipboard-text="<?php echo $login_password; ?>"><i class="far fa-copy text-secondary"></i></button>
client_tickets.php
+2 -1
View File
@@ -18,7 +18,7 @@ $sql = mysqli_query(
LEFT JOIN locations ON ticket_location_id = location_id LEFT JOIN locations ON ticket_location_id = location_id
LEFT JOIN vendors ON ticket_vendor_id = vendor_id LEFT JOIN vendors ON ticket_vendor_id = vendor_id
WHERE ticket_client_id = $client_id WHERE ticket_client_id = $client_id
AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%') AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%' OR ticket_vendor_ticket_number LIKE '%q%')
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
@@ -85,6 +85,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
$ticket_details = nullable_htmlentities($row['ticket_details']); $ticket_details = nullable_htmlentities($row['ticket_details']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_status = nullable_htmlentities($row['ticket_status']); $ticket_status = nullable_htmlentities($row['ticket_status']);
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_created_at_time_ago = timeAgo($row['ticket_created_at']); $ticket_created_at_time_ago = timeAgo($row['ticket_created_at']);
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
global_search.php
+4 -1
View File
@@ -19,7 +19,7 @@ if (isset($_GET['query'])) {
$sql_products = mysqli_query($mysqli, "SELECT * FROM products WHERE product_name LIKE '%$query%' ORDER BY product_id DESC LIMIT 5"); $sql_products = mysqli_query($mysqli, "SELECT * FROM products WHERE product_name LIKE '%$query%' ORDER BY product_id DESC LIMIT 5");
$sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') ORDER BY document_id DESC LIMIT 5"); $sql_documents = mysqli_query($mysqli, "SELECT * FROM documents LEFT JOIN clients on document_client_id = clients.client_id WHERE MATCH(document_content_raw) AGAINST ('$query') ORDER BY document_id DESC LIMIT 5");
$sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') ORDER BY ticket_id DESC LIMIT 5"); $sql_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN clients on tickets.ticket_client_id = clients.client_id WHERE (ticket_subject LIKE '%$query%' OR ticket_number = '$ticket_num_query') ORDER BY ticket_id DESC LIMIT 5");
$sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_name LIKE '%$query%' ORDER BY login_id DESC LIMIT 5"); $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_name LIKE '%$query%' OR login_description LIKE '%$query%') ORDER BY login_id DESC LIMIT 5");
$q = nullable_htmlentities($_GET['query']); $q = nullable_htmlentities($_GET['query']);
?> ?>
@@ -313,6 +313,7 @@ if (isset($_GET['query'])) {
<table class="table table-striped table-borderless"> <table class="table table-striped table-borderless">
<thead> <thead>
<tr> <tr>
<th>Name</th>
<th>Description</th> <th>Description</th>
<th>Username</th> <th>Username</th>
<th>Password</th> <th>Password</th>
@@ -323,6 +324,7 @@ if (isset($_GET['query'])) {
while ($row = mysqli_fetch_array($sql_logins)) { while ($row = mysqli_fetch_array($sql_logins)) {
$login_name = nullable_htmlentities($row['login_name']); $login_name = nullable_htmlentities($row['login_name']);
$login_description = nullable_htmlentities($row['login_description']);
$login_client_id = intval($row['login_client_id']); $login_client_id = intval($row['login_client_id']);
$login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username']));
$login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password']));
@@ -330,6 +332,7 @@ if (isset($_GET['query'])) {
?> ?>
<tr> <tr>
<td><a href="client_logins.php?client_id=<?php echo $login_client_id ?>&q=<?php echo $q ?>"><?php echo $login_name; ?></a></td> <td><a href="client_logins.php?client_id=<?php echo $login_client_id ?>&q=<?php echo $q ?>"><?php echo $login_name; ?></a></td>
<td><?php echo $login_description; ?></td>
<td><?php echo $login_username; ?></td> <td><?php echo $login_username; ?></td>
