From 5fccf5ffd44ab7d37aa08f2c1ee9015e9061eba0 Mon Sep 17 00:00:00 2001 From: git-kup <148492449+git-kup@users.noreply.github.com> Date: Wed, 18 Dec 2024 16:33:20 -0500 Subject: [PATCH 001/366] Update admin_role.php --- admin_role.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin_role.php b/admin_role.php index 9d592db3..1aaee078 100644 --- a/admin_role.php +++ b/admin_role.php @@ -21,7 +21,7 @@ $sql = mysqli_query( $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); ?> -
Roles are still in development. Permissions may not be fully enforced.
+
Roles are still in development. Permissions may not be fully enforced.
From d0998b7d0df972bf658c53e94ec5418de21f13b5 Mon Sep 17 00:00:00 2001 From: git-kup <148492449+git-kup@users.noreply.github.com> Date: Wed, 18 Dec 2024 16:35:08 -0500 Subject: [PATCH 002/366] Update admin_role.php --- admin_role.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin_role.php b/admin_role.php index 1aaee078..241a116f 100644 --- a/admin_role.php +++ b/admin_role.php @@ -21,7 +21,7 @@ $sql = mysqli_query( $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); ?> -
Roles are still in development. Permissions may not be fully enforced.
+
Roles are still in development. Permissions may not be fully enforced.
From 56f00fe3667b7805496df87103c5a2944dc8589d Mon Sep 17 00:00:00 2001 From: git-kup <148492449+git-kup@users.noreply.github.com> Date: Wed, 18 Dec 2024 17:50:33 -0500 Subject: [PATCH 003/366] Update global_search.php --- global_search.php | 1 - 1 file changed, 1 deletion(-) diff --git a/global_search.php b/global_search.php index b4de3ce2..a182669e 100644 --- a/global_search.php +++ b/global_search.php @@ -146,7 +146,6 @@ if (isset($_GET['query'])) {

Global Search

-
0) { ?> From 4627736a8cdca9ff2af0012c172fdfb3f9c7e2aa Mon Sep 17 00:00:00 2001 From: git-kup <148492449+git-kup@users.noreply.github.com> Date: Wed, 18 Dec 2024 18:10:22 -0500 Subject: [PATCH 004/366] make global search nicer --- global_search.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global_search.php b/global_search.php index a182669e..e9c1f06e 100644 --- a/global_search.php +++ b/global_search.php @@ -144,7 +144,7 @@ if (isset($_GET['query'])) {
-
+

Global Search

From 7ee04fa26a92c9e5a2ba950a35f5843a76691323 Mon Sep 17 00:00:00 2001 From: gt-business Date: Wed, 18 Dec 2024 18:48:42 -0500 Subject: [PATCH 005/366] Update global_search.php --- global_search.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/global_search.php b/global_search.php index e9c1f06e..4740b335 100644 --- a/global_search.php +++ b/global_search.php @@ -142,11 +142,12 @@ if (isset($_GET['query'])) { ?> -
+
+
+

Global Search

+
+
-
-

Global Search

-
0) { ?> From c5cbfd50d2af8bc959f990901c97538a865e5aae Mon Sep 17 00:00:00 2001 From: gt-business Date: Wed, 18 Dec 2024 18:49:38 -0500 Subject: [PATCH 006/366] Update global_search.php --- global_search.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global_search.php b/global_search.php index 4740b335..48d6f5d2 100644 --- a/global_search.php +++ b/global_search.php @@ -142,7 +142,7 @@ if (isset($_GET['query'])) { ?> -
+

Global Search

From 7007c34e8d4e8baae6f3c02069694461f2706ff7 Mon Sep 17 00:00:00 2001 From: gt-business Date: Wed, 18 Dec 2024 18:56:26 -0500 Subject: [PATCH 007/366] Update global_search.php --- global_search.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/global_search.php b/global_search.php index 48d6f5d2..c6c05fcf 100644 --- a/global_search.php +++ b/global_search.php @@ -141,14 +141,14 @@ if (isset($_GET['query'])) { ?> - -
-
-

Global Search

+
+
+
+

Global Search

+
- 0) { ?> From 8e385d8599879b19967a1786969fd82ea48d7c45 Mon Sep 17 00:00:00 2001 From: gt-business Date: Wed, 18 Dec 2024 18:57:10 -0500 Subject: [PATCH 008/366] Update global_search.php --- global_search.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global_search.php b/global_search.php index c6c05fcf..21fd86ee 100644 --- a/global_search.php +++ b/global_search.php @@ -141,13 +141,13 @@ if (isset($_GET['query'])) { ?> -
+

Global Search

-
+ 0) { ?> From bd7a15680054d2e67b96ddb02351c4df8b55e08d Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 20 Dec 2024 11:23:41 +0000 Subject: [PATCH 009/366] Move more things to new role perms system --- check_login.php | 11 +++++++---- inc_all_client.php | 8 ++++---- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/check_login.php b/check_login.php index 05e6cd94..bd9570df 100644 --- a/check_login.php +++ b/check_login.php @@ -59,6 +59,8 @@ $session_user_role = intval($row['user_role']); $session_user_role_display = sanitizeInput($row['user_role_name']); if (isset($row['user_role_is_admin']) && $row['user_role_is_admin'] == 1) { $session_is_admin = true; +} else { + $session_is_admin = false; } $session_user_config_force_mfa = intval($row['user_config_force_mfa']); $user_config_records_per_page = intval($row['user_config_records_per_page']); @@ -88,12 +90,13 @@ try { $client_access_string = implode(',', $client_access_array); - // Role / Client Access Permission Check - if ($session_user_role < 3 && !empty($client_access_string)) { + // Client access permission check + // Default allow, if a list of allowed clients is set & the user isn't an admin, restrict them + $access_permission_query = ""; + if ($client_access_string && !$session_is_admin) { $access_permission_query = "AND clients.client_id IN ($client_access_string)"; - } else { - $access_permission_query = ""; } + } catch (Exception $e) { // Handle exception error_log('MySQL error: ' . $e->getMessage()); diff --git a/inc_all_client.php b/inc_all_client.php index d8337b29..064ec7af 100644 --- a/inc_all_client.php +++ b/inc_all_client.php @@ -12,8 +12,9 @@ enforceUserPermission('module_client'); if (isset($_GET['client_id'])) { $client_id = intval($_GET['client_id']); - // Check to see if the logged in user has permission to access this client (Admins have access to all no matter what perms are set) - if(!in_array($client_id, $client_access_array) AND !empty($client_access_string) AND $session_user_role < 3) { + // Client Access Check + // Ensure the user has permission to access this client (admins ignored) + if (!in_array($client_id, $client_access_array) AND !empty($client_access_string) AND !$session_is_admin) { // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client', log_action = 'Access', log_description = '$session_name was denied permission from accessing client', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $client_id"); @@ -21,7 +22,6 @@ if (isset($_GET['client_id'])) { $_SESSION['alert_message'] = "Access Denied - You do not have permission to access that client!"; echo ""; - exit(); } @@ -310,4 +310,4 @@ require_once "filter_header.php"; ?> - \ No newline at end of file + From 63015ab22db9c4ee0d46c408a4a807d103a55cea Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 21 Dec 2024 16:46:21 -0500 Subject: [PATCH 010/366] Feature: Recurring Payments created DB Structure --- database_updates.php | 26 +++++++++++++++++++++++--- database_version.php | 2 +- db.sql | 24 +++++++++++++++++++++++- 3 files changed, 47 insertions(+), 5 deletions(-) diff --git a/database_updates.php b/database_updates.php index 0b5925cc..3a7fac23 100644 --- a/database_updates.php +++ b/database_updates.php @@ -2376,10 +2376,30 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.3'"); } - // if (CURRENT_DATABASE_VERSION == '1.7.3') { - // // Insert queries here required to update to DB version 1.7.4 + if (CURRENT_DATABASE_VERSION == '1.7.3') { + + // Add Recurring Payments + mysqli_query($mysqli, "CREATE TABLE `recurring_payments` ( + `recurring_payment_id` INT(11) NOT NULL AUTO_INCREMENT, + `recurring_payment_amount` DECIMAL(15,2) NOT NULL, + `recurring_payment_currency_code` VARCHAR(10) NOT NULL, + `recurring_payment_method` VARCHAR(200) NOT NULL, + `recurring_payment_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP(), + `recurring_payment_updated_at` DATETIME DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, + `recurring_payment_archived_at` DATETIME DEFAULT NULL, + `recurring_payment_account_id` INT(11) NOT NULL, + `recurring_payment_recurring_expense_id` INT(11) NOT NULL DEFAULT 0, + `recurring_payment_recurring_invoice_id` INT(11) NOT NULL, + PRIMARY KEY (`recurring_payment_id`) + )"); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.4'"); + } + + // if (CURRENT_DATABASE_VERSION == '1.7.4') { + // // Insert queries here required to update to DB version 1.7.5 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.4'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.5'"); // } } else { diff --git a/database_version.php b/database_version.php index d959034c..1d0be201 100644 --- a/database_version.php +++ b/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "1.7.3"); +DEFINE("LATEST_DATABASE_VERSION", "1.7.4"); diff --git a/db.sql b/db.sql index 3675dc53..9e340da1 100644 --- a/db.sql +++ b/db.sql @@ -1383,6 +1383,28 @@ CREATE TABLE `recurring_expenses` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; +-- +-- Table structure for table `recurring_payments` +-- + +DROP TABLE IF EXISTS `recurring_payments`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8 */; +CREATE TABLE `recurring_payments` ( + `recurring_payment_id` int(11) NOT NULL AUTO_INCREMENT, + `recurring_payment_amount` decimal(15,2) NOT NULL, + `recurring_payment_currency_code` varchar(10) NOT NULL, + `recurring_payment_method` varchar(200) NOT NULL, + `recurring_payment_created_at` datetime NOT NULL DEFAULT current_timestamp(), + `recurring_payment_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(), + `recurring_payment_archived_at` datetime DEFAULT NULL, + `recurring_payment_account_id` int(11) NOT NULL, + `recurring_payment_recurring_expense_id` int(11) NOT NULL DEFAULT 0, + `recurring_payment_recurring_invoice_id` int(11) NOT NULL, + PRIMARY KEY (`recurring_payment_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; +/*!40101 SET character_set_client = @saved_cs_client */; + -- -- Table structure for table `remember_tokens` -- @@ -2266,4 +2288,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2024-12-13 15:11:31 +-- Dump completed on 2024-12-21 16:44:59 From 87a86803ee7410fd48eca0c7e821cc163d935b3f Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 21 Dec 2024 18:49:42 -0500 Subject: [PATCH 011/366] Added Recurring Payment Creation and Deletion and display in the recurring Invoice sections, still not operational need to add to cron --- client_recurring_invoices.php | 32 ++++++++++++-- post/user/invoice.php | 58 +++++++++++++++++++++++++ recurring_invoices.php | 25 ++++++++++- recurring_payment_add_modal.php | 77 +++++++++++++++++++++++++++++++++ 4 files changed, 187 insertions(+), 5 deletions(-) create mode 100644 recurring_payment_add_modal.php diff --git a/client_recurring_invoices.php b/client_recurring_invoices.php index 9395cb3d..bd0593bd 100644 --- a/client_recurring_invoices.php +++ b/client_recurring_invoices.php @@ -16,6 +16,7 @@ $sql = mysqli_query( $mysqli, "SELECT * FROM recurring LEFT JOIN categories ON recurring_category_id = category_id + LEFT JOIN recurring_payments ON recurring_payment_recurring_invoice_id = recurring_id WHERE recurring_client_id = $client_id AND (CONCAT(recurring_prefix,recurring_number) LIKE '%$q%' OR recurring_frequency LIKE '%$q%' OR recurring_scope LIKE '%$q%' OR category_name LIKE '%$q%') ORDER BY $sort $order LIMIT $record_from, $record_to"); @@ -104,6 +105,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Category + + + Auto Pay + + Status @@ -140,6 +146,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $status = "Inactive"; $status_badge_color = "secondary"; } + $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); + if ($recurring_payment_recurring_invoice_id) { + $auto_pay_display = " + Yes + + + + "; + } else { + $auto_pay_display = " + + Create + + "; + require "recurring_payment_add_modal.php"; + } ?> @@ -151,10 +173,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + - - - + + +
@@ -177,7 +200,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $recurring_prefix$recurring_number"; + + header("Location: " . $_SERVER["HTTP_REFERER"]); +} + +if (isset($_GET['delete_recurring_payment'])) { + $recurring_payment_id = intval($_GET['delete_recurring_payment']); + + $sql = mysqli_query($mysqli,"SELECT * FROM recurring_payments WHERE recurring_payment_id = $recurring_payment_id"); + $row = mysqli_fetch_array($sql); + $recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); + + // Get the invoice total and details + $sql = mysqli_query($mysqli,"SELECT * FROM recurring WHERE recurring_id = $recurring_invoice_id"); + $row = mysqli_fetch_array($sql); + $recurring_prefix = sanitizeInput($row['recurring_prefix']); + $recurring_number = intval($row['recurring_number']); + $client_id = intval($row['recurring_client_id']); + + mysqli_query($mysqli,"DELETE FROM recurring_payments WHERE recurring_payment_id = $recurring_payment_id"); + + // Logging + logAction("Recurring Invoice", "Auto Payment", "$session_name removed auto Pay from Recurring Invoice $recurring_prefix$recurring_number", $client_id, $recurring_invoice_id); + + $_SESSION['alert_type'] = "error"; + $_SESSION['alert_message'] = "Auto Payment Removed for Recurring Invoice $recurring_prefix$recurring_number"; + if ($config_stripe_enable) { + $_SESSION['alert_message'] = "Auto Payment Removed - Stripe Auto payments must be manually removed in Stripe"; + } + + header("Location: " . $_SERVER["HTTP_REFERER"]); + +} + if (isset($_GET['force_recurring'])) { $recurring_id = intval($_GET['force_recurring']); diff --git a/recurring_invoices.php b/recurring_invoices.php index 11af4e44..98ec7caa 100644 --- a/recurring_invoices.php +++ b/recurring_invoices.php @@ -17,6 +17,7 @@ $sql = mysqli_query( "SELECT SQL_CALC_FOUND_ROWS * FROM recurring LEFT JOIN clients ON recurring_client_id = client_id LEFT JOIN categories ON recurring_category_id = category_id + LEFT JOIN recurring_payments ON recurring_payment_recurring_invoice_id = recurring_id WHERE (CONCAT(recurring_prefix,recurring_number) LIKE '%$q%' OR recurring_frequency LIKE '%$q%' OR recurring_scope LIKE '%$q%' OR client_name LIKE '%$q%' OR category_name LIKE '%$q%') AND DATE(recurring_created_at) BETWEEN '$dtf' AND '$dtt' ORDER BY $sort $order LIMIT $record_from, $record_to"); @@ -123,12 +124,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Last Sent - Category + + + Auto Pay + + Status @@ -168,6 +173,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $status = "Inactive"; $status_badge_color = "secondary"; } + $recurring_payment_id = intval($row['recurring_payment_id']); + $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); + if ($recurring_payment_recurring_invoice_id) { + $auto_pay_display = " + Yes + + + + "; + } else { + $auto_pay_display = " + + Create + + "; + require "recurring_payment_add_modal.php"; + } ?> @@ -182,6 +204,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); ly + diff --git a/recurring_payment_add_modal.php b/recurring_payment_add_modal.php new file mode 100644 index 00000000..d1a33915 --- /dev/null +++ b/recurring_payment_add_modal.php @@ -0,0 +1,77 @@ + \ No newline at end of file From 5611ac103d87a670d3848df201a4d1370698ace0 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 21 Dec 2024 20:25:21 -0500 Subject: [PATCH 012/366] Recurring Payments - Added Auto Pay via cron, removed auto pay amount as it uses the recurring invoice amount, next up integrate with stripe --- cron.php | 31 +++++++++++++++++++++++++++++-- database_updates.php | 14 +++++++++++--- database_version.php | 2 +- db.sql | 3 +-- post/user/invoice.php | 4 ++-- 5 files changed, 44 insertions(+), 10 deletions(-) diff --git a/cron.php b/cron.php index b9472d11..543c11ad 100644 --- a/cron.php +++ b/cron.php @@ -516,7 +516,12 @@ if ($config_send_invoice_reminders == 1) { // Send Recurring Invoices that match todays date and are active //Loop through all recurring that match today's date and is active -$sql_recurring = mysqli_query($mysqli, "SELECT * FROM recurring LEFT JOIN clients ON client_id = recurring_client_id WHERE recurring_next_date = CURDATE() AND recurring_status = 1"); +$sql_recurring = mysqli_query($mysqli, "SELECT * FROM recurring + LEFT JOIN recurring_payments ON recurring_id = recurring_payment_recurring_invoice_id + LEFT JOIN clients ON client_id = recurring_client_id + WHERE recurring_next_date = CURDATE() + AND recurring_status = 1 +"); while ($row = mysqli_fetch_array($sql_recurring)) { $recurring_id = intval($row['recurring_id']); @@ -534,7 +539,11 @@ while ($row = mysqli_fetch_array($sql_recurring)) { $client_id = intval($row['recurring_client_id']); $client_name = sanitizeInput($row['client_name']); $client_net_terms = intval($row['client_net_terms']); - + + $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); + $recurring_payment_currency_code = sanitizeInput($row['recurring_payment_currency_code']); + $recurring_payment_method = sanitizeInput($row['recurring_payment_method']); + $recurring_payment_account_id = intval($row['recurring_payment_account_id']); // Get the last Invoice Number and add 1 for the new invoice number $sql_invoice_number = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1"); @@ -658,6 +667,24 @@ while ($row = mysqli_fetch_array($sql_recurring)) { } } //End if Autosend is on + + // Create Payment from Auto Payment + if ($recurring_payment_recurring_invoice_id) { + mysqli_query($mysqli,"INSERT INTO payments SET payment_date = CURDATE(), payment_amount = $recurring_amount, payment_currency_code = '$recurring_payment_currency_code', payment_account_id = $recurring_payment_account_id, payment_method = '$recurring_payment_method', payment_reference = 'Paid via AutoPay', payment_invoice_id = $new_invoice_id"); + + // Get Payment ID for reference + $payment_id = mysqli_insert_id($mysqli); + + // Update Invoice Status + mysqli_query($mysqli,"UPDATE invoices SET invoice_status = 'Paid' WHERE invoice_id = $new_invoice_id"); + + //Add Payment to History + mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Paid', history_description = 'Payment added via Auto Pay', history_invoice_id = $new_invoice_id"); + + // Logging + logAction("Invoice", "Payment", "Auto Payment amount of " . numfmt_format_currency($currency_format, $recurring_amount, $recurring_payment_currency_code) . " added to invoice $invoice_prefix$invoice_number", $client_id, $new_invoice_id); + } //End Auto Payment + } //End Recurring Invoices Loop // Logging diff --git a/database_updates.php b/database_updates.php index 3a7fac23..c29c68ed 100644 --- a/database_updates.php +++ b/database_updates.php @@ -2396,10 +2396,18 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.4'"); } - // if (CURRENT_DATABASE_VERSION == '1.7.4') { - // // Insert queries here required to update to DB version 1.7.5 + if (CURRENT_DATABASE_VERSION == '1.7.4') { + + // Remove Recurring Payment Amount as it will use the Recurring Invoice Amount and is unessessary + mysqli_query($mysqli, "ALTER TABLE `recurring_payments` DROP `recurring_payment_amount`"); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.5'"); + } + + // if (CURRENT_DATABASE_VERSION == '1.7.5') { + // // Insert queries here required to update to DB version 1.7.6 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.5'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.6'"); // } } else { diff --git a/database_version.php b/database_version.php index 1d0be201..589a6c56 100644 --- a/database_version.php +++ b/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "1.7.4"); +DEFINE("LATEST_DATABASE_VERSION", "1.7.5"); diff --git a/db.sql b/db.sql index 9e340da1..664915d8 100644 --- a/db.sql +++ b/db.sql @@ -1392,7 +1392,6 @@ DROP TABLE IF EXISTS `recurring_payments`; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `recurring_payments` ( `recurring_payment_id` int(11) NOT NULL AUTO_INCREMENT, - `recurring_payment_amount` decimal(15,2) NOT NULL, `recurring_payment_currency_code` varchar(10) NOT NULL, `recurring_payment_method` varchar(200) NOT NULL, `recurring_payment_created_at` datetime NOT NULL DEFAULT current_timestamp(), @@ -2288,4 +2287,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2024-12-21 16:44:59 +-- Dump completed on 2024-12-21 20:24:14 diff --git a/post/user/invoice.php b/post/user/invoice.php index 73a78482..4c5cc95b 100644 --- a/post/user/invoice.php +++ b/post/user/invoice.php @@ -1202,12 +1202,12 @@ if (isset($_POST['add_recurring_payment'])) { // Get Recurring Info for logging and alerting $sql = mysqli_query($mysqli, "SELECT * FROM recurring WHERE recurring_id = $recurring_id"); $row = mysqli_fetch_array($sql); - $recurring_prefix = nullable_htmlentities($row['recurring_prefix']); + $recurring_prefix = sanitizeInput($row['recurring_prefix']); $recurring_number = intval($row['recurring_number']); $recurring_amount = floatval($row['recurring_amount']); $client_id = intval($row['recurring_client_id']); - mysqli_query($mysqli,"INSERT INTO recurring_payments SET recurring_payment_amount = $recurring_amount, recurring_payment_currency_code = '$currency_code', recurring_payment_account_id = $account, recurring_payment_method = '$payment_method', recurring_payment_recurring_invoice_id = $recurring_id"); + mysqli_query($mysqli,"INSERT INTO recurring_payments SET recurring_payment_currency_code = '$currency_code', recurring_payment_account_id = $account, recurring_payment_method = '$payment_method', recurring_payment_recurring_invoice_id = $recurring_id"); // Get Payment ID for reference $recurring_payment_id = mysqli_insert_id($mysqli); From 74770a976a71b0642b18e64fd8733936e6145edc Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 21 Dec 2024 20:37:46 -0500 Subject: [PATCH 013/366] Added Auto Pay Options to Recurring Invoice Details --- client_recurring_invoices.php | 1 + recurring_invoice.php | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/client_recurring_invoices.php b/client_recurring_invoices.php index bd0593bd..19e4e668 100644 --- a/client_recurring_invoices.php +++ b/client_recurring_invoices.php @@ -146,6 +146,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $status = "Inactive"; $status_badge_color = "secondary"; } + $recurring_payment_id = intval($row['recurring_payment_id']); $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); if ($recurring_payment_recurring_invoice_id) { $auto_pay_display = " diff --git a/recurring_invoice.php b/recurring_invoice.php index 25f2dcb2..7f6f32a0 100644 --- a/recurring_invoice.php +++ b/recurring_invoice.php @@ -17,6 +17,7 @@ if (isset($_GET['recurring_id'])) { LEFT JOIN clients ON recurring_client_id = client_id LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 + LEFT JOIN recurring_payments ON recurring_payment_recurring_invoice_id = recurring_id WHERE recurring_id = $recurring_id" ); @@ -59,6 +60,22 @@ if (isset($_GET['recurring_id'])) { $status = "Inactive"; $status_badge_color = "secondary"; } + $recurring_payment_id = intval($row['recurring_payment_id']); + $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); + if ($recurring_payment_recurring_invoice_id) { + $auto_pay_display = " + + Remove AutoPay + + "; + } else { + $auto_pay_display = " + + Create AutoPay + + "; + require "recurring_payment_add_modal.php"; + } $sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1"); $row = mysqli_fetch_array($sql); @@ -129,6 +146,8 @@ if (isset($_GET['recurring_id'])) {
+ +
Edit From a2f0f392be0f27ef5bb857a68efee6558102d4ed Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 21 Dec 2024 20:50:21 -0500 Subject: [PATCH 014/366] Moved Create and Disable Auto Pay from Hamburger menu to a button by Email Notify, also Tidied up the Header in add payment --- recurring_invoice.php | 28 ++++++++++++---------------- recurring_payment_add_modal.php | 2 +- 2 files changed, 13 insertions(+), 17 deletions(-) diff --git a/recurring_invoice.php b/recurring_invoice.php index 7f6f32a0..c4dd1c9c 100644 --- a/recurring_invoice.php +++ b/recurring_invoice.php @@ -62,20 +62,6 @@ if (isset($_GET['recurring_id'])) { } $recurring_payment_id = intval($row['recurring_payment_id']); $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); - if ($recurring_payment_recurring_invoice_id) { - $auto_pay_display = " - - Remove AutoPay - - "; - } else { - $auto_pay_display = " - - Create AutoPay - - "; - require "recurring_payment_add_modal.php"; - } $sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1"); $row = mysqli_fetch_array($sql); @@ -138,6 +124,18 @@ if (isset($_GET['recurring_id'])) { Email Notify + + + + Disable AutoPay + + + + Create AutoPay + + + +
@@ -146,8 +144,6 @@ if (isset($_GET['recurring_id'])) {
- -
Edit diff --git a/recurring_payment_add_modal.php b/recurring_payment_add_modal.php index d1a33915..f7126329 100644 --- a/recurring_payment_add_modal.php +++ b/recurring_payment_add_modal.php @@ -2,7 +2,7 @@
-
: Create Recurring Payment
+
Creating Recurring Payment:
From a6451c787e70a77db21505601111f21ed8f1e7e1 Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 27 Dec 2024 20:57:38 +0000 Subject: [PATCH 015/366] Client Portal Ticketing - Show attachments for each reply --- portal/ticket.php | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/portal/ticket.php b/portal/ticket.php index be059896..0c6914e7 100644 --- a/portal/ticket.php +++ b/portal/ticket.php @@ -52,6 +52,13 @@ if (isset($_GET['id']) && intval($_GET['id'])) { $ticket_closed_at = nullable_htmlentities($ticket_row['ticket_closed_at']); $ticket_feedback = nullable_htmlentities($ticket_row['ticket_feedback']); + // Get Ticket Attachments (not associated with a specific reply) + $sql_ticket_attachments = mysqli_query( + $mysqli, + "SELECT * FROM ticket_attachments + WHERE ticket_attachment_reply_id IS NULL + AND ticket_attachment_ticket_id = $ticket_id" + ); // Get Tasks $sql_tasks = mysqli_query( $mysqli, "SELECT * FROM tasks WHERE task_ticket_id = $ticket_id ORDER BY task_order ASC, task_id ASC"); @@ -106,6 +113,14 @@ if (isset($_GET['id']) && intval($_GET['id'])) {

+ + $name | View"; + } + ?>
@@ -195,6 +210,14 @@ if (isset($_GET['id']) && intval($_GET['id'])) { $user_initials = initials($row['user_name']); $avatar_link = "../uploads/users/$user_id/$user_avatar"; } + + // Get attachments for this reply + $sql_ticket_reply_attachments = mysqli_query( + $mysqli, + "SELECT * FROM ticket_attachments + WHERE ticket_attachment_reply_id = $ticket_reply_id + AND ticket_attachment_ticket_id = $ticket_id" + ); ?>
mb-3"> @@ -227,6 +250,14 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
+ + $name | View"; + } + ?>
From fcfc6ff5e23631abf8684707332a40d36f6c65fe Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 27 Dec 2024 23:02:24 +0000 Subject: [PATCH 016/366] Stop using Source Sans Pro for some pages, we seem to use Sans Serif everywhere else --- login.php | 5 ++--- portal/certificates.php | 2 +- portal/contact_add.php | 2 +- portal/contact_edit.php | 2 +- portal/contacts.php | 2 +- portal/document.php | 2 +- portal/documents.php | 2 +- portal/domains.php | 2 +- portal/index.php | 2 +- portal/invoices.php | 2 +- portal/login.php | 22 ++++++++++------------ portal/login_reset.php | 4 +--- portal/portal_header.php | 2 -- portal/profile.php | 2 +- portal/quotes.php | 2 +- portal/tickets.php | 2 +- 16 files changed, 25 insertions(+), 32 deletions(-) diff --git a/login.php b/login.php index d093e5df..c4c10545 100644 --- a/login.php +++ b/login.php @@ -1,7 +1,7 @@ - - + diff --git a/portal/certificates.php b/portal/certificates.php index aa30f4e4..c3628bf9 100644 --- a/portal/certificates.php +++ b/portal/certificates.php @@ -4,7 +4,7 @@ * Certificate listing for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/contact_add.php b/portal/contact_add.php index c63eac2b..bc290838 100644 --- a/portal/contact_add.php +++ b/portal/contact_add.php @@ -4,7 +4,7 @@ * Contact management for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/contact_edit.php b/portal/contact_edit.php index db62dd9f..c819ea51 100644 --- a/portal/contact_edit.php +++ b/portal/contact_edit.php @@ -4,7 +4,7 @@ * Contact management for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/contacts.php b/portal/contacts.php index 66f7a3cb..6a595108 100644 --- a/portal/contacts.php +++ b/portal/contacts.php @@ -4,7 +4,7 @@ * Contact management for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/document.php b/portal/document.php index 622420f4..f4e03883 100644 --- a/portal/document.php +++ b/portal/document.php @@ -4,7 +4,7 @@ * Docs for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com; img-src 'self' data:"); +header("Content-Security-Policy: default-src 'self'; img-src 'self' data:"); require_once "inc_portal.php"; diff --git a/portal/documents.php b/portal/documents.php index b19b402a..7f865d56 100644 --- a/portal/documents.php +++ b/portal/documents.php @@ -4,7 +4,7 @@ * Docs for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/domains.php b/portal/domains.php index 7021564e..ead28f9a 100644 --- a/portal/domains.php +++ b/portal/domains.php @@ -4,7 +4,7 @@ * Domain listing for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/index.php b/portal/index.php index c76f1899..a80c9bf9 100644 --- a/portal/index.php +++ b/portal/index.php @@ -4,7 +4,7 @@ * Landing / Home page for the client portal */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/invoices.php b/portal/invoices.php index a6ed0bce..d0fe2e8f 100644 --- a/portal/invoices.php +++ b/portal/invoices.php @@ -4,7 +4,7 @@ * Invoices for PTC */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/login.php b/portal/login.php index c4feff53..e4ecf749 100644 --- a/portal/login.php +++ b/portal/login.php @@ -4,7 +4,7 @@ * Landing / Home page for the client portal */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once '../config.php'; @@ -50,13 +50,13 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { $password = $_POST['password']; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { - + header("HTTP/1.1 401 Unauthorized"); - + $_SESSION['login_message'] = 'Invalid e-mail'; - + } else { - + $sql = mysqli_query($mysqli, "SELECT * FROM users LEFT JOIN contacts ON user_id = contact_user_id WHERE user_email = '$email' AND user_archived_at IS NULL AND user_type = 2 AND user_status = 1 LIMIT 1"); $row = mysqli_fetch_array($sql); $client_id = intval($row['contact_client_id']); @@ -82,7 +82,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { logAction("Client Login", "Success", "Client contact $user_email successfully logged in locally", $client_id, $user_id); } else { - + // Logging logAction("Client Login", "Failed", "Failed client portal login attempt using $email (incorrect password for contact ID $contact_id)", $client_id, $user_id); @@ -92,14 +92,14 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { } } else { - + // Logging logAction("Client Login", "Failed", "Failed client portal login attempt using $email (invalid email/not allowed local auth)"); - + header("HTTP/1.1 401 Unauthorized"); - + $_SESSION['login_message'] = 'Incorrect username or password.'; - + } } } @@ -127,8 +127,6 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { - - diff --git a/portal/login_reset.php b/portal/login_reset.php index 428a7c29..e01c304d 100644 --- a/portal/login_reset.php +++ b/portal/login_reset.php @@ -4,7 +4,7 @@ * Password reset page */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once '../config.php'; require_once '../functions.php'; @@ -195,8 +195,6 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { - - diff --git a/portal/portal_header.php b/portal/portal_header.php index 1e6f6c55..68614c19 100644 --- a/portal/portal_header.php +++ b/portal/portal_header.php @@ -29,8 +29,6 @@ header("X-Frame-Options: DENY"); // Legacy - - diff --git a/portal/profile.php b/portal/profile.php index e77afeaa..60089277 100644 --- a/portal/profile.php +++ b/portal/profile.php @@ -4,7 +4,7 @@ * User profile */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once 'inc_portal.php'; diff --git a/portal/quotes.php b/portal/quotes.php index 64266fea..91f12108 100644 --- a/portal/quotes.php +++ b/portal/quotes.php @@ -4,7 +4,7 @@ * Quotes for PTC / billing contacts */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; diff --git a/portal/tickets.php b/portal/tickets.php index 045860b2..ab88d1b0 100644 --- a/portal/tickets.php +++ b/portal/tickets.php @@ -4,7 +4,7 @@ * Landing / Home page for the client portal */ -header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); +header("Content-Security-Policy: default-src 'self'"); require_once "inc_portal.php"; From c85626a93798db7899c8d57724ea20c94236cb8c Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Sat, 28 Dec 2024 01:12:59 +0000 Subject: [PATCH 017/366] Tidying/General quality of life updates General quality of life updates: - Ticket contact edit: 'No one' should be logged when ticket isn't associated with any contact, rather than a blank space; also fix email content - Ticket portal/guest: Only show 'Assigned to' if someone is actually assigned - Ticket tasks: Don't allow adding/modifying tasks for tickets in a resolved state - Portal contacts: Properly align word 'Contacts' in a similar way all other page headings are aligned - Client PDF export/handover: Now opens in a new self-closing window --- client_download_pdf_modal.php | 8 +++---- guest_view_ticket.php | 2 +- portal/contacts.php | 6 +++-- portal/ticket.php | 13 ++++++----- post/user/client.php | 9 ++++++-- post/user/ticket.php | 41 +++++++++++++++-------------------- ticket.php | 4 ++-- 7 files changed, 44 insertions(+), 39 deletions(-) diff --git a/client_download_pdf_modal.php b/client_download_pdf_modal.php index da046487..4344a699 100644 --- a/client_download_pdf_modal.php +++ b/client_download_pdf_modal.php @@ -7,13 +7,13 @@ ×
-
+
    - +
  • @@ -98,7 +98,7 @@
    - +
  • @@ -170,7 +170,7 @@
    • - +
diff --git a/guest_view_ticket.php b/guest_view_ticket.php index 702cb712..2b0c0ff7 100644 --- a/guest_view_ticket.php +++ b/guest_view_ticket.php @@ -80,7 +80,7 @@ if ($ticket_row) {
Priority:
- + Assigned to:

diff --git a/portal/contacts.php b/portal/contacts.php index 66f7a3cb..f4f2a04f 100644 --- a/portal/contacts.php +++ b/portal/contacts.php @@ -17,8 +17,10 @@ $contacts_sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_ ?>
-

Contacts

-
+
+

Contacts

+
+
New Contact
diff --git a/portal/ticket.php b/portal/ticket.php index be059896..45a8a706 100644 --- a/portal/ticket.php +++ b/portal/ticket.php @@ -92,17 +92,20 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
Subject:

- State: -
- Priority: -
+ State:
+ Priority:
+ Tasks:
- Assigned to: + + + Assigned to: + +

diff --git a/post/user/client.php b/post/user/client.php index d9d451c4..9d0a93c3 100644 --- a/post/user/client.php +++ b/post/user/client.php @@ -129,7 +129,7 @@ if (isset($_POST['edit_client'])) { $sql = mysqli_query($mysqli, "SELECT category_name FROM categories WHERE category_type = 'Referral' AND category_archived_at IS NULL AND category_name = '$referral'"); if(mysqli_num_rows($sql) == 0) { mysqli_query($mysqli, "INSERT INTO categories SET category_name = '$referral', category_type = 'Referral'"); - + // Logging logAction("Category", "Create", "$session_name created referral category $referral"); } @@ -383,7 +383,7 @@ if (isset($_POST['export_clients_csv'])) { //output all remaining data on a file pointer fpassthru($f); - + logAction("Client", "Export", "$session_name exported $num_rows client(s) to a CSV file"); } @@ -1937,9 +1937,14 @@ if (isset($_POST['export_client_pdf'])) { //pdfMake.createPdf(docDefinition).download('-IT_Documentation-'); pdfMake.createPdf(docDefinition).download('-IT_Documentation-'); + setTimeout(function(){ + window.close(); + }, 10000); + + ##- Please type your reply above this line -##

Hello $contact_name,

A ticket regarding \"$ticket_subject\" has been created for you.

--------------------------------
$ticket_details--------------------------------

Ticket: $ticket_prefix$ticket_number
Subject: $ticket_subject
Status: $ticket_status
Portal: View ticket

