ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #577 from wrongecho/misc

Browse Source 
Misc refactoring/cleanups
This commit is contained in:
Johnny
2023-01-26 10:57:41 -05:00
committed by GitHub
parent fa8ce92b0e d7085c4790
commit 78951b3e3a
14 changed files with 1922 additions and 1942 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/v1/contacts/contact_model.php
+4 -1
View File
@@ -4,10 +4,13 @@ define('number_regex', '/[^0-9]/');
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_name'])));
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_title'])));
$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_department'])));
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_email'])));
$phone = preg_replace(number_regex, '', $_POST['contact_phone']);
$extension = preg_replace(number_regex, '', $_POST['contact_extension']);
$mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_email'])));
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_notes'])));
$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_auth_method'])));
$important = intval($_POST['contact_important']);
$billing = intval($_POST['contact_billing']);
$technical = intval($_POST['contact_technical']);
$location_id = intval($_POST['contact_location_id']);
api/v1/contacts/create.php
+1 -1
View File
@@ -17,7 +17,7 @@ if (!empty($name) && !empty($email) && !empty($client_id)) {
if (mysqli_num_rows($email_duplication_sql) == 0) {
// Insert contact
$insert_sql = mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_created_at = NOW(), contact_department = '$department', contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
$insert_sql = mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '$name', contact_title = '$title', contact_department = '$department', contact_email = '$email', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_important = '$important', contact_billing = '$billing', contact_technical = '$technical', contact_created_at = NOW(), contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id");
// Check insert & get insert ID
if ($insert_sql) {
api/v1/contacts/update.php
+1 -1
View File
@@ -12,7 +12,7 @@ $update_count = FALSE;
if (!empty($name) && !empty($email)) {
$update_sql = mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_updated_at = NOW(), contact_department_id = $department, contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
$update_sql = mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_department = '$department', contact_email = '$email', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_notes = '$notes', contact_auth_method = '$auth_method', contact_important = '$important', contact_billing = '$billing', contact_technical = '$technical', contact_updated_at = NOW(), contact_location_id = $location_id, contact_client_id = $client_id, company_id = $company_id WHERE contact_id = $contact_id LIMIT 1");
// Check insert & get insert ID
if ($update_sql) {
client_contact_details.php
+8 -15
View File
@@ -29,6 +29,11 @@ if (isset($_GET['contact_id'])) {
} else {
$primary_contact_display = FALSE;
}
if (empty($contact_name)) {
$contact_ticket_display = "-";
} else {
$contact_ticket_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);
if (empty($location_name)) {
@@ -52,7 +57,7 @@ if (isset($_GET['contact_id'])) {
$software_count = mysqli_num_rows($sql_related_software);
// Related Tickets Query
$sql_related_tickets = mysqli_query($mysqli,"SELECT * FROM tickets WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
$sql_related_tickets = mysqli_query($mysqli, "SELECT * FROM tickets LEFT JOIN users on ticket_assigned_to = user_id WHERE ticket_contact_id = $contact_id AND company_id = $session_company_id ORDER BY ticket_id DESC");
$ticket_count = mysqli_num_rows($sql_related_tickets);
?>
@@ -86,7 +91,7 @@ if (isset($_GET['contact_id'])) {
<div><i class="fa fa-fw fa-envelope text-secondary mr-3"></i><a href='mailto:<?php echo $contact_email; ?>'><?php echo $contact_email; ?></a><button class='btn btn-sm clipboardjs' data-clipboard-text='<?php echo $contact_email; ?>'><i class='far fa-copy text-secondary'></i></button></div>
<?php } ?>
<?php if (!empty($contact_phone)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo "$contact_phone $contact_phone_extention"; ?></div>
<div class="mb-2"><i class="fa fa-fw fa-phone text-secondary mr-3"></i><?php echo "$contact_phone $contact_extension"; ?></div>
<?php } ?>
<?php if (!empty($contact_mobile)) { ?>
<div class="mb-2"><i class="fa fa-fw fa-mobile-alt text-secondary mr-3"></i><?php echo $contact_mobile; ?></div>
@@ -519,25 +524,13 @@ if (isset($_GET['contact_id'])) {
} else {
$ticket_assigned_to_display = htmlentities($row['user_name']);
}
$contact_id = $row['contact_id'];
$contact_name = htmlentities($row['contact_name']);
if (empty($contact_name)) {
$contact_display = "-";
} else {
$contact_display = "$contact_name<br><small class='text-secondary'>$contact_email</small>";
}
$contact_title = htmlentities($row['contact_title']);
$contact_email = htmlentities($row['contact_email']);
$contact_phone = formatPhoneNumber($row['contact_phone']);
$contact_extension = htmlentities($row['contact_extension']);
$contact_mobile = formatPhoneNumber($row['contact_mobile']);