<td><a tabindex="0" class="btn btn-sm" data-toggle="popover" data-trigger="focus" data-placement="left" data-content="<?php echo $login_password; ?>"><i class="far fa-eye text-secondary"></i></a><button class="btn btn-sm clipboardjs" data-clipboard-text="<?php echo $login_password; ?>"><i class="far fa-copy text-secondary"></i></button></td> <td><a tabindex="0" class="btn btn-sm" data-toggle="popover" data-trigger="focus" data-placement="left" data-content="<?php echo $login_password; ?>"><i class="far fa-eye text-secondary"></i></a><button class="btn btn-sm clipboardjs" data-clipboard-text="<?php echo $login_password; ?>"><i class="far fa-copy text-secondary"></i></button></td>
models/client_logins.php
+1
View File
@@ -1,6 +1,7 @@
<?php <?php
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']); $name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$uri = preg_replace("(^https?://)", "", sanitizeInput($_POST['uri'])); $uri = preg_replace("(^https?://)", "", sanitizeInput($_POST['uri']));
$username = encryptLoginEntry($_POST['username']); $username = encryptLoginEntry($_POST['username']);
$password = encryptLoginEntry($_POST['password']); $password = encryptLoginEntry($_POST['password']);
models/contact.php
+2
View File
@@ -14,4 +14,6 @@ $contact_important = intval($_POST['contact_important']);
$contact_billing = intval($_POST['contact_billing']); $contact_billing = intval($_POST['contact_billing']);
$contact_technical = intval($_POST['contact_technical']); $contact_technical = intval($_POST['contact_technical']);
$location_id = intval($_POST['location']); $location_id = intval($_POST['location']);
$pin = sanitizeInput($_POST['pin']);
$auth_method = sanitizeInput($_POST['auth_method']); $auth_method = sanitizeInput($_POST['auth_method']);
post.php
+40 -27
View File
@@ -4217,7 +4217,7 @@ if(isset($_POST['add_contact'])){
mkdir("uploads/clients/$client_id"); mkdir("uploads/clients/$client_id");
} }
mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$auth_method', contact_password_hash = '$password', contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id"); mysqli_query($mysqli,"INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$auth_method', contact_password_hash = '$password', contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id");
$contact_id = mysqli_insert_id($mysqli); $contact_id = mysqli_insert_id($mysqli);
@@ -4273,7 +4273,7 @@ if(isset($_POST['edit_contact'])){
mkdir("uploads/clients/$client_id"); mkdir("uploads/clients/$client_id");
} }
mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$auth_method', contact_department = '$department', contact_location_id = $location_id WHERE contact_id = $contact_id"); mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$auth_method', contact_department = '$department', contact_location_id = $location_id WHERE contact_id = $contact_id");
// Update Primary contact in clients if primary contact is checked // Update Primary contact in clients if primary contact is checked
if ($primary_contact > 0){ if ($primary_contact > 0){
@@ -4927,6 +4927,7 @@ if(isset($_POST['add_asset'])){
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']); $name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$type = sanitizeInput($_POST['type']); $type = sanitizeInput($_POST['type']);
$make = sanitizeInput($_POST['make']); $make = sanitizeInput($_POST['make']);
$model = sanitizeInput($_POST['model']); $model = sanitizeInput($_POST['model']);
@@ -4961,7 +4962,7 @@ if(isset($_POST['add_asset'])){
$alert_extended = ""; $alert_extended = "";
mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network, asset_client_id = $client_id"); mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network, asset_client_id = $client_id");
$asset_id = mysqli_insert_id($mysqli); $asset_id = mysqli_insert_id($mysqli);
@@ -4997,6 +4998,7 @@ if(isset($_POST['edit_asset'])){
$login_id = intval($_POST['login_id']); $login_id = intval($_POST['login_id']);
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$name = sanitizeInput($_POST['name']); $name = sanitizeInput($_POST['name']);
$description = sanitizeInput($_POST['description']);