--
$company_name - Support
$config_ticket_from_email
$company_phone"; - - // Only add contact to email queue if email is valid - if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { - $data[] = [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $subject, - 'body' => $body - ]; - } + $data[] = [ + 'from' => $config_ticket_from_email, + 'from_name' => $config_ticket_from_name, + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ]; addToMailQueue($mysqli, $data); } diff --git a/ticket.php b/ticket.php index e080c662..87d73597 100644 --- a/ticket.php +++ b/ticket.php @@ -895,7 +895,7 @@ if (isset($_GET['ticket_id'])) {
- = 2) { ?> + = 2) { ?>
@@ -934,7 +934,7 @@ if (isset($_GET['ticket_id'])) { m -
- = 2) { ?> + = 2) { ?>
- +
+
+
+ +
+
diff --git a/client_asset_interface_edit_modal.php b/client_asset_interface_edit_modal.php index 62aef022..43558448 100644 --- a/client_asset_interface_edit_modal.php +++ b/client_asset_interface_edit_modal.php @@ -35,12 +35,17 @@
- +
+
+
+ > +
+
From 3e52155d1c7e4c1df9aaffc3b623200cb2398ed9 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 2 Jan 2025 21:26:29 -0500 Subject: [PATCH 042/366] Fix editing recurring expense due to bad var name --- CHANGELOG.md | 1 + post/user/expense.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b6e0744..82443c1b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to ITFlow will be documented in this file. - Moved cron/cli scripts to scripts subfolder - Old scripts remain in the root for now, but please update your cron configurations! - Bugfix: Ticket edit modal not showing multi-client/no-client projects - Bugfix: Asset interface losing DHCP setting +- Bugfix: Editing recurring expensives results in error 500 due to incorrect var name ## 24.12 diff --git a/post/user/expense.php b/post/user/expense.php index 9144bbd7..946d9827 100644 --- a/post/user/expense.php +++ b/post/user/expense.php @@ -384,14 +384,14 @@ if (isset($_POST['edit_recurring_expense'])) { $amount = floatval(str_replace(',', '', $_POST['amount'])); $account = intval($_POST['account']); $vendor = intval($_POST['vendor']); - $client = intval($_POST['client']); + $client_id = intval($_POST['client']); $category = intval($_POST['category']); $description = sanitizeInput($_POST['description']); $reference = sanitizeInput($_POST['reference']); $start_date = date('Y') . "-$month-$day"; - mysqli_query($mysqli,"UPDATE recurring_expenses SET recurring_expense_frequency = $frequency, recurring_expense_day = $day, recurring_expense_month = $month, recurring_expense_next_date = '$start_date', recurring_expense_description = '$description', recurring_expense_reference = '$reference', recurring_expense_amount = $amount, recurring_expense_currency_code = '$session_company_currency', recurring_expense_vendor_id = $vendor, recurring_expense_client_id = $client, recurring_expense_category_id = $category, recurring_expense_account_id = $account WHERE recurring_expense_id = $recurring_expense_id"); + mysqli_query($mysqli,"UPDATE recurring_expenses SET recurring_expense_frequency = $frequency, recurring_expense_day = $day, recurring_expense_month = $month, recurring_expense_next_date = '$start_date', recurring_expense_description = '$description', recurring_expense_reference = '$reference', recurring_expense_amount = $amount, recurring_expense_currency_code = '$session_company_currency', recurring_expense_vendor_id = $vendor, recurring_expense_client_id = $client_id, recurring_expense_category_id = $category, recurring_expense_account_id = $account WHERE recurring_expense_id = $recurring_expense_id"); $recurring_expense_id = mysqli_insert_id($mysqli); From bc417b7cf3110213c5649df8f2389eb4362cf6da Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 2 Jan 2025 21:46:40 -0500 Subject: [PATCH 043/366] Fix creating a recurring expense due to bad var name --- CHANGELOG.md | 2 +- post/user/expense.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 82443c1b..d6c1b7ee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,7 @@ All notable changes to ITFlow will be documented in this file. - Moved cron/cli scripts to scripts subfolder - Old scripts remain in the root for now, but please update your cron configurations! - Bugfix: Ticket edit modal not showing multi-client/no-client projects - Bugfix: Asset interface losing DHCP setting -- Bugfix: Editing recurring expensives results in error 500 due to incorrect var name +- Bugfix: Editing / creating recurring expensives results in error 500 due to incorrect var name ## 24.12 diff --git a/post/user/expense.php b/post/user/expense.php index 946d9827..96b2a5b2 100644 --- a/post/user/expense.php +++ b/post/user/expense.php @@ -355,14 +355,14 @@ if (isset($_POST['create_recurring_expense'])) { $amount = floatval(str_replace(',', '', $_POST['amount'])); $account = intval($_POST['account']); $vendor = intval($_POST['vendor']); - $client = intval($_POST['client']); + $client_id = intval($_POST['client']); $category = intval($_POST['category']); $description = sanitizeInput($_POST['description']); $reference = sanitizeInput($_POST['reference']); $start_date = date('Y') . "-$month-$day"; - mysqli_query($mysqli,"INSERT INTO recurring_expenses SET recurring_expense_frequency = $frequency, recurring_expense_day = $day, recurring_expense_month = $month, recurring_expense_next_date = '$start_date', recurring_expense_description = '$description', recurring_expense_reference = '$reference', recurring_expense_amount = $amount, recurring_expense_currency_code = '$session_company_currency', recurring_expense_vendor_id = $vendor, recurring_expense_client_id = $client, recurring_expense_category_id = $category, recurring_expense_account_id = $account"); + mysqli_query($mysqli,"INSERT INTO recurring_expenses SET recurring_expense_frequency = $frequency, recurring_expense_day = $day, recurring_expense_month = $month, recurring_expense_next_date = '$start_date', recurring_expense_description = '$description', recurring_expense_reference = '$reference', recurring_expense_amount = $amount, recurring_expense_currency_code = '$session_company_currency', recurring_expense_vendor_id = $vendor, recurring_expense_client_id = $client_id, recurring_expense_category_id = $category, recurring_expense_account_id = $account"); $recurring_expense_id = mysqli_insert_id($mysqli); From 3c697617f9463ad12830a4ca03332705ae2b1a47 Mon Sep 17 00:00:00 2001 From: wrongecho <32306651+wrongecho@users.noreply.github.com> Date: Wed, 8 Jan 2025 13:42:37 +0000 Subject: [PATCH 044/366] Update README.md Remove issues shield, as we'll be using our own system for roadmapping --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 6c1791cc..5a440e00 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,6 @@ [![Contributors][contributors-shield]][contributors-url] [![Stargazers][stars-shield]][stars-url] -[![Issues][issues-shield]][issues-url] [![Commits][commit-shield]][commit-url] [![GPL License][license-shield]][license-url] From d32e3a698f4b132e3629537b894c6cab5a9cc93b Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 14:56:36 +0000 Subject: [PATCH 045/366] Stripe payments - Account selection https://tasks.dev.itflow.org/task_details.php?task_id=22 --- CHANGELOG.md | 3 ++- admin_settings_online_payment.php | 6 +++--- post/admin/admin_settings_online_payment.php | 8 +++++++- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d6c1b7ee..10702d30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,8 @@ All notable changes to ITFlow will be documented in this file. - Moved cron/cli scripts to scripts subfolder - Old scripts remain in the root for now, but please update your cron configurations! - Bugfix: Ticket edit modal not showing multi-client/no-client projects - Bugfix: Asset interface losing DHCP setting -- Bugfix: Editing / creating recurring expensives results in error 500 due to incorrect var name +- Bugfix: Editing / creating recurring expenses results in error 500 due to incorrect var name +- Stripe online payment setup now prompts you to set the income/expense account ## 24.12 diff --git a/admin_settings_online_payment.php b/admin_settings_online_payment.php index 01ea1cc8..edd3efa4 100644 --- a/admin_settings_online_payment.php +++ b/admin_settings_online_payment.php @@ -25,7 +25,7 @@ require_once "inc_all_admin.php";
">
- +
@@ -35,7 +35,7 @@ require_once "inc_all_admin.php";
- +
@@ -45,7 +45,7 @@ require_once "inc_all_admin.php";
- +
diff --git a/post/admin/admin_settings_online_payment.php b/post/admin/admin_settings_online_payment.php index 200330c0..53df9c9b 100644 --- a/post/admin/admin_settings_online_payment.php +++ b/post/admin/admin_settings_online_payment.php @@ -18,7 +18,13 @@ if (isset($_POST['edit_online_payment_settings'])) { // Logging logAction("Settings", "Edit", "$session_name edited online payment settings"); - $_SESSION['alert_message'] = "Online Payment Settings updated"; + + if ($config_stripe_account == 0) { + $_SESSION['alert_type'] = "error"; + $_SESSION['alert_message'] = "Stripe payment account must be specified!"; + } else { + $_SESSION['alert_message'] = "Online Payment Settings updated"; + } header("Location: " . $_SERVER["HTTP_REFERER"]); } From 1e777afa50501b2d5ca57c4928ac59b7b0ba7e9a Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 15:01:04 +0000 Subject: [PATCH 046/366] Stripe payments - Account selection https://tasks.dev.itflow.org/task_details.php?task_id=22 --- post/admin/admin_settings_online_payment.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/post/admin/admin_settings_online_payment.php b/post/admin/admin_settings_online_payment.php index 53df9c9b..127672e0 100644 --- a/post/admin/admin_settings_online_payment.php +++ b/post/admin/admin_settings_online_payment.php @@ -18,8 +18,7 @@ if (isset($_POST['edit_online_payment_settings'])) { // Logging logAction("Settings", "Edit", "$session_name edited online payment settings"); - - if ($config_stripe_account == 0) { + if ($config_stripe_enable && $config_stripe_account == 0) { $_SESSION['alert_type'] = "error"; $_SESSION['alert_message'] = "Stripe payment account must be specified!"; } else { From fe94036b3a7227334129143acd698105aa646ffd Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 15:11:07 +0000 Subject: [PATCH 047/366] Implement new admin check Uses the new $session_is_admin rather than the old validateAdminRole. Reverts #1065 --- inc_all_admin.php | 7 +++---- top_nav.php | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/inc_all_admin.php b/inc_all_admin.php index 186fd77a..0803e149 100644 --- a/inc_all_admin.php +++ b/inc_all_admin.php @@ -6,10 +6,9 @@ require_once "functions.php"; require_once "check_login.php"; -validateAdminRole(); - -// TODO: Change this to enforceAdminPermission(); -// We can't do this until everyone has the new database fields added in db 1.4.9 on Sept 14th 2024 +if (!isset($session_is_admin) || !$session_is_admin) { + exit(WORDING_ROLECHECK_FAILED . "
Tell your admin: Your role does not have admin access."); +} require_once "header.php"; diff --git a/top_nav.php b/top_nav.php index 276bc203..7725c6d3 100644 --- a/top_nav.php +++ b/top_nav.php @@ -161,8 +161,8 @@
  • - - Administration + + Administration Account Logout From e8c7b3616bffd25d42037ab2048785144720b9b1 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 15:14:46 +0000 Subject: [PATCH 048/366] Tweak docs link --- setup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.php b/setup.php index d168eac1..6505c933 100644 --- a/setup.php +++ b/setup.php @@ -1217,7 +1217,7 @@ if (isset($_POST['add_telemetry'])) { Warning: The current directory is not writable. Ensure the webserver process has write access (chmod/chown). Check the docs for info.
    • "; + echo "
    Warning: The current directory is not writable. Ensure the webserver process has write access (chmod/chown). Check the docs for info.
    "; } ?>
    From cf511b2c4b4ab799b3d87f56ed3a3101363c4a88 Mon Sep 17 00:00:00 2001 From: wrongecho <32306651+wrongecho@users.noreply.github.com> Date: Thu, 9 Jan 2025 15:21:20 +0000 Subject: [PATCH 049/366] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 10702d30..75e57a9f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ All notable changes to ITFlow will be documented in this file. - Bugfix: Asset interface losing DHCP setting - Bugfix: Editing / creating recurring expenses results in error 500 due to incorrect var name - Stripe online payment setup now prompts you to set the income/expense account +- Admin pages now once again use the new admin rolecheck ## 24.12 From d3d3d3759514eb9efa5c1b1819acfb637ed79079 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 15:32:11 +0000 Subject: [PATCH 050/366] Show git branch on debug page --- admin_debug.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/admin_debug.php b/admin_debug.php index c125504f..10c18ce8 100644 --- a/admin_debug.php +++ b/admin_debug.php @@ -11,6 +11,9 @@ $checks = []; // Execute the git command to get the latest commit hash $commitHash = exec('git log -1 --format=%H'); +// Get branch info +$gitBranch = exec('git rev-parse --abbrev-ref HEAD'); + // Section: System Information $systemInfo = []; @@ -522,13 +525,17 @@ $mysqli->close(); ITFlow release version + + Current DB Version + + Current Code Commit - Current DB Version - + Current Branch + From a67de7a8f16a01d20b402da84eba10fcb58fc60a Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 16:09:39 +0000 Subject: [PATCH 051/366] Prevent post pages being accessed directly --- CHANGELOG.md | 4 +++- admin_role.php | 7 +++---- post.php | 15 ++++----------- post/admin/admin_api.php | 2 ++ post/admin/admin_backup.php | 2 ++ post/admin/admin_bulk_mail.php | 3 +++ post/admin/admin_category.php | 2 ++ post/admin/admin_category_model.php | 2 ++ post/admin/admin_custom_field.php | 2 ++ post/admin/admin_custom_field_model.php | 2 ++ post/admin/admin_custom_link.php | 2 ++ post/admin/admin_document_template.php | 2 ++ post/admin/admin_mail_queue.php | 2 ++ post/admin/admin_project_template.php | 2 ++ post/admin/admin_role.php | 10 ++++++++++ post/admin/admin_settings_ai.php | 2 ++ post/admin/admin_settings_company.php | 2 ++ post/admin/admin_settings_default.php | 2 ++ post/admin/admin_settings_integration.php | 2 ++ post/admin/admin_settings_invoice.php | 2 ++ post/admin/admin_settings_localization.php | 2 ++ post/admin/admin_settings_mail.php | 1 + post/admin/admin_settings_module.php | 2 ++ post/admin/admin_settings_notification.php | 2 ++ post/admin/admin_settings_online_payment.php | 2 ++ post/admin/admin_settings_project.php | 2 ++ post/admin/admin_settings_quote.php | 2 ++ post/admin/admin_settings_security.php | 2 ++ post/admin/admin_settings_telemetry.php | 2 ++ post/admin/admin_settings_theme.php | 2 ++ post/admin/admin_settings_ticket.php | 2 ++ post/admin/admin_software_template.php | 2 ++ post/admin/admin_tag.php | 2 ++ post/admin/admin_tag_model.php | 2 ++ post/admin/admin_tax.php | 2 ++ post/admin/admin_ticket_status.php | 2 ++ post/admin/admin_ticket_template.php | 2 ++ post/{ => admin}/admin_update.php | 2 ++ post/admin/admin_user.php | 2 ++ post/admin/admin_user_model.php | 2 ++ post/admin/admin_vendor_template.php | 2 ++ post/user/account.php | 2 ++ post/user/asset.php | 2 ++ post/user/asset_interface_model.php | 2 ++ post/user/asset_model.php | 2 ++ post/user/budget.php | 3 +++ post/user/certificate.php | 2 ++ post/user/certificate_model.php | 2 ++ post/user/client.php | 2 ++ post/user/client_model.php | 2 ++ post/user/contact.php | 2 ++ post/user/contact_model.php | 1 + post/user/credential.php | 2 ++ post/user/credential_model.php | 2 ++ post/user/document.php | 2 ++ post/user/document_model.php | 2 ++ post/user/domain.php | 2 ++ post/user/domain_model.php | 2 ++ post/user/event.php | 2 ++ post/user/event_model.php | 2 ++ post/user/expense.php | 2 ++ post/user/expense_model.php | 2 ++ post/user/file.php | 2 ++ post/user/folder.php | 2 ++ post/user/invoice.php | 2 ++ post/user/invoice_model.php | 1 + post/user/location.php | 2 ++ post/user/location_model.php | 2 ++ post/user/network.php | 2 ++ post/user/network_model.php | 2 ++ post/user/product.php | 2 ++ post/user/product_model.php | 2 ++ post/user/profile.php | 2 ++ post/user/project.php | 2 ++ post/user/quote.php | 2 ++ post/user/quote_model.php | 2 ++ post/user/rack.php | 2 ++ post/user/revenue.php | 2 ++ post/user/service.php | 2 ++ post/user/software.php | 1 + post/user/task.php | 2 ++ post/user/ticket.php | 2 ++ post/user/ticket_recurring_model.php | 1 + post/user/transfer.php | 2 ++ post/user/transfer_model.php | 2 ++ post/user/trip.php | 2 ++ post/user/trip_model.php | 2 ++ post/user/vendor.php | 2 ++ post/user/vendor_contact.php | 2 ++ post/user/vendor_contact_model.php | 1 + post/user/vendor_model.php | 2 ++ 91 files changed, 190 insertions(+), 16 deletions(-) rename post/{ => admin}/admin_update.php (99%) diff --git a/CHANGELOG.md b/CHANGELOG.md index 75e57a9f..446ca6e4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,9 @@ All notable changes to ITFlow will be documented in this file. - Bugfix: Asset interface losing DHCP setting - Bugfix: Editing / creating recurring expenses results in error 500 due to incorrect var name - Stripe online payment setup now prompts you to set the income/expense account -- Admin pages now once again use the new admin rolecheck +- Admin pages now once again use the new admin role-check +- Debug now shows the current git branch +- Individual POST handler logic pages can no longer be accessed directly ## 24.12 diff --git a/admin_role.php b/admin_role.php index 241a116f..800b58cc 100644 --- a/admin_role.php +++ b/admin_role.php @@ -110,11 +110,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); -
    - - - + + Archive +
    diff --git a/post.php b/post.php index f09d2141..69a21561 100644 --- a/post.php +++ b/post.php @@ -10,6 +10,9 @@ require_once "functions.php"; require_once "check_login.php"; +// Define a variable that we can use to only allow running post files via inclusion (prevents people/bots poking them) +define('FROM_POST_HANDLER', true); + // Determine which files we should load @@ -28,13 +31,7 @@ if (str_contains($module, 'admin') && isset($session_is_admin) && $session_is_ad // To add a new admin POST request handler, add a file named after the admin page // e.g. changes made on the page http://itflow/admin_ticket_statues.php will load the page post/admin/admin_ticket_statues.php to handle the changes - if ($module !== 'admin_update') { - require_once "post/admin/$module.php"; - } - // IF statement is temporary - - - + require_once "post/admin/$module.php"; } elseif (str_contains($module, 'xcustom')) { // Dynamically load any custom POST logic @@ -58,10 +55,6 @@ if (str_contains($module, 'admin') && isset($session_is_admin) && $session_is_ad // Logout is the same for user and admin require_once "post/logout.php"; -// TODO: Move admin_update into the admin section to be auto-loaded -// We can't do this until everyone has the new database fields added in 1.4.9 on Sept 14th 2024 -require_once "post/admin_update.php"; // Load updater - // TODO: Find a home for these require_once "post/ai.php"; diff --git a/post/admin/admin_api.php b/post/admin/admin_api.php index 8817b62a..073f2afd 100644 --- a/post/admin/admin_api.php +++ b/post/admin/admin_api.php @@ -4,6 +4,8 @@ * ITFlow - GET/POST request handler for API settings */ +defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); + if (isset($_POST['add_api_key'])) { validateCSRFToken($_POST['csrf_token']); diff --git a/post/admin/admin_backup.php b/post/admin/admin_backup.php index 8649e91d..dfb0509a 100644 --- a/post/admin/admin_backup.php +++ b/post/admin/admin_backup.php @@ -4,6 +4,8 @@ * ITFlow - GET/POST request handler for DB / master key backup */ +defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); + if (isset($_GET['download_database'])) { validateCSRFToken($_GET['csrf_token']); diff --git a/post/admin/admin_bulk_mail.php b/post/admin/admin_bulk_mail.php index cdbf999f..4ddc0651 100644 --- a/post/admin/admin_bulk_mail.php +++ b/post/admin/admin_bulk_mail.php @@ -4,6 +4,9 @@ * ITFlow - GET/POST request handler for bulk email */ +defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); + + if (isset($_POST['send_bulk_mail_now'])) { if (isset($_POST['contact_ids'])) { diff --git a/post/admin/admin_category.php b/post/admin/admin_category.php index c3a97fc2..b5bd1273 100644 --- a/post/admin/admin_category.php +++ b/post/admin/admin_category.php @@ -4,6 +4,8 @@ * ITFlow - GET/POST request handler for categories ('category') */ +defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); + if (isset($_POST['add_category'])) { require_once 'post/admin/admin_category_model.php'; diff --git a/post/admin/admin_category_model.php b/post/admin/admin_category_model.php index 92b0c6ba..81b54a39 100644 --- a/post/admin/admin_category_model.php +++ b/post/admin/admin_category_model.php @@ -1,4 +1,6 @@ Date: Thu, 9 Jan 2025 16:11:52 +0000 Subject: [PATCH 052/366] Credential add modal - URI placeholder text was off --- client_login_add_modal.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client_login_add_modal.php b/client_login_add_modal.php index 8ce5edd0..8aa0ecc2 100644 --- a/client_login_add_modal.php +++ b/client_login_add_modal.php @@ -100,7 +100,7 @@
    - +
    From 64fd7619345e637403d6d1c1269ea099aa1d65fe Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 16:23:35 +0000 Subject: [PATCH 053/366] Don't require a contact for recurring tickets --- CHANGELOG.md | 3 ++- post/user/ticket.php | 16 ---------------- recurring_ticket_add_modal.php | 2 +- recurring_ticket_edit_modal.php | 4 ++-- scripts/cron.php | 2 -- 5 files changed, 5 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 446ca6e4..66ee6d02 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,7 +7,8 @@ All notable changes to ITFlow will be documented in this file. - Bugfix: Ticket edit modal not showing multi-client/no-client projects - Bugfix: Asset interface losing DHCP setting - Bugfix: Editing / creating recurring expenses results in error 500 due to incorrect var name -- Stripe online payment setup now prompts you to set the income/expense account +- Bugfix: Recurring tickets no longer require a contact +- Bugfix: Stripe online payment setup now prompts you to set the income/expense account - Admin pages now once again use the new admin role-check - Debug now shows the current git branch - Individual POST handler logic pages can no longer be accessed directly diff --git a/post/user/ticket.php b/post/user/ticket.php index 706f7a82..8fa974e2 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -1980,14 +1980,6 @@ if (isset($_POST['add_recurring_ticket'])) { $start_date = sanitizeInput($_POST['start_date']); - // If no contact is selected automatically choose the primary contact for the client - if ($client_id > 0 && $contact_id == 0) { - $sql = mysqli_query($mysqli, "SELECT contact_id FROM contacts WHERE contact_client_id = $client_id AND contact_primary = 1"); - $row = mysqli_fetch_array($sql); - $contact_id = intval($row['contact_id']); - } - - // Add recurring (scheduled) ticket mysqli_query($mysqli, "INSERT INTO scheduled_tickets SET scheduled_ticket_subject = '$subject', scheduled_ticket_details = '$details', scheduled_ticket_priority = '$priority', scheduled_ticket_frequency = '$frequency', scheduled_ticket_billable = $billable, scheduled_ticket_start_date = '$start_date', scheduled_ticket_next_run = '$start_date', scheduled_ticket_assigned_to = $assigned_to, scheduled_ticket_created_by = $session_user_id, scheduled_ticket_client_id = $client_id, scheduled_ticket_contact_id = $contact_id, scheduled_ticket_asset_id = $asset_id"); $scheduled_ticket_id = mysqli_insert_id($mysqli); @@ -2009,14 +2001,6 @@ if (isset($_POST['edit_recurring_ticket'])) { $scheduled_ticket_id = intval($_POST['scheduled_ticket_id']); $next_run_date = sanitizeInput($_POST['next_date']); - // If no contact is selected automatically choose the primary contact for the client - if ($client_id > 0 && $contact_id == 0) { - $sql = mysqli_query($mysqli, "SELECT contact_id FROM contacts WHERE contact_client_id = $client_id AND contact_primary = 1"); - $row = mysqli_fetch_array($sql); - $contact_id = intval($row['contact_id']); - } - - // Edit scheduled ticket mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_subject = '$subject', scheduled_ticket_details = '$details', scheduled_ticket_priority = '$priority', scheduled_ticket_frequency = '$frequency', scheduled_ticket_billable = $billable, scheduled_ticket_next_run = '$next_run_date', scheduled_ticket_assigned_to = $assigned_to, scheduled_ticket_asset_id = $asset_id, scheduled_ticket_contact_id = $contact_id WHERE scheduled_ticket_id = $scheduled_ticket_id"); // Logging diff --git a/recurring_ticket_add_modal.php b/recurring_ticket_add_modal.php index f1eb7a27..51555c20 100644 --- a/recurring_ticket_add_modal.php +++ b/recurring_ticket_add_modal.php @@ -130,7 +130,7 @@
    -
    diff --git a/recurring_ticket_edit_modal.php b/recurring_ticket_edit_modal.php index f676d1bf..af552996 100644 --- a/recurring_ticket_edit_modal.php +++ b/recurring_ticket_edit_modal.php @@ -85,12 +85,12 @@
    - +
    -
    diff --git a/scripts/cron.php b/scripts/cron.php index 46e00a47..dbbb02b8 100644 --- a/scripts/cron.php +++ b/scripts/cron.php @@ -142,9 +142,7 @@ mysqli_query($mysqli, "DELETE FROM logs WHERE log_created_at < CURDATE() - INTER // Whitelabel - Disable if expired/invalid if ($config_whitelabel_enabled && !validateWhitelabelKey($config_whitelabel_key)) { mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 0, config_whitelabel_key = '' WHERE company_id = 1"); - appNotify("Settings", "White-labelling was disabled due to expired/invalid key", "settings_modules.php"); - } From 22d1a1809ca106df263bbd6f87b3c6f8ac3d301e Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 16:29:07 +0000 Subject: [PATCH 054/366] Tickets created via portal/email not being marked as billable --- CHANGELOG.md | 1 + portal/portal_post.php | 2 +- scripts/cron_ticket_email_parser.php | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 66ee6d02..13aca7ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ All notable changes to ITFlow will be documented in this file. - Bugfix: Editing / creating recurring expenses results in error 500 due to incorrect var name - Bugfix: Recurring tickets no longer require a contact - Bugfix: Stripe online payment setup now prompts you to set the income/expense account +- Bugfix: Tickets created via portal/email not being marked as billable - Admin pages now once again use the new admin role-check - Debug now shows the current git branch - Individual POST handler logic pages can no longer be accessed directly diff --git a/portal/portal_post.php b/portal/portal_post.php index 37855e0d..d576bbad 100644 --- a/portal/portal_post.php +++ b/portal/portal_post.php @@ -34,7 +34,7 @@ if (isset($_POST['add_ticket'])) { $new_config_ticket_next_number = $config_ticket_next_number + 1; mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1"); - mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id"); + mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $session_contact_id, ticket_url_key = '$url_key', ticket_client_id = $session_client_id"); $ticket_id = mysqli_insert_id($mysqli); // Notify agent DL of the new ticket, if populated with a valid email diff --git a/scripts/cron_ticket_email_parser.php b/scripts/cron_ticket_email_parser.php index fbc805ef..d74e2912 100644 --- a/scripts/cron_ticket_email_parser.php +++ b/scripts/cron_ticket_email_parser.php @@ -111,7 +111,7 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date //Generate a unique URL key for clients to access $url_key = randomString(156); - mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$ticket_prefix_esc', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message_esc', ticket_priority = 'Low', ticket_status = 1, ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_url_key = '$url_key', ticket_client_id = $client_id"); + mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$ticket_prefix_esc', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message_esc', ticket_priority = 'Low', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_url_key = '$url_key', ticket_client_id = $client_id"); $id = mysqli_insert_id($mysqli); // Logging From 50e252efb7fe3eb748ba95ed1c266b7d6b4628a8 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 16:58:09 +0000 Subject: [PATCH 055/366] Mail queue - fix file inclusion following move to subdir --- scripts/cron_mail_queue.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/cron_mail_queue.php b/scripts/cron_mail_queue.php index 300df6e9..efc9fbf0 100644 --- a/scripts/cron_mail_queue.php +++ b/scripts/cron_mail_queue.php @@ -1,5 +1,8 @@ Date: Thu, 9 Jan 2025 17:02:03 +0000 Subject: [PATCH 056/366] Mail parser - fix billable --- scripts/cron_ticket_email_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/cron_ticket_email_parser.php b/scripts/cron_ticket_email_parser.php index d74e2912..1824bd33 100644 --- a/scripts/cron_ticket_email_parser.php +++ b/scripts/cron_ticket_email_parser.php @@ -88,7 +88,7 @@ $allowed_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', ' // Function to raise a new ticket for a given contact and email them confirmation (if configured) function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date, $subject, $message, $attachments, $original_message_file) { - global $mysqli, $config_app_name, $company_name, $company_phone, $config_ticket_prefix, $config_ticket_client_general_notifications, $config_ticket_new_ticket_notification_email, $config_base_url, $config_ticket_from_name, $config_ticket_from_email, $allowed_extensions; + global $mysqli, $config_app_name, $company_name, $company_phone, $config_ticket_prefix, $config_ticket_client_general_notifications, $config_ticket_new_ticket_notification_email, $config_base_url, $config_ticket_from_name, $config_ticket_from_email, $config_ticket_default_billable, $allowed_extensions; $ticket_number_sql = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_ticket_next_number FROM settings WHERE company_id = 1")); $ticket_number = intval($ticket_number_sql['config_ticket_next_number']); From 73c711095ac76691f0a641108d3a6a5f368432a4 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 9 Jan 2025 18:53:11 +0000 Subject: [PATCH 057/366] Mail queue - undo file inclusion, not a fix --- scripts/cron_mail_queue.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/scripts/cron_mail_queue.php b/scripts/cron_mail_queue.php index efc9fbf0..300df6e9 100644 --- a/scripts/cron_mail_queue.php +++ b/scripts/cron_mail_queue.php @@ -1,8 +1,5 @@ Date: Thu, 9 Jan 2025 18:59:24 +0000 Subject: [PATCH 058/366] Mail queue - duh, it actually sees to be a fix.. --- scripts/cron_mail_queue.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/cron_mail_queue.php b/scripts/cron_mail_queue.php index 300df6e9..efc9fbf0 100644 --- a/scripts/cron_mail_queue.php +++ b/scripts/cron_mail_queue.php @@ -1,5 +1,8 @@ Date: Thu, 9 Jan 2025 19:01:31 +0000 Subject: [PATCH 059/366] All cron scripts should set the running directory for consistency --- scripts/cron_certificate_refresher.php | 3 +++ scripts/cron_domain_refresher.php | 3 +++ 2 files changed, 6 insertions(+) diff --git a/scripts/cron_certificate_refresher.php b/scripts/cron_certificate_refresher.php index 739a41de..76fd03a9 100644 --- a/scripts/cron_certificate_refresher.php +++ b/scripts/cron_certificate_refresher.php @@ -1,5 +1,8 @@ Date: Sat, 11 Jan 2025 12:55:23 -0500 Subject: [PATCH 060/366] Created modals and includes folder moved client contact modals to /modals and updsated contact details and contact listing code --- client_contact_details.php | 16 ++++++------- client_contacts.php | 24 +++++++++---------- .../client_contact_add_modal.php | 0 .../client_contact_archive_modal.php | 0 ...ent_contact_bulk_assign_location_modal.php | 0 .../client_contact_bulk_assign_tags_modal.php | 0 ...ent_contact_bulk_edit_department_modal.php | 0 .../client_contact_bulk_edit_phone_modal.php | 0 .../client_contact_bulk_edit_role_modal.php | 0 .../client_contact_bulk_email_modal.php | 0 .../client_contact_create_note_modal.php | 0 .../client_contact_edit_modal.php | 0 .../client_contact_export_modal.php | 0 .../client_contact_import_modal.php | 0 .../client_contact_invite_modal.php | 2 +- .../client_contact_link_asset_modal.php | 0 .../client_contact_link_credential_modal.php | 0 .../client_contact_link_document_modal.php | 0 .../client_contact_link_file_modal.php | 0 .../client_contact_link_service_modal.php | 0 .../client_contact_link_software_modal.php | 0 21 files changed, 21 insertions(+), 21 deletions(-) rename client_contact_add_modal.php => modals/client_contact_add_modal.php (100%) rename client_contact_archive_modal.php => modals/client_contact_archive_modal.php (100%) rename client_contact_bulk_assign_location_modal.php => modals/client_contact_bulk_assign_location_modal.php (100%) rename client_contact_bulk_assign_tags_modal.php => modals/client_contact_bulk_assign_tags_modal.php (100%) rename client_contact_bulk_edit_department_modal.php => modals/client_contact_bulk_edit_department_modal.php (100%) rename client_contact_bulk_edit_phone_modal.php => modals/client_contact_bulk_edit_phone_modal.php (100%) rename client_contact_bulk_edit_role_modal.php => modals/client_contact_bulk_edit_role_modal.php (100%) rename client_contact_bulk_email_modal.php => modals/client_contact_bulk_email_modal.php (100%) rename client_contact_create_note_modal.php => modals/client_contact_create_note_modal.php (100%) rename client_contact_edit_modal.php => modals/client_contact_edit_modal.php (100%) rename client_contact_export_modal.php => modals/client_contact_export_modal.php (100%) rename client_contact_import_modal.php => modals/client_contact_import_modal.php (100%) rename client_contact_invite_modal.php => modals/client_contact_invite_modal.php (99%) rename client_contact_link_asset_modal.php => modals/client_contact_link_asset_modal.php (100%) rename client_contact_link_credential_modal.php => modals/client_contact_link_credential_modal.php (100%) rename client_contact_link_document_modal.php => modals/client_contact_link_document_modal.php (100%) rename client_contact_link_file_modal.php => modals/client_contact_link_file_modal.php (100%) rename client_contact_link_service_modal.php => modals/client_contact_link_service_modal.php (100%) rename client_contact_link_software_modal.php => modals/client_contact_link_software_modal.php (100%) diff --git a/client_contact_details.php b/client_contact_details.php index 1599b941..595892ce 100644 --- a/client_contact_details.php +++ b/client_contact_details.php @@ -210,7 +210,7 @@ if (isset($_GET['contact_id'])) {
    -
    @@ -1125,14 +1125,14 @@ if (isset($_GET['contact_id'])) {
    - - - - - - + + + + + + @@ -482,12 +482,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -
    +
    \ No newline at end of file diff --git a/client_contact_link_asset_modal.php b/modals/client_contact_link_asset_modal.php similarity index 100% rename from client_contact_link_asset_modal.php rename to modals/client_contact_link_asset_modal.php diff --git a/client_contact_link_credential_modal.php b/modals/client_contact_link_credential_modal.php similarity index 100% rename from client_contact_link_credential_modal.php rename to modals/client_contact_link_credential_modal.php diff --git a/client_contact_link_document_modal.php b/modals/client_contact_link_document_modal.php similarity index 100% rename from client_contact_link_document_modal.php rename to modals/client_contact_link_document_modal.php diff --git a/client_contact_link_file_modal.php b/modals/client_contact_link_file_modal.php similarity index 100% rename from client_contact_link_file_modal.php rename to modals/client_contact_link_file_modal.php diff --git a/client_contact_link_service_modal.php b/modals/client_contact_link_service_modal.php similarity index 100% rename from client_contact_link_service_modal.php rename to modals/client_contact_link_service_modal.php diff --git a/client_contact_link_software_modal.php b/modals/client_contact_link_software_modal.php similarity index 100% rename from client_contact_link_software_modal.php rename to modals/client_contact_link_software_modal.php From a9179462c4b5c6fc64485bf8e334d0c90900de86 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 11 Jan 2025 13:05:26 -0500 Subject: [PATCH 061/366] Moved client location modals inside /modals and updated the require links in location listing --- client_locations.php | 10 +++++----- .../client_location_add_modal.php | 0 .../client_location_bulk_assign_tags_modal.php | 0 .../client_location_edit_modal.php | 0 .../client_location_export_modal.php | 0 .../client_location_import_modal.php | 0 6 files changed, 5 insertions(+), 5 deletions(-) rename client_location_add_modal.php => modals/client_location_add_modal.php (100%) rename client_location_bulk_assign_tags_modal.php => modals/client_location_bulk_assign_tags_modal.php (100%) rename client_location_edit_modal.php => modals/client_location_edit_modal.php (100%) rename client_location_export_modal.php => modals/client_location_export_modal.php (100%) rename client_location_import_modal.php => modals/client_location_import_modal.php (100%) diff --git a/client_locations.php b/client_locations.php index 2e2403f3..2c7f125d 100644 --- a/client_locations.php +++ b/client_locations.php @@ -297,7 +297,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - @@ -307,7 +307,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - + @@ -318,11 +318,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Date: Sat, 11 Jan 2025 19:33:48 +0000 Subject: [PATCH 062/366] Auto-acknowledgement email for email parsed tickets now contains guest link --- CHANGELOG.md | 1 + scripts/cron_ticket_email_parser.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 13aca7ae..df060d6f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ All notable changes to ITFlow will be documented in this file. - Admin pages now once again use the new admin role-check - Debug now shows the current git branch - Individual POST handler logic pages can no longer be accessed directly +- Auto-acknowledgement email for email parsed tickets now contains guest link ## 24.12 diff --git a/scripts/cron_ticket_email_parser.php b/scripts/cron_ticket_email_parser.php index 1824bd33..c73679d5 100644 --- a/scripts/cron_ticket_email_parser.php +++ b/scripts/cron_ticket_email_parser.php @@ -155,7 +155,7 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date $data = []; if ($config_ticket_client_general_notifications == 1) { $subject_email = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"; - $body = "##- Please type your reply above this line -##

    Hello $contact_name,

    Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

    Ticket: $config_ticket_prefix$ticket_number
    Subject: $subject
    Status: New
    https://$config_base_url/portal/ticket.php?id=$id

    --
    $company_name - Support
    $config_ticket_from_email
    $company_phone"; + $body = "##- Please type your reply above this line -##

    Hello $contact_name,

    Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

    Ticket: $config_ticket_prefix$ticket_number
    Subject: $subject
    Status: New
    Portal: View ticket

    --
    $company_name - Support
    $config_ticket_from_email
    $company_phone"; $data[] = [ 'from' => $config_ticket_from_email, 'from_name' => $config_ticket_from_name, From 2ca92744f32b7eaddfee979c7270312662aafcf3 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sat, 11 Jan 2025 19:40:36 +0000 Subject: [PATCH 063/366] mv --- CHANGELOG.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df060d6f..ebbc8deb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,16 +4,16 @@ All notable changes to ITFlow will be documented in this file. ## 25.1 - Moved cron/cli scripts to scripts subfolder - Old scripts remain in the root for now, but please update your cron configurations! +- Admin pages now once again use the new admin role-check +- Debug now shows the current git branch +- Individual POST handler logic pages can no longer be accessed directly +- Auto-acknowledgement email for email parsed tickets now contains guest link - Bugfix: Ticket edit modal not showing multi-client/no-client projects - Bugfix: Asset interface losing DHCP setting - Bugfix: Editing / creating recurring expenses results in error 500 due to incorrect var name - Bugfix: Recurring tickets no longer require a contact - Bugfix: Stripe online payment setup now prompts you to set the income/expense account -- Bugfix: Tickets created via portal/email not being marked as billable -- Admin pages now once again use the new admin role-check -- Debug now shows the current git branch -- Individual POST handler logic pages can no longer be accessed directly -- Auto-acknowledgement email for email parsed tickets now contains guest link +- Bugfix: Tickets created via portal/email not being marked as billable ## 24.12 From 98f9083bcb8cb47e579c64712f1656e8750edb7d Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 11 Jan 2025 14:47:32 -0500 Subject: [PATCH 064/366] Structure rework: Moved most php files that are included to /includes renamed pagination.php to filter_footer.php, updated all file to reference new filter_footer and includes --- accounts.php | 6 +++--- admin_api.php | 6 +++--- admin_app_log.php | 6 +++--- admin_audit_log.php | 6 +++--- admin_backup.php | 4 ++-- admin_bulk_mail.php | 4 ++-- admin_category.php | 6 +++--- admin_custom_link.php | 6 +++--- admin_debug.php | 4 ++-- admin_document_template.php | 2 +- admin_document_template_details.php | 4 ++-- admin_legacy_debug.php | 4 ++-- admin_mail_queue.php | 6 +++--- admin_mail_queue_message_view.php | 4 ++-- admin_project_template.php | 6 +++--- admin_project_template_details.php | 4 ++-- admin_role.php | 6 +++--- admin_settings_ai.php | 4 ++-- admin_settings_company.php | 4 ++-- admin_settings_custom_fields.php | 6 +++--- admin_settings_default.php | 4 ++-- admin_settings_integration.php | 4 ++-- admin_settings_invoice.php | 4 ++-- admin_settings_localization.php | 4 ++-- admin_settings_mail.php | 4 ++-- admin_settings_maintenance.php | 4 ++-- admin_settings_module.php | 4 ++-- admin_settings_notification.php | 4 ++-- admin_settings_online_payment.php | 4 ++-- admin_settings_project.php | 4 ++-- admin_settings_quote.php | 4 ++-- admin_settings_security.php | 4 ++-- admin_settings_telemetry.php | 4 ++-- admin_settings_theme.php | 4 ++-- admin_settings_ticket.php | 4 ++-- admin_software_template.php | 6 +++--- admin_tag.php | 6 +++--- admin_tax.php | 4 ++-- admin_ticket_status.php | 6 +++--- admin_ticket_template.php | 6 +++--- admin_ticket_template_details.php | 4 ++-- admin_update.php | 4 ++-- admin_user.php | 6 +++--- admin_vendor_template.php | 6 +++--- blank.php | 4 ++-- budget.php | 4 ++-- budget_edit.php | 4 ++-- calendar_events.php | 4 ++-- client_asset_details.php | 4 ++-- client_assets.php | 6 +++--- client_certificates.php | 6 +++--- client_contact_details.php | 4 ++-- client_contacts.php | 6 +++--- client_document_details.php | 4 ++-- client_documents.php | 6 +++--- client_domains.php | 6 +++--- client_events.php | 2 +- client_files.php | 6 +++--- client_invoices.php | 6 +++--- client_locations.php | 6 +++--- client_logins.php | 6 +++--- client_networks.php | 6 +++--- client_overview.php | 4 ++-- client_payments.php | 6 +++--- client_quotes.php | 6 +++--- client_racks.php | 4 ++-- client_recurring_invoices.php | 6 +++--- client_recurring_tickets.php | 4 ++-- client_services.php | 4 ++-- client_software.php | 6 +++--- client_tickets.php | 6 +++--- client_trips.php | 6 +++--- client_vendors.php | 6 +++--- clients.php | 6 +++--- dashboard.php | 4 ++-- expenses.php | 6 +++--- force_mfa.php | 2 +- global_search.php | 4 ++-- admin_side_nav.php => includes/admin_side_nav.php | 0 client_side_nav.php => includes/client_side_nav.php | 0 pagination.php => includes/filter_footer.php | 0 filter_header.php => includes/filter_header.php | 0 footer.php => includes/footer.php | 2 +- header.php => includes/header.php | 0 inc_alert_feedback.php => includes/inc_alert_feedback.php | 0 inc_all.php => includes/inc_all.php | 0 inc_all_admin.php => includes/inc_all_admin.php | 0 inc_all_client.php => includes/inc_all_client.php | 0 inc_all_reports.php => includes/inc_all_reports.php | 0 inc_all_user.php => includes/inc_all_user.php | 0 .../inc_client_top_head.php | 0 inc_confirm_modal.php => includes/inc_confirm_modal.php | 0 inc_debug.php => includes/inc_debug.php | 0 inc_wrapper.php => includes/inc_wrapper.php | 0 reports_side_nav.php => includes/reports_side_nav.php | 0 side_nav.php => includes/side_nav.php | 0 top_nav.php => includes/top_nav.php | 0 user_side_nav.php => includes/user_side_nav.php | 0 invoice.php | 8 ++++---- invoices.php | 6 +++--- login.php | 4 ++-- notifications.php | 4 ++-- notifications_dismissed.php | 6 +++--- payments.php | 6 +++--- {dist => plugins/adminlte}/css/adminlte.min.css | 0 {dist => plugins/adminlte}/js/.eslintrc.json | 0 {dist => plugins/adminlte}/js/adminlte.min.js | 0 products.php | 6 +++--- project_details.php | 4 ++-- projects.php | 6 +++--- quote.php | 8 ++++---- quotes.php | 6 +++--- recurring_expenses.php | 6 +++--- recurring_invoice.php | 6 +++--- recurring_invoices.php | 6 +++--- recurring_tickets.php | 4 ++-- report_assets.php | 6 +++--- report_budget.php | 4 ++-- report_clients_with_balance.php | 4 ++-- report_domains.php | 6 +++--- report_expense_by_vendor.php | 4 ++-- report_expense_summary.php | 4 ++-- report_income_by_client.php | 4 ++-- report_income_summary.php | 4 ++-- report_password_rotation.php | 4 ++-- report_profit_loss.php | 4 ++-- report_recurring_by_client.php | 4 ++-- report_tax_summary.php | 4 ++-- report_ticket_by_client.php | 4 ++-- report_ticket_summary.php | 4 ++-- report_tickets_unbilled.php | 4 ++-- revenues.php | 6 +++--- temp_bulk_close_bugfix.php | 4 ++-- ticket.php | 6 +++--- tickets.php | 6 +++--- transfers.php | 6 +++--- trips.php | 6 +++--- user_activity.php | 4 ++-- user_details.php | 4 ++-- user_preferences.php | 4 ++-- user_security.php | 4 ++-- vendor_details.php | 6 +++--- vendors.php | 6 +++--- 143 files changed, 295 insertions(+), 295 deletions(-) rename admin_side_nav.php => includes/admin_side_nav.php (100%) rename client_side_nav.php => includes/client_side_nav.php (100%) rename pagination.php => includes/filter_footer.php (100%) rename filter_header.php => includes/filter_header.php (100%) rename footer.php => includes/footer.php (96%) rename header.php => includes/header.php (100%) rename inc_alert_feedback.php => includes/inc_alert_feedback.php (100%) rename inc_all.php => includes/inc_all.php (100%) rename inc_all_admin.php => includes/inc_all_admin.php (100%) rename inc_all_client.php => includes/inc_all_client.php (100%) rename inc_all_reports.php => includes/inc_all_reports.php (100%) rename inc_all_user.php => includes/inc_all_user.php (100%) rename inc_client_top_head.php => includes/inc_client_top_head.php (100%) rename inc_confirm_modal.php => includes/inc_confirm_modal.php (100%) rename inc_debug.php => includes/inc_debug.php (100%) rename inc_wrapper.php => includes/inc_wrapper.php (100%) rename reports_side_nav.php => includes/reports_side_nav.php (100%) rename side_nav.php => includes/side_nav.php (100%) rename top_nav.php => includes/top_nav.php (100%) rename user_side_nav.php => includes/user_side_nav.php (100%) rename {dist => plugins/adminlte}/css/adminlte.min.css (100%) rename {dist => plugins/adminlte}/js/.eslintrc.json (100%) rename {dist => plugins/adminlte}/js/adminlte.min.js (100%) diff --git a/accounts.php b/accounts.php index f23a0f7e..0488c624 100644 --- a/accounts.php +++ b/accounts.php @@ -4,7 +4,7 @@ $sort = "account_name"; $order = "ASC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_financial'); @@ -116,11 +116,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    -
    @@ -176,5 +176,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -
    -
    @@ -34,5 +34,5 @@ require_once "inc_all_admin.php";
    -
    @@ -194,4 +194,4 @@ if (isset($_GET['archived'])) { - @@ -149,5 +149,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); close(); - + - @@ -146,4 +146,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/admin_role.php b/admin_role.php index 800b58cc..62086cc2 100644 --- a/admin_role.php +++ b/admin_role.php @@ -4,7 +4,7 @@ $sort = "user_role_is_admin"; $order = "DESC"; -require_once "inc_all_admin.php"; +require_once "includes/inc_all_admin.php"; //Rebuild URL @@ -134,7 +134,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -143,5 +143,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); require_once "admin_role_add_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/admin_settings_ai.php b/admin_settings_ai.php index 91eba539..894859b8 100644 --- a/admin_settings_ai.php +++ b/admin_settings_ai.php @@ -1,6 +1,6 @@
    @@ -73,5 +73,5 @@ require_once "inc_all_admin.php";
    - @@ -120,5 +120,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    @@ -249,4 +249,4 @@ require_once "inc_all_admin.php";
    @@ -39,5 +39,5 @@ require_once "inc_all_admin.php";
    -
    @@ -102,5 +102,5 @@ require_once "inc_all_admin.php";
    @@ -327,5 +327,5 @@ require_once "inc_all_admin.php"; -
    @@ -78,5 +78,5 @@ require_once "inc_all_admin.php";
    @@ -193,4 +193,4 @@ require_once "inc_all_admin.php";
    @@ -151,5 +151,5 @@ require_once "inc_all_admin.php";
    @@ -41,4 +41,4 @@ require_once "inc_all_admin.php";
    @@ -54,5 +54,5 @@ require_once "inc_all_admin.php";
    @@ -62,5 +62,5 @@ require_once "inc_all_admin.php";
    @@ -38,5 +38,5 @@ require_once "inc_all_admin.php";
    @@ -63,5 +63,5 @@ require_once "inc_all_admin.php";
    @@ -82,5 +82,5 @@ require_once "inc_all_admin.php";
    - @@ -136,5 +136,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -130,5 +130,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -131,5 +131,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - - @@ -239,5 +239,5 @@ require_once "admin_user_export_modal.php"; require_once "admin_user_all_reset_password_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/admin_vendor_template.php b/admin_vendor_template.php index 02694440..f75cd9fb 100644 --- a/admin_vendor_template.php +++ b/admin_vendor_template.php @@ -4,7 +4,7 @@ $sort = "vendor_name"; $order = "ASC"; -require_once "inc_all_admin.php"; +require_once "includes/inc_all_admin.php"; //Rebuild URL @@ -164,7 +164,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -172,5 +172,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); +
      @@ -52,4 +52,4 @@ echo "Current Date and Time: $date_time"; - diff --git a/budget_edit.php b/budget_edit.php index 76051bd0..c4b09abc 100644 --- a/budget_edit.php +++ b/budget_edit.php @@ -1,6 +1,6 @@ diff --git a/calendar_events.php b/calendar_events.php index 1b7ee7ef..1904f37a 100644 --- a/calendar_events.php +++ b/calendar_events.php @@ -1,6 +1,6 @@ - diff --git a/client_asset_details.php b/client_asset_details.php index 37f7be3c..6c7fc4ec 100644 --- a/client_asset_details.php +++ b/client_asset_details.php @@ -1,6 +1,6 @@ 0) { - + @@ -627,7 +627,7 @@ require_once "client_asset_import_modal.php"; require_once "client_asset_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; ?> diff --git a/client_certificates.php b/client_certificates.php index c606fdf0..0696b532 100644 --- a/client_certificates.php +++ b/client_certificates.php @@ -4,7 +4,7 @@ $sort = "certificate_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -200,7 +200,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -218,5 +218,5 @@ require_once "client_certificate_export_modal.php"; - diff --git a/client_contact_details.php b/client_contact_details.php index 595892ce..36e97042 100644 --- a/client_contact_details.php +++ b/client_contact_details.php @@ -1,6 +1,6 @@ - @@ -490,4 +490,4 @@ require_once "modals/client_contact_import_modal.php"; require_once "modals/client_contact_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_document_details.php b/client_document_details.php index 89b96128..e827241d 100644 --- a/client_document_details.php +++ b/client_document_details.php @@ -1,6 +1,6 @@ diff --git a/client_documents.php b/client_documents.php index a017d4ab..12becd84 100644 --- a/client_documents.php +++ b/client_documents.php @@ -4,7 +4,7 @@ $sort = "document_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -462,7 +462,7 @@ while ($folder_id > 0) { - @@ -478,4 +478,4 @@ require_once "client_document_add_modal.php"; require_once "client_document_add_from_template_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_domains.php b/client_domains.php index 299ec05c..bf6bbde9 100644 --- a/client_domains.php +++ b/client_domains.php @@ -4,7 +4,7 @@ $sort = "domain_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -255,7 +255,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -271,5 +271,5 @@ require_once "client_domain_export_modal.php"; - 0) { - @@ -640,4 +640,4 @@ require_once "share_modal.php"; require_once "client_file_delete_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_invoices.php b/client_invoices.php index 7685317e..11624313 100644 --- a/client_invoices.php +++ b/client_invoices.php @@ -4,7 +4,7 @@ $sort = "invoice_number"; $order = "DESC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_sales'); @@ -213,7 +213,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -225,4 +225,4 @@ require_once "invoice_payment_add_bulk_modal.php"; require_once "client_invoice_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_locations.php b/client_locations.php index 2c7f125d..97e8149b 100644 --- a/client_locations.php +++ b/client_locations.php @@ -4,7 +4,7 @@ $sort = "location_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Tags Filter if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) { @@ -309,7 +309,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -324,5 +324,5 @@ require_once "modals/client_location_import_modal.php"; require_once "modals/client_location_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_logins.php b/client_logins.php index c4327fba..606e5431 100644 --- a/client_logins.php +++ b/client_logins.php @@ -4,7 +4,7 @@ $sort = "login_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_credential'); @@ -406,7 +406,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -429,4 +429,4 @@ require_once "client_login_import_modal.php"; require_once "client_login_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_networks.php b/client_networks.php index 1257160b..b410ba40 100644 --- a/client_networks.php +++ b/client_networks.php @@ -4,7 +4,7 @@ $sort = "network_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -224,7 +224,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -244,4 +244,4 @@ require_once "client_network_export_modal.php"; - @@ -152,5 +152,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -208,5 +208,5 @@ require_once "quote_edit_modal.php"; require_once "client_quote_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_racks.php b/client_racks.php index f81407db..41827f48 100644 --- a/client_racks.php +++ b/client_racks.php @@ -4,7 +4,7 @@ $sort = "rack_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -242,5 +242,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/client_recurring_invoices.php b/client_recurring_invoices.php index 19e4e668..281158ee 100644 --- a/client_recurring_invoices.php +++ b/client_recurring_invoices.php @@ -4,7 +4,7 @@ $sort = "recurring_last_sent"; $order = "DESC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_sales'); @@ -211,7 +211,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -221,5 +221,5 @@ require_once "recurring_invoice_add_modal.php"; require_once "client_recurring_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_recurring_tickets.php b/client_recurring_tickets.php index 1cdd127c..88d60899 100644 --- a/client_recurring_tickets.php +++ b/client_recurring_tickets.php @@ -4,7 +4,7 @@ $sort = "scheduled_ticket_subject"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -180,5 +180,5 @@ require_once "recurring_ticket_add_modal.php"; require_once "recurring_ticket_edit_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_services.php b/client_services.php index 8026b389..2ea4018c 100644 --- a/client_services.php +++ b/client_services.php @@ -4,7 +4,7 @@ $sort = "service_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -218,5 +218,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -236,4 +236,4 @@ require_once "client_software_add_from_template_modal.php"; require_once "client_software_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_tickets.php b/client_tickets.php index fba87df6..d6f779ba 100644 --- a/client_tickets.php +++ b/client_tickets.php @@ -5,7 +5,7 @@ $sort = "ticket_number"; $order = "DESC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_support'); @@ -335,7 +335,7 @@ $total_tickets_closed = intval($row['total_tickets_closed']); - + @@ -344,5 +344,5 @@ require_once "ticket_add_modal.php"; require_once "client_ticket_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_trips.php b/client_trips.php index 6ff02c3f..f45177d3 100644 --- a/client_trips.php +++ b/client_trips.php @@ -4,7 +4,7 @@ $sort = "trip_date"; $order = "DESC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; //Rebuild URL @@ -172,7 +172,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -182,5 +182,5 @@ require_once "trip_add_modal.php"; require_once "client_trip_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/client_vendors.php b/client_vendors.php index 20268f8a..2b286282 100644 --- a/client_vendors.php +++ b/client_vendors.php @@ -4,7 +4,7 @@ $sort = "vendor_name"; $order = "ASC"; -require_once "inc_all_client.php"; +require_once "includes/inc_all_client.php"; // Perms enforceUserPermission('module_client'); @@ -259,7 +259,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -273,5 +273,5 @@ require_once "vendor_add_from_template_modal.php"; require_once "client_vendor_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/clients.php b/clients.php index 3d93dfb7..6ccfe558 100644 --- a/clients.php +++ b/clients.php @@ -4,7 +4,7 @@ $sort = "client_accessed_at"; $order = "DESC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_client'); @@ -478,7 +478,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -490,5 +490,5 @@ require_once "client_import_modal.php"; require_once "client_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/dashboard.php b/dashboard.php index 20a9d4cd..79d89916 100644 --- a/dashboard.php +++ b/dashboard.php @@ -1,5 +1,5 @@ - + diff --git a/expenses.php b/expenses.php index e3c7d7cc..0db8b257 100644 --- a/expenses.php +++ b/expenses.php @@ -4,7 +4,7 @@ $sort = "expense_date"; $order = "DESC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_financial'); @@ -365,7 +365,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -376,4 +376,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); require_once "expense_add_modal.php"; require_once "expense_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/force_mfa.php b/force_mfa.php index 05e6d1f2..7a258457 100644 --- a/force_mfa.php +++ b/force_mfa.php @@ -70,5 +70,5 @@ require_once "header.php"; diff --git a/admin_side_nav.php b/includes/admin_side_nav.php similarity index 100% rename from admin_side_nav.php rename to includes/admin_side_nav.php diff --git a/client_side_nav.php b/includes/client_side_nav.php similarity index 100% rename from client_side_nav.php rename to includes/client_side_nav.php diff --git a/pagination.php b/includes/filter_footer.php similarity index 100% rename from pagination.php rename to includes/filter_footer.php diff --git a/filter_header.php b/includes/filter_header.php similarity index 100% rename from filter_header.php rename to includes/filter_header.php diff --git a/footer.php b/includes/footer.php similarity index 96% rename from footer.php rename to includes/footer.php index 67e6cdb9..949d3001 100644 --- a/footer.php +++ b/includes/footer.php @@ -33,7 +33,7 @@ if (str_contains(basename($_SERVER["PHP_SELF"]), "admin_")) { ?> - + diff --git a/header.php b/includes/header.php similarity index 100% rename from header.php rename to includes/header.php diff --git a/inc_alert_feedback.php b/includes/inc_alert_feedback.php similarity index 100% rename from inc_alert_feedback.php rename to includes/inc_alert_feedback.php diff --git a/inc_all.php b/includes/inc_all.php similarity index 100% rename from inc_all.php rename to includes/inc_all.php diff --git a/inc_all_admin.php b/includes/inc_all_admin.php similarity index 100% rename from inc_all_admin.php rename to includes/inc_all_admin.php diff --git a/inc_all_client.php b/includes/inc_all_client.php similarity index 100% rename from inc_all_client.php rename to includes/inc_all_client.php diff --git a/inc_all_reports.php b/includes/inc_all_reports.php similarity index 100% rename from inc_all_reports.php rename to includes/inc_all_reports.php diff --git a/inc_all_user.php b/includes/inc_all_user.php similarity index 100% rename from inc_all_user.php rename to includes/inc_all_user.php diff --git a/inc_client_top_head.php b/includes/inc_client_top_head.php similarity index 100% rename from inc_client_top_head.php rename to includes/inc_client_top_head.php diff --git a/inc_confirm_modal.php b/includes/inc_confirm_modal.php similarity index 100% rename from inc_confirm_modal.php rename to includes/inc_confirm_modal.php diff --git a/inc_debug.php b/includes/inc_debug.php similarity index 100% rename from inc_debug.php rename to includes/inc_debug.php diff --git a/inc_wrapper.php b/includes/inc_wrapper.php similarity index 100% rename from inc_wrapper.php rename to includes/inc_wrapper.php diff --git a/reports_side_nav.php b/includes/reports_side_nav.php similarity index 100% rename from reports_side_nav.php rename to includes/reports_side_nav.php diff --git a/side_nav.php b/includes/side_nav.php similarity index 100% rename from side_nav.php rename to includes/side_nav.php diff --git a/top_nav.php b/includes/top_nav.php similarity index 100% rename from top_nav.php rename to includes/top_nav.php diff --git a/user_side_nav.php b/includes/user_side_nav.php similarity index 100% rename from user_side_nav.php rename to includes/user_side_nav.php diff --git a/invoice.php b/invoice.php index 108fce99..deef2fbb 100644 --- a/invoice.php +++ b/invoice.php @@ -2,9 +2,9 @@ // If client_id is in URI then show client Side Bar and client header if (isset($_GET['client_id'])) { - require_once "inc_all_client.php"; + require_once "includes/inc_all_client.php"; } else { - require_once "inc_all.php"; + require_once "includes/inc_all.php"; } if (isset($_GET['invoice_id'])) { @@ -22,7 +22,7 @@ if (isset($_GET['invoice_id'])) { if (mysqli_num_rows($sql) == 0) { echo '