?>
<tr>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><span class="badge badge-pill badge-secondary p-3"><?php echo "$ticket_prefix$ticket_number"; ?></span></a></td>
<td><a href="ticket.php?ticket_id=<?php echo $ticket_id; ?>"><?php echo $ticket_subject; ?></a></td>
<td><?php echo $contact_display; ?></td>
<td><?php echo $contact_ticket_display; ?></td>
<td><?php echo $ticket_priority_display; ?></td>
<td><?php echo $ticket_status_display; ?></td>
<td><?php echo $ticket_assigned_to_display; ?></td>
client_document_add_from_template_modal.php
+1 -1
View File
@@ -60,7 +60,7 @@
$folder_name = htmlentities($row['folder_name']);
?>
<option <?php if ($_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
<option <?php if (isset($_GET['folder_id']) && $_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
<?php
}
?>
client_document_add_modal.php
+1 -1
View File
@@ -33,7 +33,7 @@
$folder_name = htmlentities($row['folder_name']);
?>
<option <?php if ($_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
<option <?php if (isset($_GET['folder_id']) && $_GET['folder_id'] == $folder_id) echo "selected"; ?> value="<?php echo $folder_id ?>"><?php echo $folder_name; ?></option>
<?php
}
?>
dashboard_financial.php
+3 -14
View File
@@ -1,19 +1,8 @@
<?php include("inc_all.php");
// Quick fix to prevent non-admins (i.e. techs) seeing financials - redirect to client list
// To be removed when we have a proper technical dashboard for techs
if ($_SESSION['user_role'] != 3) { ?>
<script type="text/javascript">
window.location.href = 'dashboard_technical.php';
</script>
<?php
exit();
}
function roundUpToNearestMultiple($n, $increment = 1000)
{
return (int) ($increment * ceil($n / $increment));
// Enforce accountant / admin role for the financial dashboard
if ($_SESSION['user_role'] != 3 && $_SESSION['user_role'] != 1) {
exit('<script type="text/javascript">window.location.href = \'dashboard_technical.php\';</script>');
}
if (isset($_GET['year'])) {
functions.php
+4 -1
View File
@@ -535,4 +535,7 @@ function sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_
}
}
function roundUpToNearestMultiple($n, $increment = 1000)
{
return (int) ($increment * ceil($n / $increment));
}
inc_all_reports.php
+4
View File
@@ -9,3 +9,7 @@ include("reports_side_nav.php");
include("inc_wrapper.php");
include("inc_alert_feedback.php");
// Set variable default values
$largest_income_month = 0;
$largest_invoice_month = 0;
$recurring_total = 0;
post.php
-2
View File
@@ -3023,7 +3023,6 @@ if(isset($_POST['add_quote'])){
$client = intval($_POST['client']);
$date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['date'])));
$category = intval($_POST['category']);
$currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code'])));
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
//Get the last Quote Number and add 1 for the new Quote number
@@ -3412,7 +3411,6 @@ if(isset($_POST['add_recurring'])){
$frequency = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['frequency'])));
$start_date = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['start_date'])));
$category = intval($_POST['category']);
$currency_code = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['currency_code'])));
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['scope'])));
//Get the last Recurring Number and add 1 for the new Recurring number
report_expense_summary.php
+1 -7
View File
@@ -1,10 +1,4 @@
<?php include("inc_all_reports.php"); ?>
<?php
function roundUpToNearestMultiple($n, $increment = 1000)
{
return (int) ($increment * ceil($n / $increment));
}
<?php include("inc_all_reports.php");
if (isset($_GET['year'])) {
$year = intval($_GET['year']);
report_income_summary.php
+1 -5
View File
@@ -1,11 +1,6 @@
<?php include("inc_all_reports.php"); ?>
<?php
function roundUpToNearestMultiple($n, $increment = 1000)
{
return (int) ($increment * ceil($n / $increment));
}
if (isset($_GET['year'])) {
$year = intval($_GET['year']);
} else {
@@ -178,6 +173,7 @@ var myLineChart = new Chart(ctx, {
pointBorderWidth: 2,
data: [
<?php
for ($month = 1; $month<=12; $month++) {
$sql_payments = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS payment_amount_for_month FROM payments, invoices WHERE payment_invoice_id = invoice_id AND YEAR(payment_date) = $year AND MONTH(payment_date) = $month AND payments.company_id = $session_company_id");
$row = mysqli_fetch_array($sql_payments);
report_recurring_by_client.php
+2 -2
View File
@@ -1,5 +1,4 @@
<?php include("inc_all_reports.php"); ?>
<?php
<?php include("inc_all_reports.php");
$sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $session_company_id");
@@ -23,6 +22,7 @@ $sql_clients = mysqli_query($mysqli,"SELECT * FROM clients WHERE company_id = $s
</thead>
<tbody>
<?php
while ($row = mysqli_fetch_array($sql_clients)) {
$client_id = $row['client_id'];
$client_name = htmlentities($row['client_name']);
settings_tags.php
+1 -1
View File
@@ -17,7 +17,7 @@ $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM tags
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
if ($num_row > 0) {
if ($num_rows > 0) {
//Colors Used
$sql_colors_used = mysqli_query($mysqli, "SELECT tag_color FROM tags
WHERE tag_archived_at IS NULL