$type = sanitizeInput($_POST['type']); $type = sanitizeInput($_POST['type']);
$make = sanitizeInput($_POST['make']); $make = sanitizeInput($_POST['make']);
$model = sanitizeInput($_POST['model']); $model = sanitizeInput($_POST['model']);
@@ -5033,7 +5035,7 @@ if(isset($_POST['edit_asset'])){
$alert_extended = ""; $alert_extended = "";
mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id"); mysqli_query($mysqli,"UPDATE assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$ip', asset_mac = '$mac', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_status = '$status', asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id");
//If login exists then update the login //If login exists then update the login
if($login_id > 0 && !empty($_POST['username'])){ if($login_id > 0 && !empty($_POST['username'])){
@@ -5169,28 +5171,34 @@ if(isset($_POST["import_client_assets_csv"])){
} }
} }
if(isset($column[1])){ if(isset($column[1])){
$type = sanitizeInput($column[1]); $description = sanitizeInput($column[1]);
} }
if(isset($column[2])){ if(isset($column[2])){
$make = sanitizeInput($column[2]); $type = sanitizeInput($column[2]);
} }
if(isset($column[3])){ if(isset($column[3])){
$model = sanitizeInput($column[3]); $make = sanitizeInput($column[3]);
} }
if(isset($column[4])){ if(isset($column[4])){
$serial = sanitizeInput($column[4]); $model = sanitizeInput($column[4]);
} }
if(isset($column[5])){ if(isset($column[5])){
$os = sanitizeInput(column[5]); $serial = sanitizeInput($column[5]);
} }
if(isset($column[6])){ if(isset($column[6])){
$contact = sanitizeInput($column[6]); $os = sanitizeInput($column[6]);
}
if(isset($column[7])){
$os = sanitizeInput($column[7]);
}
if(isset($column[8])){
$contact = sanitizeInput($column[8]);
$sql_contact = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_name = '$contact' AND contact_client_id = $client_id"); $sql_contact = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_name = '$contact' AND contact_client_id = $client_id");
$row = mysqli_fetch_assoc($sql_contact); $row = mysqli_fetch_assoc($sql_contact);
$contact_id = intval($row['contact_id']); $contact_id = intval($row['contact_id']);
} }
if(isset($column[7])){ if(isset($column[9])){
$location = sanitizeInput($column[7]); $location = sanitizeInput($column[9]);
$sql_location = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_name = '$location' AND location_client_id = $client_id"); $sql_location = mysqli_query($mysqli,"SELECT * FROM locations WHERE location_name = '$location' AND location_client_id = $client_id");
$row = mysqli_fetch_assoc($sql_location); $row = mysqli_fetch_assoc($sql_location);
$location_id = intval($row['location_id']); $location_id = intval($row['location_id']);
@@ -5199,7 +5207,7 @@ if(isset($_POST["import_client_assets_csv"])){
// Check if duplicate was detected // Check if duplicate was detected
if($duplicate_detect == 0){ if($duplicate_detect == 0){
//Add //Add
mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_contact_id = $contact_id, asset_location_id = $location_id, asset_client_id = $client_id"); mysqli_query($mysqli,"INSERT INTO assets SET asset_name = '$name', asset_description = '$description', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_contact_id = $contact_id, asset_location_id = $location_id, asset_client_id = $client_id");
$row_count = $row_count + 1; $row_count = $row_count + 1;
}else{ }else{
$duplicate_count = $duplicate_count + 1; $duplicate_count = $duplicate_count + 1;
@@ -5236,7 +5244,7 @@ if(isset($_GET['download_client_assets_csv_template'])){
$f = fopen('php://memory', 'w'); $f = fopen('php://memory', 'w');
//set column headers //set column headers
$fields = array('Name', 'Type', 'Make', 'Model', 'Serial', 'OS', 'Assigned To', 'Location'); $fields = array('Name', 'Description', 'Type', 'Make', 'Model', 'Serial', 'OS', 'Assigned To', 'Location');
fputcsv($f, $fields, $delimiter); fputcsv($f, $fields, $delimiter);
//move back to beginning of file //move back to beginning of file
@@ -5274,12 +5282,12 @@ if(isset($_POST['export_client_assets_csv'])){