      Nothing to see here

      '; - require_once "footer.php"; + require_once "includes/footer.php"; exit(); } @@ -674,7 +674,7 @@ if (isset($_GET['invoice_id'])) { } -require_once "footer.php"; +require_once "includes/footer.php"; ?> diff --git a/invoices.php b/invoices.php index de38e53e..35881ab5 100644 --- a/invoices.php +++ b/invoices.php @@ -4,7 +4,7 @@ $sort = "invoice_number"; $order = "DESC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_sales'); @@ -349,7 +349,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -358,5 +358,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); require_once "invoice_add_modal.php"; require_once "invoice_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/login.php b/login.php index c4c10545..7b8024c1 100644 --- a/login.php +++ b/login.php @@ -315,7 +315,7 @@ if (isset($_POST['login'])) { - + @@ -401,7 +401,7 @@ if (isset($_POST['login'])) { - + diff --git a/notifications.php b/notifications.php index ab9806e8..af75852c 100644 --- a/notifications.php +++ b/notifications.php @@ -1,6 +1,6 @@ - + - - diff --git a/dist/css/adminlte.min.css b/plugins/adminlte/css/adminlte.min.css similarity index 100% rename from dist/css/adminlte.min.css rename to plugins/adminlte/css/adminlte.min.css diff --git a/dist/js/.eslintrc.json b/plugins/adminlte/js/.eslintrc.json similarity index 100% rename from dist/js/.eslintrc.json rename to plugins/adminlte/js/.eslintrc.json diff --git a/dist/js/adminlte.min.js b/plugins/adminlte/js/adminlte.min.js similarity index 100% rename from dist/js/adminlte.min.js rename to plugins/adminlte/js/adminlte.min.js diff --git a/products.php b/products.php index 8da75d9f..00e1aba6 100644 --- a/products.php +++ b/products.php @@ -4,7 +4,7 @@ $sort = "product_name"; $order = "ASC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_sales'); @@ -259,7 +259,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -271,4 +271,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); require_once "product_add_modal.php"; require_once "product_export_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/project_details.php b/project_details.php index c80b267a..7208c65e 100644 --- a/project_details.php +++ b/project_details.php @@ -1,6 +1,6 @@ diff --git a/projects.php b/projects.php index 1eab6989..98fee866 100644 --- a/projects.php +++ b/projects.php @@ -4,7 +4,7 @@ $sort = "project_name"; $order = "ASC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_support'); @@ -304,7 +304,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -312,5 +312,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Nothing to see here'; - require_once "footer.php"; + require_once "includes/footer.php"; exit(); } @@ -537,7 +537,7 @@ if (isset($_GET['quote_id'])) { require_once "quote_note_modal.php"; } -require_once "footer.php"; +require_once "includes/footer.php"; ?> diff --git a/quotes.php b/quotes.php index c8388e40..b1eb8ec5 100644 --- a/quotes.php +++ b/quotes.php @@ -4,7 +4,7 @@ $sort = "quote_number"; $order = "DESC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_sales'); @@ -236,7 +236,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -247,5 +247,5 @@ require_once "quote_add_modal.php"; require_once "quote_edit_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/recurring_expenses.php b/recurring_expenses.php index ca2a3d4b..8b9049f8 100644 --- a/recurring_expenses.php +++ b/recurring_expenses.php @@ -4,7 +4,7 @@ $sort = "recurring_expense_next_date"; $order = "ASC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_financial'); @@ -221,7 +221,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -229,5 +229,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/recurring_invoices.php b/recurring_invoices.php index 98ec7caa..cf84d56e 100644 --- a/recurring_invoices.php +++ b/recurring_invoices.php @@ -4,7 +4,7 @@ $sort = "recurring_next_date"; $order = "ASC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_sales'); @@ -241,7 +241,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -250,4 +250,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); require_once "recurring_invoice_add_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/recurring_tickets.php b/recurring_tickets.php index 73a19725..c4670994 100644 --- a/recurring_tickets.php +++ b/recurring_tickets.php @@ -4,7 +4,7 @@ $sort = "scheduled_ticket_subject"; $order = "ASC"; -require_once "inc_all.php"; +require_once "includes/inc_all.php"; // Perms enforceUserPermission('module_support'); @@ -209,4 +209,4 @@ require_once "recurring_ticket_add_modal.php"; require_once "recurring_ticket_edit_modal.php"; -require_once "footer.php"; +require_once "includes/footer.php"; diff --git a/report_assets.php b/report_assets.php index 042e6607..e7fc9fae 100644 --- a/report_assets.php +++ b/report_assets.php @@ -4,7 +4,7 @@ $sort = "asset_name"; $order = "ASC"; -require_once "inc_all_reports.php"; +require_once "includes/inc_all_reports.php"; // Perms enforceUserPermission('module_support'); @@ -610,7 +610,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - + @@ -618,5 +618,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - \ No newline at end of file diff --git a/report_clients_with_balance.php b/report_clients_with_balance.php index 61f29d22..5f75a4a4 100644 --- a/report_clients_with_balance.php +++ b/report_clients_with_balance.php @@ -1,6 +1,6 @@ - - - diff --git a/report_expense_summary.php b/report_expense_summary.php index 03332254..9abe15a9 100644 --- a/report_expense_summary.php +++ b/report_expense_summary.php @@ -1,6 +1,6 @@ - + + + + + + + + + + + + + + + + + diff --git a/guest_header.php b/guest/guest_header.php similarity index 70% rename from guest_header.php rename to guest/guest_header.php index 8ce55023..d82f5eac 100644 --- a/guest_header.php +++ b/guest/guest_header.php @@ -1,12 +1,12 @@ - - + + - + - + - - - - + + + + diff --git a/guest_pay_invoice_stripe.php b/guest/guest_pay_invoice_stripe.php similarity index 99% rename from guest_pay_invoice_stripe.php rename to guest/guest_pay_invoice_stripe.php index 3be52d31..019c670f 100644 --- a/guest_pay_invoice_stripe.php +++ b/guest/guest_pay_invoice_stripe.php @@ -168,7 +168,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent - + 0) {
      - "> + ">
      @@ -343,8 +343,8 @@ if ($balance > 0) {
      - - + + - + + - - - - - - - - - - - - - - - - - diff --git a/includes/header.php b/includes/header.php index 7d8bd8bf..ac886ac6 100644 --- a/includes/header.php +++ b/includes/header.php @@ -30,7 +30,7 @@ header("X-Frame-Options: DENY"); - + diff --git a/index.php b/index.php index cb69e797..ab0d6145 100644 --- a/index.php +++ b/index.php @@ -1,7 +1,7 @@
        @@ -16,7 +16,7 @@ if (file_exists("config.php")) {
        Date: Sat, 11 Jan 2025 16:07:48 -0500 Subject: [PATCH 067/366] Update all email content links to use the /guest directory now for ticket viewing, invoice, quote and item --- ajax.php | 4 ++-- cron.php | 4 ++-- invoice.php | 2 +- post/user/invoice.php | 12 ++++++------ post/user/quote.php | 2 +- post/user/ticket.php | 20 ++++++++++---------- quote.php | 2 +- 7 files changed, 23 insertions(+), 23 deletions(-) diff --git a/ajax.php b/ajax.php index 3a420b06..f1c6dcb2 100644 --- a/ajax.php +++ b/ajax.php @@ -306,10 +306,10 @@ if (isset($_GET['share_generate_link'])) { // Return URL if ($item_type == "Login") { - $url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key"; + $url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key"; } else { - $url = "https://$config_base_url/guest_view_item.php?id=$share_id&key=$item_key"; + $url = "https://$config_base_url/guest/guest_view_item.php?id=$share_id&key=$item_key"; } $sql = mysqli_query($mysqli,"SELECT * FROM companies WHERE company_id = 1"); diff --git a/cron.php b/cron.php index 04e48d13..9504a6b6 100644 --- a/cron.php +++ b/cron.php @@ -485,7 +485,7 @@ if ($config_send_invoice_reminders == 1) { $subject = "Overdue Invoice $invoice_prefix$invoice_number"; $body = "Hello $contact_name,

        Our records indicate that we have not yet received payment for the invoice $invoice_prefix$invoice_number. We kindly request that you submit your payment as soon as possible. If you have any questions or concerns, please do not hesitate to contact us at $company_email or $company_phone.

        - Kindly review the invoice details mentioned below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "
        Due Date: $invoice_due
        Over Due By: $day Days


        To view your invoice, please click here.


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + Kindly review the invoice details mentioned below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "
        Due Date: $invoice_due
        Over Due By: $day Days


        To view your invoice, please click here.


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; $mail = addToMailQueue($mysqli, [ [ @@ -617,7 +617,7 @@ while ($row = mysqli_fetch_array($sql_recurring)) { $contact_email = sanitizeInput($row['contact_email']); $subject = "Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

        An invoice regarding \"$invoice_scope\" has been generated. Please view the details below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "
        Due Date: $invoice_due


        To view your invoice, please click here.


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + $body = "Hello $contact_name,

        An invoice regarding \"$invoice_scope\" has been generated. Please view the details below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "
        Due Date: $invoice_due


        To view your invoice, please click here.


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; $mail = addToMailQueue($mysqli, [ [ diff --git a/invoice.php b/invoice.php index deef2fbb..3736f6fd 100644 --- a/invoice.php +++ b/invoice.php @@ -231,7 +231,7 @@ if (isset($_GET['invoice_id'])) { Send Email - "> + "> Guest URL diff --git a/post/user/invoice.php b/post/user/invoice.php index a02c0e63..847a096b 100644 --- a/post/user/invoice.php +++ b/post/user/invoice.php @@ -801,7 +801,7 @@ if (isset($_POST['add_payment'])) { if ($email_receipt == 1) { $subject = "Payment Received - Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

        We have received your payment in full for the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount Paid: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "
        Payment Method: $payment_method
        Payment Reference: $reference

        Thank you for your business!


        --
        $company_name - Billing Department
        $config_invoice_from_email
        $company_phone"; + $body = "Hello $contact_name,

        We have received your payment in full for the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount Paid: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "
        Payment Method: $payment_method
        Payment Reference: $reference

        Thank you for your business!


        --
        $company_name - Billing Department
        $config_invoice_from_email
        $company_phone"; // Queue Mail $email = [ @@ -833,7 +833,7 @@ if (isset($_POST['add_payment'])) { if ($email_receipt == 1) { $subject = "Partial Payment Received - Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

        We have received partial payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " and it has been applied to invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount Paid: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "
        Payment Method: $payment_method
        Payment Reference: $reference
        Invoice Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "

        Thank you for your business!


        ~
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + $body = "Hello $contact_name,

        We have received partial payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " and it has been applied to invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount Paid: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "
        Payment Method: $payment_method
        Payment Reference: $reference
        Invoice Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "

        Thank you for your business!


        ~
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; // Queue Mail $email = [ @@ -960,7 +960,7 @@ if (isset($_POST['add_bulk_payment'])) { mysqli_query($mysqli, $add_history_query); // Add to Email Body Invoice Portion - $email_body_invoices .= "
        Invoice $invoice_prefix$invoice_number - Outstanding Amount: " . numfmt_format_currency($currency_format, $invoice_balance, $currency_code) . " - Payment Applied: " . numfmt_format_currency($currency_format, $payment_amount, $currency_code) . " - New Balance: " . numfmt_format_currency($currency_format, $remaining_invoice_balance, $currency_code); + $email_body_invoices .= "
        Invoice $invoice_prefix$invoice_number - Outstanding Amount: " . numfmt_format_currency($currency_format, $invoice_balance, $currency_code) . " - Payment Applied: " . numfmt_format_currency($currency_format, $payment_amount, $currency_code) . " - New Balance: " . numfmt_format_currency($currency_format, $remaining_invoice_balance, $currency_code); customAction('invoice_pay', $invoice_id); @@ -1122,10 +1122,10 @@ if (isset($_GET['email_invoice'])) { if ($invoice_status == 'Paid') { $subject = "Invoice $invoice_prefix$invoice_number Receipt"; - $body = "Hello $contact_name,

        Please click on the link below to see your invoice regarding \"$invoice_scope\" marked paid.

        Invoice Link


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + $body = "Hello $contact_name,

        Please click on the link below to see your invoice regarding \"$invoice_scope\" marked paid.

        Invoice Link


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; } else { $subject = "Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

        Please view the details of your invoice regarding \"$invoice_scope\" below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "
        Balance Due: " . numfmt_format_currency($currency_format, $balance, $invoice_currency_code) . "
        Due Date: $invoice_due


        To view your invoice, please click here.


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + $body = "Hello $contact_name,

        Please view the details of your invoice regarding \"$invoice_scope\" below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "
        Balance Due: " . numfmt_format_currency($currency_format, $balance, $invoice_currency_code) . "
        Due Date: $invoice_due


        To view your invoice, please click here.


        --
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; } // Queue Mail @@ -1364,7 +1364,7 @@ if (isset($_GET['force_recurring'])) { // Email to client $subject = "Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

        An invoice regarding \"$invoice_scope\" has been generated. Please view the details below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: $$invoice_amount
        Due Date: $invoice_due


        To view your invoice, please click here.


        --
        $company_name - Billing
        $company_phone"; + $body = "Hello $contact_name,

        An invoice regarding \"$invoice_scope\" has been generated. Please view the details below.

        Invoice: $invoice_prefix$invoice_number
        Issue Date: $invoice_date
        Total: $$invoice_amount
        Due Date: $invoice_due


        To view your invoice, please click here.


        --
        $company_name - Billing
        $company_phone"; $data = [ diff --git a/post/user/quote.php b/post/user/quote.php index 6251d44d..ac9b05ac 100644 --- a/post/user/quote.php +++ b/post/user/quote.php @@ -489,7 +489,7 @@ if (isset($_GET['email_quote'])) { $config_base_url = sanitizeInput($config_base_url); $subject = "Quote [$quote_scope]"; - $body = "Hello $contact_name,

        Thank you for your inquiry, we are pleased to provide you with the following estimate.


        $quote_scope
        Total Cost: " . numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code) . "


        View and accept your estimate online here


        --
        $company_name - Sales
        $config_quote_from_email
        $company_phone"; + $body = "Hello $contact_name,

        Thank you for your inquiry, we are pleased to provide you with the following estimate.


        $quote_scope
        Total Cost: " . numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code) . "


        View and accept your estimate online here


        --
        $company_name - Sales
        $config_quote_from_email
        $company_phone"; // Queue Mail $data = [ diff --git a/post/user/ticket.php b/post/user/ticket.php index 8fa974e2..c53668d5 100644 --- a/post/user/ticket.php +++ b/post/user/ticket.php @@ -115,7 +115,7 @@ if (isset($_POST['add_ticket'])) { // EMAILING $subject = "Ticket created [$ticket_prefix$ticket_number] - $ticket_subject"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        A ticket regarding \"$ticket_subject\" has been created for you.

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: Open
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        A ticket regarding \"$ticket_subject\" has been created for you.

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: Open
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; // Verify contact email is valid if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { @@ -221,7 +221,7 @@ if (isset($_POST['edit_ticket'])) { $data = []; // Queue array $subject = "Ticket Created - [$ticket_prefix$ticket_number] - $ticket_subject"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        A ticket regarding \"$ticket_subject\" has been created for you.

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        A ticket regarding \"$ticket_subject\" has been created for you.

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; // Only add contact to email queue if email is valid @@ -343,7 +343,7 @@ if (isset($_POST['edit_ticket_contact'])) { $data = []; // Queue array $subject = "Ticket Created - [$ticket_prefix$ticket_number] - $ticket_subject"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        A ticket regarding \"$ticket_subject\" has been created for you.

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        A ticket regarding \"$ticket_subject\" has been created for you.

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; $data[] = [ 'from' => $config_ticket_from_email, @@ -417,7 +417,7 @@ if (isset($_POST['add_ticket_watcher'])) { $data = []; // Queue array $subject = "Ticket Notification - [$ticket_prefix$ticket_number] - $ticket_subject"; - $body = "##- Please type your reply above this line -##

        Hello,

        You have been added as a collaborator on this ticket regarding \"$ticket_subject\".

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Guest link: https://$config_base_url/guest_view_ticket.php?ticket_id=$ticket_id&url_key=$url_key

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello,

        You have been added as a collaborator on this ticket regarding \"$ticket_subject\".

        --------------------------------
        $ticket_details--------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Guest link: https://$config_base_url/guest/guest_view_ticket.php?ticket_id=$ticket_id&url_key=$url_key

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; // Only add watcher to email queue if email is valid if (filter_var($watcher_email, FILTER_VALIDATE_EMAIL)) { @@ -961,7 +961,7 @@ if (isset($_POST['bulk_resolve_tickets'])) { // EMAIL $subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding \"$ticket_subject\" has been marked as solved and is pending closure.

        $details

        If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or re-open to let us know!

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Portal: https://$base_url/portal/ticket.php?id=$ticket_id

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding \"$ticket_subject\" has been marked as solved and is pending closure.

        $details

        If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or re-open to let us know!

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Portal: https://$base_url/portal/ticket.php?id=$ticket_id

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; // Check email valid if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { @@ -1101,7 +1101,7 @@ if (isset($_POST['bulk_ticket_reply'])) { if ($private_note == 0 && !empty($config_smtp_host)) { $subject = "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been updated.

        --------------------------------
        $ticket_reply
        --------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status_name
        Portal: View ticket

        --
        $company_name - Support
        $from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been updated.

        --------------------------------
        $ticket_reply
        --------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status_name
        Portal: View ticket

        --
        $company_name - Support
        $from_email
        $company_phone"; if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { @@ -1413,11 +1413,11 @@ if (isset($_POST['add_ticket_reply'])) { if ($ticket_status == 4) { // Resolved $subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been marked as solved and is pending closure.

        --------------------------------
        $ticket_reply
        --------------------------------

        If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or re-open to let us know!

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status_name
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been marked as solved and is pending closure.

        --------------------------------
        $ticket_reply
        --------------------------------

        If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or re-open to let us know!

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status_name
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; } else { // Anything else $subject = "Ticket update - [$ticket_prefix$ticket_number] - $ticket_subject"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been updated.

        --------------------------------
        $ticket_reply
        --------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status_name
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been updated.

        --------------------------------
        $ticket_reply
        --------------------------------

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status_name
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; } if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { @@ -1664,7 +1664,7 @@ if (isset($_GET['resolve_ticket'])) { // EMAIL $subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been marked as solved and is pending closure.

        If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or re-open to let us know!

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Your ticket regarding $ticket_subject has been marked as solved and is pending closure.

        If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or re-open to let us know!

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Status: $ticket_status
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; // Check email valid if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { @@ -1758,7 +1758,7 @@ if (isset($_GET['close_ticket'])) { // EMAIL $subject = "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)"; //$body = "Hello $contact_name,

        Your ticket regarding \"$ticket_subject\" has been closed.

        We hope the request/issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email.

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; - $body = "Hello $contact_name,

        Your ticket regarding \"$ticket_subject\" has been closed.

        We hope the request/issue was resolved to your satisfaction, please provide your feedback here.
        If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email.

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "Hello $contact_name,

        Your ticket regarding \"$ticket_subject\" has been closed.

        We hope the request/issue was resolved to your satisfaction, please provide your feedback here.
        If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email.

        Ticket: $ticket_prefix$ticket_number
        Subject: $ticket_subject
        Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; // Check email valid if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { diff --git a/quote.php b/quote.php index fd3b22b8..edb096c6 100644 --- a/quote.php +++ b/quote.php @@ -191,7 +191,7 @@ if (isset($_GET['quote_id'])) { Send Email - "> + "> Guest URL = 3) { ?> From ae7b7d1157c453164c5455a1d01fa76fa3dea097 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 11 Jan 2025 16:20:40 -0500 Subject: [PATCH 068/366] Update AdminLTE CSS/JS links in client Portal's login, login_reset and header and footer --- portal/login.php | 4 ++-- portal/login_reset.php | 4 ++-- portal/portal_header.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/portal/login.php b/portal/login.php index e4ecf749..b2e05e92 100644 --- a/portal/login.php +++ b/portal/login.php @@ -125,7 +125,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { - + @@ -215,7 +215,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { - + diff --git a/portal/login_reset.php b/portal/login_reset.php index e01c304d..002f3ae3 100644 --- a/portal/login_reset.php +++ b/portal/login_reset.php @@ -193,7 +193,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { - + @@ -294,7 +294,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { - + diff --git a/portal/portal_header.php b/portal/portal_header.php index 68614c19..c26b0e16 100644 --- a/portal/portal_header.php +++ b/portal/portal_header.php @@ -27,7 +27,7 @@ header("X-Frame-Options: DENY"); // Legacy - + From 2b07b035602d2259575597e0fde63de14140fe16 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sat, 11 Jan 2025 21:46:34 +0000 Subject: [PATCH 069/366] Update URLs for guest being in subdir --- guest/guest_pay_invoice_stripe.php | 6 +++--- scripts/cron_ticket_email_parser.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/guest/guest_pay_invoice_stripe.php b/guest/guest_pay_invoice_stripe.php index 019c670f..c9ca5478 100644 --- a/guest/guest_pay_invoice_stripe.php +++ b/guest/guest_pay_invoice_stripe.php @@ -313,7 +313,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent if (!empty($config_smtp_host)) { $subject = "Payment Received - Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

        We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "
        Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "

        Thank you for your business!


        ~
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + $body = "Hello $contact_name,

        We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "
        Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "

        Thank you for your business!


        ~
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; $data = [ [ @@ -330,7 +330,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent // Email the internal notification address too if (!empty($config_invoice_paid_notification_email)) { $subject = "Payment Received - $client_name - Invoice $invoice_prefix$invoice_number"; - $body = "Hello,

        This is a notification that an invoice has been paid in ITFlow. Below is a copy of the receipt sent to the client:-

        --------

        Hello $contact_name,

        We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "
        Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "

        Thank you for your business!


        ~
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; + $body = "Hello,

        This is a notification that an invoice has been paid in ITFlow. Below is a copy of the receipt sent to the client:-

        --------

        Hello $contact_name,

        We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

        Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "
        Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "

        Thank you for your business!


        ~
        $company_name - Billing
        $config_invoice_from_email
        $company_phone"; $data[] = [ 'from' => $config_invoice_from_email, @@ -350,7 +350,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent } // Redirect user to invoice - header('Location: //' . $config_base_url . '/guest_view_invoice.php?invoice_id=' . $pi_invoice_id . '&url_key=' . $invoice_url_key); + header('Location: //' . $config_base_url . '/guest/guest_view_invoice.php?invoice_id=' . $pi_invoice_id . '&url_key=' . $invoice_url_key); } else { exit(WORDING_PAYMENT_FAILED); diff --git a/scripts/cron_ticket_email_parser.php b/scripts/cron_ticket_email_parser.php index c73679d5..146305b0 100644 --- a/scripts/cron_ticket_email_parser.php +++ b/scripts/cron_ticket_email_parser.php @@ -155,7 +155,7 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date $data = []; if ($config_ticket_client_general_notifications == 1) { $subject_email = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"; - $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

        Ticket: $config_ticket_prefix$ticket_number
        Subject: $subject
        Status: New
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; + $body = "##- Please type your reply above this line -##

        Hello $contact_name,

        Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

        Ticket: $config_ticket_prefix$ticket_number
        Subject: $subject
        Status: New
        Portal: View ticket

        --
        $company_name - Support
        $config_ticket_from_email
        $company_phone"; $data[] = [ 'from' => $config_ticket_from_email, 'from_name' => $config_ticket_from_name, From 731927d49c81d8c1914f8c9017e4e47497c0d6ab Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sat, 11 Jan 2025 22:08:28 +0000 Subject: [PATCH 070/366] Allow archiving roles --- post/admin/admin_role.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/post/admin/admin_role.php b/post/admin/admin_role.php index 8665c324..324f3965 100644 --- a/post/admin/admin_role.php +++ b/post/admin/admin_role.php @@ -66,6 +66,25 @@ if (isset($_GET['archive_role'])) { validateCSRFToken($_GET['csrf_token']); + $role_id = intval($_GET['archive_role']); + // Check role isn't in use + $sql_role_user_count = mysqli_query($mysqli, "SELECT COUNT(users.user_id) FROM users LEFT JOIN user_settings on users.user_id = user_settings.user_id WHERE user_role = $role_id AND user_archived_at IS NULL"); + $role_user_count = mysqli_fetch_row($sql_role_user_count)[0]; + if ($role_user_count != 0) { + $_SESSION['alert_type'] = "error"; + $_SESSION['alert_message'] = "Role must not in use to archive it"; + header("Location: " . $_SERVER["HTTP_REFERER"]); + exit(); + } + mysqli_query($mysqli, "UPDATE user_roles SET user_role_archived_at = NOW() WHERE user_role_id = $role_id"); + + // Logging + $role_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT user_role_name FROM user_roles WHERE user_role_id = $role_id LIMIT 1")); + $role_name = sanitizeInput($role_details['user_role_name']); + logAction("User Role", "Archive", "$session_name archived user role $role_name", 0, $role_id); + + $_SESSION['alert_message'] = "User Role archived"; + header("Location: " . $_SERVER["HTTP_REFERER"]); } \ No newline at end of file From 5b2b3d2821145bf48342a425d6df1e6cf1f6e0f0 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 11 Jan 2025 17:28:49 -0500 Subject: [PATCH 071/366] Add index.php in /guest to redirect to the portal --- guest/index.php | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 guest/index.php diff --git a/guest/index.php b/guest/index.php new file mode 100644 index 00000000..09eaa7a1 --- /dev/null +++ b/guest/index.php @@ -0,0 +1,3 @@ + Date: Sat, 11 Jan 2025 17:41:50 -0500 Subject: [PATCH 072/366] tidy --- portal/inc_portal.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/portal/inc_portal.php b/portal/inc_portal.php index acee6648..aa814aca 100644 --- a/portal/inc_portal.php +++ b/portal/inc_portal.php @@ -5,13 +5,8 @@ */ require_once '../config.php'; - require_once '../get_settings.php'; - require_once '../functions.php'; - require_once 'check_login.php'; - require_once 'portal_functions.php'; - require_once "portal_header.php"; From 2c6b1a83d6a998b12a8cfa271ee4fd1555a2588f Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sun, 12 Jan 2025 09:22:21 +0000 Subject: [PATCH 073/366] Fix portal confirm modal include --- portal/portal_footer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/portal/portal_footer.php b/portal/portal_footer.php index df5ec8ce..47f9df65 100644 --- a/portal/portal_footer.php +++ b/portal/portal_footer.php @@ -21,7 +21,7 @@