$f = fopen('php://memory', 'w'); $f = fopen('php://memory', 'w');
//set column headers //set column headers
$fields = array('Name', 'Type', 'Make', 'Model', 'Serial Number', 'Operating System', 'Purchase Date', 'Warranty Expire', 'Install Date', 'Assigned To', 'Location', 'Notes'); $fields = array('Name', 'Description', 'Type', 'Make', 'Model', 'Serial Number', 'Operating System', 'Purchase Date', 'Warranty Expire', 'Install Date', 'Assigned To', 'Location', 'Notes');
fputcsv($f, $fields, $delimiter); fputcsv($f, $fields, $delimiter);
//output each row of the data, format line as csv and write to file pointer //output each row of the data, format line as csv and write to file pointer
while($row = mysqli_fetch_array($sql)){ while($row = mysqli_fetch_array($sql)){
$lineData = array($row['asset_name'], $row['asset_type'], $row['asset_make'], $row['asset_model'], $row['asset_serial'], $row['asset_os'], $row['asset_purchase_date'], $row['asset_warranty_expire'], $row['asset_install_date'], $row['contact_name'], $row['location_name'], $row['asset_notes']); $lineData = array($row['asset_name'], $row['asset_description'], $row['asset_type'], $row['asset_make'], $row['asset_model'], $row['asset_serial'], $row['asset_os'], $row['asset_purchase_date'], $row['asset_warranty_expire'], $row['asset_install_date'], $row['contact_name'], $row['location_name'], $row['asset_notes']);
fputcsv($f, $lineData, $delimiter); fputcsv($f, $lineData, $delimiter);
} }
@@ -5652,7 +5660,7 @@ if(isset($_POST['add_login'])){
require_once('models/client_logins.php'); require_once('models/client_logins.php');
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id, login_client_id = $client_id"); mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id, login_client_id = $client_id");
$login_id = mysqli_insert_id($mysqli); $login_id = mysqli_insert_id($mysqli);
@@ -5673,7 +5681,7 @@ if(isset($_POST['edit_login'])){
$login_id = intval($_POST['login_id']); $login_id = intval($_POST['login_id']);
mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id WHERE login_id = $login_id"); mysqli_query($mysqli,"UPDATE logins SET login_name = '$name', login_description = '$description', login_uri = '$uri', login_username = '$username', login_password = '$password', login_otp_secret = '$otp_secret', login_note = '$note', login_important = $important, login_contact_id = $contact_id, login_vendor_id = $vendor_id, login_asset_id = $asset_id, login_software_id = $software_id WHERE login_id = $login_id");
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modify', log_description = '$session_name modified login $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Modify', log_description = '$session_name modified login $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
@@ -5729,14 +5737,14 @@ if(isset($_POST['export_client_logins_csv'])){
$f = fopen('php://memory', 'w'); $f = fopen('php://memory', 'w');
//set column headers //set column headers
$fields = array('Name', 'Username', 'Password', 'URL'); $fields = array('Name', 'Description', 'Username', 'Password', 'URL');
fputcsv($f, $fields, $delimiter); fputcsv($f, $fields, $delimiter);
//output each row of the data, format line as csv and write to file pointer //output each row of the data, format line as csv and write to file pointer
while($row = $sql->fetch_assoc()){ while($row = $sql->fetch_assoc()){
$login_username = decryptLoginEntry($row['login_username']); $login_username = decryptLoginEntry($row['login_username']);
$login_password = decryptLoginEntry($row['login_password']); $login_password = decryptLoginEntry($row['login_password']);
$lineData = array($row['login_name'], $login_username, $login_password, $row['login_uri']); $lineData = array($row['login_name'], $row['login_description'], $login_username, $login_password, $row['login_uri']);
fputcsv($f, $lineData, $delimiter); fputcsv($f, $lineData, $delimiter);
} }
@@ -5803,19 +5811,22 @@ if(isset($_POST["import_client_logins_csv"])){
} }
} }
if(isset($column[1])){ if(isset($column[1])){