        - + From e7f19dc69dd231543a587f6d7ecd24c1b2be0c50 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sun, 12 Jan 2025 09:25:13 +0000 Subject: [PATCH 074/366] Fix portal invoices --- portal/invoices.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/portal/invoices.php b/portal/invoices.php index d0fe2e8f..6cd1e9b8 100644 --- a/portal/invoices.php +++ b/portal/invoices.php @@ -76,7 +76,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie ?> - "> + "> From 0cb3cdc26d59a5f51636ea6fedecd4597c462acc Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 12 Jan 2025 13:55:31 -0500 Subject: [PATCH 075/366] Moved all modals into /modals and updated all require links --- accounts.php | 4 +-- admin_api.php | 2 +- admin_category.php | 4 +-- admin_custom_link.php | 4 +-- admin_document_template.php | 8 +++--- admin_document_template_details.php | 2 +- admin_project_template.php | 4 +-- admin_project_template_details.php | 4 +-- admin_role.php | 4 +-- admin_software_template.php | 4 +-- admin_tag.php | 4 +-- admin_tax.php | 4 +-- admin_ticket_status.php | 4 +-- admin_ticket_template.php | 2 +- admin_ticket_template_details.php | 4 +-- admin_user.php | 12 ++++---- admin_vendor_template.php | 4 +-- calendar_events.php | 8 +++--- client_asset_details.php | 16 +++++------ client_assets.php | 20 ++++++------- client_certificates.php | 8 ++---- client_contact_details.php | 14 +++++----- client_document_details.php | 24 ++++++---------- client_documents.php | 16 +++++------ client_domains.php | 8 ++---- client_events.php | 8 +++--- client_files.php | 25 +++++++---------- client_invoices.php | 14 ++++------ client_logins.php | 12 ++++---- client_networks.php | 6 ++-- client_payments.php | 4 +-- client_quotes.php | 12 +++----- client_racks.php | 6 ++-- client_recurring_invoices.php | 9 ++---- client_recurring_tickets.php | 6 ++-- client_services.php | 8 +++--- client_software.php | 8 +++--- client_tickets.php | 12 ++++---- client_trips.php | 12 +++----- client_vendors.php | 8 +++--- clients.php | 8 +++--- expenses.php | 16 +++++------ includes/inc_client_top_head.php | 6 ++-- invoice.php | 14 +++++----- invoices.php | 8 +++--- .../account_add_modal.php | 0 .../account_edit_modal.php | 0 .../admin_api_key_add_modal.php | 0 .../admin_category_add_modal.php | 0 .../admin_category_edit_modal.php | 0 .../admin_custom_link_add_modal.php | 0 .../admin_custom_link_edit_modal.php | 0 .../admin_document_template_add_modal.php | 0 .../admin_document_template_edit_modal.php | 0 .../admin_project_template_add_modal.php | 0 .../admin_project_template_edit_modal.php | 0 ...ect_template_ticket_template_add_modal.php | 0 .../admin_role_add_modal.php | 0 .../admin_role_edit_modal.php | 0 .../admin_software_template_add_modal.php | 0 .../admin_software_template_edit_modal.php | 0 .../admin_tag_add_modal.php | 0 .../admin_tag_edit_modal.php | 0 .../admin_tax_add_modal.php | 0 .../admin_tax_edit_modal.php | 0 .../admin_ticket_status_add_modal.php | 0 .../admin_ticket_status_edit_modal.php | 0 .../admin_ticket_template_add_modal.php | 0 .../admin_ticket_template_edit_modal.php | 0 .../admin_user_add_modal.php | 0 .../admin_user_all_reset_password_modal.php | 0 .../admin_user_archive_modal.php | 0 .../admin_user_edit_modal.php | 0 .../admin_user_export_modal.php | 0 .../admin_user_invite_modal.php | 0 .../admin_vendor_template_add_modal.php | 0 .../admin_vendor_template_edit_modal.php | 0 .../budget_create_modal.php | 0 .../budget_edit_modal.php | 0 .../calendar_add_modal.php | 0 .../calendar_edit_modal.php | 0 .../calendar_event_add_modal.php | 0 .../calendar_event_edit_modal.php | 0 .../client_add_modal.php | 0 .../client_asset_add_modal.php | 0 .../client_asset_bulk_add_ticket_modal.php | 0 ...client_asset_bulk_assign_contact_modal.php | 0 ...lient_asset_bulk_assign_location_modal.php | 0 .../client_asset_bulk_edit_status_modal.php | 0 .../client_asset_copy_modal.php | 0 .../client_asset_documents_modal.php | 0 .../client_asset_edit_modal.php | 0 .../client_asset_export_modal.php | 0 .../client_asset_import_modal.php | 0 .../client_asset_interface_add_modal.php | 0 .../client_asset_interface_edit_modal.php | 0 .../client_asset_transfer_modal.php | 0 .../client_certificate_add_modal.php | 0 .../client_certificate_edit_modal.php | 0 .../client_certificate_export_modal.php | 0 .../client_delete_modal.php | 0 ...lient_document_add_file_relation_modal.php | 0 ...lient_document_add_from_template_modal.php | 0 .../client_document_add_modal.php | 0 .../client_document_bulk_move_modal.php | 0 .../client_document_edit_modal.php | 0 .../client_document_link_asset_modal.php | 0 .../client_document_link_contact_modal.php | 0 .../client_document_link_file_modal.php | 0 .../client_document_link_software_modal.php | 0 .../client_document_link_vendor_modal.php | 0 .../client_document_move_modal.php | 0 .../client_document_rename_modal.php | 0 .../client_document_view_modal.php | 0 .../client_domain_add_modal.php | 0 .../client_domain_edit_modal.php | 0 .../client_domain_export_modal.php | 0 .../client_download_pdf_modal.php | 0 .../client_edit_modal.php | 0 .../client_export_modal.php | 0 .../client_file_bulk_move_modal.php | 0 .../client_file_delete_modal.php | 0 .../client_file_link_asset_modal.php | 0 .../client_file_move_modal.php | 0 .../client_file_rename_modal.php | 0 .../client_file_upload_modal.php | 0 .../client_file_view_modal.php | 0 .../client_import_modal.php | 0 .../client_invoice_export_modal.php | 0 .../client_login_add_modal.php | 0 .../client_login_bulk_assign_tags_modal.php | 0 .../client_login_edit_modal.php | 0 .../client_login_export_modal.php | 0 .../client_login_import_modal.php | 0 .../client_network_add_modal.php | 0 .../client_network_edit_modal.php | 0 .../client_network_export_modal.php | 0 .../client_payment_export_modal.php | 0 .../client_quote_export_modal.php | 0 .../client_rack_add_modal.php | 0 .../client_rack_edit_modal.php | 0 .../client_rack_unit_add_modal.php | 0 .../client_recurring_export_modal.php | 0 .../client_service_add_modal.php | 0 .../client_service_edit_modal.php | 0 .../client_service_view_modal.php | 0 ...lient_software_add_from_template_modal.php | 0 .../client_software_add_modal.php | 0 .../client_software_edit_modal.php | 0 .../client_software_export_modal.php | 0 .../client_ticket_export_modal.php | 0 .../client_trip_export_modal.php | 0 .../client_vendor_export_modal.php | 0 .../custom_field_create_modal.php | 0 .../custom_field_edit_modal.php | 0 .../document_edit_visibility_modal.php | 0 .../expense_add_modal.php | 0 .../expense_bulk_edit_account_modal.php | 0 .../expense_bulk_edit_category_modal.php | 0 .../expense_bulk_edit_client_modal.php | 0 .../expense_copy_modal.php | 0 .../expense_edit_modal.php | 0 .../expense_export_modal.php | 0 .../expense_refund_modal.php | 0 .../folder_create_modal.php | 0 .../folder_rename_modal.php | 0 .../invoice_add_modal.php | 0 .../invoice_add_ticket_modal.php | 0 .../invoice_copy_modal.php | 0 .../invoice_edit_modal.php | 0 .../invoice_export_modal.php | 0 .../invoice_note_modal.php | 0 .../invoice_payment_add_bulk_modal.php | 0 .../invoice_payment_add_modal.php | 0 .../invoice_recurring_add_modal.php | 0 .../item_edit_modal.php | 0 .../product_add_modal.php | 0 .../product_bulk_edit_category_modal.php | 0 .../product_edit_modal.php | 0 .../product_export_modal.php | 0 .../project_add_modal.php | 0 .../project_edit_modal.php | 0 .../project_ticket_add_modal.php | 0 .../quote_add_modal.php | 0 .../quote_copy_modal.php | 0 .../quote_edit_modal.php | 0 .../quote_note_modal.php | 0 .../quote_to_invoice_modal.php | 0 .../recurring_expense_create_modal.php | 0 .../recurring_expense_edit_modal.php | 0 .../recurring_invoice_add_modal.php | 0 .../recurring_invoice_edit_modal.php | 0 .../recurring_invoice_note_modal.php | 0 .../recurring_payment_add_modal.php | 0 .../recurring_ticket_add_modal.php | 0 .../recurring_ticket_edit_modal.php | 0 .../revenue_add_modal.php | 0 .../revenue_edit_modal.php | 0 share_modal.php => modals/share_modal.php | 0 .../task_edit_modal.php | 0 .../ticket_add_modal.php | 0 .../ticket_add_watcher_modal.php | 0 .../ticket_assign_modal.php | 0 .../ticket_bulk_add_project_modal.php | 0 .../ticket_bulk_assign_modal.php | 0 .../ticket_bulk_edit_priority_modal.php | 0 .../ticket_bulk_merge_modal.php | 0 .../ticket_bulk_reply_modal.php | 0 .../ticket_bulk_resolve_modal.php | 0 .../ticket_change_client_modal.php | 0 .../ticket_edit_asset_modal.php | 0 .../ticket_edit_billable_modal.php | 0 .../ticket_edit_contact_modal.php | 0 .../ticket_edit_modal.php | 0 .../ticket_edit_priority_modal.php | 0 .../ticket_edit_schedule_modal.php | 0 .../ticket_edit_vendor_modal.php | 0 .../ticket_invoice_add_modal.php | 0 .../ticket_merge_modal.php | 0 .../ticket_reply_edit_modal.php | 0 .../top_nav_tickets_modal.php | 0 .../transfer_add_modal.php | 0 .../transfer_edit_modal.php | 0 .../trip_add_modal.php | 0 .../trip_copy_modal.php | 0 .../trip_edit_modal.php | 0 .../trip_export_modal.php | 0 .../vendor_add_from_template_modal.php | 0 .../vendor_add_modal.php | 0 .../vendor_contact_add_modal.php | 0 .../vendor_contact_edit_modal.php | 0 .../vendor_edit_modal.php | 0 products.php | 8 +++--- project_details.php | 4 +-- projects.php | 4 +-- quote.php | 10 +++---- quotes.php | 6 ++-- recurring_expenses.php | 4 +-- recurring_invoice.php | 8 +++--- recurring_invoices.php | 6 ++-- recurring_tickets.php | 6 ++-- report_assets.php | 6 ++-- revenues.php | 4 +-- ticket.php | 28 +++++++++---------- tickets.php | 20 ++++++------- transfers.php | 4 +-- trips.php | 8 +++--- vendors.php | 4 +-- 248 files changed, 243 insertions(+), 277 deletions(-) rename account_add_modal.php => modals/account_add_modal.php (100%) rename account_edit_modal.php => modals/account_edit_modal.php (100%) rename admin_api_key_add_modal.php => modals/admin_api_key_add_modal.php (100%) rename admin_category_add_modal.php => modals/admin_category_add_modal.php (100%) rename admin_category_edit_modal.php => modals/admin_category_edit_modal.php (100%) rename admin_custom_link_add_modal.php => modals/admin_custom_link_add_modal.php (100%) rename admin_custom_link_edit_modal.php => modals/admin_custom_link_edit_modal.php (100%) rename admin_document_template_add_modal.php => modals/admin_document_template_add_modal.php (100%) rename admin_document_template_edit_modal.php => modals/admin_document_template_edit_modal.php (100%) rename admin_project_template_add_modal.php => modals/admin_project_template_add_modal.php (100%) rename admin_project_template_edit_modal.php => modals/admin_project_template_edit_modal.php (100%) rename admin_project_template_ticket_template_add_modal.php => modals/admin_project_template_ticket_template_add_modal.php (100%) rename admin_role_add_modal.php => modals/admin_role_add_modal.php (100%) rename admin_role_edit_modal.php => modals/admin_role_edit_modal.php (100%) rename admin_software_template_add_modal.php => modals/admin_software_template_add_modal.php (100%) rename admin_software_template_edit_modal.php => modals/admin_software_template_edit_modal.php (100%) rename admin_tag_add_modal.php => modals/admin_tag_add_modal.php (100%) rename admin_tag_edit_modal.php => modals/admin_tag_edit_modal.php (100%) rename admin_tax_add_modal.php => modals/admin_tax_add_modal.php (100%) rename admin_tax_edit_modal.php => modals/admin_tax_edit_modal.php (100%) rename admin_ticket_status_add_modal.php => modals/admin_ticket_status_add_modal.php (100%) rename admin_ticket_status_edit_modal.php => modals/admin_ticket_status_edit_modal.php (100%) rename admin_ticket_template_add_modal.php => modals/admin_ticket_template_add_modal.php (100%) rename admin_ticket_template_edit_modal.php => modals/admin_ticket_template_edit_modal.php (100%) rename admin_user_add_modal.php => modals/admin_user_add_modal.php (100%) rename admin_user_all_reset_password_modal.php => modals/admin_user_all_reset_password_modal.php (100%) rename admin_user_archive_modal.php => modals/admin_user_archive_modal.php (100%) rename admin_user_edit_modal.php => modals/admin_user_edit_modal.php (100%) rename admin_user_export_modal.php => modals/admin_user_export_modal.php (100%) rename admin_user_invite_modal.php => modals/admin_user_invite_modal.php (100%) rename admin_vendor_template_add_modal.php => modals/admin_vendor_template_add_modal.php (100%) rename admin_vendor_template_edit_modal.php => modals/admin_vendor_template_edit_modal.php (100%) rename budget_create_modal.php => modals/budget_create_modal.php (100%) rename budget_edit_modal.php => modals/budget_edit_modal.php (100%) rename calendar_add_modal.php => modals/calendar_add_modal.php (100%) rename calendar_edit_modal.php => modals/calendar_edit_modal.php (100%) rename calendar_event_add_modal.php => modals/calendar_event_add_modal.php (100%) rename calendar_event_edit_modal.php => modals/calendar_event_edit_modal.php (100%) rename client_add_modal.php => modals/client_add_modal.php (100%) rename client_asset_add_modal.php => modals/client_asset_add_modal.php (100%) rename client_asset_bulk_add_ticket_modal.php => modals/client_asset_bulk_add_ticket_modal.php (100%) rename client_asset_bulk_assign_contact_modal.php => modals/client_asset_bulk_assign_contact_modal.php (100%) rename client_asset_bulk_assign_location_modal.php => modals/client_asset_bulk_assign_location_modal.php (100%) rename client_asset_bulk_edit_status_modal.php => modals/client_asset_bulk_edit_status_modal.php (100%) rename client_asset_copy_modal.php => modals/client_asset_copy_modal.php (100%) rename client_asset_documents_modal.php => modals/client_asset_documents_modal.php (100%) rename client_asset_edit_modal.php => modals/client_asset_edit_modal.php (100%) rename client_asset_export_modal.php => modals/client_asset_export_modal.php (100%) rename client_asset_import_modal.php => modals/client_asset_import_modal.php (100%) rename client_asset_interface_add_modal.php => modals/client_asset_interface_add_modal.php (100%) rename client_asset_interface_edit_modal.php => modals/client_asset_interface_edit_modal.php (100%) rename client_asset_transfer_modal.php => modals/client_asset_transfer_modal.php (100%) rename client_certificate_add_modal.php => modals/client_certificate_add_modal.php (100%) rename client_certificate_edit_modal.php => modals/client_certificate_edit_modal.php (100%) rename client_certificate_export_modal.php => modals/client_certificate_export_modal.php (100%) rename client_delete_modal.php => modals/client_delete_modal.php (100%) rename client_document_add_file_relation_modal.php => modals/client_document_add_file_relation_modal.php (100%) rename client_document_add_from_template_modal.php => modals/client_document_add_from_template_modal.php (100%) rename client_document_add_modal.php => modals/client_document_add_modal.php (100%) rename client_document_bulk_move_modal.php => modals/client_document_bulk_move_modal.php (100%) rename client_document_edit_modal.php => modals/client_document_edit_modal.php (100%) rename client_document_link_asset_modal.php => modals/client_document_link_asset_modal.php (100%) rename client_document_link_contact_modal.php => modals/client_document_link_contact_modal.php (100%) rename client_document_link_file_modal.php => modals/client_document_link_file_modal.php (100%) rename client_document_link_software_modal.php => modals/client_document_link_software_modal.php (100%) rename client_document_link_vendor_modal.php => modals/client_document_link_vendor_modal.php (100%) rename client_document_move_modal.php => modals/client_document_move_modal.php (100%) rename client_document_rename_modal.php => modals/client_document_rename_modal.php (100%) rename client_document_view_modal.php => modals/client_document_view_modal.php (100%) rename client_domain_add_modal.php => modals/client_domain_add_modal.php (100%) rename client_domain_edit_modal.php => modals/client_domain_edit_modal.php (100%) rename client_domain_export_modal.php => modals/client_domain_export_modal.php (100%) rename client_download_pdf_modal.php => modals/client_download_pdf_modal.php (100%) rename client_edit_modal.php => modals/client_edit_modal.php (100%) rename client_export_modal.php => modals/client_export_modal.php (100%) rename client_file_bulk_move_modal.php => modals/client_file_bulk_move_modal.php (100%) rename client_file_delete_modal.php => modals/client_file_delete_modal.php (100%) rename client_file_link_asset_modal.php => modals/client_file_link_asset_modal.php (100%) rename client_file_move_modal.php => modals/client_file_move_modal.php (100%) rename client_file_rename_modal.php => modals/client_file_rename_modal.php (100%) rename client_file_upload_modal.php => modals/client_file_upload_modal.php (100%) rename client_file_view_modal.php => modals/client_file_view_modal.php (100%) rename client_import_modal.php => modals/client_import_modal.php (100%) rename client_invoice_export_modal.php => modals/client_invoice_export_modal.php (100%) rename client_login_add_modal.php => modals/client_login_add_modal.php (100%) rename client_login_bulk_assign_tags_modal.php => modals/client_login_bulk_assign_tags_modal.php (100%) rename client_login_edit_modal.php => modals/client_login_edit_modal.php (100%) rename client_login_export_modal.php => modals/client_login_export_modal.php (100%) rename client_login_import_modal.php => modals/client_login_import_modal.php (100%) rename client_network_add_modal.php => modals/client_network_add_modal.php (100%) rename client_network_edit_modal.php => modals/client_network_edit_modal.php (100%) rename client_network_export_modal.php => modals/client_network_export_modal.php (100%) rename client_payment_export_modal.php => modals/client_payment_export_modal.php (100%) rename client_quote_export_modal.php => modals/client_quote_export_modal.php (100%) rename client_rack_add_modal.php => modals/client_rack_add_modal.php (100%) rename client_rack_edit_modal.php => modals/client_rack_edit_modal.php (100%) rename client_rack_unit_add_modal.php => modals/client_rack_unit_add_modal.php (100%) rename client_recurring_export_modal.php => modals/client_recurring_export_modal.php (100%) rename client_service_add_modal.php => modals/client_service_add_modal.php (100%) rename client_service_edit_modal.php => modals/client_service_edit_modal.php (100%) rename client_service_view_modal.php => modals/client_service_view_modal.php (100%) rename client_software_add_from_template_modal.php => modals/client_software_add_from_template_modal.php (100%) rename client_software_add_modal.php => modals/client_software_add_modal.php (100%) rename client_software_edit_modal.php => modals/client_software_edit_modal.php (100%) rename client_software_export_modal.php => modals/client_software_export_modal.php (100%) rename client_ticket_export_modal.php => modals/client_ticket_export_modal.php (100%) rename client_trip_export_modal.php => modals/client_trip_export_modal.php (100%) rename client_vendor_export_modal.php => modals/client_vendor_export_modal.php (100%) rename custom_field_create_modal.php => modals/custom_field_create_modal.php (100%) rename custom_field_edit_modal.php => modals/custom_field_edit_modal.php (100%) rename document_edit_visibility_modal.php => modals/document_edit_visibility_modal.php (100%) rename expense_add_modal.php => modals/expense_add_modal.php (100%) rename expense_bulk_edit_account_modal.php => modals/expense_bulk_edit_account_modal.php (100%) rename expense_bulk_edit_category_modal.php => modals/expense_bulk_edit_category_modal.php (100%) rename expense_bulk_edit_client_modal.php => modals/expense_bulk_edit_client_modal.php (100%) rename expense_copy_modal.php => modals/expense_copy_modal.php (100%) rename expense_edit_modal.php => modals/expense_edit_modal.php (100%) rename expense_export_modal.php => modals/expense_export_modal.php (100%) rename expense_refund_modal.php => modals/expense_refund_modal.php (100%) rename folder_create_modal.php => modals/folder_create_modal.php (100%) rename folder_rename_modal.php => modals/folder_rename_modal.php (100%) rename invoice_add_modal.php => modals/invoice_add_modal.php (100%) rename invoice_add_ticket_modal.php => modals/invoice_add_ticket_modal.php (100%) rename invoice_copy_modal.php => modals/invoice_copy_modal.php (100%) rename invoice_edit_modal.php => modals/invoice_edit_modal.php (100%) rename invoice_export_modal.php => modals/invoice_export_modal.php (100%) rename invoice_note_modal.php => modals/invoice_note_modal.php (100%) rename invoice_payment_add_bulk_modal.php => modals/invoice_payment_add_bulk_modal.php (100%) rename invoice_payment_add_modal.php => modals/invoice_payment_add_modal.php (100%) rename invoice_recurring_add_modal.php => modals/invoice_recurring_add_modal.php (100%) rename item_edit_modal.php => modals/item_edit_modal.php (100%) rename product_add_modal.php => modals/product_add_modal.php (100%) rename product_bulk_edit_category_modal.php => modals/product_bulk_edit_category_modal.php (100%) rename product_edit_modal.php => modals/product_edit_modal.php (100%) rename product_export_modal.php => modals/product_export_modal.php (100%) rename project_add_modal.php => modals/project_add_modal.php (100%) rename project_edit_modal.php => modals/project_edit_modal.php (100%) rename project_ticket_add_modal.php => modals/project_ticket_add_modal.php (100%) rename quote_add_modal.php => modals/quote_add_modal.php (100%) rename quote_copy_modal.php => modals/quote_copy_modal.php (100%) rename quote_edit_modal.php => modals/quote_edit_modal.php (100%) rename quote_note_modal.php => modals/quote_note_modal.php (100%) rename quote_to_invoice_modal.php => modals/quote_to_invoice_modal.php (100%) rename recurring_expense_create_modal.php => modals/recurring_expense_create_modal.php (100%) rename recurring_expense_edit_modal.php => modals/recurring_expense_edit_modal.php (100%) rename recurring_invoice_add_modal.php => modals/recurring_invoice_add_modal.php (100%) rename recurring_invoice_edit_modal.php => modals/recurring_invoice_edit_modal.php (100%) rename recurring_invoice_note_modal.php => modals/recurring_invoice_note_modal.php (100%) rename recurring_payment_add_modal.php => modals/recurring_payment_add_modal.php (100%) rename recurring_ticket_add_modal.php => modals/recurring_ticket_add_modal.php (100%) rename recurring_ticket_edit_modal.php => modals/recurring_ticket_edit_modal.php (100%) rename revenue_add_modal.php => modals/revenue_add_modal.php (100%) rename revenue_edit_modal.php => modals/revenue_edit_modal.php (100%) rename share_modal.php => modals/share_modal.php (100%) rename task_edit_modal.php => modals/task_edit_modal.php (100%) rename ticket_add_modal.php => modals/ticket_add_modal.php (100%) rename ticket_add_watcher_modal.php => modals/ticket_add_watcher_modal.php (100%) rename ticket_assign_modal.php => modals/ticket_assign_modal.php (100%) rename ticket_bulk_add_project_modal.php => modals/ticket_bulk_add_project_modal.php (100%) rename ticket_bulk_assign_modal.php => modals/ticket_bulk_assign_modal.php (100%) rename ticket_bulk_edit_priority_modal.php => modals/ticket_bulk_edit_priority_modal.php (100%) rename ticket_bulk_merge_modal.php => modals/ticket_bulk_merge_modal.php (100%) rename ticket_bulk_reply_modal.php => modals/ticket_bulk_reply_modal.php (100%) rename ticket_bulk_resolve_modal.php => modals/ticket_bulk_resolve_modal.php (100%) rename ticket_change_client_modal.php => modals/ticket_change_client_modal.php (100%) rename ticket_edit_asset_modal.php => modals/ticket_edit_asset_modal.php (100%) rename ticket_edit_billable_modal.php => modals/ticket_edit_billable_modal.php (100%) rename ticket_edit_contact_modal.php => modals/ticket_edit_contact_modal.php (100%) rename ticket_edit_modal.php => modals/ticket_edit_modal.php (100%) rename ticket_edit_priority_modal.php => modals/ticket_edit_priority_modal.php (100%) rename ticket_edit_schedule_modal.php => modals/ticket_edit_schedule_modal.php (100%) rename ticket_edit_vendor_modal.php => modals/ticket_edit_vendor_modal.php (100%) rename ticket_invoice_add_modal.php => modals/ticket_invoice_add_modal.php (100%) rename ticket_merge_modal.php => modals/ticket_merge_modal.php (100%) rename ticket_reply_edit_modal.php => modals/ticket_reply_edit_modal.php (100%) rename top_nav_tickets_modal.php => modals/top_nav_tickets_modal.php (100%) rename transfer_add_modal.php => modals/transfer_add_modal.php (100%) rename transfer_edit_modal.php => modals/transfer_edit_modal.php (100%) rename trip_add_modal.php => modals/trip_add_modal.php (100%) rename trip_copy_modal.php => modals/trip_copy_modal.php (100%) rename trip_edit_modal.php => modals/trip_edit_modal.php (100%) rename trip_export_modal.php => modals/trip_export_modal.php (100%) rename vendor_add_from_template_modal.php => modals/vendor_add_from_template_modal.php (100%) rename vendor_add_modal.php => modals/vendor_add_modal.php (100%) rename vendor_contact_add_modal.php => modals/vendor_contact_add_modal.php (100%) rename vendor_contact_edit_modal.php => modals/vendor_contact_edit_modal.php (100%) rename vendor_edit_modal.php => modals/vendor_edit_modal.php (100%) diff --git a/accounts.php b/accounts.php index 0488c624..f5f972da 100644 --- a/accounts.php +++ b/accounts.php @@ -109,7 +109,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -122,5 +122,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
      - + - - + + diff --git a/client_contact_details.php b/client_contact_details.php index 36e97042..7efbbb8d 100644 --- a/client_contact_details.php +++ b/client_contact_details.php @@ -414,9 +414,9 @@ if (isset($_GET['contact_id'])) { @@ -1126,7 +1126,7 @@ if (isset($_GET['contact_id'])) { diff --git a/client_documents.php b/client_documents.php index 12becd84..d5e30d26 100644 --- a/client_documents.php +++ b/client_documents.php @@ -268,7 +268,7 @@ while ($folder_id > 0) { echo ''; // Include the rename and create subfolder modals - require "folder_rename_modal.php"; + require "modals/folder_rename_modal.php"; if ($subfolder_count > 0) { // Display subfolders @@ -285,7 +285,7 @@ while ($folder_id > 0) { display_folders(0, $client_id); ?> - +
      @@ -447,9 +447,9 @@ while ($folder_id > 0) { 0) {
      - + @@ -472,10 +472,10 @@ while ($folder_id > 0) { diff --git a/client_events.php b/client_events.php index afbd4be9..a68c0558 100644 --- a/client_events.php +++ b/client_events.php @@ -21,9 +21,9 @@ if (isset($_GET['calendar_id'])) { 0) { echo ''; // Include the rename and create subfolder modals - require "folder_rename_modal.php"; + require "modals/folder_rename_modal.php"; if ($subfolder_count > 0) { // Display subfolders @@ -230,7 +230,7 @@ while ($folder_id > 0) { display_folders(0, $client_id); ?> - + @@ -386,7 +386,7 @@ while ($folder_id > 0) { @@ -583,11 +583,9 @@ while ($folder_id > 0) { @@ -595,7 +593,7 @@ while ($folder_id > 0) { - + @@ -634,10 +632,7 @@ function prevFile() { @@ -219,10 +218,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -404,7 +404,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - + @@ -421,12 +421,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/client_payments.php b/client_payments.php index 5bd569b9..305c1224 100644 --- a/client_payments.php +++ b/client_payments.php @@ -150,7 +150,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - - + + @@ -241,6 +241,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/client_recurring_invoices.php b/client_recurring_invoices.php index 281158ee..8b8da97f 100644 --- a/client_recurring_invoices.php +++ b/client_recurring_invoices.php @@ -161,7 +161,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Create "; - require "recurring_payment_add_modal.php"; + require "modals/recurring_payment_add_modal.php"; } ?> @@ -217,9 +217,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -176,9 +176,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -267,11 +267,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -484,11 +484,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - - - + + + @@ -373,7 +373,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -660,17 +660,17 @@ if (isset($_GET['invoice_id'])) { - + @@ -268,7 +268,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); "> Create AutoPay - + @@ -314,7 +314,7 @@ if (isset($_GET['recurring_id'])) { "; - require "recurring_payment_add_modal.php"; + require "modals/recurring_payment_add_modal.php"; } ?> @@ -232,7 +232,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - @@ -205,8 +205,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - + diff --git a/revenues.php b/revenues.php index 2d966c00..367a6709 100644 --- a/revenues.php +++ b/revenues.php @@ -165,7 +165,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -185,6 +185,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -961,7 +961,7 @@ if (isset($_GET['ticket_id'])) { @@ -1154,30 +1154,30 @@ if (isset($_GET['ticket_id'])) { = 2 && empty($ticket_closed_at)) { - require_once "ticket_edit_modal.php"; + require_once "modals/ticket_edit_modal.php"; - require_once "ticket_assign_modal.php"; + require_once "modals/ticket_assign_modal.php"; - require_once "ticket_edit_contact_modal.php"; + require_once "modals/ticket_edit_contact_modal.php"; - require_once "ticket_edit_asset_modal.php"; + require_once "modals/ticket_edit_asset_modal.php"; - require_once "ticket_edit_vendor_modal.php"; + require_once "modals/ticket_edit_vendor_modal.php"; - require_once "ticket_add_watcher_modal.php"; + require_once "modals/ticket_add_watcher_modal.php"; - require_once "ticket_edit_priority_modal.php"; + require_once "modals/ticket_edit_priority_modal.php"; - require_once "ticket_change_client_modal.php"; + require_once "modals/ticket_change_client_modal.php"; - require_once "ticket_edit_schedule_modal.php"; + require_once "modals/ticket_edit_schedule_modal.php"; - require_once "ticket_merge_modal.php"; + require_once "modals/ticket_merge_modal.php"; } if (lookupUserPermission("module_support") >= 2 && lookupUserPermission("module_sales") >= 2 && $config_module_enable_accounting) { - require_once "ticket_edit_billable_modal.php"; - require_once "ticket_invoice_add_modal.php"; + require_once "modals/ticket_edit_billable_modal.php"; + require_once "modals/ticket_invoice_add_modal.php"; } } } diff --git a/tickets.php b/tickets.php index 11be89c3..43e93ebc 100644 --- a/tickets.php +++ b/tickets.php @@ -559,12 +559,12 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']); // Edit actions, for open tickets if (empty($ticket_closed_at)) { - require "ticket_assign_modal.php"; + require "modals/ticket_assign_modal.php"; - require "ticket_edit_priority_modal.php"; + require "modals/ticket_edit_priority_modal.php"; if ($config_module_enable_accounting) { - require "ticket_edit_billable_modal.php"; + require "modals/ticket_edit_billable_modal.php"; } } } @@ -574,12 +574,12 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']); - - - - - - + + + + + + @@ -588,6 +588,6 @@ $user_active_assigned_tickets = intval($row['total_tickets_assigned']); Date: Sun, 12 Jan 2025 20:56:38 +0000 Subject: [PATCH 076/366] Initial add Stripe Auto-payment with saved card --- database_updates.php | 12 +- database_version.php | 2 +- db.sql | 11 ++ js/autopay_setup_stripe.js | 23 ++++ portal/autopay.php | 126 +++++++++++++++++++ portal/portal_header.php | 41 +++--- portal/portal_post.php | 249 ++++++++++++++++++++++++++++++++++++- 7 files changed, 440 insertions(+), 24 deletions(-) create mode 100644 js/autopay_setup_stripe.js create mode 100644 portal/autopay.php diff --git a/database_updates.php b/database_updates.php index c29c68ed..6ad35610 100644 --- a/database_updates.php +++ b/database_updates.php @@ -2404,10 +2404,16 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.5'"); } - // if (CURRENT_DATABASE_VERSION == '1.7.5') { - // // Insert queries here required to update to DB version 1.7.6 + if (CURRENT_DATABASE_VERSION == '1.7.5') { + mysqli_query($mysqli, "CREATE TABLE `client_stripe` (`client_id` INT(11) NOT NULL, `stripe_id` VARCHAR(255) NOT NULL, `stripe_pm` varchar(255) NULL) ENGINE = InnoDB CHARSET=utf8mb4 COLLATE utf8mb4_unicode_ci; "); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.6'"); + } + + // if (CURRENT_DATABASE_VERSION == '1.7.6') { + // // Insert queries here required to update to DB version 1.7.7 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.6'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.7.7'"); // } } else { diff --git a/database_version.php b/database_version.php index 589a6c56..61ca815b 100644 --- a/database_version.php +++ b/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "1.7.5"); +DEFINE("LATEST_DATABASE_VERSION", "1.7.6"); diff --git a/db.sql b/db.sql index 664915d8..6001fb86 100644 --- a/db.sql +++ b/db.sql @@ -342,6 +342,17 @@ CREATE TABLE `client_notes` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; +-- +-- Table structure for table `client_stripe` +-- + +DROP TABLE IF EXISTS `client_stripe`; +CREATE TABLE IF NOT EXISTS `client_stripe` ( + `client_id` int(11) NOT NULL, + `stripe_id` varchar(255) NOT NULL, + `stripe_pm` varchar(255) NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + -- -- Table structure for table `client_tags` -- diff --git a/js/autopay_setup_stripe.js b/js/autopay_setup_stripe.js new file mode 100644 index 00000000..d0787f1b --- /dev/null +++ b/js/autopay_setup_stripe.js @@ -0,0 +1,23 @@ +// Initialize Stripe.js +const stripe = Stripe('pk_test_51OTpmkHRGkC845Mqz0zM2A1pjnnXwOyD5tyPzWnRwVthuizNjuBIjoYgMHBMLQBuegrUXQpIyX4yr1fNMo7QzCs500bBnFJgEr'); + +initialize(); + +// Fetch Checkout Session and retrieve the client secret +async function initialize() { + const fetchClientSecret = async () => { + const response = await fetch("/portal/portal_post.php?create_stripe_checkout", { + method: "POST", + }); + const { clientSecret } = await response.json(); + return clientSecret; + }; + + // Initialize Checkout + const checkout = await stripe.initEmbeddedCheckout({ + fetchClientSecret, + }); + + // Mount Checkout + checkout.mount('#checkout'); +} diff --git a/portal/autopay.php b/portal/autopay.php new file mode 100644 index 00000000..a4b92821 --- /dev/null +++ b/portal/autopay.php @@ -0,0 +1,126 @@ + + +

      AutoPay

      +
      + +
      + + + + + Save card details
      + In order to set up automatic payments, you must create a customer record in Stripe.
      + First, you must authorize Stripe to store your card details for the purpose of automatic payment. +

      + +
      +
      + +
      +
      + + +
      +
      + +
      + +
      +
      +
      + + + elseif (empty($stripe_pm)) { ?> + + Save card details
      + Please add the payment details you would like to save.
      + By adding payment details here, you grant consent for future automatic payments of invoices.

      + + + + +
      + +
      + + + + Manage saved card details + + customers->retrievePaymentMethod( + $stripe_id, + $stripe_pm, + [] + ); + + $card_name = nullable_htmlentities($payment_method->billing_details->name); + $card_brand = nullable_htmlentities($payment_method->card->display_brand); + $card_last4 = nullable_htmlentities($payment_method->card->last4); + $card_expires = nullable_htmlentities($payment_method->card->exp_month) . "/" . nullable_htmlentities($payment_method->card->exp_year); + + ?> + +
      + +
      + Actions
      + - Remove saved card + + + + +
      + +
      + + + -
    1. - " href="invoices.php">Invoices -
      2. -
    2. - " href="quotes.php">Quotes +
    3. + +
      + Invoices + Quotes + +
      4. + -
    4. - " href="documents.php">Documents -
      5. -
    5. - " href="contacts.php">Contacts -
      6. -
    6. - " href="domains.php">Domains -
      7. -
    7. - " href="certificates.php">Certificates +
    8. + +
      + Contacts + Documents + Domains + Certificates + All tickets +
      9. - + + + + + +
      + +
      + + + + 0) {
      - + Rename 0) { echo '
      '; echo ''; - // Include the rename and create subfolder modals - require "modals/folder_rename_modal.php"; - if ($subfolder_count > 0) { // Display subfolders echo '
        '; @@ -360,10 +361,18 @@ while ($folder_id > 0) { )"> Share - + Rename - + Move @@ -559,10 +568,18 @@ while ($folder_id > 0) { )"> Share - + Rename - + Move @@ -583,8 +600,6 @@ while ($folder_id > 0) { - +
        @@ -272,7 +276,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - + Edit @@ -297,8 +305,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - @@ -319,10 +325,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - + Add Device
        - + Edit @@ -333,8 +341,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - - + @@ -347,4 +354,3 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); require_once "modals/client_rack_add_modal.php"; require_once "includes/footer.php"; -?> diff --git a/client_services.php b/client_services.php index c718716e..a7958986 100644 --- a/client_services.php +++ b/client_services.php @@ -82,23 +82,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $service_updated_at = nullable_htmlentities($row['service_updated_at']); $service_review_due = nullable_htmlentities($row['service_review_due']); - // Service Importance - if ($service_importance == "High") { - $service_importance_display = "$service_importance"; - } elseif ($service_importance == "Medium") { - $service_importance_display = "$service_importance"; - } elseif ($service_importance == "Low") { - $service_importance_display = "$service_importance"; - } else { - $service_importance_display = "-"; - } - ?> - +
        @@ -120,7 +114,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - + Edit = 3) { ?> @@ -133,77 +131,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - @@ -217,6 +145,4 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - +
        @@ -194,7 +198,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - + Edit
        @@ -214,8 +222,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -231,9 +237,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - + + + + + @@ -144,10 +152,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Map it
        - + Edit - + Copy
        @@ -161,9 +177,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/client_vendors.php b/client_vendors.php index 36abb3c5..da6a1b8a 100644 --- a/client_vendors.php +++ b/client_vendors.php @@ -184,7 +184,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - +
        @@ -222,7 +226,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - + Edit @@ -250,10 +258,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + ?> @@ -268,10 +275,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); " tabindex="-1"> -
        -
        -
        -
        Editing account:
        - -
        -
        - - -
        -
        - -
        -
        - -
        - -
        -
        - -
        - - -
        - -
        -
        - - -
        -
        -
        -
        -
        diff --git a/modals/client_document_move_modal.php b/modals/client_document_move_modal.php deleted file mode 100644 index 9586c6fe..00000000 --- a/modals/client_document_move_modal.php +++ /dev/null @@ -1,95 +0,0 @@ - diff --git a/modals/client_document_rename_modal.php b/modals/client_document_rename_modal.php deleted file mode 100644 index 7a05f6b8..00000000 --- a/modals/client_document_rename_modal.php +++ /dev/null @@ -1,33 +0,0 @@ - diff --git a/modals/client_document_view_modal.php b/modals/client_document_view_modal.php deleted file mode 100644 index 758afffc..00000000 --- a/modals/client_document_view_modal.php +++ /dev/null @@ -1,15 +0,0 @@ - diff --git a/modals/client_file_move_modal.php b/modals/client_file_move_modal.php deleted file mode 100644 index d36c1da5..00000000 --- a/modals/client_file_move_modal.php +++ /dev/null @@ -1,95 +0,0 @@ - diff --git a/modals/client_file_rename_modal.php b/modals/client_file_rename_modal.php deleted file mode 100644 index ceefe30b..00000000 --- a/modals/client_file_rename_modal.php +++ /dev/null @@ -1,42 +0,0 @@ - diff --git a/modals/client_location_edit_modal.php b/modals/client_location_edit_modal.php deleted file mode 100644 index 5dab330c..00000000 --- a/modals/client_location_edit_modal.php +++ /dev/null @@ -1,238 +0,0 @@ - diff --git a/modals/client_rack_edit_modal.php b/modals/client_rack_edit_modal.php deleted file mode 100644 index 280a87e2..00000000 --- a/modals/client_rack_edit_modal.php +++ /dev/null @@ -1,158 +0,0 @@ - diff --git a/modals/client_rack_unit_add_modal.php b/modals/client_rack_unit_add_modal.php deleted file mode 100644 index acd3fd5b..00000000 --- a/modals/client_rack_unit_add_modal.php +++ /dev/null @@ -1,78 +0,0 @@ - diff --git a/modals/client_service_edit_modal.php b/modals/client_service_edit_modal.php deleted file mode 100644 index 3b0170b2..00000000 --- a/modals/client_service_edit_modal.php +++ /dev/null @@ -1,275 +0,0 @@ - diff --git a/modals/client_service_view_modal.php b/modals/client_service_view_modal.php deleted file mode 100644 index 4d8cb8e2..00000000 --- a/modals/client_service_view_modal.php +++ /dev/null @@ -1,294 +0,0 @@ - - + + + + + @@ -218,7 +226,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
        - + Edit @@ -247,9 +259,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); diff --git a/quote.php b/quote.php index 286eeffa..acbd97a4 100644 --- a/quote.php +++ b/quote.php @@ -177,7 +177,7 @@ if (isset($_GET['quote_id'])) {
        @@ -185,7 +185,7 @@ if (isset($_GET['quote_id'])) { = 2) { ?> diff --git a/ticket.php b/ticket.php index c2483b65..447c4dad 100644 --- a/ticket.php +++ b/ticket.php @@ -421,8 +421,13 @@ if (isset($_GET['ticket_id'])) { -
        - +
        + Edit @@ -1198,7 +1203,6 @@ if (isset($_GET['ticket_id'])) { = 2 && empty($ticket_closed_at)) { - require_once "modals/ticket_edit_modal.php"; require_once "modals/ticket_edit_asset_modal.php"; require_once "modals/ticket_edit_vendor_modal.php"; require_once "modals/ticket_add_watcher_modal.php"; @@ -1218,7 +1222,7 @@ require_once "includes/footer.php"; ?> -
    @@ -569,7 +581,11 @@ if (isset($_GET['asset_id'])) { - + @@ -589,7 +605,8 @@ if (isset($_GET['asset_id'])) { + data-ajax-id="" + > Edit )"> @@ -676,7 +693,15 @@ if (isset($_GET['asset_id'])) { ?> - $software_version"; ?> + + + $software_version"; ?> + + @@ -871,7 +896,15 @@ if (isset($_GET['asset_id'])) { ?> - + + + + + @@ -885,8 +918,11 @@ if (isset($_GET['asset_id'])) {
    - + Edit
    @@ -1050,11 +1086,10 @@ if (isset($_GET['asset_id'])) { 0) { + while ($row = mysqli_fetch_array($os_sql)) { + $os_arr[] = $row; + } + $json_os = json_encode($os_arr); +} + +?> + +
    +
    +
    + + All Assets + + 0) { ?> + Workstations + 0) { ?> + Servers + 0) { ?> + Virtual + 0) { ?> + Network + 0) { ?> + Other + +
    +
    +
    + +
    +
    +

    Asset Management

    +
    + = 2) { ?> +
    + + +
    + + + Import + + + 0) { ?> +
    + + Export + + +
    +
    + +
    +
    +
    +
    + + + + + +
    +
    +
    + s"> +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    +
    + +
    +
    + +
    +
    + +
    +
    +
    +
    + "> + Archived + + +
    +
    + +
    +
    +
    +
    + + +
    + + "> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + $asset_physical_location"; + } else { + $asset_physical_location_display = ""; + } + $asset_notes = nullable_htmlentities($row['asset_notes']); + $asset_created_at = nullable_htmlentities($row['asset_created_at']); + $asset_archived_at = nullable_htmlentities($row['asset_archived_at']); + $asset_vendor_id = intval($row['asset_vendor_id']); + $asset_location_id = intval($row['asset_location_id']); + $asset_contact_id = intval($row['asset_contact_id']); + $asset_network_id = intval($row['interface_network_id']); + + $device_icon = getAssetIcon($asset_type); + + $contact_name = nullable_htmlentities($row['contact_name']); + if (empty($contact_name)) { + $contact_name = "-"; + } + $contact_archived_at = nullable_htmlentities($row['contact_archived_at']); + if ($contact_archived_at) { + $contact_name_display = "
    $contact_name
    "; + } else { + $contact_name_display = $contact_name; + } + + $location_name = nullable_htmlentities($row['location_name']); + if (empty($location_name)) { + $location_name = "-"; + } + $location_archived_at = nullable_htmlentities($row['location_archived_at']); + if ($location_archived_at) { + $location_name_display = "
    $location_name
    "; + } else { + $location_name_display = $location_name; + } + + $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_asset_id = $asset_id"); + $login_count = mysqli_num_rows($sql_logins); + + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    +
    + +
    +     		+ + Name + + + + Type + + + + Model + + + + Serial + + + + OS + + + + IP + + + + Purchase Date + + + + Install Date + + + + Warranty Expire + + + + Assigned To + + + + Location + + + + Status + + + + Client + + Action
    +
    + +
    +     		+ +
    + +
    +
    +
    +
    +
    +     +     		+ +
    + +
    +     		+ + + +
    + 0) { ?> + + + + + + +
    + +
    + + + + + + +
    + + + + +
    +
    + +
    + +
    + + Edit + + + Copy + + 2) { ?> + + + Unarchive + + + Delete + + + + Archive + + + + +
    +
    +
    +
    +
    + + + + + +
    + +
    +
    + + + + + + + + + diff --git a/client_assets.php b/client_assets.php deleted file mode 100644 index 29b23d74..00000000 --- a/client_assets.php +++ /dev/null @@ -1,648 +0,0 @@ - 0) { - while ($row = mysqli_fetch_array($os_sql)) { - $os_arr[] = $row; - } - $json_os = json_encode($os_arr); -} - -?> - -
    -
    - Workstations - - Servers - - Virtual - - Network - - Other -
    -
    - -
    -
    -

    Assets

    -
    - = 2) { ?> -
    - - -
    - - Import - - 0) { ?> -
    - - Export - - -
    -
    - -
    -
    -
    -
    - - - -
    -
    -
    - s"> -
    - -
    -
    -
    -
    -
    - -
    -
    -
    -
    - -
    -
    -
    -
    - "> - Archived - - -
    -
    - -
    -
    -
    -
    - - -
    - - "> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - $asset_physical_location"; - } else { - $asset_physical_location_display = ""; - } - $asset_notes = nullable_htmlentities($row['asset_notes']); - $asset_created_at = nullable_htmlentities($row['asset_created_at']); - $asset_archived_at = nullable_htmlentities($row['asset_archived_at']); - $asset_vendor_id = intval($row['asset_vendor_id']); - $asset_location_id = intval($row['asset_location_id']); - $asset_contact_id = intval($row['asset_contact_id']); - $asset_network_id = intval($row['interface_network_id']); - - $device_icon = getAssetIcon($asset_type); - - $contact_name = nullable_htmlentities($row['contact_name']); - if (empty($contact_name)) { - $contact_name = "-"; - } - $contact_archived_at = nullable_htmlentities($row['contact_archived_at']); - if ($contact_archived_at) { - $contact_name_display = "
    $contact_name
    "; - } else { - $contact_name_display = $contact_name; - } - - $location_name = nullable_htmlentities($row['location_name']); - if (empty($location_name)) { - $location_name = "-"; - } - $location_archived_at = nullable_htmlentities($row['location_archived_at']); - if ($location_archived_at) { - $location_name_display = "
    $location_name
    "; - } else { - $location_name_display = $location_name; - } - - $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_asset_id = $asset_id"); - $login_count = mysqli_num_rows($sql_logins); - - ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    -
    - -
    -     		- - Name - - - - Type - - - - Model - - - - Serial - - - - OS - - - - IP - - - - Purchase Date - - - - Install Date - - - - Warranty Expire - - - - Assigned To - - - - Location - - - - Status - - Action
    -
    - -
    -     		- -
    - -
    -
    -
    -
    -
    -     -     		- -
    - -
    -     		- - - -
    - 0) { ?> - - - - - - -
    - -
    - - - - - - -
    - - - - -
    -
    - -
    - -
    - - Edit - - - Copy - - 2) { ?> - - - Unarchive - - - Delete - - - - Archive - - - - -
    -
    -
    -
    -
    - - - - - -
    - -
    -
    - - - - - - - - - diff --git a/client_document_details.php b/client_document_details.php index 256e138d..33b1dfe0 100644 --- a/client_document_details.php +++ b/client_document_details.php @@ -268,7 +268,7 @@ $page_title = $row['document_name']; ?>
    - + @@ -330,7 +330,7 @@ $page_title = $row['document_name']; ?>
    - + diff --git a/client_domains.php b/domains.php similarity index 90% rename from client_domains.php rename to domains.php index bb7ca38c..2c95a9bb 100644 --- a/client_domains.php +++ b/domains.php @@ -4,7 +4,16 @@ $sort = "domain_name"; $order = "ASC"; -require_once "includes/inc_all_client.php"; +// If client_id is in URI then show client Side Bar and client header +if (isset($_GET['client_id'])) { + require_once "includes/inc_all_client.php"; + $client_query = "AND domain_client_id = $client_id"; + $client_url = "client_id=$client_id&"; +} else { + require_once "includes/inc_client_overview_all.php"; + $client_query = ''; + $client_url = ''; +} // Perms enforceUserPermission('module_support'); @@ -12,19 +21,20 @@ enforceUserPermission('module_support'); //Rebuild URL $url_query_strings_sort = http_build_query($get_copy); -$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS domains.*, +$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS domains.*, clients.*, registrar.vendor_name AS registrar_name, dnshost.vendor_name AS dnshost_name, mailhost.vendor_name AS mailhost_name, webhost.vendor_name AS webhost_name FROM domains + LEFT JOIN clients ON client_id = domain_client_id LEFT JOIN vendors AS registrar ON domains.domain_registrar = registrar.vendor_id LEFT JOIN vendors AS dnshost ON domains.domain_dnshost = dnshost.vendor_id LEFT JOIN vendors AS mailhost ON domains.domain_mailhost = mailhost.vendor_id LEFT JOIN vendors AS webhost ON domains.domain_webhost = webhost.vendor_id - WHERE domain_client_id = $client_id AND domain_$archive_query - AND (domains.domain_name LIKE '%$q%' OR domains.domain_description LIKE '%$q%' OR registrar.vendor_name LIKE '%$q%' OR dnshost.vendor_name LIKE '%$q%' OR mailhost.vendor_name LIKE '%$q%' OR webhost.vendor_name LIKE '%$q%') + AND (domains.domain_name LIKE '%$q%' OR domains.domain_description LIKE '%$q%' OR registrar.vendor_name LIKE '%$q%' OR dnshost.vendor_name LIKE '%$q%' OR mailhost.vendor_name LIKE '%$q%' OR webhost.vendor_name LIKE '%$q%') + $client_query ORDER BY $sort $order LIMIT $record_from, $record_to"); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -33,7 +43,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -

    Domains

    +

    Domain Management

    @@ -64,7 +74,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - "> Archived @@ -101,8 +111,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    + - + "> @@ -141,6 +152,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Expires + + + @@ -181,6 +199,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $domain_mailhost_name = nullable_htmlentities($row['mailhost_name']); $domain_created_at = nullable_htmlentities($row['domain_created_at']); $domain_archived_at = nullable_htmlentities($row['domain_archived_at']); + $client_id = intval($row['domain_client_id']); + $client_name = nullable_htmlentities($row['client_name']); // Add - if empty on the table $domain_registrar_name_display = $domain_registrar_name ? $domain_registrar_name : "-"; $domain_webhost_name_display = $domain_webhost_name ? $domain_webhost_name : "-"; @@ -198,7 +218,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    @@ -218,6 +238,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    + +
    + - @@ -750,7 +750,7 @@ if (isset($_GET['query'])) { - + diff --git a/includes/client_overview_side_nav.php b/includes/client_overview_side_nav.php new file mode 100644 index 00000000..ff9c5ae6 --- /dev/null +++ b/includes/client_overview_side_nav.php @@ -0,0 +1,46 @@ + + diff --git a/includes/client_side_nav.php b/includes/client_side_nav.php index 5fc84c4c..2e9e6210 100644 --- a/includes/client_side_nav.php +++ b/includes/client_side_nav.php @@ -116,7 +116,7 @@ = 1) { ?>
  • - "> + ">

    Assets @@ -195,7 +195,7 @@

  • - "> + ">

    Domains diff --git a/includes/inc_client_overview_all.php b/includes/inc_client_overview_all.php new file mode 100644 index 00000000..f266c9f6 --- /dev/null +++ b/includes/inc_client_overview_all.php @@ -0,0 +1,12 @@ +All Assets
    • -
  • - "> - -

    All Domains

    -     -
    • diff --git a/includes/top_nav.php b/includes/top_nav.php index 24ac45e4..9b0b86ce 100644 --- a/includes/top_nav.php +++ b/includes/top_nav.php @@ -6,6 +6,11 @@
    • +
  • + + Client Overview + +
    • diff --git a/modals/client_asset_add_modal.php b/modals/asset_add_modal.php similarity index 100% rename from modals/client_asset_add_modal.php rename to modals/asset_add_modal.php diff --git a/modals/client_asset_bulk_add_ticket_modal.php b/modals/asset_bulk_add_ticket_modal.php similarity index 100% rename from modals/client_asset_bulk_add_ticket_modal.php rename to modals/asset_bulk_add_ticket_modal.php diff --git a/modals/client_asset_bulk_assign_contact_modal.php b/modals/asset_bulk_assign_contact_modal.php similarity index 100% rename from modals/client_asset_bulk_assign_contact_modal.php rename to modals/asset_bulk_assign_contact_modal.php diff --git a/modals/client_asset_bulk_assign_location_modal.php b/modals/asset_bulk_assign_location_modal.php similarity index 100% rename from modals/client_asset_bulk_assign_location_modal.php rename to modals/asset_bulk_assign_location_modal.php diff --git a/modals/client_asset_bulk_edit_status_modal.php b/modals/asset_bulk_edit_status_modal.php similarity index 100% rename from modals/client_asset_bulk_edit_status_modal.php rename to modals/asset_bulk_edit_status_modal.php diff --git a/modals/client_asset_bulk_transfer_client_modal.php b/modals/asset_bulk_transfer_client_modal.php similarity index 100% rename from modals/client_asset_bulk_transfer_client_modal.php rename to modals/asset_bulk_transfer_client_modal.php diff --git a/modals/client_asset_export_modal.php b/modals/asset_export_modal.php similarity index 81% rename from modals/client_asset_export_modal.php rename to modals/asset_export_modal.php index be26f8fd..8860ba99 100644 --- a/modals/client_asset_export_modal.php +++ b/modals/asset_export_modal.php @@ -9,13 +9,15 @@ + +
    - +
    diff --git a/modals/client_asset_import_modal.php b/modals/asset_import_modal.php similarity index 77% rename from modals/client_asset_import_modal.php rename to modals/asset_import_modal.php index cc10bd7b..512958e9 100644 --- a/modals/client_asset_import_modal.php +++ b/modals/asset_import_modal.php @@ -9,7 +9,10 @@ + + +

    Format csv file with headings & data:
    Name, Description, Type, Make, Model, Serial, OS, Assigned To, Location

    @@ -17,10 +20,10 @@
    - +
    - +
    diff --git a/modals/client_asset_interface_add_modal.php b/modals/asset_interface_add_modal.php similarity index 100% rename from modals/client_asset_interface_add_modal.php rename to modals/asset_interface_add_modal.php diff --git a/modals/client_asset_interface_export_modal.php b/modals/asset_interface_export_modal.php similarity index 100% rename from modals/client_asset_interface_export_modal.php rename to modals/asset_interface_export_modal.php diff --git a/modals/client_asset_interface_import_modal.php b/modals/asset_interface_import_modal.php similarity index 100% rename from modals/client_asset_interface_import_modal.php rename to modals/asset_interface_import_modal.php diff --git a/modals/client_asset_interface_multiple_add_modal.php b/modals/asset_interface_multiple_add_modal.php similarity index 100% rename from modals/client_asset_interface_multiple_add_modal.php rename to modals/asset_interface_multiple_add_modal.php diff --git a/modals/client_domain_add_modal.php b/modals/domain_add_modal.php similarity index 81% rename from modals/client_domain_add_modal.php rename to modals/domain_add_modal.php index 70049ea8..6b3cc90b 100644 --- a/modals/client_domain_add_modal.php +++ b/modals/domain_add_modal.php @@ -8,7 +8,6 @@ -
      @@ -47,6 +46,38 @@
    + + + + +
    + +
    +
    + +
    + +
    +
    + +
    +
    +
    +
    + + +
    diff --git a/modals/client_domain_export_modal.php b/modals/domain_export_modal.php similarity index 79% rename from modals/client_domain_export_modal.php rename to modals/domain_export_modal.php index cb743669..7b985881 100644 --- a/modals/client_domain_export_modal.php +++ b/modals/domain_export_modal.php @@ -8,12 +8,14 @@
    + +
    - +
    diff --git a/post/user/asset.php b/post/user/asset.php index 52709ede..727d1040 100644 --- a/post/user/asset.php +++ b/post/user/asset.php @@ -496,7 +496,7 @@ if (isset($_POST['bulk_unarchive_assets'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } -if (isset($_POST["import_client_assets_csv"])) { +if (isset($_POST["import_assets_csv"])) { enforceUserPermission('module_support', 2); @@ -622,7 +622,7 @@ if (isset($_POST["import_client_assets_csv"])) { } } -if (isset($_GET['download_client_assets_csv_template'])) { +if (isset($_GET['download_assets_csv_template'])) { $client_id = intval($_GET['download_client_assets_csv_template']); //get records from database @@ -654,16 +654,21 @@ if (isset($_GET['download_client_assets_csv_template'])) { } -if (isset($_POST['export_client_assets_csv'])) { +if (isset($_POST['export_assets_csv'])) { enforceUserPermission('module_support'); validateCSRFToken($_POST['csrf_token']); - $client_id = intval($_POST['client_id']); + if (isset($_POST['client_id'])) { + $client_id = intval($_POST['client_id']); + $client_query = "AND asset_client_id = $client_id"; + } else { + $client_query = ''; + } //get records from database - $sql = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 LEFT JOIN clients ON asset_client_id = client_id WHERE asset_client_id = $client_id AND asset_archived_at IS NULL ORDER BY asset_name ASC"); + $sql = mysqli_query($mysqli,"SELECT * FROM assets LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 LEFT JOIN clients ON asset_client_id = client_id WHERE asset_archived_at IS NULL $client_query ORDER BY asset_name ASC"); $row = mysqli_fetch_array($sql); $client_name = $row['client_name']; diff --git a/post/user/domain.php b/post/user/domain.php index 28807307..3be8bb02 100644 --- a/post/user/domain.php +++ b/post/user/domain.php @@ -329,25 +329,24 @@ if (isset($_POST['bulk_delete_domains'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } -if (isset($_POST['export_client_domains_csv'])) { +if (isset($_POST['export_domains_csv'])) { enforceUserPermission('module_support'); - $client_id = intval($_POST['client_id']); + if (isset($_POST['client_id'])) { + $client_id = intval($_POST['client_id']); + $client_query = "WHERE domain_client_id = $client_id"; + } else { + $client_query = ''; + } - //get records from database - $sql = mysqli_query($mysqli,"SELECT client_name FROM clients WHERE client_id = $client_id"); - $row = mysqli_fetch_array($sql); - - $client_name = $row['client_name']; - - $sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_client_id = $client_id ORDER BY domain_name ASC"); + $sql = mysqli_query($mysqli,"SELECT * FROM domains $client_query ORDER BY domain_name ASC"); $num_rows = mysqli_num_rows($sql); if ($num_rows > 0) { $delimiter = ","; - $filename = $client_name . "-Domains-" . date('Y-m-d') . ".csv"; + $filename = "Domains-" . date('Y-m-d') . ".csv"; //create a file pointer $f = fopen('php://memory', 'w'); @@ -374,7 +373,7 @@ if (isset($_POST['export_client_domains_csv'])) { } // Logging - logAction("Domain", "Export", "$session_name exported $num_rows domain(s)", $client_id); + logAction("Domain", "Export", "$session_name exported $num_rows domain(s)"); exit; diff --git a/report_assets.php b/report_assets.php deleted file mode 100644 index 24c3bbeb..00000000 --- a/report_assets.php +++ /dev/null @@ -1,618 +0,0 @@ - - -
    -
    -