$username = sanitizeInput(encryptLoginEntry($column[1])); $description = sanitizeInput($column[1]);
} }
if(isset($column[2])){ if(isset($column[2])){
$password = sanitizeInput(encryptLoginEntry($column[2])); $username = sanitizeInput(encryptLoginEntry($column[2]));
} }
if(isset($column[3])){ if(isset($column[3])){
$url = sanitizeInput($column[3]); $password = sanitizeInput(encryptLoginEntry($column[3]));
}
if(isset($column[4])){
$url = sanitizeInput($column[4]);
} }
// Check if duplicate was detected // Check if duplicate was detected
if($duplicate_detect == 0){ if($duplicate_detect == 0){
//Add //Add
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_client_id = $client_id"); mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_description = '$description', login_username = '$username', login_password = '$password', login_client_id = $client_id");
$row_count = $row_count + 1; $row_count = $row_count + 1;
}else{ }else{
$duplicate_count = $duplicate_count + 1; $duplicate_count = $duplicate_count + 1;
@@ -5852,7 +5863,7 @@ if(isset($_GET['download_client_logins_csv_template'])){
$f = fopen('php://memory', 'w'); $f = fopen('php://memory', 'w');
//set column headers //set column headers
$fields = array('Name', 'Username', 'Password', 'URL'); $fields = array('Name', 'Description', 'Username', 'Password', 'URL');
fputcsv($f, $fields, $delimiter); fputcsv($f, $fields, $delimiter);
//move back to beginning of file //move back to beginning of file
@@ -6356,6 +6367,7 @@ if(isset($_POST['add_ticket'])){
$subject = sanitizeInput($_POST['subject']); $subject = sanitizeInput($_POST['subject']);
$priority = sanitizeInput($_POST['priority']); $priority = sanitizeInput($_POST['priority']);
$details = mysqli_real_escape_string($mysqli,$_POST['details']); $details = mysqli_real_escape_string($mysqli,$_POST['details']);
$vendor_ticket_number = sanitizeInput($_POST['vendor_ticket_number']);
$vendor_id = intval($_POST['vendor']); $vendor_id = intval($_POST['vendor']);
$asset_id = intval($_POST['asset']); $asset_id = intval($_POST['asset']);
@@ -6371,7 +6383,7 @@ if(isset($_POST['add_ticket'])){
$new_config_ticket_next_number = $config_ticket_next_number + 1; $new_config_ticket_next_number = $config_ticket_next_number + 1;
mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1"); mysqli_query($mysqli,"UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id, ticket_created_by = $session_user_id, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_client_id = $client_id"); mysqli_query($mysqli,"INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 'Open', ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id, ticket_created_by = $session_user_id, ticket_assigned_to = $assigned_to, ticket_contact_id = $contact, ticket_client_id = $client_id");
$ticket_id = mysqli_insert_id($mysqli); $ticket_id = mysqli_insert_id($mysqli);
@@ -6433,12 +6445,13 @@ if(isset($_POST['edit_ticket'])){
$subject = sanitizeInput($_POST['subject']); $subject = sanitizeInput($_POST['subject']);
$priority = sanitizeInput($_POST['priority']); $priority = sanitizeInput($_POST['priority']);
$details = mysqli_real_escape_string($mysqli,$_POST['details']); $details = mysqli_real_escape_string($mysqli,$_POST['details']);
$vendor_ticket_number = sanitizeInput($_POST['vendor_ticket_number']);
$vendor_id = intval($_POST['vendor']); $vendor_id = intval($_POST['vendor']);
$asset_id = intval($_POST['asset']); $asset_id = intval($_POST['asset']);
$client_id = intval($_POST['client_id']); $client_id = intval($_POST['client_id']);
$ticket_number = intval($_POST['ticket_number']); $ticket_number = intval($_POST['ticket_number']);
mysqli_query($mysqli,"UPDATE tickets SET ticket_subject = '$subject', ticket_priority = '$priority', ticket_details = '$details', ticket_assigned_to = $assigned_to, ticket_contact_id = $contact_id, ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id WHERE ticket_id = $ticket_id"); mysqli_query($mysqli,"UPDATE tickets SET ticket_subject = '$subject', ticket_priority = '$priority', ticket_details = '$details', ticket_vendor_ticket_number = '$vendor_ticket_number', ticket_assigned_to = $assigned_to, ticket_contact_id = $contact_id, ticket_vendor_id = $vendor_id, ticket_asset_id = $asset_id WHERE ticket_id = $ticket_id");