    All Assets

    -
    -
    -
    -
    -
    - - -
    -
    -
    -
    - - All Assets - - 0) { ?> - Workstations - 0) { ?> - Servers - 0) { ?> - Virtual - 0) { ?> - Network - 0) { ?> - Other - -
    -
    -
    - -
    -
    - s"> -
    - -
    -
    -
    -
    -
    - -
    -
    -
    -
    - -
    -
    - -
    -
    - "> - Archived - - -
    -
    - - -
    - -
    -
    - - -
    -
    + + Client + + Action
    diff --git a/global_search.php b/global_search.php index 0ddb1edd..59b1c126 100644 --- a/global_search.php +++ b/global_search.php @@ -324,7 +324,7 @@ if (isset($_GET['query'])) { ?>
    +
    - "> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - $contact_name"; - } else { - $contact_name_display = $contact_name; - } - - $location_name = nullable_htmlentities($row['location_name']); - if (empty($location_name)) { - $location_name = "-"; - } - $location_archived_at = nullable_htmlentities($row['location_archived_at']); - if ($location_archived_at) { - $location_name_display = "
    $location_name
    "; - } else { - $location_name_display = $location_name; - } - - $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_asset_id = $asset_id"); - $login_count = mysqli_num_rows($sql_logins); - - ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    -
    - -
    -     		- - Name - - - - Type - - - - Model - - - - Serial - - - - OS - - - - IP - - - - Purchase Date - - - - Install Date - - - - Warranty Expire - - - - Assigned To - - - - Location - - - - Physical Location - - - - Status - - - - Client - - Action
    -
    - -
    -     		- -
    - -
    -
    -
    -
    -
    -     -     		- -
    - -
    -     		-
    - 0) { ?> - - - - - - -
    - -
    - - - - - - -
    - - - - -
    -
    - -
    - -
    - - Edit - - 2) { ?> - - - Unarchive - - - - Archive - - - - - Delete - - - - -
    -
    -
    -
    -
    - - - -
    -
    - - - - - -
    -
    -

    Domain Management

    -
    -
    - -
    -
    -
    - -
    -
    -
    -
    -
    - -
    - -
    -
    -
    - -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - - - "> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    -
    - -
    -     		- - Domain - - - - Registrar - - - - Web Host - - - - DNS Host - - - - Mail Host - - - - Expires - - - - Client - - Action
    -
    - - -
    -     		- -
    - -
    -
    -
    -
    -
    -     -     		-
    -
    -     		-
    - -
    - 1) { ?> - - Archive - - - -
    - - Delete - - -
    -
    -
    - -
    -
    - -
    -
    - - - - Date: Thu, 20 Feb 2025 00:38:40 -0500 Subject: [PATCH 329/366] Make contacts global view compatible, remove bulk mail from admin as this is in contacts bulk actions, updated links, tidy --- admin_bulk_mail.php | 153 ------------------ client_document_details.php | 2 +- client_overview.php | 10 +- ...contact_details.php => contact_details.php | 48 ++++-- client_contacts.php => contacts.php | 110 ++++++++++--- dashboard.php | 6 +- global_search.php | 4 +- includes/admin_side_nav.php | 7 - includes/client_overview_side_nav.php | 6 + includes/client_side_nav.php | 2 +- ...ct_add_modal.php => contact_add_modal.php} | 0 ...ve_modal.php => contact_archive_modal.php} | 0 ...=> contact_bulk_assign_location_modal.php} | 0 ...php => contact_bulk_assign_tags_modal.php} | 0 ...=> contact_bulk_edit_department_modal.php} | 0 ....php => contact_bulk_edit_phone_modal.php} | 0 ...l.php => contact_bulk_edit_role_modal.php} | 0 ...modal.php => contact_bulk_email_modal.php} | 0 ...odal.php => contact_create_note_modal.php} | 0 ...ort_modal.php => contact_export_modal.php} | 4 +- ...ort_modal.php => contact_import_modal.php} | 6 +- ...ite_modal.php => contact_invite_modal.php} | 0 post/admin/admin_bulk_mail.php | 54 ------- post/user/contact.php | 81 +++++++--- scripts/cron.php | 4 +- 25 files changed, 210 insertions(+), 287 deletions(-) delete mode 100644 admin_bulk_mail.php rename client_contact_details.php => contact_details.php (96%) rename client_contacts.php => contacts.php (86%) rename modals/{client_contact_add_modal.php => contact_add_modal.php} (100%) rename modals/{client_contact_archive_modal.php => contact_archive_modal.php} (100%) rename modals/{client_contact_bulk_assign_location_modal.php => contact_bulk_assign_location_modal.php} (100%) rename modals/{client_contact_bulk_assign_tags_modal.php => contact_bulk_assign_tags_modal.php} (100%) rename modals/{client_contact_bulk_edit_department_modal.php => contact_bulk_edit_department_modal.php} (100%) rename modals/{client_contact_bulk_edit_phone_modal.php => contact_bulk_edit_phone_modal.php} (100%) rename modals/{client_contact_bulk_edit_role_modal.php => contact_bulk_edit_role_modal.php} (100%) rename modals/{client_contact_bulk_email_modal.php => contact_bulk_email_modal.php} (100%) rename modals/{client_contact_create_note_modal.php => contact_create_note_modal.php} (100%) rename modals/{client_contact_export_modal.php => contact_export_modal.php} (80%) rename modals/{client_contact_import_modal.php => contact_import_modal.php} (81%) rename modals/{client_contact_invite_modal.php => contact_invite_modal.php} (100%) delete mode 100644 post/admin/admin_bulk_mail.php diff --git a/admin_bulk_mail.php b/admin_bulk_mail.php deleted file mode 100644 index 0d68f27f..00000000 --- a/admin_bulk_mail.php +++ /dev/null @@ -1,153 +0,0 @@ - - - -
    -
    -

    Bulk Mail

    -
    - -
    -
    -
    -
    - - -
    - -
    - -
    Email Message
    - -
    - -
    - -
    - -
    - -
    - -
    - -
    - -
    - -
    - -
    -
    -
    - -
    - -
    -
    - -
    - -
    - -
    Select Contacts
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - -
    -
    - -
    -     		ClientNameTitleEmail
    -
    - -
    -     		- - - -
    -
    - -
    - -
    - -
    - -
    -
    -
    - - - - -
    - + diff --git a/client_overview.php b/client_overview.php index 61e955bb..22c9fa2c 100644 --- a/client_overview.php +++ b/client_overview.php @@ -241,7 +241,7 @@ $sql_asset_retired = mysqli_query( ?> - +
    @@ -410,7 +410,7 @@ $sql_asset_retired = mysqli_query( ?>

    - + --

    @@ -430,7 +430,7 @@ $sql_asset_retired = mysqli_query( ?>

    - + --

    @@ -528,7 +528,7 @@ $sql_asset_retired = mysqli_query( ?>

    - + --

    @@ -548,7 +548,7 @@ $sql_asset_retired = mysqli_query( ?>

    - + --

    diff --git a/client_contact_details.php b/contact_details.php similarity index 96% rename from client_contact_details.php rename to contact_details.php index 59e519d1..95dd3e2a 100644 --- a/client_contact_details.php +++ b/contact_details.php @@ -1,18 +1,30 @@ - + +
    @@ -516,7 +533,11 @@ if (isset($_GET['contact_id'])) { - + @@ -680,7 +701,15 @@ if (isset($_GET['contact_id'])) { ?> - + + + + + @@ -690,8 +719,11 @@ if (isset($_GET['contact_id'])) {
    - + Edit
    @@ -1140,7 +1172,6 @@ if (isset($_GET['contact_id'])) { }); - @@ -1155,6 +1186,5 @@ require_once "modals/client_contact_link_document_modal.php"; require_once "modals/client_contact_link_file_modal.php"; require_once "modals/recurring_ticket_add_modal.php"; -require_once "modals/recurring_ticket_edit_modal.php"; require_once "includes/footer.php"; diff --git a/client_contacts.php b/contacts.php similarity index 86% rename from client_contacts.php rename to contacts.php index 33d0edb0..1baf2383 100644 --- a/client_contacts.php +++ b/contacts.php @@ -4,7 +4,16 @@ $sort = "contact_name"; $order = "ASC"; -require_once "includes/inc_all_client.php"; +// If client_id is in URI then show client Side Bar and client header +if (isset($_GET['client_id'])) { + require_once "includes/inc_all_client.php"; + $client_query = "AND contact_client_id = $client_id"; + $client_url = "client_id=$client_id&"; +} else { + require_once "includes/inc_client_overview_all.php"; + $client_query = ''; + $client_url = ''; +} // Tags Filter if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) { @@ -22,20 +31,35 @@ if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) { $tag_query = ''; } -// Location Filter -if (isset($_GET['location']) & !empty($_GET['location'])) { - $location_query = 'AND (contact_location_id = ' . intval($_GET['location']) . ')'; - $location_filter = intval($_GET['location']); -} else { - // Default - any - $location_query = ''; - $location_filter = ''; +if (!$client_url) { + // Client Filter + if (isset($_GET['client']) & !empty($_GET['client'])) { + $client_query = 'AND (contact_client_id = ' . intval($_GET['client']) . ')'; + $client = intval($_GET['client']); + } else { + // Default - any + $client_query = ''; + $client = ''; + } +} + +if ($client_url) { + // Location Filter + if (isset($_GET['location']) & !empty($_GET['location'])) { + $location_query = 'AND (contact_location_id = ' . intval($_GET['location']) . ')'; + $location_filter = intval($_GET['location']); + } else { + // Default - any + $location_query = ''; + $location_filter = ''; + } } //Rebuild URL //$url_query_strings_sort = http_build_query($get_copy); -$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS contacts.*, locations.*, users.*, GROUP_CONCAT(tags.tag_name) FROM contacts +$sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS contacts.*, clients.*, locations.*, users.*, GROUP_CONCAT(tags.tag_name) FROM contacts + LEFT JOIN clients ON client_id = contact_client_id LEFT JOIN locations ON location_id = contact_location_id LEFT JOIN users ON user_id = contact_user_id LEFT JOIN contact_tags ON contact_tags.contact_id = contacts.contact_id @@ -43,7 +67,7 @@ $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS contacts.*, locations.* WHERE contact_$archive_query $tag_query AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$phone_query%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$phone_query%' OR tag_name LIKE '%$q%') - AND contact_client_id = $client_id + $client_query $location_query GROUP BY contact_id ORDER BY contact_primary DESC, contact_important DESC, $sort $order LIMIT $record_from, $record_to" @@ -78,7 +102,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    + +
    @@ -107,6 +133,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    +
    + +
    +
    + +
    +
    +
    - "> Archived @@ -215,6 +263,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Location + + + + Client + + + Action @@ -222,6 +277,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $contact_tag_name"; + $contact_tag_name_display_array[] = "$contact_tag_name"; } $contact_tags_display = implode('', $contact_tag_name_display_array); @@ -340,7 +397,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -371,13 +428,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + + +
    - + Details
    - - - - - - + + + + + + @@ -482,8 +542,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +

    New Assets

    @@ -625,7 +625,7 @@ if ($user_config_dashboard_technical_enable == 1) {
    - +

    Expiring Domains

    @@ -699,7 +699,7 @@ if ($user_config_dashboard_technical_enable == 1) { $contact_name = nullable_htmlentities($row['contact_name']); $ticket_priority_color = $ticket_priority == "High" ? "danger" : ($ticket_priority == "Medium" ? "warning" : "info"); - $contact_display = empty($contact_name) ? "-" : "    $contact_name"; + $contact_display = empty($contact_name) ? "-" : "$contact_name"; ?> diff --git a/global_search.php b/global_search.php index 59b1c126..be3c1693 100644 --- a/global_search.php +++ b/global_search.php @@ -228,7 +228,7 @@ if (isset($_GET['query'])) { ?> - +
    @@ -728,7 +728,7 @@ if (isset($_GET['query'])) { if (empty($contact_name)) { $contact_name_display = "-"; }else{ - $contact_name_display = "$contact_name"; + $contact_name_display = "$contact_name"; } $contact_archived_at = nullable_htmlentities($row['contact_archived_at']); if (empty($contact_archived_at)) { diff --git a/includes/admin_side_nav.php b/includes/admin_side_nav.php index 5abe20c8..02e83152 100644 --- a/includes/admin_side_nav.php +++ b/includes/admin_side_nav.php @@ -33,13 +33,6 @@

    API Keys

    -
  • - "> - -

    Bulk Mail

    -     -
    • -
  • TAGS & CATEGORIES
  • diff --git a/includes/client_overview_side_nav.php b/includes/client_overview_side_nav.php index ff9c5ae6..b48bf9b9 100644 --- a/includes/client_overview_side_nav.php +++ b/includes/client_overview_side_nav.php @@ -18,6 +18,12 @@
  • OVERVIEWS
    • = 1) { ?> +
  • + "> + +

    ALL Contacts

    +     +
  • "> diff --git a/includes/client_side_nav.php b/includes/client_side_nav.php index 2e9e6210..2667e168 100644 --- a/includes/client_side_nav.php +++ b/includes/client_side_nav.php @@ -26,7 +26,7 @@
  • - "> + ">

    Contacts diff --git a/modals/client_contact_add_modal.php b/modals/contact_add_modal.php similarity index 100% rename from modals/client_contact_add_modal.php rename to modals/contact_add_modal.php diff --git a/modals/client_contact_archive_modal.php b/modals/contact_archive_modal.php similarity index 100% rename from modals/client_contact_archive_modal.php rename to modals/contact_archive_modal.php diff --git a/modals/client_contact_bulk_assign_location_modal.php b/modals/contact_bulk_assign_location_modal.php similarity index 100% rename from modals/client_contact_bulk_assign_location_modal.php rename to modals/contact_bulk_assign_location_modal.php diff --git a/modals/client_contact_bulk_assign_tags_modal.php b/modals/contact_bulk_assign_tags_modal.php similarity index 100% rename from modals/client_contact_bulk_assign_tags_modal.php rename to modals/contact_bulk_assign_tags_modal.php diff --git a/modals/client_contact_bulk_edit_department_modal.php b/modals/contact_bulk_edit_department_modal.php similarity index 100% rename from modals/client_contact_bulk_edit_department_modal.php rename to modals/contact_bulk_edit_department_modal.php diff --git a/modals/client_contact_bulk_edit_phone_modal.php b/modals/contact_bulk_edit_phone_modal.php similarity index 100% rename from modals/client_contact_bulk_edit_phone_modal.php rename to modals/contact_bulk_edit_phone_modal.php diff --git a/modals/client_contact_bulk_edit_role_modal.php b/modals/contact_bulk_edit_role_modal.php similarity index 100% rename from modals/client_contact_bulk_edit_role_modal.php rename to modals/contact_bulk_edit_role_modal.php diff --git a/modals/client_contact_bulk_email_modal.php b/modals/contact_bulk_email_modal.php similarity index 100% rename from modals/client_contact_bulk_email_modal.php rename to modals/contact_bulk_email_modal.php diff --git a/modals/client_contact_create_note_modal.php b/modals/contact_create_note_modal.php similarity index 100% rename from modals/client_contact_create_note_modal.php rename to modals/contact_create_note_modal.php diff --git a/modals/client_contact_export_modal.php b/modals/contact_export_modal.php similarity index 80% rename from modals/client_contact_export_modal.php rename to modals/contact_export_modal.php index 87efd742..aff19968 100644 --- a/modals/client_contact_export_modal.php +++ b/modals/contact_export_modal.php @@ -8,12 +8,14 @@

    • + +
    - +
    diff --git a/modals/client_contact_import_modal.php b/modals/contact_import_modal.php similarity index 81% rename from modals/client_contact_import_modal.php rename to modals/contact_import_modal.php index bc567b60..d126d4f4 100644 --- a/modals/client_contact_import_modal.php +++ b/modals/contact_import_modal.php @@ -8,7 +8,9 @@
    + +

    Format csv file with headings & data:
    Name, Title, Department, Email, Phone, Extension, Mobile, Location

    @@ -16,10 +18,10 @@
    -     +
    - +
    diff --git a/modals/client_contact_invite_modal.php b/modals/contact_invite_modal.php similarity index 100% rename from modals/client_contact_invite_modal.php rename to modals/contact_invite_modal.php diff --git a/post/admin/admin_bulk_mail.php b/post/admin/admin_bulk_mail.php deleted file mode 100644 index 841ab020..00000000 --- a/post/admin/admin_bulk_mail.php +++ /dev/null @@ -1,54 +0,0 @@ - $mail_from, - 'from_name' => $mail_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $subject, - 'body' => $body, - 'queued_at' => $queued_at - ]; - } - addToMailQueue($data); - - // Logging - logAction("Bulk Mail", "Send", "$session_name sent $count messages via bulk mail"); - - $_SESSION['alert_message'] = "$count messages queued"; - - } - - header("Location: " . $_SERVER["HTTP_REFERER"]); - -} \ No newline at end of file diff --git a/post/user/contact.php b/post/user/contact.php index 4815bba4..de63f95d 100644 --- a/post/user/contact.php +++ b/post/user/contact.php @@ -534,6 +534,52 @@ if (isset($_POST['bulk_assign_contact_tags'])) { } +if (isset($_POST['send_bulk_mail_now'])) { + + if (isset($_POST['contact_ids'])) { + + $count = count($_POST['contact_ids']); + + $mail_from = sanitizeInput($_POST['mail_from']); + $mail_from_name = sanitizeInput($_POST['mail_from_name']); + $subject = sanitizeInput($_POST['subject']); + $body = mysqli_escape_string($mysqli, $_POST['body']); + $queued_at = sanitizeInput($_POST['queued_at']); + + // Add Emails + foreach($_POST['contact_ids'] as $contact_id) { + $contact_id = intval($contact_id); + + $sql = mysqli_query($mysqli,"SELECT * FROM contacts WHERE contact_id = $contact_id"); + $row = mysqli_fetch_array($sql); + $contact_name = sanitizeInput($row['contact_name']); + $contact_email = sanitizeInput($row['contact_email']); + $client_id = intval($row['contact_client_id']); + + // Queue Mail + $data[] = [ + 'from' => $mail_from, + 'from_name' => $mail_from_name, + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body, + 'queued_at' => $queued_at + ]; + } + addToMailQueue($data); + + // Logging + logAction("Bulk Mail", "Send", "$session_name sent $count messages via bulk mail"); + + $_SESSION['alert_message'] = "$count messages queued"; + + } + + header("Location: " . $_SERVER["HTTP_REFERER"]); + +} + if (isset($_POST['bulk_archive_contacts'])) { enforceUserPermission('module_client', 2); @@ -1177,25 +1223,24 @@ if (isset($_GET['unlink_contact_from_file'])) { } -if (isset($_POST['export_client_contacts_csv'])) { +if (isset($_POST['export_contacts_csv'])) { enforceUserPermission('module_client'); - $client_id = intval($_POST['client_id']); - - //get records from database - $sql = mysqli_query($mysqli,"SELECT client_name FROM clients WHERE client_id = $client_id"); - $row = mysqli_fetch_array($sql); - - $client_name = $row['client_name']; + if (isset($_POST['client_id'])) { + $client_id = intval($_POST['client_id']); + $client_query = "AND contact_client_id = $client_id"; + } else { + $client_query = ''; + } //Contacts - $sql = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN locations ON location_id = contact_location_id WHERE contact_client_id = $client_id AND contact_archived_at IS NULL ORDER BY contact_name ASC"); + $sql = mysqli_query($mysqli,"SELECT * FROM contacts LEFT JOIN locations ON location_id = contact_location_id WHERE contact_archived_at IS NULL $client_query ORDER BY contact_name ASC"); $num_rows = mysqli_num_rows($sql); if ($num_rows > 0) { $delimiter = ","; - $filename = strtoAZaz09($client_name) . "-Contacts-" . date('Y-m-d') . ".csv"; + $filename = "Contacts-" . date('Y-m-d') . ".csv"; //create a file pointer $f = fopen('php://memory', 'w'); @@ -1223,13 +1268,13 @@ if (isset($_POST['export_client_contacts_csv'])) { } //Logging - logAction("Contact", "Export", "$session_name exported $num_rows contact(s) to a CSV file", $client_id); + logAction("Contact", "Export", "$session_name exported $num_rows contact(s) to a CSV file"); exit; } -if (isset($_POST["import_client_contacts_csv"])) { +if (isset($_POST["import_contacts_csv"])) { enforceUserPermission('module_client', 2); @@ -1332,17 +1377,9 @@ if (isset($_POST["import_client_contacts_csv"])) { } } -if (isset($_GET['download_client_contacts_csv_template'])) { - $client_id = intval($_GET['download_client_contacts_csv_template']); - - //get records from database - $sql = mysqli_query($mysqli,"SELECT client_name FROM clients WHERE client_id = $client_id"); - $row = mysqli_fetch_array($sql); - - $client_name = $row['client_name']; - +if (isset($_GET['download_contacts_csv_template'])) { $delimiter = ","; - $filename = strtoAZaz09($client_name) . "-Contacts-Template.csv"; + $filename = "Contacts-Template.csv"; //create a file pointer $f = fopen('php://memory', 'w'); diff --git a/scripts/cron.php b/scripts/cron.php index 590d782d..a2f0c9ca 100644 --- a/scripts/cron.php +++ b/scripts/cron.php @@ -198,7 +198,7 @@ if ($config_enable_alert_domain_expire == 1) { $client_id = intval($row['client_id']); $client_name = sanitizeInput($row['client_name']); - appNotify("Domain Expiring", "Domain $domain_name for $client_name will expire in $day Days on $domain_expire", "client_domains.php?client_id=$client_id", $client_id); + appNotify("Domain Expiring", "Domain $domain_name for $client_name will expire in $day Days on $domain_expire", "domains.php?client_id=$client_id", $client_id); } @@ -258,7 +258,7 @@ foreach ($warranty_alert_array as $day) { $client_id = intval($row['client_id']); $client_name = sanitizeInput($row['client_name']); - appNotify("Asset Warranty Expiring", "Asset $asset_name warranty for $client_name will expire in $day Days on $asset_warranty_expire", "client_assets.php?client_id=$client_id", $client_id); + appNotify("Asset Warranty Expiring", "Asset $asset_name warranty for $client_name will expire in $day Days on $asset_warranty_expire", "assets.php?client_id=$client_id", $client_id); } From a5d69d47ee67f42e6b976356ed4362daf41c15fa Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 20 Feb 2025 00:44:22 -0500 Subject: [PATCH 330/366] Show select Client when adding items in Client Overview / Global View --- includes/client_overview_side_nav.php | 2 -- includes/top_nav.php | 2 +- modals/asset_add_modal.php | 33 +++++++++++++++++++++- modals/contact_add_modal.php | 33 +++++++++++++++++++++- modals/domain_add_modal.php | 40 +++++++++++++-------------- 5 files changed, 85 insertions(+), 25 deletions(-) diff --git a/includes/client_overview_side_nav.php b/includes/client_overview_side_nav.php index b48bf9b9..b0bc024c 100644 --- a/includes/client_overview_side_nav.php +++ b/includes/client_overview_side_nav.php @@ -15,8 +15,6 @@
      -
    • OVERVIEWS
      • - = 1) { ?>
    • "> diff --git a/includes/top_nav.php b/includes/top_nav.php index 9b0b86ce..e99f483c 100644 --- a/includes/top_nav.php +++ b/includes/top_nav.php @@ -7,7 +7,7 @@
    • - + Client Overview
      • diff --git a/modals/asset_add_modal.php b/modals/asset_add_modal.php index c7525fd2..0d057b3b 100644 --- a/modals/asset_add_modal.php +++ b/modals/asset_add_modal.php @@ -10,7 +10,6 @@
      -
      @@ -41,6 +40,38 @@
      + + + + +
      + +
      +
      + +
      + +
      +
      + +
      +
      +
      +
      + + +
      diff --git a/modals/contact_add_modal.php b/modals/contact_add_modal.php index b503ddad..45dc7098 100644 --- a/modals/contact_add_modal.php +++ b/modals/contact_add_modal.php @@ -8,7 +8,6 @@
      -
      diff --git a/includes/client_side_nav.php b/includes/client_side_nav.php index 183c799b..52865f0a 100644 --- a/includes/client_side_nav.php +++ b/includes/client_side_nav.php @@ -209,7 +209,7 @@
    • - "> + ">

      Services diff --git a/modals/client_service_add_modal.php b/modals/client_service_add_modal.php deleted file mode 100644 index fcc9edf3..00000000 --- a/modals/client_service_add_modal.php +++ /dev/null @@ -1,214 +0,0 @@ -

       diff --git a/modals/service_add_modal.php b/modals/service_add_modal.php new file mode 100644 index 00000000..5d4e0f6b --- /dev/null +++ b/modals/service_add_modal.php @@ -0,0 +1,247 @@ + diff --git a/networks.php b/networks.php index 0c230ad3..bf2a7564 100644 --- a/networks.php +++ b/networks.php @@ -26,7 +26,7 @@ $sql = mysqli_query( "SELECT SQL_CALC_FOUND_ROWS * FROM networks LEFT JOIN clients ON client_id = network_client_id LEFT JOIN locations ON location_id = network_location_id - WHERE network_archived_at IS NULL + WHERE network_$archive_query AND (network_name LIKE '%$q%' OR network_description LIKE '%$q%' OR network_vlan LIKE '%$q%' OR network LIKE '%$q%' OR network_gateway LIKE '%$q%' OR network_subnet LIKE '%$q%' OR network_primary_dns LIKE '%$q%' OR network_secondary_dns LIKE '%$q%' OR network_dhcp_range LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%') $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" diff --git a/client_services.php b/services.php similarity index 69% rename from client_services.php rename to services.php index a7958986..e53c1f6e 100644 --- a/client_services.php +++ b/services.php @@ -4,20 +4,27 @@ $sort = "service_name"; $order = "ASC"; -require_once "includes/inc_all_client.php"; +// If client_id is in URI then show client Side Bar and client header +if (isset($_GET['client_id'])) { + require_once "includes/inc_all_client.php"; + $client_query = "AND service_client_id = $client_id"; + $client_url = "client_id=$client_id&"; +} else { + require_once "includes/inc_client_overview_all.php"; + $client_query = ''; + $client_url = ''; +} // Perms enforceUserPermission('module_support'); -//Rebuild URL -$url_query_strings_sort = http_build_query($get_copy); - // Overview SQL query $sql = mysqli_query( $mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM services - WHERE service_client_id = '$client_id' - AND (service_name LIKE '%$q%' OR service_description LIKE '%$q%' OR service_category LIKE '%$q%') + LEFT JOIN clients ON client_id = service_client_id + WHERE (service_name LIKE '%$q%' OR service_description LIKE '%$q%' OR service_category LIKE '%$q%' OR client_name LIKE '%$q%') + $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); @@ -37,7 +44,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
      + +
      @@ -60,10 +69,33 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); "> - - - - + + + + + + + @@ -71,6 +103,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + + + diff --git a/scripts/cron.php b/scripts/cron.php index a2f0c9ca..540496b1 100644 --- a/scripts/cron.php +++ b/scripts/cron.php @@ -229,7 +229,7 @@ foreach ($certificateAlertArray as $day) { $client_id = intval($row['client_id']); $client_name = sanitizeInput($row['client_name']); - appNotify("Certificate Expiring", "Certificate $certificate_name for $client_name will expire in $day Days on $certificate_expire", "client_certificates.php?client_id=$client_id", $client_id); + appNotify("Certificate Expiring", "Certificate $certificate_name for $client_name will expire in $day Days on $certificate_expire", "certificates.php?client_id=$client_id", $client_id); } diff --git a/software.php b/software.php index ae97ba71..66f62c97 100644 --- a/software.php +++ b/software.php @@ -157,11 +157,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $tr_class = "table-danger"; } elseif ($days_until_expiry <= 90) { $tr_class = "table-warning"; + } else { + $tr_class = ''; } } else { $software_expire_display = "-"; - $tr_class = ''; } $software_notes = nullable_htmlentities($row['software_notes']); diff --git a/tickets.php b/tickets.php index fc218624..91a0b428 100644 --- a/tickets.php +++ b/tickets.php @@ -45,6 +45,17 @@ if (isset($_GET['status']) && is_array($_GET['status']) && !empty($_GET['status' } } +if (isset($_GET['billable']) && ($_GET['billable']) == '1') { + if (isset($_GET['unbilled'])) { + $billable = 1; + $ticket_billable_snippet = "AND ticket_billable = 1 AND ticket_invoice_id = 0"; + $ticket_status_snippet = '1 = 1'; + } +} else { + $billable = 0; + $ticket_billable_snippet = ''; +} + if (isset($_GET['category'])) { $category = sanitizeInput($_GET['category']); if ($category == 'empty') { @@ -98,6 +109,7 @@ $sql = mysqli_query( $category_snippet AND DATE(ticket_created_at) BETWEEN '$dtf' AND '$dtt' AND (CONCAT(ticket_prefix,ticket_number) LIKE '%$q%' OR client_name LIKE '%$q%' OR ticket_subject LIKE '%$q%' OR ticket_status_name LIKE '%$q%' OR ticket_priority LIKE '%$q%' OR user_name LIKE '%$q%' OR contact_name LIKE '%$q%' OR asset_name LIKE '%$q%' OR vendor_name LIKE '%$q%' OR ticket_vendor_ticket_number LIKE '%q%') + $ticket_billable_snippet $ticket_permission_snippet $client_query ORDER BY From 64f3df6baf45204a1a871dee081c56f421e582df Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 00:28:36 -0500 Subject: [PATCH 339/366] Add Some Client Permission Checks to the new Global View and some tidying --- asset_details.php | 3 +-- assets.php | 8 ++++++-- certificates.php | 1 + check_login.php | 34 ++++++++++++-------------------- contacts.php | 3 ++- credentials.php | 3 ++- domains.php | 5 +++-- global_search.php | 4 ++-- includes/get_side_nav_counts.php | 4 ++-- locations.php | 1 + networks.php | 1 + services.php | 1 + software.php | 1 + 13 files changed, 36 insertions(+), 33 deletions(-) diff --git a/asset_details.php b/asset_details.php index cb020ec9..ce40fb48 100644 --- a/asset_details.php +++ b/asset_details.php @@ -11,7 +11,6 @@ if (isset($_GET['client_id'])) { $client_url = ''; } - if (isset($_GET['asset_id'])) { $asset_id = intval($_GET['asset_id']); @@ -25,7 +24,7 @@ if (isset($_GET['asset_id'])) { "); $row = mysqli_fetch_array($sql); - $client_id = intval($row['asset_client_id']); + $client_id = intval($row['client_id']); $client_name = nullable_htmlentities($row['client_name']); $asset_id = intval($row['asset_id']); $asset_type = nullable_htmlentities($row['asset_type']); diff --git a/assets.php b/assets.php index 14eb96d3..45dcda07 100644 --- a/assets.php +++ b/assets.php @@ -66,11 +66,13 @@ $row = mysqli_fetch_assoc(mysqli_query($mysqli, " SUM(CASE WHEN asset_type IN ('Firewall/Router', 'switch', 'access point') THEN 1 ELSE 0 END) AS network_count, SUM(CASE WHEN asset_type NOT IN ('laptop', 'desktop', 'server', 'virtual machine', 'Firewall/Router', 'switch', 'access point') THEN 1 ELSE 0 END) AS other_count FROM ( - SELECT assets.* FROM assets + SELECT assets.* FROM assets + LEFT JOIN clients ON client_id = asset_client_id LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 WHERE asset_$archive_query + $access_permission_query $client_query ) AS filtered_assets; ")); @@ -106,8 +108,10 @@ $sql = mysqli_query( WHERE asset_$archive_query AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR interface_ip LIKE '%$q%' OR interface_ipv6 LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%') AND ($type_query) + $access_permission_query $location_query $client_query + ORDER BY $sort $order LIMIT $record_from, $record_to" ); @@ -226,7 +230,7 @@ if (mysqli_num_rows($os_sql) > 0) { getMessage()); - $access_permission_query = ""; // Ensure safe default if query fails +// Client access permission check +// Default allow, if a list of allowed clients is set & the user isn't an admin, restrict them +$access_permission_query = ""; +if ($client_access_string && !$session_is_admin) { + $access_permission_query = "AND clients.client_id IN ($client_access_string)"; } // Include the settings vars diff --git a/contacts.php b/contacts.php index 801faa0d..9b7eae6e 100644 --- a/contacts.php +++ b/contacts.php @@ -65,6 +65,7 @@ $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS contacts.*, clients.*, WHERE contact_$archive_query $tag_query AND (contact_name LIKE '%$q%' OR contact_title LIKE '%$q%' OR location_name LIKE '%$q%' OR contact_email LIKE '%$q%' OR contact_department LIKE '%$q%' OR contact_phone LIKE '%$phone_query%' OR contact_extension LIKE '%$q%' OR contact_mobile LIKE '%$phone_query%' OR tag_name LIKE '%$q%' OR client_name LIKE '%$q%') + $access_permission_query $client_query $location_query GROUP BY contact_id @@ -158,7 +159,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); >- All Clients -
      -

      Domain Management

      +

      Domains

      diff --git a/global_search.php b/global_search.php index b8e130bd..9e1d01e4 100644 --- a/global_search.php +++ b/global_search.php @@ -93,8 +93,8 @@ if (isset($_GET['query'])) { $sql_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets LEFT JOIN clients ON scheduled_ticket_client_id = client_id - WHERE scheduled_ticket_subject LIKE '%$query%' - OR scheduled_ticket_details LIKE '%$query%' + WHERE (scheduled_ticket_subject LIKE '%$query%' + OR scheduled_ticket_details LIKE '%$query%') $access_permission_query ORDER BY scheduled_ticket_id DESC LIMIT 5" ); diff --git a/includes/get_side_nav_counts.php b/includes/get_side_nav_counts.php index a371a9c7..c448632c 100644 --- a/includes/get_side_nav_counts.php +++ b/includes/get_side_nav_counts.php @@ -6,11 +6,11 @@ $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('client_id') AS nu $num_active_clients = $row['num']; // Active Ticket Count -$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS num FROM tickets WHERE ticket_archived_at IS NULL AND ticket_closed_at IS NULL AND ticket_status != 4")); +$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('ticket_id') AS num FROM tickets LEFT JOIN clients ON client_id = ticket_client_id WHERE ticket_archived_at IS NULL AND ticket_closed_at IS NULL AND ticket_status != 4 $access_permission_query")); $num_active_tickets = $row['num']; // Recurring Ticket Count -$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('scheduled_ticket_id') AS num FROM scheduled_tickets")); +$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('scheduled_ticket_id') AS num FROM scheduled_tickets LEFT JOIN clients ON client_id = scheduled_ticket_client_id WHERE 1 = 1 $access_permission_query")); $num_recurring_tickets = $row['num']; // Active Project Count diff --git a/locations.php b/locations.php index 9c10745d..192f190a 100644 --- a/locations.php +++ b/locations.php @@ -43,6 +43,7 @@ $sql = mysqli_query( WHERE location_$archive_query $tag_query AND (location_name LIKE '%$q%' OR location_description LIKE '%$q%' OR location_address LIKE '%$q%' OR location_phone LIKE '%$phone_query%' OR tag_name LIKE '%$q%' OR client_name LIKE '%$q%') + $access_permission_query $client_query GROUP BY location_id ORDER BY location_primary DESC, $sort $order LIMIT $record_from, $record_to" diff --git a/networks.php b/networks.php index bf2a7564..03c18a69 100644 --- a/networks.php +++ b/networks.php @@ -28,6 +28,7 @@ $sql = mysqli_query( LEFT JOIN locations ON location_id = network_location_id WHERE network_$archive_query AND (network_name LIKE '%$q%' OR network_description LIKE '%$q%' OR network_vlan LIKE '%$q%' OR network LIKE '%$q%' OR network_gateway LIKE '%$q%' OR network_subnet LIKE '%$q%' OR network_primary_dns LIKE '%$q%' OR network_secondary_dns LIKE '%$q%' OR network_dhcp_range LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%') + $access_permission_query $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); diff --git a/services.php b/services.php index e53c1f6e..85c960f0 100644 --- a/services.php +++ b/services.php @@ -24,6 +24,7 @@ $sql = mysqli_query( "SELECT SQL_CALC_FOUND_ROWS * FROM services LEFT JOIN clients ON client_id = service_client_id WHERE (service_name LIKE '%$q%' OR service_description LIKE '%$q%' OR service_category LIKE '%$q%' OR client_name LIKE '%$q%') + $access_permission_query $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); diff --git a/software.php b/software.php index 66f62c97..70ea7b5e 100644 --- a/software.php +++ b/software.php @@ -25,6 +25,7 @@ $sql = mysqli_query( WHERE software_template = 0 AND software_$archive_query AND (software_name LIKE '%$q%' OR software_type LIKE '%$q%' OR software_key LIKE '%$q%' OR client_name LIKE '%$q%') + $access_permission_query $client_query ORDER BY $sort $order LIMIT $record_from, $record_to"); From c1548ce83d8ddee1c6fce0385c30e5a7bff794dc Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 00:55:09 -0500 Subject: [PATCH 340/366] Connected Asset Links are now clickable --- asset_details.php | 8 +++++--- assets.php | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/asset_details.php b/asset_details.php index ce40fb48..9d9e8504 100644 --- a/asset_details.php +++ b/asset_details.php @@ -123,7 +123,8 @@ if (isset($_GET['asset_id'])) { n.network_id, connected_interfaces.interface_id AS connected_interface_id, connected_interfaces.interface_name AS connected_interface_name, - connected_assets.asset_name AS connected_asset_name + connected_assets.asset_name AS connected_asset_name, + connected_assets.asset_id AS connected_asset_id FROM asset_interfaces AS ai LEFT JOIN networks AS n ON n.network_id = ai.interface_network_id @@ -448,12 +449,13 @@ if (isset($_GET['asset_id'])) { : '-'; // Connected interface details - $connected_asset_name = nullable_htmlentities($row['connected_asset_name']); + $connected_asset_id = intval($row['connected_asset_id']); + $connected_asset_name = nullable_htmlentities($row['connected_asset_name']); $connected_interface_name = nullable_htmlentities($row['connected_interface_name']); // Show either "-" or "AssetName - Port" if ($connected_asset_name) { - $connected_to_display = "$connected_asset_name - $connected_interface_name"; + $connected_to_display = "$connected_asset_name - $connected_interface_name"; } else { $connected_to_display = "-"; } diff --git a/assets.php b/assets.php index 45dcda07..ba780b12 100644 --- a/assets.php +++ b/assets.php @@ -162,7 +162,7 @@ if (mysqli_num_rows($os_sql) > 0) {
      -

      Asset Management

      +

      Assets

      = 2) { ?>
      From 22cd28de9807bcd28681f721436231109b6f7fcb Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 01:20:27 -0500 Subject: [PATCH 341/366] Added Connected Device Icon as well --- asset_details.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/asset_details.php b/asset_details.php index 9d9e8504..1af52065 100644 --- a/asset_details.php +++ b/asset_details.php @@ -124,7 +124,8 @@ if (isset($_GET['asset_id'])) { connected_interfaces.interface_id AS connected_interface_id, connected_interfaces.interface_name AS connected_interface_name, connected_assets.asset_name AS connected_asset_name, - connected_assets.asset_id AS connected_asset_id + connected_assets.asset_id AS connected_asset_id, + connected_assets.asset_type AS connected_asset_type FROM asset_interfaces AS ai LEFT JOIN networks AS n ON n.network_id = ai.interface_network_id @@ -451,11 +452,14 @@ if (isset($_GET['asset_id'])) { // Connected interface details $connected_asset_id = intval($row['connected_asset_id']); $connected_asset_name = nullable_htmlentities($row['connected_asset_name']); + $connected_asset_type = nullable_htmlentities($row['connected_asset_type']); + $connected_asset_icon = getAssetIcon($connected_asset_type); $connected_interface_name = nullable_htmlentities($row['connected_interface_name']); + // Show either "-" or "AssetName - Port" if ($connected_asset_name) { - $connected_to_display = "$connected_asset_name - $connected_interface_name"; + $connected_to_display = "$connected_asset_name - $connected_interface_name"; } else { $connected_to_display = "-"; } From 073713a6a2dad5f91047faca5d6458e4d9e4692b Mon Sep 17 00:00:00 2001 From: root Date: Fri, 21 Feb 2025 13:30:26 -0300 Subject: [PATCH 342/366] Drag and Drop Ticket Template Tasks --- admin_ticket_template_details.php | 45 +++++++++++++++++++++++++++++-- ajax.php | 22 ++++++++++++++- 2 files changed, 64 insertions(+), 3 deletions(-) diff --git a/admin_ticket_template_details.php b/admin_ticket_template_details.php index 2a6d5c8c..b08b73d6 100644 --- a/admin_ticket_template_details.php +++ b/admin_ticket_template_details.php @@ -30,6 +30,7 @@ $ticket_template_updated_at = nullable_htmlentities($row['ticket_template_update $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id ORDER BY task_template_order ASC, task_template_id ASC"); ?> +
      1. @@ -102,9 +103,14 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE $task_completion_estimate = intval($row['task_template_completion_estimate']); $task_description = nullable_htmlentities($row['task_template_description']); ?> -
      + - + + @@ -401,6 +408,8 @@ ob_start();
      NameCategoryImportanceUpdated + + Name + + + + Category + + + + Importance + + + + Updated + + + + Client + + Action
      @@ -144,5 +181,5 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Date: Thu, 20 Feb 2025 18:55:27 -0500 Subject: [PATCH 337/366] Hide client related form elements when Creating Entities in the client over view global section --- modals/asset_add_modal.php | 7 ++++++- modals/certificate_add_modal.php | 32 +++++++++++++++++++++++++++++--- modals/contact_add_modal.php | 2 ++ modals/domain_add_modal.php | 2 ++ 4 files changed, 39 insertions(+), 4 deletions(-) diff --git a/modals/asset_add_modal.php b/modals/asset_add_modal.php index ebd6afb4..128ffb7d 100644 --- a/modals/asset_add_modal.php +++ b/modals/asset_add_modal.php @@ -150,7 +150,7 @@
      - +
      @@ -174,6 +174,7 @@
      +
      @@ -254,6 +255,7 @@
      +
      @@ -298,6 +300,7 @@
      +
      @@ -318,6 +321,7 @@
      +
      @@ -339,6 +343,7 @@
      +
      diff --git a/modals/certificate_add_modal.php b/modals/certificate_add_modal.php index 8f3428c8..24bb2149 100644 --- a/modals/certificate_add_modal.php +++ b/modals/certificate_add_modal.php @@ -8,7 +8,6 @@
      -
        @@ -29,6 +28,33 @@
        + + + + +
        + +
        +
        + +
        + +
        +
        + + +
        @@ -49,8 +75,7 @@
        - - +
        @@ -70,6 +95,7 @@
        +
        diff --git a/modals/contact_add_modal.php b/modals/contact_add_modal.php index 3cb7ed56..4e55037a 100644 --- a/modals/contact_add_modal.php +++ b/modals/contact_add_modal.php @@ -130,6 +130,7 @@
      +
      @@ -151,6 +152,7 @@
      +
      diff --git a/modals/domain_add_modal.php b/modals/domain_add_modal.php index 3fabeab2..a420f9bd 100644 --- a/modals/domain_add_modal.php +++ b/modals/domain_add_modal.php @@ -73,6 +73,7 @@ +
      @@ -156,6 +157,7 @@
      +
      From ab3ffdf7fc1e787cda2da4393bd78b050532f4b6 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 20 Feb 2025 21:07:53 -0500 Subject: [PATCH 338/366] Update more links rearrange Client Overview Side menu to match client side nav, define 0 for the post vars now defined in form. update unbilled tickets report --- ajax/ajax_service_details.php | 18 +- assets.php | 18 +- client_document_details.php | 2 +- contact_details.php | 11 +- contacts.php | 16 +- credentials.php | 23 +- cron.php | 1169 ------------------------- cron_certificate_refresher.php | 68 -- cron_domain_refresher.php | 117 --- cron_mail_queue.php | 225 ----- cron_ticket_email_parser.php | 556 ------------ global_search.php | 5 +- includes/client_overview_side_nav.php | 24 +- includes/reports_side_nav.php | 11 - post/user/asset_model.php | 8 +- post/user/certificate_model.php | 2 +- post/user/contact_model.php | 2 +- post/user/credential_model.php | 8 +- post/user/domain_model.php | 9 +- post/user/location_model.php | 2 +- post/user/network_model.php | 2 +- report_tickets_unbilled.php | 2 +- scripts/cron.php | 2 +- software.php | 3 +- tickets.php | 12 + 25 files changed, 82 insertions(+), 2233 deletions(-) delete mode 100644 cron.php delete mode 100644 cron_certificate_refresher.php delete mode 100644 cron_domain_refresher.php delete mode 100644 cron_mail_queue.php delete mode 100644 cron_ticket_email_parser.php diff --git a/ajax/ajax_service_details.php b/ajax/ajax_service_details.php index 6dc0eea5..9f2bb3c0 100644 --- a/ajax/ajax_service_details.php +++ b/ajax/ajax_service_details.php @@ -129,7 +129,7 @@ ob_start(); } else { $ip = ''; } - echo "
    • $row[asset_name] $ip
      • "; + echo "
    • $row[asset_name] $ip
      • "; } ?> @@ -165,7 +165,7 @@ ob_start(); } foreach($networks as $network) { $network = explode(":", $network); - echo "
    • $network[0] (VLAN $network[1])
      • "; + echo "
    • $network[0] (VLAN $network[1])
      • "; } ?> @@ -200,7 +200,7 @@ ob_start(); $location"; + echo "
    • $location
      • "; } ?> @@ -220,7 +220,7 @@ ob_start(); // Showing linked domains while ($row = mysqli_fetch_array($sql_domains)) { if (!empty($row['domain_name'])) { - echo "
    • $row[domain_name]
      • "; + echo "
    • $row[domain_name]
      • "; } } ?> @@ -241,7 +241,7 @@ ob_start(); // Showing linked certs while ($row = mysqli_fetch_array($sql_certificates)) { if (!empty($row['certificate_name'])) { - echo "
    • $row[certificate_name] ($row[certificate_domain])
      • "; + echo "
    • $row[certificate_name] ($row[certificate_domain])
      • "; } } ?> @@ -270,7 +270,7 @@ ob_start(); @@ -288,7 +288,7 @@ ob_start(); mysqli_data_seek($sql_contacts, 0); while ($row = mysqli_fetch_array($sql_contacts)) { - echo "
    • $row[contact_name]
      • "; + echo "
    • $row[contact_name]
      • "; } ?> @@ -309,14 +309,14 @@ ob_start(); // Showing logins linked to assets while ($row = mysqli_fetch_array($sql_assets)) { if (!empty($row['login_name'])) { - echo "
    • $row[login_name]
      • "; + echo "
    • $row[login_name]
      • "; } } // Showing explicitly linked logins while ($row = mysqli_fetch_array($sql_logins)) { if (!empty($row['login_name'])) { - echo "
    • $row[login_name]
      • "; + echo "
    • $row[login_name]
      • "; } } ?> diff --git a/assets.php b/assets.php index 2f6ed856..14eb96d3 100644 --- a/assets.php +++ b/assets.php @@ -46,16 +46,14 @@ if (!$client_url) { } } -if ($client_url) { - // Location Filter - if (isset($_GET['location']) & !empty($_GET['location'])) { - $location_query = 'AND (asset_location_id = ' . intval($_GET['location']) . ')'; - $location_filter = intval($_GET['location']); - } else { - // Default - any - $location_query = ''; - $location_filter = ''; - } +// Location Filter +if ($client_url && isset($_GET['location']) && !empty($_GET['location'])) { + $location_query = 'AND (asset_location_id = ' . intval($_GET['location']) . ')'; + $location_filter = intval($_GET['location']); +} else { + // Default - any + $location_query = ''; + $location_filter = ''; } //Get Asset Counts diff --git a/client_document_details.php b/client_document_details.php index e9f8b869..00f05086 100644 --- a/client_document_details.php +++ b/client_document_details.php @@ -299,7 +299,7 @@ $page_title = $row['document_name']; ?>
      - + diff --git a/contact_details.php b/contact_details.php index 0d27e314..a55e533b 100644 --- a/contact_details.php +++ b/contact_details.php @@ -247,7 +247,7 @@ if (isset($_GET['contact_id'])) {
    • - Contacts + Contacts
      • @@ -369,15 +369,6 @@ if (isset($_GET['contact_id'])) { $asset_physical_location = nullable_htmlentities($row['asset_physical_location']); $asset_notes = nullable_htmlentities($row['asset_notes']); $asset_created_at = nullable_htmlentities($row['asset_created_at']); - $asset_vendor_id = intval($row['asset_vendor_id']); - $asset_location_id = intval($row['asset_location_id']); - $asset_network_id = intval($row['interface_network_id']); - $asset_contact_id = intval($row['asset_contact_id']); - - $login_id = $row['login_id']; - $login_username = nullable_htmlentities(decryptLoginEntry($row['login_username'])); - $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); - $device_icon = getAssetIcon($asset_type); ?> diff --git a/contacts.php b/contacts.php index 607268e6..801faa0d 100644 --- a/contacts.php +++ b/contacts.php @@ -43,16 +43,14 @@ if (!$client_url) { } } -if ($client_url) { +if ($client_url && isset($_GET['location']) && !empty($_GET['location'])) { // Location Filter - if (isset($_GET['location']) & !empty($_GET['location'])) { - $location_query = 'AND (contact_location_id = ' . intval($_GET['location']) . ')'; - $location_filter = intval($_GET['location']); - } else { - // Default - any - $location_query = ''; - $location_filter = ''; - } + $location_query = 'AND (contact_location_id = ' . intval($_GET['location']) . ')'; + $location_filter = intval($_GET['location']); +} else { + // Default - any + $location_query = ''; + $location_filter = ''; } //Rebuild URL diff --git a/credentials.php b/credentials.php index d8b8afc2..68024fdf 100644 --- a/credentials.php +++ b/credentials.php @@ -50,18 +50,16 @@ if (!$client_url) { } } -if ($client_url) { - // Location Filter - if (isset($_GET['location']) & !empty($_GET['location'])) { - $location_query = 'AND (a.asset_location_id = ' . intval($_GET['location']) . ')'; - $location_query_innerjoin = 'INNER JOIN assets a on a.asset_id = l.login_asset_id '; - $location_filter = intval($_GET['location']); - } else { - // Default - any - $location_query_innerjoin = ''; - $location_query = ''; - $location_filter = ''; - } +// Location Filter +if ($client_url && isset($_GET['location']) && !empty($_GET['location'])) { + $location_query = 'AND (a.asset_location_id = ' . intval($_GET['location']) . ')'; + $location_query_innerjoin = 'INNER JOIN assets a on a.asset_id = l.login_asset_id '; + $location_filter = intval($_GET['location']); +} else { + // Default - any + $location_query_innerjoin = ''; + $location_query = ''; + $location_filter = ''; } $sql = mysqli_query( @@ -77,7 +75,6 @@ $sql = mysqli_query( AND (l.login_name LIKE '%$q%' OR l.login_description LIKE '%$q%' OR l.login_uri LIKE '%$q%' OR tag_name LIKE '%$q%' OR client_name LIKE '%$q%') $location_query $client_query - GROUP BY l.login_id ORDER BY l.login_important DESC, $sort $order LIMIT $record_from, $record_to" ); diff --git a/cron.php b/cron.php deleted file mode 100644 index e5a7ea22..00000000 --- a/cron.php +++ /dev/null @@ -1,1169 +0,0 @@ - 0) { - - appNotify("Pending Tickets", "There are $tickets_pending_assignment new tickets pending assignment", "tickets.php?status=New"); - - // Logging - logApp("Cron", "info", "Cron created notifications for new tickets that are pending assignment"); -} - -// Recurring (Scheduled) tickets - -// Get recurring tickets for today -$sql_scheduled_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets WHERE scheduled_ticket_next_run = CURDATE()"); - -if (mysqli_num_rows($sql_scheduled_tickets) > 0) { - while ($row = mysqli_fetch_array($sql_scheduled_tickets)) { - - $schedule_id = intval($row['scheduled_ticket_id']); - $subject = sanitizeInput($row['scheduled_ticket_subject']); - $details = mysqli_real_escape_string($mysqli, $row['scheduled_ticket_details']); - $priority = sanitizeInput($row['scheduled_ticket_priority']); - $frequency = sanitizeInput(strtolower($row['scheduled_ticket_frequency'])); - $billable = intval($row['scheduled_ticket_billable']); - $created_id = intval($row['scheduled_ticket_created_by']); - $assigned_id = intval($row['scheduled_ticket_assigned_to']); - $client_id = intval($row['scheduled_ticket_client_id']); - $contact_id = intval($row['scheduled_ticket_contact_id']); - $asset_id = intval($row['scheduled_ticket_asset_id']); - - $ticket_status = 1; // Default - if ($assigned_id > 0) { - $ticket_status = 2; // Set to open if we've auto-assigned an agent - } - - // Assign this new ticket the next ticket number - $ticket_number_sql = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_ticket_next_number FROM settings WHERE company_id = 1")); - $ticket_number = intval($ticket_number_sql['config_ticket_next_number']); - - // Increment config_ticket_next_number by 1 (for the next ticket) - $new_config_ticket_next_number = $ticket_number + 1; - mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1"); - - // Raise the ticket - mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$details', ticket_priority = '$priority', ticket_status = '$ticket_status', ticket_billable = $billable, ticket_created_by = $created_id, ticket_assigned_to = $assigned_id, ticket_contact_id = $contact_id, ticket_client_id = $client_id, ticket_asset_id = $asset_id"); - $id = mysqli_insert_id($mysqli); - - // Logging - logAction("Ticket", "Create", "Cron created recurring scheduled $frequency ticket - $subject", $client_id, $id); - - customAction('ticket_create', $id); - - // Notifications - - // Get client/contact/ticket details - $sql = mysqli_query( - $mysqli, - "SELECT client_name, contact_name, contact_email, ticket_prefix, ticket_number, ticket_priority, ticket_subject, ticket_details FROM tickets - LEFT JOIN clients ON ticket_client_id = client_id - LEFT JOIN contacts ON ticket_contact_id = contact_id - WHERE ticket_id = $id" - ); - $row = mysqli_fetch_array($sql); - - $contact_name = sanitizeInput($row['contact_name']); - $contact_email = sanitizeInput($row['contact_email']); - $client_name = sanitizeInput($row['client_name']); - $contact_name = sanitizeInput($row['contact_name']); - $contact_email = sanitizeInput($row['contact_email']); - $ticket_prefix = sanitizeInput($row['ticket_prefix']); - $ticket_number = intval($row['ticket_number']); - $ticket_priority = sanitizeInput($row['ticket_priority']); - $ticket_subject = sanitizeInput($row['ticket_subject']); - $ticket_details = mysqli_real_escape_string($mysqli, $row['ticket_details']); - - $data = []; - - // Notify client by email their ticket has been raised, if general notifications are turned on & there is a valid contact email - if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1 && filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { - - $email_subject = "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)"; - $email_body = "##- Please type your reply above this line -##

      Hello $contact_name,

      A ticket regarding \"$ticket_subject\" has been automatically created for you.

      --------------------------------
      $ticket_details--------------------------------

      Ticket: $ticket_prefix$ticket_number
      Subject: $ticket_subject
      Status: Open
      Portal: https://$config_base_url/client/ticket.php?id=$id

      --
      $company_name - Support
      $config_ticket_from_email
      $company_phone"; - - $email = [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $email_subject, - 'body' => $email_body - ]; - - $data[] = $email; - - } - - // Notify agent's via the DL address of the new ticket, if it's populated with a valid email - if (filter_var($config_ticket_new_ticket_notification_email, FILTER_VALIDATE_EMAIL)) { - - $email_subject = "ITFlow - New Recurring Ticket - $client_name: $ticket_subject"; - $email_body = "Hello,

      This is a notification that a recurring (scheduled) ticket has been raised in ITFlow.
      Ticket: $ticket_prefix$ticket_number
      Client: $client_name
      Priority: $priority
      Link: https://$config_base_url/ticket.php?ticket_id=$id

      --------------------------------

      $ticket_subject
      $ticket_details"; - - $email = [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $config_ticket_new_ticket_notification_email, - 'recipient_name' => $config_ticket_from_name, - 'subject' => $email_subject, - 'body' => $email_body - ]; - - $data[] = $email; - } - - // Add to the mail queue - addToMailQueue($data); - - // Set the next run date - if ($frequency == "weekly") { - // Note: We seemingly have to initialize a new datetime for each loop to avoid stacking the dates - $now = new DateTime(); - $next_run = date_add($now, date_interval_create_from_date_string('1 week')); - } elseif ($frequency == "monthly") { - $now = new DateTime(); - $next_run = date_add($now, date_interval_create_from_date_string('1 month')); - } elseif ($frequency == "quarterly") { - $now = new DateTime(); - $next_run = date_add($now, date_interval_create_from_date_string('3 months')); - } elseif ($frequency == "biannually") { - $now = new DateTime(); - $next_run = date_add($now, date_interval_create_from_date_string('6 months')); - } elseif ($frequency == "annually") { - $now = new DateTime(); - $next_run = date_add($now, date_interval_create_from_date_string('12 months')); - } - - // Update the run date - $next_run = $next_run->format('Y-m-d'); - $a = mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_next_run = '$next_run' WHERE scheduled_ticket_id = $schedule_id"); - - } -} - -// Logging -// logAction("Cron", "Task", "Cron created sent out recurring tickets"); - - -// TICKET RESOLUTION/CLOSURE PROCESS -// Changes tickets status from 'Resolved' >> 'Closed' after a defined interval - -$sql_resolved_tickets_to_close = mysqli_query( - $mysqli, - "SELECT * FROM tickets - WHERE ticket_status = 4 - AND ticket_updated_at < NOW() - INTERVAL $config_ticket_autoclose_hours HOUR" -); - -while ($row = mysqli_fetch_array($sql_resolved_tickets_to_close)) { - - $ticket_id = $row['ticket_id']; - $ticket_prefix = sanitizeInput($row['ticket_prefix']); - $ticket_number = intval($row['ticket_number']); - $ticket_subject = sanitizeInput($row['ticket_subject']); - $ticket_status = sanitizeInput($row['ticket_status']); - $ticket_assigned_to = sanitizeInput($row['ticket_assigned_to']); - $client_id = intval($row['ticket_client_id']); - - mysqli_query($mysqli,"UPDATE tickets SET ticket_status = 5, ticket_closed_at = NOW(), ticket_closed_by = $ticket_assigned_to WHERE ticket_id = $ticket_id"); - - //Logging - logAction("Ticket", "Closed", "$ticket_prefix$ticket_number auto closed", $client_id, $ticket_id); - - customAction('ticket_close', $ticket_id); - - //TODO: Add client notifs if $config_ticket_client_general_notifications is on -} - -if ($config_send_invoice_reminders == 1) { - - // PAST DUE INVOICE Notifications - //$invoiceAlertArray = [$config_invoice_overdue_reminders]; - $invoiceAlertArray = [30,60,90,120,150,180,210,240,270,300,330,360,390,420,450,480,510,540,570,590,620,650,680,710,740]; - - foreach ($invoiceAlertArray as $day) { - - $sql = mysqli_query( - $mysqli, - "SELECT * FROM invoices - LEFT JOIN clients ON invoice_client_id = client_id - LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 - WHERE invoice_status != 'Draft' - AND invoice_status != 'Paid' - AND invoice_status != 'Cancelled' - AND invoice_status != 'Non-Billable' - AND DATE_ADD(invoice_due, INTERVAL $day DAY) = CURDATE() - ORDER BY invoice_number DESC" - ); - - while ($row = mysqli_fetch_array($sql)) { - $invoice_id = intval($row['invoice_id']); - $invoice_prefix = sanitizeInput($row['invoice_prefix']); - $invoice_number = intval($row['invoice_number']); - $invoice_status = sanitizeInput($row['invoice_status']); - $invoice_date = sanitizeInput($row['invoice_date']); - $invoice_due = sanitizeInput($row['invoice_due']); - $invoice_url_key = sanitizeInput($row['invoice_url_key']); - $invoice_amount = floatval($row['invoice_amount']); - $invoice_currency_code = sanitizeInput($row['invoice_currency_code']); - $client_id = intval($row['client_id']); - $client_name = sanitizeInput($row['client_name']); - $contact_name = sanitizeInput($row['contact_name']); - $contact_email = sanitizeInput($row['contact_email']); - - // Late Charges - - if ($config_invoice_late_fee_enable == 1) { - - $todays_date = date('Y-m-d'); - $late_fee_amount = ($invoice_amount * $config_invoice_late_fee_percent) / 100; - $new_invoice_amount = $invoice_amount + $late_fee_amount; - - mysqli_query($mysqli, "UPDATE invoices SET invoice_amount = $new_invoice_amount WHERE invoice_id = $invoice_id"); - - //Insert Items into New Invoice - mysqli_query($mysqli, "INSERT INTO invoice_items SET item_name = 'Late Fee', item_description = '$config_invoice_late_fee_percent% late fee applied on $todays_date', item_quantity = 1, item_price = $late_fee_amount, item_total = $late_fee_amount, item_order = 998, item_invoice_id = $invoice_id"); - - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron applied a late fee of $late_fee_amount', history_invoice_id = $invoice_id"); - - appNotify("Invoice Late Charge", "Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount was charged a late fee of $late_fee_amount", "invoice.php?invoice_id=$invoice_id", $client_id); - - } - - appNotify("Invoice Overdue", "Invoice $invoice_prefix$invoice_number for $client_name in the amount of $invoice_amount is overdue by $day days", "invoice.php?invoice_id=$invoice_id", $client_id); - - $subject = "Overdue Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

      Our records indicate that we have not yet received payment for the invoice $invoice_prefix$invoice_number. We kindly request that you submit your payment as soon as possible. If you have any questions or concerns, please do not hesitate to contact us at $company_email or $company_phone. -

      - Kindly review the invoice details mentioned below.

      Invoice: $invoice_prefix$invoice_number
      Issue Date: $invoice_date
      Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "
      Due Date: $invoice_due
      Over Due By: $day Days


      To view your invoice, please click here.


      --
      $company_name - Billing
      $config_invoice_from_email
      $company_phone"; - - $mail = addToMailQueue([ - [ - 'from' => $config_invoice_from_email, - 'from_name' => $config_invoice_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $subject, - 'body' => $body - ] - ]); - - if ($mail === true) { - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Overdue Invoice', history_invoice_id = $invoice_id"); - } else { - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Failed to send Overdue Invoice', history_invoice_id = $invoice_id"); - - appNotify("Mail", "Failed to send email to $contact_email"); - - // Logging - logApp("Mail", "error", "Failed to send email to $contact_email regarding $subject. $mail"); - } - - } - - } -} -// Logging -// logAction("Cron", "Task", "Cron created notifications for past due invoices and sent out notifications to the primary and billing contacts email"); - -// Send Recurring Invoices that match todays date and are active - -//Loop through all recurring that match today's date and is active -$sql_recurring = mysqli_query($mysqli, "SELECT * FROM recurring - LEFT JOIN recurring_payments ON recurring_id = recurring_payment_recurring_invoice_id - LEFT JOIN clients ON client_id = recurring_client_id - WHERE recurring_next_date = CURDATE() - AND recurring_status = 1 -"); - -while ($row = mysqli_fetch_array($sql_recurring)) { - $recurring_id = intval($row['recurring_id']); - $recurring_scope = sanitizeInput($row['recurring_scope']); - $recurring_frequency = sanitizeInput($row['recurring_frequency']); - $recurring_status = sanitizeInput($row['recurring_status']); - $recurring_last_sent = sanitizeInput($row['recurring_last_sent']); - $recurring_next_date = sanitizeInput($row['recurring_next_date']); - $recurring_discount_amount = floatval($row['recurring_discount_amount']); - $recurring_amount = floatval($row['recurring_amount']); - $recurring_currency_code = sanitizeInput($row['recurring_currency_code']); - $recurring_note = sanitizeInput($row['recurring_note']); - $recurring_invoice_email_notify = intval($row['recurring_invoice_email_notify']); - $category_id = intval($row['recurring_category_id']); - $client_id = intval($row['recurring_client_id']); - $client_name = sanitizeInput($row['client_name']); - $client_net_terms = intval($row['client_net_terms']); - - $recurring_payment_recurring_invoice_id = intval($row['recurring_payment_recurring_invoice_id']); - $recurring_payment_currency_code = sanitizeInput($row['recurring_payment_currency_code']); - $recurring_payment_method = sanitizeInput($row['recurring_payment_method']); - $recurring_payment_account_id = intval($row['recurring_payment_account_id']); - - // Get the last Invoice Number and add 1 for the new invoice number - $sql_invoice_number = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1"); - $row = mysqli_fetch_array($sql_invoice_number); - $config_invoice_next_number = intval($row['config_invoice_next_number']); - - $new_invoice_number = $config_invoice_next_number; - $new_config_invoice_next_number = $config_invoice_next_number + 1; - mysqli_query($mysqli, "UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = 1"); - - //Generate a unique URL key for clients to access - $url_key = randomString(156); - - mysqli_query($mysqli, "INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_discount_amount = $recurring_discount_amount, invoice_amount = $recurring_amount, invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_client_id = $client_id"); - - $new_invoice_id = mysqli_insert_id($mysqli); - - //Copy Items from original recurring invoice to new invoice - $sql_invoice_items = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_recurring_id = $recurring_id ORDER BY item_id ASC"); - - while ($row = mysqli_fetch_array($sql_invoice_items)) { - $item_id = intval($row['item_id']); - $item_name = sanitizeInput($row['item_name']); //SQL Escape incase of , - $item_description = sanitizeInput($row['item_description']); //SQL Escape incase of , - $item_quantity = floatval($row['item_quantity']); - $item_price = floatval($row['item_price']); - $item_subtotal = floatval($row['item_subtotal']); - $item_tax = floatval($row['item_tax']); - $item_total = floatval($row['item_total']); - $item_order = intval($row['item_order']); - $tax_id = intval($row['item_tax_id']); - - //Insert Items into New Invoice - mysqli_query($mysqli, "INSERT INTO invoice_items SET item_name = '$item_name', item_description = '$item_description', item_quantity = $item_quantity, item_price = $item_price, item_subtotal = $item_subtotal, item_tax = $item_tax, item_total = $item_total, item_order = $item_order, item_tax_id = $tax_id, item_invoice_id = $new_invoice_id"); - - } - - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice Generated from Recurring!', history_invoice_id = $new_invoice_id"); - - appNotify("Recurring Sent", "Recurring Invoice $config_invoice_prefix$new_invoice_number for $client_name Sent", "invoice.php?invoice_id=$new_invoice_id", $client_id); - - customAction('invoice_create', $new_invoice_id); - - //Update recurring dates - - mysqli_query($mysqli, "UPDATE recurring SET recurring_last_sent = CURDATE(), recurring_next_date = DATE_ADD(CURDATE(), INTERVAL 1 $recurring_frequency) WHERE recurring_id = $recurring_id"); - - // Get details of the newly generated invoice - $sql = mysqli_query( - $mysqli, - "SELECT * FROM invoices - LEFT JOIN clients ON invoice_client_id = client_id - LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 - WHERE invoice_id = $new_invoice_id" - ); - $row = mysqli_fetch_array($sql); - $invoice_prefix = sanitizeInput($row['invoice_prefix']); - $invoice_number = intval($row['invoice_number']); - $invoice_scope = sanitizeInput($row['invoice_scope']); - $invoice_date = sanitizeInput($row['invoice_date']); - $invoice_due = sanitizeInput($row['invoice_due']); - $invoice_amount = floatval($row['invoice_amount']); - $invoice_url_key = sanitizeInput($row['invoice_url_key']); - $client_id = intval($row['client_id']); - $client_name = sanitizeInput($row['client_name']); - $contact_name = sanitizeInput($row['contact_name']); - $contact_email = sanitizeInput($row['contact_email']); - - if ($config_recurring_auto_send_invoice == 1 && $recurring_invoice_email_notify == 1) { - - $subject = "Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

      An invoice regarding \"$invoice_scope\" has been generated. Please view the details below.

      Invoice: $invoice_prefix$invoice_number
      Issue Date: $invoice_date
      Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "
      Due Date: $invoice_due


      To view your invoice, please click here.


      --
      $company_name - Billing
      $config_invoice_from_email
      $company_phone"; - - $mail = addToMailQueue([ - [ - 'from' => $config_invoice_from_email, - 'from_name' => $config_invoice_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $subject, - 'body' => $body - ] - ]); - - if ($mail === true) { - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Invoice!', history_invoice_id = $new_invoice_id"); - mysqli_query($mysqli, "UPDATE invoices SET invoice_status = 'Sent', invoice_client_id = $client_id WHERE invoice_id = $new_invoice_id"); - - } else { - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Draft', history_description = 'Cron Failed to send Invoice!', history_invoice_id = $new_invoice_id"); - - appNotify("Mail", "Failed to send email to $contact_email"); - - // Logging - logApp("Mail", "error", "Failed to send email to $contact_email regarding $subject. $mail"); - - } - - // Send copies of the invoice to any additional billing contacts - $sql_billing_contacts = mysqli_query($mysqli, "SELECT contact_name, contact_email FROM contacts - WHERE contact_billing = 1 - AND contact_email != '$contact_email' - AND contact_client_id = $client_id" - ); - - while ($billing_contact = mysqli_fetch_array($sql_billing_contacts)) { - $billing_contact_name = sanitizeInput($billing_contact['contact_name']); - $billing_contact_email = sanitizeInput($billing_contact['contact_email']); - - $data = [ - [ - 'from' => $config_invoice_from_email, - 'from_name' => $config_invoice_from_name, - 'recipient' => $billing_contact_email, - 'recipient_name' => $billing_contact_name, - 'subject' => $subject, - 'body' => $body - ] - ]; - - addToMailQueue($data); - } - - } //End if Autosend is on - - // Create Payment from Auto Payment - if ($recurring_payment_recurring_invoice_id) { - - if ($recurring_payment_method == "Stripe") { - // Stripe payment - - // Get Stripe info for client - $stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT * FROM client_stripe WHERE client_id = $client_id LIMIT 1")); - $stripe_id = sanitizeInput($stripe_client_details['stripe_id']); - $stripe_pm = sanitizeInput($stripe_client_details['stripe_pm']); - - if ($config_stripe_enable && $stripe_id && $stripe_pm) { - - // Initialize - require_once __DIR__ . '/plugins/stripe-php/init.php'; - $stripe = new \Stripe\StripeClient($config_stripe_secret); - - $balance_to_pay = round($invoice_amount, 2); - $pi_description = "ITFlow: $client_name payment of $recurring_payment_currency_code $balance_to_pay for $invoice_prefix$invoice_number"; - - // Create a payment intent - try { - $payment_intent = $stripe->paymentIntents->create([ - 'amount' => intval($balance_to_pay * 100), // Times by 100 as Stripe expects values in cents - 'currency' => $recurring_payment_currency_code, - 'customer' => $stripe_id, - 'payment_method' => $stripe_pm, - 'off_session' => true, - 'confirm' => true, - 'description' => $pi_description, - 'metadata' => [ - 'itflow_client_id' => $client_id, - 'itflow_client_name' => $client_name, - 'itflow_invoice_number' => $invoice_prefix . $invoice_number, - 'itflow_invoice_id' => $new_invoice_id, - ] - ]); - - // Get details from PI - $pi_id = sanitizeInput($payment_intent->id); - $pi_date = date('Y-m-d', $payment_intent->created); - $pi_amount_paid = floatval(($payment_intent->amount_received / 100)); - $pi_currency = strtoupper(sanitizeInput($payment_intent->currency)); - $pi_livemode = $payment_intent->livemode; - - } catch (Exception $e) { - $error = $e->getMessage(); - error_log("Stripe payment error - encountered exception during payment intent for invoice ID $new_invoice_id / $invoice_prefix$invoice_number: $error"); - logApp("Stripe", "error", "Exception during PI for invoice ID $new_invoice_id: $error"); - echo $error; - } - - if ($payment_intent->status == "succeeded" && intval($balance_to_pay) == intval($pi_amount_paid)) { - - // Update Invoice Status - mysqli_query($mysqli, "UPDATE invoices SET invoice_status = 'Paid' WHERE invoice_id = $new_invoice_id"); - - // Add Payment to History - mysqli_query($mysqli, "INSERT INTO payments SET payment_date = '$pi_date', payment_amount = $pi_amount_paid, payment_currency_code = '$pi_currency', payment_account_id = $recurring_payment_account_id, payment_method = 'Stripe', payment_reference = 'Stripe - $pi_id', payment_invoice_id = $new_invoice_id"); - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Paid', history_description = 'Online Payment added (autopay)', history_invoice_id = $new_invoice_id"); - - // Email receipt - if (!empty($config_smtp_host)) { - $subject = "Payment Received - Invoice $invoice_prefix$invoice_number"; - $body = "Hello $contact_name,

      We have received online payment for the amount of " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_payment_currency_code) . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

      Amount Paid: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_payment_currency_code) . "

      Thank you for your business!


      --
      $company_name - Billing Department
      $config_invoice_from_email
      $company_phone"; - - // Queue Mail - $data = [ - [ - 'from' => $config_invoice_from_email, - 'from_name' => $config_invoice_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $subject, - 'body' => $body, - ] - ]; - - // Email the internal notification address too - if (!empty($config_invoice_paid_notification_email)) { - $subject = "Payment Received - $client_name - Invoice $invoice_prefix$invoice_number"; - $body = "Hello,

      This is a notification that an invoice has been paid in ITFlow. Below is a copy of the receipt sent to the client:-

      --------

      Hello $contact_name,

      We have received online payment for the amount of " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_payment_currency_code) . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

      Amount Paid: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_payment_currency_code) . "

      Thank you for your business!


      --
      $company_name - Billing Department
      $config_invoice_from_email
      $company_phone"; - - $data[] = [ - 'from' => $config_invoice_from_email, - 'from_name' => $config_invoice_from_name, - 'recipient' => $config_invoice_paid_notification_email, - 'recipient_name' => $contact_name, - 'subject' => $subject, - 'body' => $body, - ]; - } - - $mail = addToMailQueue($data); - - // Email Logging - $email_id = mysqli_insert_id($mysqli); - mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Payment Receipt sent to mail queue ID: $email_id!', history_invoice_id = $new_invoice_id"); - logAction("Invoice", "Payment", "Payment receipt for invoice $invoice_prefix$invoice_number queued to $contact_email Email ID: $email_id", $client_id, $new_invoice_id); - } - - // Log info - $extended_log_desc = ''; - if (!$pi_livemode) { - $extended_log_desc = '(DEV MODE)'; - } - - // Create Stripe payment gateway fee as an expense (if configured) - if ($config_stripe_expense_vendor > 0 && $config_stripe_expense_category > 0) { - $gateway_fee = round($invoice_amount * $config_stripe_percentage_fee + $config_stripe_flat_fee, 2); - mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = '$pi_date', expense_amount = $gateway_fee, expense_currency_code = '$company_currency', expense_account_id = $config_stripe_account, expense_vendor_id = $config_stripe_expense_vendor, expense_client_id = $client_id, expense_category_id = $config_stripe_expense_category, expense_description = 'Stripe Transaction for Invoice $invoice_prefix$invoice_number In the Amount of $balance_to_pay', expense_reference = 'Stripe - $pi_id $extended_log_desc'"); - } - - // Notify/log - appNotify("Invoice Paid", "Invoice $invoice_prefix$invoice_number automatically paid", "invoice.php?invoice_id=$new_invoice_id", $client_id); - logAction("Invoice", "Payment", "Auto Stripe payment amount of " . numfmt_format_currency($currency_format, $recurring_amount, $recurring_payment_currency_code) . " added to invoice $invoice_prefix$invoice_number - $pi_id $extended_log_desc", $client_id, $new_invoice_id); - customAction('invoice_pay', $new_invoice_id); - - } else { - mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Payment failed', history_description = 'Stripe autopay failed due to payment error', history_invoice_id = $new_invoice_id"); - logAction("Invoice", "Payment", "Failed auto Payment amount of invoice $invoice_prefix$invoice_number due to Stripe payment error", $client_id, $new_invoice_id); - } - - } else { - logAction("Invoice", "Payment", "Failed auto Payment amount of invoice $invoice_prefix$invoice_number due to Stripe configuration error", $client_id, $new_invoice_id); - } - - } else { - // Else: Cash/Bank payment - - //TODO: Should we send a receipt for auto bank payments, even when nobody actually confirms receipt? - - mysqli_query($mysqli,"INSERT INTO payments SET payment_date = CURDATE(), payment_amount = $recurring_amount, payment_currency_code = '$recurring_payment_currency_code', payment_account_id = $recurring_payment_account_id, payment_method = '$recurring_payment_method', payment_reference = 'Paid via AutoPay', payment_invoice_id = $new_invoice_id"); - - // Get Payment ID for reference - $payment_id = mysqli_insert_id($mysqli); - - // Update Invoice Status - mysqli_query($mysqli,"UPDATE invoices SET invoice_status = 'Paid' WHERE invoice_id = $new_invoice_id"); - - //Add Payment to History - mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Paid', history_description = 'Payment added via Auto Pay', history_invoice_id = $new_invoice_id"); - - // Logging - logAction("Invoice", "Payment", "Auto Payment amount of " . numfmt_format_currency($currency_format, $recurring_amount, $recurring_payment_currency_code) . " added to invoice $invoice_prefix$invoice_number", $client_id, $new_invoice_id); - } - - } //End Auto Payment - -} //End Recurring Invoices Loop - -// Logging -// logAction("Cron", "Task", "Cron created invoices from recurring invoices and sent emails out"); - -// Recurring Expenses -// Loop through all recurring expenses that match today's date and is active -$sql_recurring_expenses = mysqli_query($mysqli, "SELECT * FROM recurring_expenses WHERE recurring_expense_next_date = CURDATE() AND recurring_expense_status = 1"); - -while ($row = mysqli_fetch_array($sql_recurring_expenses)) { - $recurring_expense_id = intval($row['recurring_expense_id']); - $recurring_expense_frequency = intval($row['recurring_expense_frequency']); - $recurring_expense_month = intval($row['recurring_expense_month']); - $recurring_expense_day = intval($row['recurring_expense_day']); - $recurring_expense_description = sanitizeInput($row['recurring_expense_description']); - $recurring_expense_amount = floatval($row['recurring_expense_amount']); - $recurring_expense_payment_method = sanitizeInput($row['recurring_expense_payment_method']); - $recurring_expense_reference = sanitizeInput($row['recurring_expense_reference']); - $recurring_expense_currency_code = sanitizeInput($row['recurring_expense_currency_code']); - $recurring_expense_vendor_id = intval($row['recurring_expense_vendor_id']); - $recurring_expense_category_id = intval($row['recurring_expense_category_id']); - $recurring_expense_account_id = intval($row['recurring_expense_account_id']); - $recurring_expense_client_id = intval($row['recurring_expense_client_id']); - - // Calculate next billing date based on frequency - if ($recurring_expense_frequency == 1) { // Monthly - $next_date_query = "DATE_ADD(CURDATE(), INTERVAL 1 MONTH)"; - } elseif ($recurring_expense_frequency == 2) { // Yearly - $next_date_query = "DATE(CONCAT(YEAR(CURDATE()) + 1, '-', $recurring_expense_month, '-', $recurring_expense_day))"; - } else { - // Handle unexpected frequency values. For now, just use current date. - $next_date_query = "CURDATE()"; - } - - mysqli_query($mysqli,"INSERT INTO expenses SET expense_date = CURDATE(), expense_amount = $recurring_expense_amount, expense_currency_code = '$recurring_expense_currency_code', expense_account_id = $recurring_expense_account_id, expense_vendor_id = $recurring_expense_vendor_id, expense_client_id = $recurring_expense_client_id, expense_category_id = $recurring_expense_category_id, expense_description = '$recurring_expense_description', expense_reference = '$recurring_expense_reference'"); - - $expense_id = mysqli_insert_id($mysqli); - - appNotify("Expense Created", "Expense $recurring_expense_description created from recurring expenses", "expenses.php", $recurring_expense_client_id); - - // Update recurring dates using calculated next billing date - - mysqli_query($mysqli, "UPDATE recurring_expenses SET recurring_expense_last_sent = CURDATE(), recurring_expense_next_date = $next_date_query WHERE recurring_expense_id = $recurring_expense_id"); - - -} //End Recurring Invoices Loop - -// Logging -logApp("Cron", "info", "Cron created expenses from recurring expenses"); - -// TELEMETRY - -if ($config_telemetry > 0 || $config_telemetry == 2) { - - $current_version = exec("git rev-parse HEAD"); - - // Client Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('client_id') AS num FROM clients")); - $client_count = $row['num']; - - // Ticket Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM tickets")); - $ticket_count = $row['num']; - - // Recurring (Scheduled) Ticket Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('scheduled_ticket_id') AS num FROM scheduled_tickets")); - $scheduled_ticket_count = $row['num']; - - // Calendar Event Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('event_id') AS num FROM events")); - $calendar_event_count = $row['num']; - - // Quote Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('quote_id') AS num FROM quotes")); - $quote_count = $row['num']; - - // Invoice Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices")); - $invoice_count = $row['num']; - - // Revenue Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('revenue_id') AS num FROM revenues")); - $revenue_count = $row['num']; - - // Recurring Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('recurring_id') AS num FROM recurring")); - $recurring_count = $row['num']; - - // Account Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('account_id') AS num FROM accounts")); - $account_count = $row['num']; - - // Tax Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('tax_id') AS num FROM taxes")); - $tax_count = $row['num']; - - // Product Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('product_id') AS num FROM products")); - $product_count = $row['num']; - - // Payment Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('payment_id') AS num FROM payments WHERE payment_invoice_id > 0")); - $payment_count = $row['num']; - - // Company Vendor Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id = 0")); - $company_vendor_count = $row['num']; - - // Expense Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('expense_id') AS num FROM expenses WHERE expense_vendor_id > 0")); - $expense_count = $row['num']; - - // Trip Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('trip_id') AS num FROM trips")); - $trip_count = $row['num']; - - // Transfer Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('transfer_id') AS num FROM transfers")); - $transfer_count = $row['num']; - - // Contact Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('contact_id') AS num FROM contacts")); - $contact_count = $row['num']; - - // Location Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('location_id') AS num FROM locations")); - $location_count = $row['num']; - - // Asset Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('asset_id') AS num FROM assets")); - $asset_count = $row['num']; - - // Software Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_template = 0")); - $software_count = $row['num']; - - // Software Template Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('software_id') AS num FROM software WHERE software_template = 1")); - $software_template_count = $row['num']; - - // Password Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('login_id') AS num FROM logins")); - $password_count = $row['num']; - - // Network Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('network_id') AS num FROM networks")); - $network_count = $row['num']; - - // Certificate Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('certificate_id') AS num FROM certificates")); - $certificate_count = $row['num']; - - // Domain Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('domain_id') AS num FROM domains")); - $domain_count = $row['num']; - - // Service Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('service_id') AS num FROM services")); - $service_count = $row['num']; - - // Client Vendor Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 0 AND vendor_client_id > 0")); - $client_vendor_count = $row['num']; - - // Vendor Template Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('vendor_id') AS num FROM vendors WHERE vendor_template = 1")); - $vendor_template_count = $row['num']; - - // File Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('file_id') AS num FROM files")); - $file_count = $row['num']; - - // Document Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 0")); - $document_count = $row['num']; - - // Document Template Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('document_id') AS num FROM documents WHERE document_template = 1")); - $document_template_count = $row['num']; - - // Shared Item Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('item_id') AS num FROM shared_items")); - $shared_item_count = $row['num']; - - // Company Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('company_id') AS num FROM companies")); - $company_count = $row['num']; - - // User Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('user_id') AS num FROM users")); - $user_count = $row['num']; - - // Category Expense Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Expense'")); - $category_expense_count = $row['num']; - - // Category Income Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Income'")); - $category_income_count = $row['num']; - - // Category Referral Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Referral'")); - $category_referral_count = $row['num']; - - // Category Payment Method Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('category_id') AS num FROM categories WHERE category_type = 'Payment Method'")); - $category_payment_method_count = $row['num']; - - // Tag Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('tag_id') AS num FROM tags")); - $tag_count = $row['num']; - - // API Key Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('api_key_id') AS num FROM api_keys")); - $api_key_count = $row['num']; - - // Log Count - $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('log_id') AS num FROM logs")); - $log_count = $row['num']; - - $postdata = http_build_query( - array( - 'installation_id' => "$installation_id", - 'version' => "$current_version", - 'company_name' => "$company_name", - 'website' => "$company_website", - 'city' => "$company_city", - 'state' => "$company_state", - 'country' => "$company_country", - 'currency' => "$company_currency", - 'client_count' => $client_count, - 'ticket_count' => $ticket_count, - 'scheduled_ticket_count' => $scheduled_ticket_count, - 'calendar_event_count' => $calendar_event_count, - 'quote_count' => $quote_count, - 'invoice_count' => $invoice_count, - 'revenue_count' => $revenue_count, - 'recurring_count' => $recurring_count, - 'account_count' => $account_count, - 'tax_count' => $tax_count, - 'product_count' => $product_count, - 'payment_count' => $payment_count, - 'company_vendor_count' => $company_vendor_count, - 'expense_count' => $expense_count, - 'trip_count' => $trip_count, - 'transfer_count' => $transfer_count, - 'contact_count' => $contact_count, - 'location_count' => $location_count, - 'asset_count' => $asset_count, - 'software_count' => $software_count, - 'software_template_count' => $software_template_count, - 'password_count' => $password_count, - 'network_count' => $network_count, - 'certificate_count' => $certificate_count, - 'domain_count' => $domain_count, - 'service_count' => $service_count, - 'client_vendor_count' => $client_vendor_count, - 'vendor_template_count' => $vendor_template_count, - 'file_count' => $file_count, - 'document_count' => $document_count, - 'document_template_count' => $document_template_count, - 'shared_item_count' => $shared_item_count, - 'company_count' => $company_count, - 'user_count' => $user_count, - 'category_expense_count' => $category_expense_count, - 'category_income_count' => $category_income_count, - 'category_referral_count' => $category_referral_count, - 'category_payment_method_count' => $category_payment_method_count, - 'tag_count' => $tag_count, - 'api_key_count' => $api_key_count, - 'log_count' => $log_count, - 'config_theme' => "$config_theme", - 'config_enable_cron' => $config_enable_cron, - 'config_ticket_email_parse' => $config_ticket_email_parse, - 'config_module_enable_itdoc' => $config_module_enable_itdoc, - 'config_module_enable_ticketing' => $config_module_enable_ticketing, - 'config_module_enable_accounting' => $config_module_enable_accounting, - 'config_telemetry' => $config_telemetry, - 'collection_method' => 3 - ) - ); - - $opts = array('http' => - array( - 'method' => 'POST', - 'header' => 'Content-type: application/x-www-form-urlencoded', - 'content' => $postdata - ) - ); - - $context = stream_context_create($opts); - - $result = file_get_contents('https://telemetry.itflow.org', false, $context); - - // Logging - // logAction("Cron", "Task", "Cron sent telemetry results to ITFlow Developers"); - -} - - -// Fetch Updates -$updates = fetchUpdates(); - -$update_message = $updates->update_message; - -if ($updates->current_version !== $updates->latest_version) { - // Send Alert to inform Updates Available - appNotify("Update", "$update_message", "admin_update.php"); -} - - - -/* - * ############################################################################################################### - * FINISH UP - * ############################################################################################################### - */ - -// Alert we're using the old cron path -appNotify("Cron", "Cron ran OK, but paths need updating - cron scripts are now in the scripts subfolder", "admin_audit_log.php"); - -// Logging -logApp("Cron", "info", "Cron executed successfully"); -logApp("Cron", "warning", "Cron ran using an old script path"); diff --git a/cron_certificate_refresher.php b/cron_certificate_refresher.php deleted file mode 100644 index 67f3575a..00000000 --- a/cron_certificate_refresher.php +++ /dev/null @@ -1,68 +0,0 @@ - $old_value) { - $new_value = $new_domain_info[$column]; - if ($old_value != $new_value && !in_array($column, $ignored_columns)) { - $column = sanitizeInput($column); - $old_value = sanitizeInput($old_value); - $new_value = sanitizeInput($new_value); - mysqli_query($mysqli,"INSERT INTO domain_history SET domain_history_column = '$column', domain_history_old_value = '$old_value', domain_history_new_value = '$new_value', domain_history_domain_id = $domain_id"); - } - } - -} diff --git a/cron_mail_queue.php b/cron_mail_queue.php deleted file mode 100644 index 19337e6f..00000000 --- a/cron_mail_queue.php +++ /dev/null @@ -1,225 +0,0 @@ - 600) { - - unlink($lock_file_path); - // Logging - logAction("Cron-Mail-Queue", "Delete", "Cron Mail Queuer detected a lock file was present but was over 10 minutes old so it removed it."); - - } else { - - // Logging - logAction("Cron-Mail-Queue", "Locked", "Cron Mail Queuer attempted to execute but was already executing so instead it terminated."); - - exit("Script is already running. Exiting."); - } -} - -// Create a lock file -file_put_contents($lock_file_path, "Locked"); - -// Process Mail Queue - -// Email Status: -// 0 Queued -// 1 Sending -// 2 Failed -// 3 Sent - -/* - * ############################################################################################################### - * Initial email send - * ############################################################################################################### - */ -// Get Mail Queue that has status of Queued and send it to the function sendSingleEmail() located in functions.php -$sql_queue = mysqli_query($mysqli, "SELECT * FROM email_queue WHERE email_status = 0 AND email_queued_at <= NOW()"); - -if (mysqli_num_rows($sql_queue) > 0) { - while ($row = mysqli_fetch_array($sql_queue)) { - $email_id = intval($row['email_id']); - $email_from = $row['email_from']; - $email_from_name = $row['email_from_name']; - $email_recipient = $row['email_recipient']; - $email_recipient_name = $row['email_recipient_name']; - $email_subject = $row['email_subject']; - $email_content = $row['email_content']; - $email_queued_at = $row['email_queued_at']; - $email_sent_at = $row['email_sent_at']; - $email_ics_str = $row['email_cal_str']; - - // First, validate the sender email address - if (filter_var($email_from, FILTER_VALIDATE_EMAIL)) { - - // Sanitized Input - $email_recipient_logging = sanitizeInput($row['email_recipient']); - $email_subject_logging = sanitizeInput($row['email_subject']); - - // Update the status to sending - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 1 WHERE email_id = $email_id"); - - // Next, verify recipient email is valid - if (filter_var($email_recipient, FILTER_VALIDATE_EMAIL)) { - - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $email_from, - $email_from_name, - $email_recipient, - $email_recipient_name, - $email_subject, - $email_content, - $email_ics_str - ); - - if ($mail !== true) { - // Update Message - Failure - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 2, email_failed_at = NOW(), email_attempts = 1 WHERE email_id = $email_id"); - - appNotify("Cron-Mail-Queue", "Failed to send email #$email_id to $email_recipient_logging"); - - // Logging - logAction("Cron-Mail-Queue", "Error", "Failed to send email: $email_id to $email_recipient_logging regarding $email_subject_logging. $mail"); - } else { - // Update Message - Success - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 3, email_sent_at = NOW(), email_attempts = 1 WHERE email_id = $email_id"); - } - - } else { - - // Recipient email isn't valid, mark as failed and log the error - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 2, email_attempts = 99 WHERE email_id = $email_id"); - - // Logging - logAction("Cron-Mail-Queue", "Error", "Failed to send email: $email_id due to invalid recipient address. Email subject was: $email_subject_logging"); - } - - } else { - error_log("Failed to send email due to invalid sender address (' $email_from ') - check configuration in settings."); - - $email_from_logging = sanitizeInput($row['email_from']); - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 2, email_attempts = 99 WHERE email_id = $email_id"); - - // Logging - logAction("Cron-Mail-Queue", "Error", "Failed to send email #$email_id due to invalid sender address: $email_from_logging - check configuration in settings."); - - appNotify("Mail", "Failed to send email #$email_id due to invalid sender address"); - - } - - } -} - - -/* - * ############################################################################################################### - * Retries - * ############################################################################################################### - */ -// Get Mail that failed to send and attempt to send Failed Mail up to 4 times every 30 mins -$sql_failed_queue = mysqli_query($mysqli, "SELECT * FROM email_queue WHERE email_status = 2 AND email_attempts < 4 AND email_failed_at < NOW() + INTERVAL 30 MINUTE"); - -if (mysqli_num_rows($sql_failed_queue) > 0) { - while ($row = mysqli_fetch_array($sql_failed_queue)) { - $email_id = intval($row['email_id']); - $email_from = $row['email_from']; - $email_from_name = $row['email_from_name']; - $email_recipient = $row['email_recipient']; - $email_recipient_name = $row['email_recipient_name']; - $email_subject = $row['email_subject']; - $email_content = $row['email_content']; - $email_queued_at = $row['email_queued_at']; - $email_sent_at = $row['email_sent_at']; - $email_ics_str = $row['email_cal_str']; - // Increment the attempts - $email_attempts = intval($row['email_attempts']) + 1; - - // Sanitized Input - $email_recipient_logging = sanitizeInput($row['email_recipient']); - $email_subject_logging = sanitizeInput($row['email_subject']); - - // Update the status to sending before actually sending - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 1 WHERE email_id = $email_id"); - - // Verify recipient email is valid - if (filter_var($email_recipient, FILTER_VALIDATE_EMAIL)) { - - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $email_from, - $email_from_name, - $email_recipient, - $email_recipient_name, - $email_subject, - $email_content, - $email_ics_str - ); - - if ($mail !== true) { - // Update Message - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 2, email_failed_at = NOW(), email_attempts = $email_attempts WHERE email_id = $email_id"); - - // Logging - logAction("Cron-Mail-Queue", "Error", "Failed to re-send email #$email_id to $email_recipient_logging regarding $email_subject_logging. $mail"); - - } else { - - // Update Message - mysqli_query($mysqli, "UPDATE email_queue SET email_status = 3, email_sent_at = NOW(), email_attempts = $email_attempts WHERE email_id = $email_id"); - - } - } - } -} - -// Remove the lock file once mail has finished processing -unlink($lock_file_path); diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php deleted file mode 100644 index 00970092..00000000 --- a/cron_ticket_email_parser.php +++ /dev/null @@ -1,556 +0,0 @@ - Ticketing > Email-to-ticket parsing. See https://docs.itflow.org/ticket_email_parse -- Quitting.."); -} - -// Get system temp directory -$temp_dir = sys_get_temp_dir(); - -// Create the path for the lock file using the temp directory -$lock_file_path = "{$temp_dir}/itflow_email_parser_{$installation_id}.lock"; - -// Check for lock file to prevent concurrent script runs -if (file_exists($lock_file_path)) { - $file_age = time() - filemtime($lock_file_path); - - // If file is older than 5 minutes (300 seconds), delete and continue - if ($file_age > 300) { - unlink($lock_file_path); - - // Logging - logApp("Cron-Email-Parser", "warning", "Cron Email Parser detected a lock file was present but was over 5 minutes old so it removed it."); - - } else { - - // Logging - logApp("Cron-Email-Parser", "warning", "Lock file present. Cron Email Parser attempted to execute but was already executing, so instead it terminated."); - - exit("Script is already running. Exiting."); - } -} - -// Create a lock file -file_put_contents($lock_file_path, "Locked"); - -// PHP Mail Parser -use PhpMimeMailParser\Parser; -require_once "plugins/php-mime-mail-parser/Contracts/CharsetManager.php"; -require_once "plugins/php-mime-mail-parser/Contracts/Middleware.php"; -require_once "plugins/php-mime-mail-parser/Attachment.php"; -require_once "plugins/php-mime-mail-parser/Charset.php"; -require_once "plugins/php-mime-mail-parser/Exception.php"; -require_once "plugins/php-mime-mail-parser/Middleware.php"; -require_once "plugins/php-mime-mail-parser/MiddlewareStack.php"; -require_once "plugins/php-mime-mail-parser/MimePart.php"; -require_once "plugins/php-mime-mail-parser/Parser.php"; - -// Allowed attachment extensions -$allowed_extensions = array('jpg', 'jpeg', 'gif', 'png', 'webp', 'pdf', 'txt', 'md', 'doc', 'docx', 'csv', 'xls', 'xlsx', 'xlsm', 'zip', 'tar', 'gz'); - -// Function to raise a new ticket for a given contact and email them confirmation (if configured) -function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date, $subject, $message, $attachments, $original_message_file) { - global $mysqli, $config_app_name, $company_name, $company_phone, $config_ticket_prefix, $config_ticket_client_general_notifications, $config_ticket_new_ticket_notification_email, $config_base_url, $config_ticket_from_name, $config_ticket_from_email, $config_ticket_default_billable, $allowed_extensions; - - $ticket_number_sql = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_ticket_next_number FROM settings WHERE company_id = 1")); - $ticket_number = intval($ticket_number_sql['config_ticket_next_number']); - $new_config_ticket_next_number = $ticket_number + 1; - mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1"); - - // Clean up the message - $message = trim($message); // Remove leading/trailing whitespace - $message = preg_replace('/\s+/', ' ', $message); // Replace multiple spaces with a single space - $message = nl2br($message); // Convert newlines to
      - - // Wrap the message in a div with controlled line height - $message = "Email from: $contact_name <$contact_email> at $date:-