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modify', log_description = '$session_name modified ticket $ticket_number - $subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Ticket', log_action = 'Modify', log_description = '$session_name modified ticket $ticket_number - $subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_id");
ticket.php
+7
View File
@@ -67,6 +67,7 @@ if (isset($_GET['ticket_id'])) {
$ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>"; $ticket_status_display = "<span class='p-2 badge badge-secondary'>$ticket_status</span>";
} }
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_date = date('Y-m-d', strtotime($ticket_created_at)); $ticket_date = date('Y-m-d', strtotime($ticket_created_at));
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);
@@ -656,6 +657,7 @@ if (isset($_GET['ticket_id'])) {
<div> <div>
<h4 class="text-secondary">Vendor</h4> <h4 class="text-secondary">Vendor</h4>
<i class="fa fa-fw fa-building text-secondary ml-1 mr-2 mb-2"></i><strong><?php echo $vendor_name; ?></strong> <i class="fa fa-fw fa-building text-secondary ml-1 mr-2 mb-2"></i><strong><?php echo $vendor_name; ?></strong>
<br>
<?php <?php
if (!empty($vendor_contact_name)) { ?> if (!empty($vendor_contact_name)) { ?>
@@ -663,6 +665,11 @@ if (isset($_GET['ticket_id'])) {
<br> <br>
<?php } <?php }
if (!empty($ticket_vendor_ticket_number)) { ?>
<i class="fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2"></i><?php echo $ticket_vendor_ticket_number; ?>
<br>
<?php }
if (!empty($vendor_email)) { ?> if (!empty($vendor_email)) { ?>
<i class="fa fa-fw fa-envelope text-secondary ml-1 mr-2 mb-2"></i><a href="mailto:<?php echo $vendor_email; ?>"><?php echo $vendor_email; ?></a> <i class="fa fa-fw fa-envelope text-secondary ml-1 mr-2 mb-2"></i><a href="mailto:<?php echo $vendor_email; ?>"><?php echo $vendor_email; ?></a>
<br> <br>
ticket_add_modal.php
+10
View File
@@ -188,6 +188,16 @@
</div> </div>
</div> </div>
<div class="form-group">
<label>Vendor Ticket Number</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<input type="text" class="form-control" name="vendor_ticket_number" placeholder="Vendor ticket number">
</div>
</div>
</div> </div>
<?php } ?> <?php } ?>
ticket_edit_modal.php
+10
View File
@@ -175,6 +175,16 @@
</div> </div>
</div> </div>
<div class="form-group">
<label>Vendor Ticket Number</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-tag"></i></span>
</div>
<input type="text" class="form-control" name="vendor_ticket_number" placeholder="Vendor ticket number" value="<?php echo $ticket_vendor_ticket_number; ?>">
</div>
</div>
</div> </div>
</div> </div>
ticket_invoice_add_modal.php
+53 -31
View File
@@ -8,41 +8,23 @@
</button> </button>
</div> </div>
<form action="post.php" method="post" autocomplete="off"> <form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id; ?>">
<div class="modal-body bg-white"> <div class="modal-body bg-white">
<input type="hidden" name="ticket_id" value="<?php echo $ticket_id; ?>"> <ul class="nav nav-pills nav-justified mb-3">
<li class="nav-item">
<a class="nav-link active" data-toggle="pill" href="#pills-create-invoice"><i class="fa fa-fw fa-check mr-2"></i>Create New Invoice</a>
</li>
<li class="nav-item">
<a class="nav-link" data-toggle="pill" href="#pills-add-to-invoice"><i class="fa fa-fw fa-plus mr-2"></i>Add to Existing Invoice</a>
</li>
</ul>
<div class="form-group"> <hr>
<label>Exisiting Invoice?</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-file-invoice-dollar"></i></span>
</div>
<select class="form-control select2" name="invoice_id">
<option value="0">New Invoice</option>
<?php
$sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_status NOT LIKE 'Paid' AND invoice_client_id = $client_id ORDER BY invoice_number ASC"); <div class="tab-content">
while ($row = mysqli_fetch_array($sql_invoices)) {
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