      $message
      "; - - $ticket_prefix_esc = mysqli_real_escape_string($mysqli, $config_ticket_prefix); - $message_esc = mysqli_real_escape_string($mysqli, $message); - $contact_email_esc = mysqli_real_escape_string($mysqli, $contact_email); - $client_id = intval($client_id); - - //Generate a unique URL key for clients to access - $url_key = randomString(156); - - mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$ticket_prefix_esc', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message_esc', ticket_priority = 'Low', ticket_status = 1, ticket_billable = $config_ticket_default_billable, ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_url_key = '$url_key', ticket_client_id = $client_id"); - $id = mysqli_insert_id($mysqli); - - // Logging - logAction("Ticket", "Create", "Email parser: Client contact $contact_email_esc created ticket $ticket_prefix_esc$ticket_number ($subject) ($id)", $client_id, $id); - - mkdirMissing('uploads/tickets/'); - $att_dir = "uploads/tickets/" . $id . "/"; - mkdirMissing($att_dir); - - rename("uploads/tmp/{$original_message_file}", "{$att_dir}/{$original_message_file}"); - $original_message_file_esc = mysqli_real_escape_string($mysqli, $original_message_file); - mysqli_query($mysqli, "INSERT INTO ticket_attachments SET ticket_attachment_name = 'Original-parsed-email.eml', ticket_attachment_reference_name = '$original_message_file_esc', ticket_attachment_ticket_id = $id"); - - foreach ($attachments as $attachment) { - $att_name = $attachment->getFilename(); - $att_extarr = explode('.', $att_name); - $att_extension = strtolower(end($att_extarr)); - - if (in_array($att_extension, $allowed_extensions)) { - $att_saved_filename = md5(uniqid(rand(), true)) . '.' . $att_extension; - $att_saved_path = $att_dir . $att_saved_filename; - file_put_contents($att_saved_path, $attachment->getContent()); - - $ticket_attachment_name = sanitizeInput($att_name); - $ticket_attachment_reference_name = sanitizeInput($att_saved_filename); - - $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_name); - $ticket_attachment_reference_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_reference_name); - mysqli_query($mysqli, "INSERT INTO ticket_attachments SET ticket_attachment_name = '$ticket_attachment_name_esc', ticket_attachment_reference_name = '$ticket_attachment_reference_name_esc', ticket_attachment_ticket_id = $id"); - } else { - $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $att_name); - logAction("Ticket", "Edit", "Email parser: Blocked attachment $ticket_attachment_name_esc from Client contact $contact_email_esc for ticket $ticket_prefix_esc$ticket_number", $client_id, $id); - } - } - - // Guest ticket watchers - if ($client_id == 0) { - mysqli_query($mysqli, "INSERT INTO ticket_watchers SET watcher_email = '$contact_email_esc', watcher_ticket_id = $id"); - } - - $data = []; - if ($config_ticket_client_general_notifications == 1) { - $subject_email = "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"; - $body = "##- Please type your reply above this line -##

      Hello $contact_name,

      Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

      Ticket: $config_ticket_prefix$ticket_number
      Subject: $subject
      Status: New
      Portal: View ticket

      --
      $company_name - Support
      $config_ticket_from_email
      $company_phone"; - $data[] = [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $contact_email, - 'recipient_name' => $contact_name, - 'subject' => $subject_email, - 'body' => mysqli_real_escape_string($mysqli, $body) - ]; - } - - if ($config_ticket_new_ticket_notification_email) { - if ($client_id == 0) { - $client_name = "Guest"; - } else { - $client_sql = mysqli_query($mysqli, "SELECT client_name FROM clients WHERE client_id = $client_id"); - $client_row = mysqli_fetch_array($client_sql); - $client_name = sanitizeInput($client_row['client_name']); - } - $email_subject = "$config_app_name - New Ticket - $client_name: $subject"; - $email_body = "Hello,

      This is a notification that a new ticket has been raised in ITFlow.
      Client: $client_name
      Priority: Low (email parsed)
      Link: https://$config_base_url/ticket.php?ticket_id=$id

      --------------------------------

      $subject
      $message"; - - $data[] = [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $config_ticket_new_ticket_notification_email, - 'recipient_name' => $config_ticket_from_name, - 'subject' => $email_subject, - 'body' => mysqli_real_escape_string($mysqli, $email_body) - ]; - } - - addToMailQueue($data); - - // Custom action/notif handler - customAction('ticket_create', $id); - - return true; -} - -// Add Reply Function -function addReply($from_email, $date, $subject, $ticket_number, $message, $attachments) { - global $mysqli, $config_app_name, $company_name, $company_phone, $config_ticket_prefix, $config_base_url, $config_ticket_from_name, $config_ticket_from_email, $allowed_extensions; - - $ticket_reply_type = 'Client'; - // Clean up the message - $message_parts = explode("##- Please type your reply above this line -##", $message); - $message_body = $message_parts[0]; - $message_body = trim($message_body); // Remove leading/trailing whitespace - $message_body = preg_replace('/\r\n|\r|\n/', ' ', $message_body); // Replace newlines with a space - $message_body = nl2br($message_body); // Convert remaining newlines to
      - - // Wrap the message in a div with controlled line height - $message = "Email from: $from_email at $date:-

      $message_body
      "; - - $ticket_number_esc = intval($ticket_number); - $message_esc = mysqli_real_escape_string($mysqli, $message); - $from_email_esc = mysqli_real_escape_string($mysqli, $from_email); - - $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT ticket_id, ticket_subject, ticket_status, ticket_contact_id, ticket_client_id, contact_email, client_name - FROM tickets - LEFT JOIN contacts on tickets.ticket_contact_id = contacts.contact_id - LEFT JOIN clients on tickets.ticket_client_id = clients.client_id - WHERE ticket_number = $ticket_number_esc LIMIT 1")); - - if ($row) { - $ticket_id = intval($row['ticket_id']); - $ticket_subject = sanitizeInput($row['ticket_subject']); - $ticket_status = sanitizeInput($row['ticket_status']); - $ticket_reply_contact = intval($row['ticket_contact_id']); - $ticket_contact_email = sanitizeInput($row['contact_email']); - $client_id = intval($row['ticket_client_id']); - $client_name = sanitizeInput($row['client_name']); - - if ($ticket_status == 5) { - $config_ticket_prefix_esc = mysqli_real_escape_string($mysqli, $config_ticket_prefix); - $ticket_number_esc = mysqli_real_escape_string($mysqli, $ticket_number); - - appNotify("Ticket", "Email parser: $from_email attempted to re-open ticket $config_ticket_prefix_esc$ticket_number_esc (ID $ticket_id) - check inbox manually to see email", "ticket.php?ticket_id=$ticket_id", $client_id); - - $email_subject = "Action required: This ticket is already closed"; - $email_body = "Hi there,

      You've tried to reply to a ticket that is closed - we won't see your response.

      Please raise a new ticket by sending a new e-mail to our support address below.

      --
      $company_name - Support
      $config_ticket_from_email
      $company_phone"; - - $data = [ - [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $from_email, - 'recipient_name' => $from_email, - 'subject' => $email_subject, - 'body' => mysqli_real_escape_string($mysqli, $email_body) - ] - ]; - - addToMailQueue($data); - - return true; - } - - if (empty($ticket_contact_email) || $ticket_contact_email !== $from_email) { - $from_email_esc = mysqli_real_escape_string($mysqli, $from_email); - $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT contact_id FROM contacts WHERE contact_email = '$from_email_esc' AND contact_client_id = $client_id LIMIT 1")); - if ($row) { - $ticket_reply_contact = intval($row['contact_id']); - } else { - $ticket_reply_type = 'Internal'; - $ticket_reply_contact = '0'; - $message = "WARNING: Contact email mismatch
      $message"; - $message_esc = mysqli_real_escape_string($mysqli, $message); - } - } - - mysqli_query($mysqli, "INSERT INTO ticket_replies SET ticket_reply = '$message_esc', ticket_reply_type = '$ticket_reply_type', ticket_reply_time_worked = '00:00:00', ticket_reply_by = $ticket_reply_contact, ticket_reply_ticket_id = $ticket_id"); - $reply_id = mysqli_insert_id($mysqli); - - mkdirMissing('uploads/tickets/'); - foreach ($attachments as $attachment) { - $att_name = $attachment->getFilename(); - $att_extarr = explode('.', $att_name); - $att_extension = strtolower(end($att_extarr)); - - if (in_array($att_extension, $allowed_extensions)) { - $att_saved_filename = md5(uniqid(rand(), true)) . '.' . $att_extension; - $att_saved_path = "uploads/tickets/" . $ticket_id . "/" . $att_saved_filename; - file_put_contents($att_saved_path, $attachment->getContent()); - - $ticket_attachment_name = sanitizeInput($att_name); - $ticket_attachment_reference_name = sanitizeInput($att_saved_filename); - - $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_name); - $ticket_attachment_reference_name_esc = mysqli_real_escape_string($mysqli, $ticket_attachment_reference_name); - mysqli_query($mysqli, "INSERT INTO ticket_attachments SET ticket_attachment_name = '$ticket_attachment_name_esc', ticket_attachment_reference_name = '$ticket_attachment_reference_name_esc', ticket_attachment_reply_id = $reply_id, ticket_attachment_ticket_id = $ticket_id"); - } else { - $ticket_attachment_name_esc = mysqli_real_escape_string($mysqli, $att_name); - logAction("Ticket", "Edit", "Email parser: Blocked attachment $ticket_attachment_name_esc from Client contact $from_email_esc for ticket $config_ticket_prefix$ticket_number_esc", $client_id, $ticket_id); - } - } - - $ticket_assigned_to_sql = mysqli_query($mysqli, "SELECT ticket_assigned_to FROM tickets WHERE ticket_id = $ticket_id LIMIT 1"); - - if ($ticket_assigned_to_sql) { - $row = mysqli_fetch_array($ticket_assigned_to_sql); - $ticket_assigned_to = intval($row['ticket_assigned_to']); - - if ($ticket_assigned_to) { - $tech_sql = mysqli_query($mysqli, "SELECT user_email, user_name FROM users WHERE user_id = $ticket_assigned_to LIMIT 1"); - $tech_row = mysqli_fetch_array($tech_sql); - $tech_email = sanitizeInput($tech_row['user_email']); - $tech_name = sanitizeInput($tech_row['user_name']); - - $email_subject = "$config_app_name - Ticket updated - [$config_ticket_prefix$ticket_number] $ticket_subject"; - $email_body = "Hello $tech_name,

      A new reply has been added to the below ticket, check ITFlow for full details.

      Client: $client_name
      Ticket: $config_ticket_prefix$ticket_number
      Subject: $ticket_subject

      https://$config_base_url/ticket.php?ticket_id=$ticket_id"; - - $data = [ - [ - 'from' => $config_ticket_from_email, - 'from_name' => $config_ticket_from_name, - 'recipient' => $tech_email, - 'recipient_name' => $tech_name, - 'subject' => mysqli_real_escape_string($mysqli, $email_subject), - 'body' => mysqli_real_escape_string($mysqli, $email_body) - ] - ]; - - addToMailQueue($data); - } - } - - mysqli_query($mysqli, "UPDATE tickets SET ticket_status = 2, ticket_resolved_at = NULL WHERE ticket_id = $ticket_id AND ticket_client_id = $client_id LIMIT 1"); - - logAction("Ticket", "Edit", "Email parser: Client contact $from_email_esc updated ticket $config_ticket_prefix$ticket_number_esc ($subject)", $client_id, $ticket_id); - - customAction('ticket_reply_client', $ticket_id); - - return true; - - } else { - return false; - } -} - -// Function to create a folder in the mailbox if it doesn't exist -function createMailboxFolder($imap, $mailbox, $folderName) { - $folders = imap_list($imap, $mailbox, '*'); - $folderExists = false; - if ($folders !== false) { - foreach ($folders as $folder) { - $folder = str_replace($mailbox, '', $folder); - if ($folder == $folderName) { - $folderExists = true; - break; - } - } - } - if (!$folderExists) { - imap_createmailbox($imap, $mailbox . imap_utf7_encode($folderName)); - imap_subscribe($imap, $mailbox . $folderName); - } -} - -// Initialize IMAP connection -$validate_cert = true; // or false based on your configuration - -$imap_encryption = $config_imap_encryption; // e.g., 'ssl', 'tls', or '' (empty string) for none - -// Start building the mailbox string -$mailbox = '{' . $config_imap_host . ':' . $config_imap_port; - -// Only add the encryption part if $imap_encryption is not empty -if (!empty($imap_encryption)) { - $mailbox .= '/' . $imap_encryption; -} - -// Add the certificate validation part -if ($validate_cert) { - $mailbox .= '/validate-cert'; -} else { - $mailbox .= '/novalidate-cert'; -} - -$mailbox .= '}'; - -// Append 'INBOX' to specify the mailbox folder -$inbox_mailbox = $mailbox . 'INBOX'; - -// Open the IMAP connection -$imap = imap_open($inbox_mailbox, $config_imap_username, $config_imap_password); - -if ($imap === false) { - echo "Error connecting to IMAP server: " . imap_last_error(); - exit; -} - -// Create the "ITFlow" mailbox folder if it doesn't exist -createMailboxFolder($imap, $mailbox, 'ITFlow'); - -// Search for unseen messages and get UIDs -$emails = imap_search($imap, 'UNSEEN', SE_UID); - -// Set Processed and Unprocessed Email count to 0 -$processed_count = 0; -$unprocessed_count = 0; - -if ($emails !== false) { - foreach ($emails as $email_uid) { - $email_processed = false; - - // Save original message - mkdirMissing('uploads/tmp/'); - $original_message_file = "processed-eml-" . randomString(200) . ".eml"; - - $raw_message = imap_fetchheader($imap, $email_uid, FT_UID) . imap_body($imap, $email_uid, FT_UID); - file_put_contents("uploads/tmp/{$original_message_file}", $raw_message); - - // Parse the message using php-mime-mail-parser - $parser = new \PhpMimeMailParser\Parser(); - $parser->setText($raw_message); - - // Get from address - $from_addresses = $parser->getAddresses('from'); - $from_email = sanitizeInput($from_addresses[0]['address'] ?? 'itflow-guest@example.com'); - $from_name = sanitizeInput($from_addresses[0]['display'] ?? 'Unknown'); - - $from_domain = explode("@", $from_email); - $from_domain = sanitizeInput(end($from_domain)); - - // Get subject - $subject = sanitizeInput($parser->getHeader('subject') ?? 'No Subject'); - - // Get date - $date = sanitizeInput($parser->getHeader('date') ?? date('Y-m-d H:i:s')); - - // Get message body - $message_body_html = $parser->getMessageBody('html'); - $message_body_text = $parser->getMessageBody('text'); - $message_body = $message_body_html ?: nl2br(htmlspecialchars($message_body_text)); - - // Handle inline images - $attachments = $parser->getAttachments(); - $inline_attachments = []; - foreach ($attachments as $attachment) { - if ($attachment->getContentDisposition() === 'inline' && $attachment->getContentID()) { - $cid = trim($attachment->getContentID(), '<>'); - $data = base64_encode($attachment->getContent()); - $mime = $attachment->getContentType(); - $dataUri = "data:$mime;base64,$data"; - $message_body = str_replace("cid:$cid", $dataUri, $message_body); - } else { - $inline_attachments[] = $attachment; - } - } - $attachments = $inline_attachments; - - // Process the email - if (preg_match("/\[$config_ticket_prefix(\d+)\]/", $subject, $ticket_number_matches)) { - $ticket_number = intval($ticket_number_matches[1]); - - if (addReply($from_email, $date, $subject, $ticket_number, $message_body, $attachments)) { - $email_processed = true; - } - } else { - // Check if the sender is a known contact - $from_email_esc = mysqli_real_escape_string($mysqli, $from_email); - $any_contact_sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$from_email_esc' LIMIT 1"); - $row = mysqli_fetch_array($any_contact_sql); - - if ($row) { - $contact_name = sanitizeInput($row['contact_name']); - $contact_id = intval($row['contact_id']); - $contact_email = sanitizeInput($row['contact_email']); - $client_id = intval($row['contact_client_id']); - - if (addTicket($contact_id, $contact_name, $contact_email, $client_id, $date, $subject, $message_body, $attachments, $original_message_file)) { - $email_processed = true; - } - } else { - // Check if the domain is associated with a client - $from_domain_esc = mysqli_real_escape_string($mysqli, $from_domain); - $domain_sql = mysqli_query($mysqli, "SELECT * FROM domains WHERE domain_name = '$from_domain_esc' LIMIT 1"); - $row = mysqli_fetch_assoc($domain_sql); - - if ($row && $from_domain == $row['domain_name']) { - $client_id = intval($row['domain_client_id']); - - // Create a new contact - $contact_name = $from_name; - $contact_email = $from_email; - mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '".mysqli_real_escape_string($mysqli, $contact_name)."', contact_email = '".mysqli_real_escape_string($mysqli, $contact_email)."', contact_notes = 'Added automatically via email parsing.', contact_client_id = $client_id"); - $contact_id = mysqli_insert_id($mysqli); - - // Logging - logAction("Contact", "Create", "Email parser: created contact " . mysqli_real_escape_string($mysqli, $contact_name) . "", $client_id, $contact_id); - customAction('contact_create', $contact_id); - - if (addTicket($contact_id, $contact_name, $contact_email, $client_id, $date, $subject, $message_body, $attachments, $original_message_file)) { - $email_processed = true; - } - } elseif ($config_ticket_email_parse_unknown_senders) { - // Parse even if the sender is unknown - $bad_from_pattern = "/daemon|postmaster/i"; - if (!(preg_match($bad_from_pattern, $from_email))) { - if (addTicket(0, $from_name, $from_email, 0, $date, $subject, $message_body, $attachments, $original_message_file)) { - $email_processed = true; - } - } - } - } - } - - if ($email_processed) { - // Mark the message as seen - imap_setflag_full($imap, $email_uid, "\\Seen", ST_UID); - // Move the message to the 'ITFlow' folder - imap_mail_move($imap, $email_uid, 'ITFlow', CP_UID); - // Get a Processed Email Count - $processed_count++; - } else { - // Flag the message for manual review without marking it as read - imap_setflag_full($imap, $email_uid, "\\Flagged", ST_UID); - // Clear the Seen flag to ensure the email remains unread - imap_clearflag_full($imap, $email_uid, "\\Seen", ST_UID); - // Get an Unprocessed email count - $unprocessed_count++; - } - - // Delete the temporary message file - if (file_exists("uploads/tmp/{$original_message_file}")) { - unlink("uploads/tmp/{$original_message_file}"); - } - } -} - -// Expunge deleted mails -imap_expunge($imap); - -// Close the IMAP connection -imap_close($imap); - -// Calculate the total execution time -uncomment the code below to get exec time -$script_end_time = microtime(true); -$execution_time = $script_end_time - $script_start_time; -$execution_time_formatted = number_format($execution_time, 2); - -// Insert a log entry into the logs table -$processed_info = "Processed: $processed_count email(s), Unprocessed: $unprocessed_count email(s)"; -// Remove Comment below for Troubleshooting - -//logAction("Cron-Email-Parser", "Execution", "Cron Email Parser executed in $execution_time_formatted seconds. $processed_info"); - -// END Calculate execution time - -// Remove the lock file -unlink($lock_file_path); - -// DEBUG -echo "\nLock File Path: $lock_file_path\n"; -if (file_exists($lock_file_path)) { - echo "\nLock is present\n\n"; -} -echo "Processed Emails into tickets: $processed_count\n"; -echo "Unprocessed Emails: $unprocessed_count\n"; diff --git a/global_search.php b/global_search.php index a7130489..b8e130bd 100644 --- a/global_search.php +++ b/global_search.php @@ -698,6 +698,8 @@ if (isset($_GET['query'])) {
      diff --git a/includes/client_overview_side_nav.php b/includes/client_overview_side_nav.php index a66aa30f..7a5c1253 100644 --- a/includes/client_overview_side_nav.php +++ b/includes/client_overview_side_nav.php @@ -34,18 +34,6 @@

      ALL Assets

      -
    • - "> - -

      ALL Networks

      -       -
      • -
    • - "> - -

      ALL Domains

      -       -
    • "> @@ -58,12 +46,24 @@

      ALL Credentials
      • +
    • + "> + +

      ALL Networks

      +       +
    • ">

      ALL Certificates
      • +
    • + "> + +

      ALL Domains

      +       +
    • "> diff --git a/includes/reports_side_nav.php b/includes/reports_side_nav.php index ea178871..303260de 100644 --- a/includes/reports_side_nav.php +++ b/includes/reports_side_nav.php @@ -106,17 +106,6 @@
      • -
    • OVERVIEWS
      • - - = 1) { ?> -
    • - "> - -

      All Assets

      -       -
      • - - diff --git a/post/user/asset_model.php b/post/user/asset_model.php index bb2a1256..144d1ad0 100644 --- a/post/user/asset_model.php +++ b/post/user/asset_model.php @@ -19,11 +19,11 @@ $mac = sanitizeInput($_POST['mac']); $uri = sanitizeInput($_POST['uri']); $uri_2 = sanitizeInput($_POST['uri_2']); $status = sanitizeInput($_POST['status']); -$location = intval($_POST['location']); +$location = intval($_POST['location'] ?? 0); $physical_location = sanitizeInput($_POST['physical_location']); -$vendor = intval($_POST['vendor']); -$contact = intval($_POST['contact']); -$network = intval($_POST['network']); +$vendor = intval($_POST['vendor'] ?? 0); +$contact = intval($_POST['contact'] ?? 0); +$network = intval($_POST['network'] ?? 0); $purchase_reference = sanitizeInput($_POST['purchase_reference']); $purchase_date = sanitizeInput($_POST['purchase_date']); if (empty($purchase_date)) { diff --git a/post/user/certificate_model.php b/post/user/certificate_model.php index 4629b479..2b99e5a5 100644 --- a/post/user/certificate_model.php +++ b/post/user/certificate_model.php @@ -8,5 +8,5 @@ $issued_by = sanitizeInput($_POST['issued_by']); $expire = sanitizeInput($_POST['expire']); $public_key = sanitizeInput($_POST['public_key']); $notes = sanitizeInput($_POST['notes']); -$domain_id = intval($_POST['domain_id']); +$domain_id = intval($_POST['domain_id'] ?? 0); $client_id = intval($_POST['client_id']); diff --git a/post/user/contact_model.php b/post/user/contact_model.php index cfc98732..40bcb127 100644 --- a/post/user/contact_model.php +++ b/post/user/contact_model.php @@ -14,7 +14,7 @@ $contact_primary = intval($_POST['contact_primary'] ?? 0); $contact_important = intval($_POST['contact_important'] ?? 0); $contact_billing = intval($_POST['contact_billing'] ?? 0); $contact_technical = intval($_POST['contact_technical'] ?? 0); -$location_id = intval($_POST['location']); +$location_id = intval($_POST['location'] ?? 0); $pin = sanitizeInput($_POST['pin']); $auth_method = sanitizeInput($_POST['auth_method']); diff --git a/post/user/credential_model.php b/post/user/credential_model.php index 655a770d..48c7adf0 100644 --- a/post/user/credential_model.php +++ b/post/user/credential_model.php @@ -12,7 +12,7 @@ $password = encryptLoginEntry(trim($_POST['password'])); $otp_secret = sanitizeInput($_POST['otp_secret']); $note = sanitizeInput($_POST['note']); $important = intval($_POST['important'] ?? 0); -$contact_id = intval($_POST['contact']); -$vendor_id = intval($_POST['vendor']); -$asset_id = intval($_POST['asset']); -$software_id = intval($_POST['software']); +$contact_id = intval($_POST['contact'] ?? 0); +$vendor_id = intval($_POST['vendor'] ?? 0); +$asset_id = intval($_POST['asset'] ?? 0); +$software_id = intval($_POST['software'] ?? 0); diff --git a/post/user/domain_model.php b/post/user/domain_model.php index 13a79c57..0281b1ce 100644 --- a/post/user/domain_model.php +++ b/post/user/domain_model.php @@ -3,10 +3,9 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); $name = preg_replace("(^https?://)", "", sanitizeInput($_POST['name'])); $description = sanitizeInput($_POST['description']); -$registrar = intval($_POST['registrar']); -$dnshost = intval($_POST['dnshost']); -$webhost = intval($_POST['webhost']); -$mailhost = intval($_POST['mailhost']); +$registrar = intval($_POST['registrar'] ?? 0); +$dnshost = intval($_POST['dnshost'] ?? 0); +$webhost = intval($_POST['webhost'] ?? 0); +$mailhost = intval($_POST['mailhost'] ?? 0); $expire = sanitizeInput($_POST['expire']); $notes = sanitizeInput($_POST['notes']); - diff --git a/post/user/location_model.php b/post/user/location_model.php index 8b7780ed..35788818 100644 --- a/post/user/location_model.php +++ b/post/user/location_model.php @@ -13,5 +13,5 @@ $phone = preg_replace("/[^0-9]/", '',$_POST['phone']); $fax = preg_replace("/[^0-9]/", '',$_POST['fax']); $hours = sanitizeInput($_POST['hours']); $notes = sanitizeInput($_POST['notes']); -$contact = intval($_POST['contact']); +$contact = intval($_POST['contact'] ?? 0); $location_primary = intval($_POST['location_primary'] ?? 0); diff --git a/post/user/network_model.php b/post/user/network_model.php index a25f1b4d..500a4832 100644 --- a/post/user/network_model.php +++ b/post/user/network_model.php @@ -11,5 +11,5 @@ $primary_dns = sanitizeInput($_POST['primary_dns']); $secondary_dns = sanitizeInput($_POST['secondary_dns']); $dhcp_range = sanitizeInput($_POST['dhcp_range']); $notes = sanitizeInput($_POST['notes']); -$location_id = intval($_POST['location']); +$location_id = intval($_POST['location'] ?? 0); $client_id = intval($_POST['client_id']); diff --git a/report_tickets_unbilled.php b/report_tickets_unbilled.php index 32c20c60..0bc306f0 100644 --- a/report_tickets_unbilled.php +++ b/report_tickets_unbilled.php @@ -152,7 +152,7 @@ $rows = 0;
      - +
      m - + + m + - + +
      @@ -137,6 +143,41 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE
      + + 'success']); exit; -} \ No newline at end of file +} + +if (isset($_POST['update_task_templates_order'])) { + // Update multiple task templates order + enforceUserPermission('module_support', 2); + + $positions = $_POST['positions']; + $ticket_template_id = intval($_POST['ticket_template_id']); + + foreach ($positions as $position) { + $id = intval($position['id']); + $order = intval($position['order']); + + mysqli_query($mysqli, "UPDATE task_templates SET task_template_order = $order WHERE task_template_ticket_template_id = $ticket_template_id AND task_template_id = $id"); + } + + // return a response + echo json_encode(['status' => 'success']); + exit; +} + From 17920e3cdab40944a4c2e39592e40fad9a3d281b Mon Sep 17 00:00:00 2001 From: ssteeltm Date: Fri, 21 Feb 2025 13:51:57 -0300 Subject: [PATCH 343/366] update admin_ticket_template_details.php --- admin_ticket_template_details.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin_ticket_template_details.php b/admin_ticket_template_details.php index b08b73d6..fbc91e81 100644 --- a/admin_ticket_template_details.php +++ b/admin_ticket_template_details.php @@ -103,7 +103,7 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE $task_completion_estimate = intval($row['task_template_completion_estimate']); $task_description = nullable_htmlentities($row['task_template_description']); ?> -
      From 554c4d99bb2b2ee359afdabd5cd1aad495906a48 Mon Sep 17 00:00:00 2001 From: ssteeltm Date: Fri, 21 Feb 2025 14:22:01 -0300 Subject: [PATCH 344/366] Drag and Drop Quote Items --- ajax.php | 19 +++++++++++++++++++ quote.php | 43 ++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 59 insertions(+), 3 deletions(-) diff --git a/ajax.php b/ajax.php index 9c0aa743..cdb4fda2 100644 --- a/ajax.php +++ b/ajax.php @@ -726,3 +726,22 @@ if (isset($_POST['update_task_templates_order'])) { exit; } +if (isset($_POST['update_quote_items_order'])) { + // Update multiple quote items order + enforceUserPermission('module_sales', 2); + + $positions = $_POST['positions']; + $quote_id = intval($_POST['quote_id']); + + foreach ($positions as $position) { + $id = intval($position['id']); + $order = intval($position['order']); + + mysqli_query($mysqli, "UPDATE invoice_items SET item_order = $order WHERE item_quote_id = $quote_id AND item_id = $id"); + } + + // return a response + echo json_encode(['status' => 'success']); + exit; +} + diff --git a/quote.php b/quote.php index 816ea672..1ce53962 100644 --- a/quote.php +++ b/quote.php @@ -109,6 +109,7 @@ if (isset($_GET['quote_id'])) { } ?> +
        @@ -273,7 +274,7 @@ if (isset($_GET['quote_id'])) {
        - +
        @@ -326,7 +327,7 @@ if (isset($_GET['quote_id'])) { $up_hidden = ""; } ?> - + - + @@ -961,3 +962,39 @@ require_once "includes/footer.php"; } } + + + From 4dd55df7a85f6ad356019496c3d249fd18485bb9 Mon Sep 17 00:00:00 2001 From: ssteeltm Date: Fri, 21 Feb 2025 14:44:24 -0300 Subject: [PATCH 345/366] Drag and Drop for Invoice Items --- ajax.php | 19 +++++++++++++++++++ invoice.php | 45 +++++++++++++++++++++++++++++++++++++++++---- quote.php | 2 +- 3 files changed, 61 insertions(+), 5 deletions(-) diff --git a/ajax.php b/ajax.php index cdb4fda2..02929768 100644 --- a/ajax.php +++ b/ajax.php @@ -745,3 +745,22 @@ if (isset($_POST['update_quote_items_order'])) { exit; } +if (isset($_POST['update_invoice_items_order'])) { + // Update multiple invoice items order + enforceUserPermission('module_sales', 2); + + $positions = $_POST['positions']; + $invoice_id = intval($_POST['invoice_id']); + + foreach ($positions as $position) { + $id = intval($position['id']); + $order = intval($position['order']); + + mysqli_query($mysqli, "UPDATE invoice_items SET item_order = $order WHERE item_invoice_id = $invoice_id AND item_id = $id"); + } + + // return a response + echo json_encode(['status' => 'success']); + exit; +} + diff --git a/invoice.php b/invoice.php index 10e34ca3..659f75c1 100644 --- a/invoice.php +++ b/invoice.php @@ -157,6 +157,7 @@ if (isset($_GET['invoice_id'])) { ?> +
          @@ -330,7 +331,7 @@ if (isset($_GET['invoice_id'])) {
          -
        = 2) { ?>
        @@ -356,7 +357,7 @@ if (isset($_GET['quote_id'])) {
        +
        @@ -373,7 +374,7 @@ if (isset($_GET['invoice_id'])) { $down_hidden = ""; } ?> - + - + @@ -704,7 +705,7 @@ require_once "includes/footer.php"; + + + diff --git a/quote.php b/quote.php index 1ce53962..b594415c 100644 --- a/quote.php +++ b/quote.php @@ -553,7 +553,7 @@ require_once "includes/footer.php"; + + + + From 1b59eef9e22415c445ef34f2a8fc6d6610fb8b38 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 14:55:22 -0500 Subject: [PATCH 347/366] Added Quick Details Modal for Assets --- ajax/ajax_asset_details.php | 735 ++++++++++++++++++++++++++++++++++++ assets.php | 6 +- 2 files changed, 740 insertions(+), 1 deletion(-) create mode 100644 ajax/ajax_asset_details.php diff --git a/ajax/ajax_asset_details.php b/ajax/ajax_asset_details.php new file mode 100644 index 00000000..f5ea387c --- /dev/null +++ b/ajax/ajax_asset_details.php @@ -0,0 +1,735 @@ +$contact_name"; +} else { + $contact_name_display = $contact_name; +} +$location_name = nullable_htmlentities($row['location_name']); +if (empty($location_name)) { + $location_name = "-"; +} +$location_archived_at = nullable_htmlentities($row['location_archived_at']); +if ($location_archived_at) { + $location_name_display = "$location_name"; +} else { + $location_name_display = $location_name; +} + +// Network Interfaces +$sql_related_interfaces = mysqli_query($mysqli, " + SELECT + ai.interface_id, + ai.interface_name, + ai.interface_description, + ai.interface_type, + ai.interface_mac, + ai.interface_ip, + ai.interface_nat_ip, + ai.interface_ipv6, + ai.interface_primary, + ai.interface_notes, + n.network_name, + n.network_id, + connected_interfaces.interface_id AS connected_interface_id, + connected_interfaces.interface_name AS connected_interface_name, + connected_assets.asset_name AS connected_asset_name, + connected_assets.asset_id AS connected_asset_id, + connected_assets.asset_type AS connected_asset_type + FROM asset_interfaces AS ai + LEFT JOIN networks AS n + ON n.network_id = ai.interface_network_id + LEFT JOIN asset_interface_links AS ail + ON (ail.interface_a_id = ai.interface_id OR ail.interface_b_id = ai.interface_id) + LEFT JOIN asset_interfaces AS connected_interfaces + ON ( + (ail.interface_a_id = ai.interface_id AND ail.interface_b_id = connected_interfaces.interface_id) + OR + (ail.interface_b_id = ai.interface_id AND ail.interface_a_id = connected_interfaces.interface_id) + ) + LEFT JOIN assets AS connected_assets + ON connected_assets.asset_id = connected_interfaces.interface_asset_id + WHERE + ai.interface_asset_id = $asset_id + AND ai.interface_archived_at IS NULL + ORDER BY ai.interface_name ASC +"); +$interface_count = mysqli_num_rows($sql_related_interfaces); + +// Related Credentials Query +$sql_related_credentials = mysqli_query($mysqli, " + SELECT + logins.login_id AS login_id, + logins.login_name, + logins.login_description, + logins.login_uri, + logins.login_username, + logins.login_password, + logins.login_otp_secret, + logins.login_note, + logins.login_important, + logins.login_contact_id, + logins.login_vendor_id, + logins.login_asset_id, + logins.login_software_id + FROM logins + LEFT JOIN login_tags ON login_tags.login_id = logins.login_id + LEFT JOIN tags ON tags.tag_id = login_tags.tag_id + WHERE login_asset_id = $asset_id + AND login_archived_at IS NULL + GROUP BY logins.login_id + ORDER BY login_name DESC +"); +$credential_count = mysqli_num_rows($sql_related_credentials); + +// Related Tickets Query +$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets + LEFT JOIN users on ticket_assigned_to = user_id + LEFT JOIN ticket_statuses ON ticket_status_id = ticket_status + WHERE ticket_asset_id = $asset_id + ORDER BY ticket_number DESC" +); +$ticket_count = mysqli_num_rows($sql_related_tickets); + +// Related Recurring Tickets Query +$sql_related_recurring_tickets = mysqli_query($mysqli, "SELECT * FROM scheduled_tickets + WHERE scheduled_ticket_asset_id = $asset_id + ORDER BY scheduled_ticket_next_run DESC" +); +$recurring_ticket_count = mysqli_num_rows($sql_related_recurring_tickets); + +// Related Documents +$sql_related_documents = mysqli_query($mysqli, "SELECT * FROM asset_documents + LEFT JOIN documents ON asset_documents.document_id = documents.document_id + WHERE asset_documents.asset_id = $asset_id + AND document_archived_at IS NULL + ORDER BY document_name DESC" +); +$document_count = mysqli_num_rows($sql_related_documents); + +// Related Files +$sql_related_files = mysqli_query($mysqli, "SELECT * FROM asset_files + LEFT JOIN files ON asset_files.file_id = files.file_id + WHERE asset_files.asset_id = $asset_id + AND file_archived_at IS NULL + ORDER BY file_name DESC" +); +$file_count = mysqli_num_rows($sql_related_files); + +// Related Software Query +$sql_related_software = mysqli_query( + $mysqli, + "SELECT * FROM software_assets + LEFT JOIN software ON software_assets.software_id = software.software_id + WHERE software_assets.asset_id = $asset_id + AND software_archived_at IS NULL + ORDER BY software_name DESC" +); + +$software_count = mysqli_num_rows($sql_related_software); + + + +// Generate the HTML form content using output buffering. +ob_start(); +?> +
        +
        + +
        + +
        + + + +
        + +
        + + +
        + +
        +
        @@ -398,7 +399,7 @@ if (isset($_GET['invoice_id'])) {
        + "> + + + + + + + + + + + + $network_name" + : '-'; + + // Connected interface details + $connected_asset_id = intval($row['connected_asset_id']); + $connected_asset_name = nullable_htmlentities($row['connected_asset_name']); + $connected_asset_type = nullable_htmlentities($row['connected_asset_type']); + $connected_asset_icon = getAssetIcon($connected_asset_type); + $connected_interface_name = nullable_htmlentities($row['connected_interface_name']); + + + // Show either "-" or "AssetName - Port" + if ($connected_asset_name) { + $connected_to_display = "$connected_asset_name - $connected_interface_name"; + } else { + $connected_to_display = "-"; + } + ?> + + + + + + + + + + +
        Name / PortTypeMACIPNetworkConnected To
        + + (Primary)"; } ?> +
        +
        +
        + + + +
        +
        + + + + + + + + + + + + "; + } + $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); + $login_otp_secret = nullable_htmlentities($row['login_otp_secret']); + $login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"'; + if (empty($login_otp_secret)) { + $otp_display = "-"; + } else { + $otp_display = " Hover.."; + } + $login_note = nullable_htmlentities($row['login_note']); + $login_important = intval($row['login_important']); + $login_contact_id = intval($row['login_contact_id']); + $login_vendor_id = intval($row['login_vendor_id']); + $login_asset_id = intval($row['login_asset_id']); + $login_software_id = intval($row['login_software_id']); + + // Tags + $login_tag_name_display_array = array(); + $login_tag_id_array = array(); + $sql_login_tags = mysqli_query($mysqli, "SELECT * FROM login_tags LEFT JOIN tags ON login_tags.tag_id = tags.tag_id WHERE login_id = $login_id ORDER BY tag_name ASC"); + while ($row = mysqli_fetch_array($sql_login_tags)) { + + $login_tag_id = intval($row['tag_id']); + $login_tag_name = nullable_htmlentities($row['tag_name']); + $login_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($login_tag_color)) { + $login_tag_color = "dark"; + } + $login_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($login_tag_icon)) { + $login_tag_icon = "tag"; + } + + $login_tag_id_array[] = $login_tag_id; + $login_tag_name_display_array[] = "$login_tag_name"; + } + $login_tags_display = implode('', $login_tag_name_display_array); + + ?> + + + + + + + + + + + +
        NameUsernamePasswordOTPURI
        + + + + +
        +
        +
        + + + +
        +
        + + + + + + + + + + + + + Never

        "; + } else { + $ticket_updated_at_display = "

        Never

        "; + } + } else { + $ticket_updated_at_display = $ticket_updated_at; + } + $ticket_closed_at = nullable_htmlentities($row['ticket_closed_at']); + + if ($ticket_priority == "High") { + $ticket_priority_display = "$ticket_priority"; + } elseif ($ticket_priority == "Medium") { + $ticket_priority_display = "$ticket_priority"; + } elseif ($ticket_priority == "Low") { + $ticket_priority_display = "$ticket_priority"; + } else { + $ticket_priority_display = "-"; + } + $ticket_assigned_to = intval($row['ticket_assigned_to']); + if (empty($ticket_assigned_to)) { + if ($ticket_status == 5) { + $ticket_assigned_to_display = "

        Not Assigned

        "; + } else { + $ticket_assigned_to_display = "

        Not Assigned

        "; + } + } else { + $ticket_assigned_to_display = nullable_htmlentities($row['user_name']); + } + + ?> + + + + + + + + + + + + + +
        NumberSubjectPriorityStatusAssignedLast Response
        + + + + + +
        +
        +
        + + + +
        + +
        + + + + + + + + + + + + + + + + + + + + + + +
        SubjectPriorityFrequencyNext Run
        +
        +
        + + + +
        +
        + + + + + + + + + + + + + + + + + + + + + +
        SoftwareTypeKeySeats
        $software_version"; ?>
        +
        +
        + + + +
        + +
        + + + + + + + + + + + + + + + + + + + + + + +
        Document TitleByCreatedUpdated
        + + + +
        +
        +
        +
        + + + +
        +
        + + + + + + + + + + + + + + + + + + + +
        NameTypeUploaded
        " target="_blank" >$file_description"; ?>
        +
        +
        + + +
        + + + +
        + More Details + +
        + + 0) {
      		- +
      From 87779e5c100bd9e0d6214b748148e6f38e3b6b01 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 18:22:14 -0500 Subject: [PATCH 348/366] Show Quick Asset details when clicking on a connected asset also when you click on asset in document details --- ajax/ajax_asset_details.php | 15 ++++++++++++--- asset_details.php | 7 ++++++- client_document_details.php | 7 ++++++- js/ajax_modal.js | 2 +- 4 files changed, 25 insertions(+), 6 deletions(-) diff --git a/ajax/ajax_asset_details.php b/ajax/ajax_asset_details.php index f5ea387c..2fc47fb6 100644 --- a/ajax/ajax_asset_details.php +++ b/ajax/ajax_asset_details.php @@ -285,7 +285,14 @@ ob_start(); // Show either "-" or "AssetName - Port" if ($connected_asset_name) { - $connected_to_display = "$connected_asset_name - $connected_interface_name"; + $connected_to_display = + " + $connected_asset_name - $connected_interface_name + + "; } else { $connected_to_display = "-"; } @@ -338,7 +345,7 @@ ob_start(); if (empty($login_username)) { $login_username_display = "-"; } else { - $login_username_display = "$login_username"; + $login_username_display = "$login_username"; } $login_password = nullable_htmlentities(decryptLoginEntry($row['login_password'])); $login_otp_secret = nullable_htmlentities($row['login_otp_secret']); @@ -385,7 +392,7 @@ ob_start();
      		- +
      + + diff --git a/asset_details.php b/asset_details.php index 1af52065..ad7f816b 100644 --- a/asset_details.php +++ b/asset_details.php @@ -459,7 +459,12 @@ if (isset($_GET['asset_id'])) { // Show either "-" or "AssetName - Port" if ($connected_asset_name) { - $connected_to_display = "$connected_asset_name - $connected_interface_name"; + $connected_to_display = " + $connected_asset_name - $connected_interface_name + "; } else { $connected_to_display = "-"; } diff --git a/client_document_details.php b/client_document_details.php index 00f05086..b53728eb 100644 --- a/client_document_details.php +++ b/client_document_details.php @@ -268,7 +268,12 @@ $page_title = $row['document_name']; ?>
      - + + diff --git a/js/ajax_modal.js b/js/ajax_modal.js index 1fd88fbb..ff5aec8e 100644 --- a/js/ajax_modal.js +++ b/js/ajax_modal.js @@ -35,7 +35,7 @@ $(document).on('click', '[data-toggle="ajax-modal"]', function (e) { } // Create a modal ID by appending the ajaxId. - var modalId = 'ajaxModal_' + ajaxId; + var modalId = 'ajaxModal_' + ajaxId + '_' + new Date().getTime(); // Remove any existing modal with this ID. $('#' + modalId).remove(); From 25db6c6e03fdbcc382d2977c66216ed0cf08ccb0 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 20:14:36 -0500 Subject: [PATCH 349/366] Replaced more contact Links with the new ajax contact details modal, updated the modal UI as well to use bigger icons and have the icon on its own line --- ajax/ajax_contact_details.php | 765 ++++++++++++++++++++++++++++++++++ ajax/ajax_service_details.php | 17 +- assets.php | 74 +--- client_document_details.php | 7 +- client_overview.php | 8 +- contact_details.php | 6 +- contacts.php | 6 +- ticket.php | 126 +----- 8 files changed, 829 insertions(+), 180 deletions(-) create mode 100644 ajax/ajax_contact_details.php diff --git a/ajax/ajax_contact_details.php b/ajax/ajax_contact_details.php new file mode 100644 index 00000000..3d3bee15 --- /dev/null +++ b/ajax/ajax_contact_details.php @@ -0,0 +1,765 @@ +$contact_tag_name"; +} +$contact_tags_display = implode('', $contact_tag_name_display_array); + +// Notes - 1 to 1 relationship +$sql_related_notes = mysqli_query($mysqli, "SELECT * FROM contact_notes LEFT JOIN users ON contact_note_created_by = user_id WHERE contact_note_contact_id = $contact_id AND contact_note_archived_at IS NULL ORDER BY contact_note_created_at DESC"); +$note_count = mysqli_num_rows($sql_related_notes); + + // Linked Services +$sql_linked_services = mysqli_query($mysqli, "SELECT * FROM service_contacts, services + WHERE service_contacts.contact_id = $contact_id + AND service_contacts.service_id = services.service_id + ORDER BY service_name ASC" +); +$service_count = mysqli_num_rows($sql_linked_services); + +$linked_services = array(); + +// Linked Documents +$sql_linked_documents = mysqli_query($mysqli, "SELECT * FROM contact_documents, documents + LEFT JOIN users ON document_created_by = user_id + WHERE contact_documents.contact_id = $contact_id + AND contact_documents.document_id = documents.document_id + AND document_template = 0 + AND document_archived_at IS NULL + ORDER BY document_name ASC" +); +$document_count = mysqli_num_rows($sql_linked_documents); + +$linked_documents = array(); + +// Linked Files +$sql_linked_files = mysqli_query($mysqli, "SELECT * FROM contact_files, files + WHERE contact_files.contact_id = $contact_id + AND contact_files.file_id = files.file_id + AND file_archived_at IS NULL + ORDER BY file_name ASC" +); +$file_count = mysqli_num_rows($sql_linked_files); + +$linked_files = array(); + + + +// Generate the HTML form content using output buffering. +ob_start(); +?> +
      +
      + +
      + +
      + + + +
      + +
      + + +
      + +
      + + + + + + + + + + + + + "; + } + $asset_nat_ip = nullable_htmlentities($row['interface_nat_ip']); + $asset_ipv6 = nullable_htmlentities($row['interface_ipv6']); + $asset_mac = nullable_htmlentities($row['interface_mac']); + $asset_status = nullable_htmlentities($row['asset_status']); + $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); + $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']); + $asset_install_date = nullable_htmlentities($row['asset_install_date']); + if (empty($asset_install_date)) { + $asset_install_date_display = "-"; + } else { + $asset_install_date_display = $asset_install_date; + } + $asset_uri = nullable_htmlentities($row['asset_uri']); + $asset_uri_2 = nullable_htmlentities($row['asset_uri_2']); + $asset_photo = nullable_htmlentities($row['asset_photo']); + $asset_physical_location = nullable_htmlentities($row['asset_physical_location']); + $asset_notes = nullable_htmlentities($row['asset_notes']); + $asset_created_at = nullable_htmlentities($row['asset_created_at']); + $device_icon = getAssetIcon($asset_type); + + ?> + + + + + + + + + + + + +
      Name/DescriptionTypeMake/ModelSerial NumberInstall DateStatus
      + + + + +
      + +
      +       		+ +
      + +
      +
      +
      +
      + + + +
      +
      + + + + + + + + + + + + + Hover.."; + } + $login_note = nullable_htmlentities($row['login_note']); + $login_important = intval($row['login_important']); + $login_contact_id = intval($row['login_contact_id']); + $login_vendor_id = intval($row['login_vendor_id']); + $login_asset_id = intval($row['login_asset_id']); + $login_software_id = intval($row['login_software_id']); + + // Tags + $login_tag_name_display_array = array(); + $login_tag_id_array = array(); + $sql_login_tags = mysqli_query($mysqli, "SELECT * FROM login_tags LEFT JOIN tags ON login_tags.tag_id = tags.tag_id WHERE login_id = $login_id ORDER BY tag_name ASC"); + while ($row = mysqli_fetch_array($sql_login_tags)) { + + $login_tag_id = intval($row['tag_id']); + $login_tag_name = nullable_htmlentities($row['tag_name']); + $login_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($login_tag_color)) { + $login_tag_color = "dark"; + } + $login_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($login_tag_icon)) { + $login_tag_icon = "tag"; + } + + $login_tag_id_array[] = $login_tag_id; + $login_tag_name_display_array[] = "$login_tag_name"; + } + $login_tags_display = implode('', $login_tag_name_display_array); + + ?> + + + + + + + + + + + + +
      NameDescriptionUsernamePasswordOTPURI
      + +
      +
      +
      + + + + + +
      +
      + + + + + + + + + + + + + + Never

      "; + } else { + $ticket_updated_at_display = "

      Never

      "; + } + } else { + $ticket_updated_at_display = $ticket_updated_at; + } + $ticket_closed_at = nullable_htmlentities($row['ticket_closed_at']); + + if ($ticket_priority == "High") { + $ticket_priority_display = "$ticket_priority"; + } elseif ($ticket_priority == "Medium") { + $ticket_priority_display = "$ticket_priority"; + } elseif ($ticket_priority == "Low") { + $ticket_priority_display = "$ticket_priority"; + } else { + $ticket_priority_display = "-"; + } + $ticket_assigned_to = intval($row['ticket_assigned_to']); + if (empty($ticket_assigned_to)) { + if ($ticket_status == "Closed") { + $ticket_assigned_to_display = "

      Not Assigned

      "; + } else { + $ticket_assigned_to_display = "

      Not Assigned

      "; + } + } else { + $ticket_assigned_to_display = nullable_htmlentities($row['user_name']); + } + + ?> + + + + + + + + + + + + + + +
      NumberSubjectPriorityStatusAssignedLast ResponseCreated
      +
      +
      + + + +
      + +
      + + + + + + + + + + + + + + + + + + + + + + +
      SubjectPriorityFrequencyNext Run
      +
      +
      + + + +
      +
      + + + + + + + + + + + + + + + + + + + + + +
      SoftwareTypeKeySeats
      +
      +
      + + + +
      + +
      + + + + + + + + + + + + + + + + + + + + + + +
      Document TitleByCreatedUpdated
      + + + +
      +
      +
      +
      + + + +
      +
      + + + + + + + + + + + + + + + + + + + + + + +
      File NameTypeSizeUploaded
      +
      +
      +       		KB
      +
      +
      + + + +
      +
      + + + + + + + + + + + + + + + + + + + + + + +
      TypeNoteByCreated
      +
      +
      + + +
      + +
      + +
      + More Details + +
      + +$row[asset_name] $ip
      • "; + echo "
    • $asset_name$ip
      • "; } ?>
    @@ -288,7 +293,15 @@ ob_start(); mysqli_data_seek($sql_contacts, 0); while ($row = mysqli_fetch_array($sql_contacts)) { - echo "
  • $row[contact_name]
    • "; + $contact_id = intval($row['contact_id']); + $contact_name = nullable_htmlentities($row['contact_name']); + echo "
  • + $contact_name + +
    • "; } ?> diff --git a/assets.php b/assets.php index f9292d71..0f14642b 100644 --- a/assets.php +++ b/assets.php @@ -489,17 +489,25 @@ if (mysqli_num_rows($os_sql) > 0) { $device_icon = getAssetIcon($asset_type); - $contact_name = nullable_htmlentities($row['contact_name']); - if (empty($contact_name)) { - $contact_name = "-"; - } $contact_archived_at = nullable_htmlentities($row['contact_archived_at']); if ($contact_archived_at) { - $contact_name_display = "
    $contact_name
    "; + $contact_archive_display = "(Archived)"; } else { - $contact_name_display = $contact_name; + $contact_archive_display = ''; } - + $contact_name = nullable_htmlentities($row['contact_name']); + if ($contact_name) { + $contact_name_display = " + $contact_name $contact_archive_display + "; + } else { + $contact_name_display = "-"; + } + $location_name = nullable_htmlentities($row['location_name']); if (empty($location_name)) { $location_name = "-"; @@ -579,58 +587,6 @@ if (mysqli_num_rows($os_sql) > 0) {
    - 0) { ?> - - - - -
    - - - -
    From 5c3e0f0c31f5929c0c0becb3c0bb6a6743fcb759 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 20:37:02 -0500 Subject: [PATCH 350/366] Added Contact Info to the new contact details akax modal --- ajax/ajax_contact_details.php | 107 ++++++++++++++++++++++++++++++---- 1 file changed, 97 insertions(+), 10 deletions(-) diff --git a/ajax/ajax_contact_details.php b/ajax/ajax_contact_details.php index 3d3bee15..c92ce242 100644 --- a/ajax/ajax_contact_details.php +++ b/ajax/ajax_contact_details.php @@ -157,49 +157,52 @@ ob_start();
    @@ -208,8 +211,92 @@ ob_start();
    +
    +
    +
    +

    + +
    + + +
    + + contact_photo"> + + + + + + +
    + +
    + +
    + +
    + +
    + +
    + +
    ">
    + +
    x
    + +
    + +
    + +
    Primary Contact
    + +
    Important
    + +
    Technical
    + +
    Billing
    + +
    + +
    +
    + +
    +
    +
    Notes
    +
    + +
    +
    + + + -
    +
    From e0a1e459281ba4512348bd58ddc8310f0b82cd5c Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 20:48:17 -0500 Subject: [PATCH 351/366] Updated Asset Details AJAX modal to include its own details as well --- ajax/ajax_asset_details.php | 128 +++++++++++++++++++++++++++++++++--- 1 file changed, 120 insertions(+), 8 deletions(-) diff --git a/ajax/ajax_asset_details.php b/ajax/ajax_asset_details.php index 2fc47fb6..494bea57 100644 --- a/ajax/ajax_asset_details.php +++ b/ajax/ajax_asset_details.php @@ -195,39 +195,42 @@ ob_start();
    @@ -236,8 +239,117 @@ ob_start();
    +
    +
    +
    +

    + + asset_photo"> + + +
    + +
    +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    +
    + +
    +
    +
    Primary Network Interface
    +
    +
    + +
    + + +
    + +
    + +
    Link
    + +
    Link 2
    + +
    +
    + + +
    +
    +
    Assignment
    +
    +
    + +
    + +
    + +
    + +
    + +
    + + +
    +
    + +
    +
    +
    Additional Notes
    +
    + +
    + +
    + + + -
    +
    From 86212ee088fad2c70dfff3d7a6d86987b84d055b Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 21:20:14 -0500 Subject: [PATCH 352/366] Update Changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b3a12d0f..9fe8bcf0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,7 +11,7 @@ This file documents all notable changes made to ITFlow. ### Added / Changed - Added a kanban view for tickets -- Migrated many repeating modals to ajax modals for faster loading times +- Migrated all repeating modals to new ajax modal function for faster loading times and to allow for very quick development - Clients can upload PDF documents to accepted quotes - Client Portal now shows ticket category - Custom links can now be added to the client portal navbar From 9b5eb86cac8d8d91c99cc33d82bccb17675961df Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 21:50:44 -0500 Subject: [PATCH 353/366] Changelog Update, Allow to view unlimited notifications --- CHANGELOG.md | 1 + ajax/ajax_notifications.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9fe8bcf0..cb66fc01 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ This file documents all notable changes made to ITFlow. - Clone asset interfaces when assets are transferred between clients ### Added / Changed +- Simple Drag and Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks and Ticket Template Tasks. - Added a kanban view for tickets - Migrated all repeating modals to new ajax modal function for faster loading times and to allow for very quick development - Clients can upload PDF documents to accepted quotes diff --git a/ajax/ajax_notifications.php b/ajax/ajax_notifications.php index 048d7f0e..1dd53356 100644 --- a/ajax/ajax_notifications.php +++ b/ajax/ajax_notifications.php @@ -5,7 +5,7 @@ require_once '../includes/ajax_header.php'; $sql = mysqli_query($mysqli, "SELECT * FROM notifications WHERE notification_user_id = $session_user_id AND notification_dismissed_at IS NULL - ORDER BY notification_id DESC LIMIT 8" + ORDER BY notification_id" ); $num_notifications = mysqli_num_rows($sql); From 2a974c28b079d231d0158e6d475ba084f8e6da27 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 21 Feb 2025 22:14:40 -0500 Subject: [PATCH 354/366] Remove old item ordering logic for invoice, recurring invoice and quote --- admin_ticket_template_details.php | 1 - invoice.php | 21 --------- post/user/invoice.php | 72 ------------------------------- post/user/quote.php | 58 ------------------------- quote.php | 34 +-------------- recurring_invoice.php | 31 ------------- 6 files changed, 1 insertion(+), 216 deletions(-) diff --git a/admin_ticket_template_details.php b/admin_ticket_template_details.php index b928d46e..39e946cb 100644 --- a/admin_ticket_template_details.php +++ b/admin_ticket_template_details.php @@ -99,7 +99,6 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE while($row = mysqli_fetch_array($sql_task_templates)){ $task_id = intval($row['task_template_id']); $task_name = nullable_htmlentities($row['task_template_name']); - $task_order = intval($row['task_template_order']); $task_completion_estimate = intval($row['task_template_completion_estimate']); $task_description = nullable_htmlentities($row['task_template_description']); ?> diff --git a/invoice.php b/invoice.php index ddbe0616..18913183 100644 --- a/invoice.php +++ b/invoice.php @@ -369,18 +369,6 @@ if (isset($_GET['invoice_id'])) { $tax_id = intval($row['item_tax_id']); $total_tax = $item_tax + $total_tax; $sub_total = $item_price * $item_quantity + $sub_total; - $item_order = intval($row['item_order']); - // Logic to check if top or bottom arrow should be hidden - if ($item_order == 1) { - $up_hidden = "hidden"; - } else { - $up_hidden = ""; - } - if ($item_order == mysqli_num_rows($sql_invoice_items)) { - $down_hidden = "hidden"; - } else { - $down_hidden = ""; - } ?> @@ -296,15 +274,6 @@ if (isset($_GET['recurring_id'])) {
    -
    - - - - -
    '; }?> - - -
    Date: Sat, 22 Feb 2025 12:47:26 -0500 Subject: [PATCH 355/366] Fixed dragula css and js to not prepend / --- admin_ticket_template_details.php | 2 +- ajax/ajax_asset_details.php | 8 ++++++-- ajax/ajax_contact_details.php | 8 ++++++-- assets.php | 2 +- contacts.php | 2 +- includes/client_overview_side_nav.php | 18 +++++++++--------- includes/side_nav.php | 7 +++++++ includes/top_nav.php | 5 ----- invoice.php | 2 +- quote.php | 2 +- recurring_invoice.php | 2 +- ticket.php | 8 +++++--- tickets_kanban.php | 8 ++++---- 13 files changed, 43 insertions(+), 31 deletions(-) diff --git a/admin_ticket_template_details.php b/admin_ticket_template_details.php index 39e946cb..03ad6fa0 100644 --- a/admin_ticket_template_details.php +++ b/admin_ticket_template_details.php @@ -30,7 +30,7 @@ $ticket_template_updated_at = nullable_htmlentities($row['ticket_template_update $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE task_template_ticket_template_id = $ticket_template_id ORDER BY task_template_order ASC, task_template_id ASC"); ?> - +
    1. diff --git a/ajax/ajax_asset_details.php b/ajax/ajax_asset_details.php index 494bea57..20ef5c29 100644 --- a/ajax/ajax_asset_details.php +++ b/ajax/ajax_asset_details.php @@ -180,7 +180,11 @@ $sql_related_software = mysqli_query( $software_count = mysqli_num_rows($sql_related_software); - +if (isset($_GET['client_id'])) { + $client_url = "client_id=$client_id&"; +} else { + $client_url = ''; +} // Generate the HTML form content using output buffering. ob_start(); @@ -848,7 +852,7 @@ ob_start();
      - More Details + More Details
      diff --git a/ajax/ajax_contact_details.php b/ajax/ajax_contact_details.php index c92ce242..e081abb3 100644 --- a/ajax/ajax_contact_details.php +++ b/ajax/ajax_contact_details.php @@ -142,7 +142,11 @@ $file_count = mysqli_num_rows($sql_linked_files); $linked_files = array(); - +if (isset($_GET['client_id'])) { + $client_url = "client_id=$client_id&"; +} else { + $client_url = ''; +} // Generate the HTML form content using output buffering. ob_start(); @@ -844,7 +848,7 @@ ob_start();
      - More Details + More Details
      diff --git a/assets.php b/assets.php index 0f14642b..ae2ab944 100644 --- a/assets.php +++ b/assets.php @@ -533,7 +533,7 @@ if (mysqli_num_rows($os_sql) > 0) {
      diff --git a/contacts.php b/contacts.php index a2b4119e..0ace4940 100644 --- a/contacts.php +++ b/contacts.php @@ -399,7 +399,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
      diff --git a/includes/client_overview_side_nav.php b/includes/client_overview_side_nav.php index 7a5c1253..306c450b 100644 --- a/includes/client_overview_side_nav.php +++ b/includes/client_overview_side_nav.php @@ -19,55 +19,55 @@
    2. "> -

      ALL Contacts

      +

      Contacts
    3. "> -

      ALL Locations

      +

      Locations
    4. "> -

      ALL Assets

      +

      Assets
    5. "> -

      ALL Licenses

      +

      Licenses
    6. "> -

      ALL Credentials

      +

      Credentials
    7. "> -

      ALL Networks

      +

      Networks
    8. "> -

      ALL Certificates

      +

      Certificates
    9. "> -

      ALL Domains

      +

      Domains
    10. "> -

      ALL Services

      +

      Services
      11. diff --git a/includes/side_nav.php b/includes/side_nav.php index a070a90f..d61c97b5 100644 --- a/includes/side_nav.php +++ b/includes/side_nav.php @@ -32,6 +32,13 @@

      +
    11. + + +

      Overview

      + +       +
      12. = 1) { ?> diff --git a/includes/top_nav.php b/includes/top_nav.php index e99f483c..24ac45e4 100644 --- a/includes/top_nav.php +++ b/includes/top_nav.php @@ -6,11 +6,6 @@
      13. -
    13. - - Client Overview - -
      14. diff --git a/invoice.php b/invoice.php index 18913183..71524b02 100644 --- a/invoice.php +++ b/invoice.php @@ -157,7 +157,7 @@ if (isset($_GET['invoice_id'])) { ?> - +
        diff --git a/quote.php b/quote.php index 002512a9..1fb0db49 100644 --- a/quote.php +++ b/quote.php @@ -115,7 +115,7 @@ if (isset($_GET['quote_id'])) { ); ?> - +
          diff --git a/recurring_invoice.php b/recurring_invoice.php index 7185c100..d267a76c 100644 --- a/recurring_invoice.php +++ b/recurring_invoice.php @@ -480,7 +480,7 @@ require_once "includes/footer.php"; }); - + - + "; ?> - - \ No newline at end of file + + \ No newline at end of file From 5d18e85d625dcefc349e0d9eb4ad2d7f7026da36 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 12:53:56 -0500 Subject: [PATCH 356/366] Don't auto generate Client Abbreviation on the fly on the side bar. This is auto generated when you create or edit a client and leave abbreviation blank --- includes/client_side_nav.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/client_side_nav.php b/includes/client_side_nav.php index 52865f0a..6610214c 100644 --- a/includes/client_side_nav.php +++ b/includes/client_side_nav.php @@ -5,7 +5,7 @@

          - Back | + Back |

          From 8eea19d03dddc382832e927e9bb4e1c68e52847c Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Sat, 22 Feb 2025 17:59:24 +0000 Subject: [PATCH 357/366] Small permissions fix for client-specific access --- invoice.php | 17 +++++++++++++---- invoices.php | 5 +++++ quote.php | 14 +++++++++++--- quotes.php | 11 ++++++++--- ticket.php | 14 ++++++-------- 5 files changed, 43 insertions(+), 18 deletions(-) diff --git a/invoice.php b/invoice.php index 18913183..ee6f23c9 100644 --- a/invoice.php +++ b/invoice.php @@ -3,10 +3,18 @@ // If client_id is in URI then show client Side Bar and client header if (isset($_GET['client_id'])) { require_once "includes/inc_all_client.php"; -} else { +} else { require_once "includes/inc_all.php"; } +// Perms +enforceUserPermission('module_sales'); +$invoice_permission_snippet = ''; +if (!empty($client_access_string)) { + $invoice_permission_snippet = "AND invoice_client_id IN ($client_access_string)"; +} + + if (isset($_GET['invoice_id'])) { $invoice_id = intval($_GET['invoice_id']); @@ -17,7 +25,8 @@ if (isset($_GET['invoice_id'])) { LEFT JOIN clients ON invoice_client_id = client_id LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 - WHERE invoice_id = $invoice_id" + WHERE invoice_id = $invoice_id + $invoice_permission_snippet" ); if (mysqli_num_rows($sql) == 0) { @@ -215,13 +224,13 @@ if (isset($_GET['invoice_id'])) { - + Mark Non-Billable - +
          diff --git a/invoices.php b/invoices.php index 18d32f02..a59d4112 100644 --- a/invoices.php +++ b/invoices.php @@ -17,6 +17,10 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_sales'); +$invoice_permission_snippet = ''; +if (!empty($client_access_string)) { + $invoice_permission_snippet = "AND invoice_client_id IN ($client_access_string)"; +} $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' $client_query")); $sent_count = $row['num']; @@ -94,6 +98,7 @@ $sql = mysqli_query( $overdue_query AND DATE(invoice_date) BETWEEN '$dtf' AND '$dtt' AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR client_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%' OR category_name LIKE '%$q%') + $invoice_permission_snippet $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); diff --git a/quote.php b/quote.php index 002512a9..29a62563 100644 --- a/quote.php +++ b/quote.php @@ -3,10 +3,17 @@ // If client_id is in URI then show client Side Bar and client header if (isset($_GET['client_id'])) { require_once "includes/inc_all_client.php"; -} else { +} else { require_once "includes/inc_all.php"; } +// Perms +enforceUserPermission('module_sales'); +$quote_permission_snippet = ''; +if (!empty($client_access_string)) { + $quote_permission_snippet = "AND quote_client_id IN ($client_access_string)"; +} + if (isset($_GET['quote_id'])) { $quote_id = intval($_GET['quote_id']); @@ -17,7 +24,8 @@ if (isset($_GET['quote_id'])) { LEFT JOIN clients ON quote_client_id = client_id LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 - WHERE quote_id = $quote_id" + WHERE quote_id = $quote_id + $quote_permission_snippet" ); if (mysqli_num_rows($sql) == 0) { @@ -186,7 +194,7 @@ if (isset($_GET['quote_id'])) { = 2) { ?> diff --git a/quotes.php b/quotes.php index 2a2b40d3..99b594ce 100644 --- a/quotes.php +++ b/quotes.php @@ -17,6 +17,10 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_sales'); +$quote_permission_snippet = ''; +if (!empty($client_access_string)) { + $quote_permission_snippet = "AND quote_client_id IN ($client_access_string)"; +} $sql = mysqli_query( $mysqli, @@ -25,6 +29,7 @@ $sql = mysqli_query( LEFT JOIN categories ON quote_category_id = category_id WHERE (CONCAT(quote_prefix,quote_number) LIKE '%$q%' OR quote_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR quote_status LIKE '%$q%' OR quote_amount LIKE '%$q%' OR client_name LIKE '%$q%') AND DATE(quote_date) BETWEEN '$dtf' AND '$dtt' + $quote_permission_snippet $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); @@ -206,7 +211,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    @@ -231,7 +236,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    @@ -239,7 +244,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); = 2) { ?> diff --git a/ticket.php b/ticket.php index 1e0dddcc..cef7edac 100644 --- a/ticket.php +++ b/ticket.php @@ -9,6 +9,10 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_support'); +$ticket_permission_snippet = ''; +if (!empty($client_access_string)) { + $ticket_permission_snippet = "AND ticket_client_id IN ($client_access_string)"; +} // Initialize the HTML Purifier to prevent XSS require_once "plugins/htmlpurifier/HTMLPurifier.standalone.php"; @@ -18,12 +22,6 @@ $purifier_config->set('Cache.DefinitionImpl', null); // Disable cache by setting $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); $purifier = new HTMLPurifier($purifier_config); -// Ticket client access snippet -$ticket_permission_snippet = ''; -if (!empty($client_access_string)) { - $ticket_permission_snippet = "AND ticket_client_id IN ($client_access_string)"; -} - if (isset($_GET['ticket_id'])) { $ticket_id = intval($_GET['ticket_id']); @@ -49,7 +47,7 @@ if (isset($_GET['ticket_id'])) { if (mysqli_num_rows($sql) == 0) { echo "

    Nothing to see here

     Go Back
    "; - include_once "footer.php"; + include_once "includes/footer.php"; } else { $row = mysqli_fetch_array($sql); @@ -979,7 +977,7 @@ if (isset($_GET['ticket_id'])) {
    @@ -390,15 +378,6 @@ if (isset($_GET['invoice_id'])) {
    - - - - - -
    '; }?> - - -
    @@ -344,17 +323,6 @@ if (isset($_GET['quote_id'])) {
    -
    - - - - -
    '; - } ?> - - -
    - +
    From 58a8f08bd210164abfcb13853fcdf16819de596a Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 13:15:15 -0500 Subject: [PATCH 358/366] Fix broken product edit due to wrong field being called --- CHANGELOG.md | 5 +++++ ajax/ajax_product_edit.php | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb66fc01..893bd26d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,8 @@ This file documents all notable changes made to ITFlow. - Clone asset interfaces when assets are transferred between clients ### Added / Changed +- Client Overview section to view all client things like assets, contacts, licenses, credentials etc +- Quick peek for asset details and contact details, document viewing throughout ITFlow App allows, all possible because of AJAX. - Simple Drag and Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks and Ticket Template Tasks. - Added a kanban view for tickets - Migrated all repeating modals to new ajax modal function for faster loading times and to allow for very quick development @@ -17,6 +19,9 @@ This file documents all notable changes made to ITFlow. - Client Portal now shows ticket category - Custom links can now be added to the client portal navbar +### Breaking Changes +- Cron scripts have officially moved to /scripts and are no longer in the root directy they must be updated for them to work + ## [25.01.3] ### Fixed - Fixed ticket assignment modal showing client contacts. diff --git a/ajax/ajax_product_edit.php b/ajax/ajax_product_edit.php index 66aeb1f3..f7093fae 100644 --- a/ajax/ajax_product_edit.php +++ b/ajax/ajax_product_edit.php @@ -11,7 +11,7 @@ $product_name = nullable_htmlentities($row['product_name']); $product_description = nullable_htmlentities($row['product_description']); $product_price = floatval($row['product_price']); $product_created_at = nullable_htmlentities($row['product_created_at']); -$category_id = intval($row['category_id']); +$category_id = intval($row['product_category_id']); $product_tax_id = intval($row['product_tax_id']); // Generate the HTML form content using output buffering. From 7e041d52df0b06277e6cf9bdd6f1baa1ef223cbf Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 13:22:53 -0500 Subject: [PATCH 359/366] Move Client Overview to the bottom of the side nav --- clients.php | 2 +- includes/side_nav.php | 17 ++++++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/clients.php b/clients.php index 52fc5def..1ddceadf 100644 --- a/clients.php +++ b/clients.php @@ -86,7 +86,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -

    Management

    +

    = 2) { ?>
    diff --git a/includes/side_nav.php b/includes/side_nav.php index d61c97b5..7d30cc8a 100644 --- a/includes/side_nav.php +++ b/includes/side_nav.php @@ -32,13 +32,6 @@

    -
  • - - -

    Overview

    - -     -
    • = 1) { ?> @@ -191,6 +184,16 @@ + = 1) { ?> +
  • + + +

    Client Overview

    + +     +
    • + + = 1) { ?>
  • From 69850f83d3b8fe39411be337754feac054e31932 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 13:31:27 -0500 Subject: [PATCH 360/366] Add s --- clients.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clients.php b/clients.php index 1ddceadf..bbd5293a 100644 --- a/clients.php +++ b/clients.php @@ -86,7 +86,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -

    +

    = 2) { ?>
    From 8d05633d7deb7ab6635b728fa80c01d4d8f39d71 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 14:02:31 -0500 Subject: [PATCH 361/366] Auto set client abbreviation if not set in add or edit client --- post/user/client_model.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/post/user/client_model.php b/post/user/client_model.php index 00255d86..c08352ff 100644 --- a/post/user/client_model.php +++ b/post/user/client_model.php @@ -10,5 +10,8 @@ $currency_code = sanitizeInput($_POST['currency_code'] ?? $session_company_curre $net_terms = intval($_POST['net_terms'] ?? $config_default_net_terms); $tax_id_number = sanitizeInput($_POST['tax_id_number'] ?? ''); $abbreviation = sanitizeInput($_POST['abbreviation']); +if (empty($abbreviation)) { + $abbreviation = shortenClient($name); +} $notes = sanitizeInput($_POST['notes']); $lead = intval($_POST['lead'] ?? 0); From 0e3959ce008452b1a85f196595a4793e98ad41c2 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 14:25:24 -0500 Subject: [PATCH 362/366] Updated Client Access Permissions to use the defined in check_login.php --- invoice.php | 8 ++------ invoices.php | 6 +----- quote.php | 7 ++----- quotes.php | 6 +----- ticket.php | 6 +----- vendors.php | 2 ++ 6 files changed, 9 insertions(+), 26 deletions(-) diff --git a/invoice.php b/invoice.php index 7bb5d4c0..273e9e42 100644 --- a/invoice.php +++ b/invoice.php @@ -9,11 +9,6 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_sales'); -$invoice_permission_snippet = ''; -if (!empty($client_access_string)) { - $invoice_permission_snippet = "AND invoice_client_id IN ($client_access_string)"; -} - if (isset($_GET['invoice_id'])) { @@ -26,7 +21,8 @@ if (isset($_GET['invoice_id'])) { LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 WHERE invoice_id = $invoice_id - $invoice_permission_snippet" + $access_permission_query + LIMIT 1" ); if (mysqli_num_rows($sql) == 0) { diff --git a/invoices.php b/invoices.php index a59d4112..aaf133bb 100644 --- a/invoices.php +++ b/invoices.php @@ -17,10 +17,6 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_sales'); -$invoice_permission_snippet = ''; -if (!empty($client_access_string)) { - $invoice_permission_snippet = "AND invoice_client_id IN ($client_access_string)"; -} $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' $client_query")); $sent_count = $row['num']; @@ -98,7 +94,7 @@ $sql = mysqli_query( $overdue_query AND DATE(invoice_date) BETWEEN '$dtf' AND '$dtt' AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR client_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%' OR category_name LIKE '%$q%') - $invoice_permission_snippet + $access_permission_query $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); diff --git a/quote.php b/quote.php index 1e090e86..3668a03a 100644 --- a/quote.php +++ b/quote.php @@ -9,10 +9,6 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_sales'); -$quote_permission_snippet = ''; -if (!empty($client_access_string)) { - $quote_permission_snippet = "AND quote_client_id IN ($client_access_string)"; -} if (isset($_GET['quote_id'])) { @@ -25,7 +21,8 @@ if (isset($_GET['quote_id'])) { LEFT JOIN contacts ON clients.client_id = contacts.contact_client_id AND contact_primary = 1 LEFT JOIN locations ON clients.client_id = locations.location_client_id AND location_primary = 1 WHERE quote_id = $quote_id - $quote_permission_snippet" + $access_permission_query + LIMIT 1" ); if (mysqli_num_rows($sql) == 0) { diff --git a/quotes.php b/quotes.php index 99b594ce..b37e40c3 100644 --- a/quotes.php +++ b/quotes.php @@ -17,10 +17,6 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_sales'); -$quote_permission_snippet = ''; -if (!empty($client_access_string)) { - $quote_permission_snippet = "AND quote_client_id IN ($client_access_string)"; -} $sql = mysqli_query( $mysqli, @@ -29,7 +25,7 @@ $sql = mysqli_query( LEFT JOIN categories ON quote_category_id = category_id WHERE (CONCAT(quote_prefix,quote_number) LIKE '%$q%' OR quote_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR quote_status LIKE '%$q%' OR quote_amount LIKE '%$q%' OR client_name LIKE '%$q%') AND DATE(quote_date) BETWEEN '$dtf' AND '$dtt' - $quote_permission_snippet + $access_permission_query $client_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); diff --git a/ticket.php b/ticket.php index c05a7c14..3053ebf6 100644 --- a/ticket.php +++ b/ticket.php @@ -11,10 +11,6 @@ if (isset($_GET['client_id'])) { // Perms enforceUserPermission('module_support'); -$ticket_permission_snippet = ''; -if (!empty($client_access_string)) { - $ticket_permission_snippet = "AND ticket_client_id IN ($client_access_string)"; -} // Initialize the HTML Purifier to prevent XSS require_once "plugins/htmlpurifier/HTMLPurifier.standalone.php"; @@ -42,7 +38,7 @@ if (isset($_GET['ticket_id'])) { LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id LEFT JOIN categories ON ticket_category = category_id WHERE ticket_id = $ticket_id - $ticket_permission_snippet + $access_permission_query LIMIT 1" ); diff --git a/vendors.php b/vendors.php index ab05d0e3..46ee786c 100644 --- a/vendors.php +++ b/vendors.php @@ -18,10 +18,12 @@ if (isset($_GET['client_id'])) { $sql = mysqli_query( $mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM vendors + LEFT JOIN clients ON client_id = vendor_client_id WHERE vendor_$archive_query AND vendor_template = 0 AND (vendor_name LIKE '%$q%' OR vendor_description LIKE '%$q%' OR vendor_account_number LIKE '%$q%' OR vendor_website LIKE '%$q%' OR vendor_contact_name LIKE '%$q%' OR vendor_email LIKE '%$q%' OR vendor_phone LIKE '%$phone_query%') $client_query + $access_permission_query ORDER BY $sort $order LIMIT $record_from, $record_to" ); From 915161d812a10a7954998d1ef2da61ee31f1e981 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 15:04:11 -0500 Subject: [PATCH 363/366] Fixed Revenue Edit category and account fields also removed currency selection there as its automatically determined by the company default --- ajax/ajax_revenue_edit.php | 19 ++----------------- modals/revenue_add_modal.php | 15 --------------- post/user/revenue.php | 6 ++---- 3 files changed, 4 insertions(+), 36 deletions(-) diff --git a/ajax/ajax_revenue_edit.php b/ajax/ajax_revenue_edit.php index a97b7faa..11998bdd 100644 --- a/ajax/ajax_revenue_edit.php +++ b/ajax/ajax_revenue_edit.php @@ -14,8 +14,8 @@ $revenue_payment_method = nullable_htmlentities($row['revenue_payment_method']); $revenue_amount = floatval($row['revenue_amount']); $revenue_currency_code = nullable_htmlentities($row['revenue_currency_code']); $revenue_created_at = nullable_htmlentities($row['revenue_created_at']); -$account_id = intval($row['account_id']); -$category_id = intval($row['category_id']); +$account_id = intval($row['revenue_account_id']); +$category_id = intval($row['revenue_category_id']); // Generate the HTML form content using output buffering. ob_start(); @@ -43,21 +43,6 @@ ob_start();
    -
    - -
    -
    - -
    - -
    -
    -
    diff --git a/modals/revenue_add_modal.php b/modals/revenue_add_modal.php index cef82772..29a96a0a 100644 --- a/modals/revenue_add_modal.php +++ b/modals/revenue_add_modal.php @@ -22,21 +22,6 @@
    -
    - -
    -
    - -
    - -
    -
    -
    diff --git a/post/user/revenue.php b/post/user/revenue.php index 47fa91bf..bdc82adb 100644 --- a/post/user/revenue.php +++ b/post/user/revenue.php @@ -12,14 +12,13 @@ if (isset($_POST['add_revenue'])) { $date = sanitizeInput($_POST['date']); $amount = floatval($_POST['amount']); - $currency_code = sanitizeInput($_POST['currency_code']); $account = intval($_POST['account']); $category = intval($_POST['category']); $payment_method = sanitizeInput($_POST['payment_method']); $description = sanitizeInput($_POST['description']); $reference = sanitizeInput($_POST['reference']); - mysqli_query($mysqli,"INSERT INTO revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_currency_code = '$currency_code', revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_category_id = $category, revenue_account_id = $account"); + mysqli_query($mysqli,"INSERT INTO revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_currency_code = '$session_company_currency', revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_category_id = $category, revenue_account_id = $account"); $revenue_id = mysqli_insert_id($mysqli); @@ -39,14 +38,13 @@ if (isset($_POST['edit_revenue'])) { $revenue_id = intval($_POST['revenue_id']); $date = sanitizeInput($_POST['date']); $amount = floatval($_POST['amount']); - $currency_code = sanitizeInput($_POST['currency_code']); $account = intval($_POST['account']); $category = intval($_POST['category']); $payment_method = sanitizeInput($_POST['payment_method']); $description = sanitizeInput($_POST['description']); $reference = sanitizeInput($_POST['reference']); - mysqli_query($mysqli,"UPDATE revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_currency_code = '$currency_code', revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_category_id = $category, revenue_account_id = $account WHERE revenue_id = $revenue_id"); + mysqli_query($mysqli,"UPDATE revenues SET revenue_date = '$date', revenue_amount = $amount, revenue_payment_method = '$payment_method', revenue_reference = '$reference', revenue_description = '$description', revenue_category_id = $category, revenue_account_id = $account WHERE revenue_id = $revenue_id"); // Logging logAction("Revenue", "Edit", "$session_name edited revenue $description", 0, $revenue_id); From daeb71abb3e5b2fde398b32f2fad658c7db1e2c7 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 15:20:10 -0500 Subject: [PATCH 364/366] Update the App Version to 25.02 for prep on release --- includes/app_version.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/app_version.php b/includes/app_version.php index f2573122..9f58170d 100644 --- a/includes/app_version.php +++ b/includes/app_version.php @@ -5,4 +5,4 @@ * Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month. */ -DEFINE("APP_VERSION", "25.01.3"); +DEFINE("APP_VERSION", "25.02"); From 2cddda5062de77e6cd4f0ad8340efb9e3e0ab598 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 15:36:57 -0500 Subject: [PATCH 365/366] Updated Changelog --- CHANGELOG.md | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 893bd26d..385e5534 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,23 +4,29 @@ This file documents all notable changes made to ITFlow. ## [25.02] ### Fixed -- Changed several reports over to the new permissions/roles system -- Fixed empty task box showing for resolved/closed tickets -- Fix ticket priority sorting -- Clone asset interfaces when assets are transferred between clients +- Migrated several reports to the new permissions/roles system +- Resolved issue with empty task box showing for closed/resolved tickets +- Corrected ticket priority sorting +- Cloned asset interfaces when transferring assets between clients ### Added / Changed -- Client Overview section to view all client things like assets, contacts, licenses, credentials etc -- Quick peek for asset details and contact details, document viewing throughout ITFlow App allows, all possible because of AJAX. -- Simple Drag and Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks and Ticket Template Tasks. -- Added a kanban view for tickets -- Migrated all repeating modals to new ajax modal function for faster loading times and to allow for very quick development -- Clients can upload PDF documents to accepted quotes +- Restored max number of records per page option back to 500 since we dont have repeating modals. +- Bulk Categorize Tickets feature +- Renamed "Interface port" to "Interface Description." "Interface Name" should now refer to port name and/or number +- Changed "Transfer Asset to Client" from a single action to a bulk action +- Updated Filter Footer UI to show "Showing x to x of x records" instead of just the total records +- Added Client Overview section to view client assets, contacts, licenses, credentials, etc. +- Introduced Quick Peek for asset details, contact information, and document viewing throughout the ITFlow App, all made possible by AJAX +- Enabled Simple Drag-and-Drop Ordering for Invoices, Recurring Invoices, Quotes, Ticket Tasks, and Ticket Template Tasks +- Added new Ticket View options: Kanban and Simple View +- Migrated all repeating modals to the new AJAX modal function for faster loading times and quicker development +- Allowed clients to upload PDF documents to accepted quotes - Client Portal now shows ticket category -- Custom links can now be added to the client portal navbar +- Custom links can now be added to the Client Portal navbar +- Lots of little tweaks to UI, performance, bugs, etc. ### Breaking Changes -- Cron scripts have officially moved to /scripts and are no longer in the root directy they must be updated for them to work +- Cron scripts have officially been moved to the /scripts folder and are no longer in the root directory; they must be updated to function properly ## [25.01.3] ### Fixed From c022e5fe324583395b6ac995981d8f01087489a4 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 22 Feb 2025 15:45:21 -0500 Subject: [PATCH 366/366] Last fix document edit loading tonymce --- ajax/ajax_document_edit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ajax/ajax_document_edit.php b/ajax/ajax_document_edit.php index 4aed1720..11e2de79 100644 --- a/ajax/ajax_document_edit.php +++ b/ajax/ajax_document_edit.php @@ -41,7 +41,7 @@ ob_start();
    - +