$invoice_number = intval($row['invoice_number']);
$invoice_scope = nullable_htmlentities($row['invoice_scope']);
$invoice_satus = nullable_htmlentities($row['invoice_status']);
$invoice_date = nullable_htmlentities($row['invoice_date']);
$invoice_due = nullable_htmlentities($row['invoice_due']);
$invoice_amount = floatval($row['invoice_amount']);
?> <div class="tab-pane fade show active" id="pills-create-invoice">
<option value="<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number $invoice_scope"; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label>Invoice Date <strong class="text-danger">*</strong></label> <label>Invoice Date <strong class="text-danger">*</strong></label>
@@ -91,6 +73,46 @@
</div> </div>
</div> </div>
</div>
<div class="tab-pane fade" id="pills-add-to-invoice">
<div class="form-group">
<label>Invoice</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-file-invoice-dollar"></i></span>
</div>
<select class="form-control select2" name="invoice_id">
<option value="0">- Invoice -</option>
<?php
$sql_invoices = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_status NOT LIKE 'Paid' AND invoice_client_id = $client_id ORDER BY invoice_number ASC");
while ($row = mysqli_fetch_array($sql_invoices)) {
$invoice_id = intval($row['invoice_id']);
$invoice_prefix = nullable_htmlentities($row['invoice_prefix']);
$invoice_number = intval($row['invoice_number']);
$invoice_scope = nullable_htmlentities($row['invoice_scope']);
$invoice_satus = nullable_htmlentities($row['invoice_status']);
$invoice_date = nullable_htmlentities($row['invoice_date']);
$invoice_due = nullable_htmlentities($row['invoice_due']);
$invoice_amount = floatval($row['invoice_amount']);
?>
<option value="<?php echo $invoice_id; ?>"><?php echo "$invoice_prefix$invoice_number $invoice_scope"; ?></option>
<?php
}
?>
</select>
</div>
</div>
</div>
</div>
<hr> <hr>
<div class="form-group"> <div class="form-group">
@@ -169,7 +191,7 @@
</div> </div>
<div class="modal-footer bg-white"> <div class="modal-footer bg-white">
<button type="submit" name="add_invoice_from_ticket" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Create Invoice</button> <button type="submit" name="add_invoice_from_ticket" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Invoice</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button> <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div> </div>
</form> </form>
tickets.php
+2 -1
View File
@@ -50,7 +50,7 @@ $sql = mysqli_query(
WHERE ticket_assigned_to LIKE '%$ticket_assigned_filter%' WHERE ticket_assigned_to LIKE '%$ticket_assigned_filter%'
AND $ticket_status_snippet AND $ticket_status_snippet
AND DATE(ticket_created_at) BETWEEN '$dtf' AND '$dtt' AND DATE(ticket_created_at) BETWEEN '$dtf' AND '$dtt'
AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR user_name LIKE '%$q%') AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR user_name LIKE '%$q%' OR ticket_vendor_ticket_number LIKE '%q%')
ORDER BY $sb $o LIMIT $record_from, $record_to" ORDER BY $sb $o LIMIT $record_from, $record_to"
); );
@@ -264,6 +264,7 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']);
$ticket_details = nullable_htmlentities($row['ticket_details']); $ticket_details = nullable_htmlentities($row['ticket_details']);
$ticket_priority = nullable_htmlentities($row['ticket_priority']); $ticket_priority = nullable_htmlentities($row['ticket_priority']);
$ticket_status = nullable_htmlentities($row['ticket_status']); $ticket_status = nullable_htmlentities($row['ticket_status']);
$ticket_vendor_ticket_number = nullable_htmlentities($row['ticket_vendor_ticket_number']);
$ticket_created_at = nullable_htmlentities($row['ticket_created_at']); $ticket_created_at = nullable_htmlentities($row['ticket_created_at']);
$ticket_created_at_time_ago = timeAgo($row['ticket_created_at']); $ticket_created_at_time_ago = timeAgo($row['ticket_created_at']);
$ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']); $ticket_updated_at = nullable_htmlentities($row['ticket_updated_at']);