ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:johnnyq/itflow

Browse Source
This commit is contained in:
johnnyq
2022-02-26 11:16:57 -05:00
parent 112efbc314 6b69c6a41d
commit 79afb05298
12 changed files with 1086 additions and 1027 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
admin_side_nav.php
View File

@@ -112,6 +112,14 @@
</a> </a>
</li> </li>
<li class="nav-item">
<a class="nav-link <?php if(basename($_SERVER["PHP_SELF"]) == "settings-api.php") { echo "active"; } ?>"
href="settings-api.php">
<i class="nav-icon fas fa-key"></i>
<p>API</p>
</a>
</li>
<li class="nav-header mt-3">MORE SETTINGS</li> <li class="nav-header mt-3">MORE SETTINGS</li>
<li class="nav-item"> <li class="nav-item">

122
ajax.php Normal file
View File

@@ -0,0 +1,122 @@
<?php
/*
* ajax.php
* Similar to post.php, but for requests using Asynchronous JavaScript
* Always returns data in JSON format, unless otherwise specified
*/
include("config.php");
include("functions.php");
include("check_login.php");
/*
* Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
*/
if(isset($_GET['certificate_fetch_parse_json_details'])){
// PHP doesn't appreciate attempting SSL sockets to non-existent domains
if(empty($_GET['domain'])){
exit();
}
$domain = $_GET['domain'];
// FQDNs in database shouldn't have a URL scheme, adding one
$domain = "https://".$domain;
// Parse host and port
$url = parse_url($domain, PHP_URL_HOST);
$port = parse_url($domain, PHP_URL_PORT);
// Default port
if(!$port){
$port = "443";
}
// Get certificate (using verify peer false to allow for self-signed certs)
$socket = "ssl://$url:$port";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$read = stream_socket_client($socket, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
$cert = stream_context_get_params($read);
$cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
// Process data
if($cert_public_key_obj){
$response['success'] = "TRUE";
$response['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$response['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$response['public_key'] = $export; //nl2br
}
else{
$response['success'] = "FALSE";
}
echo json_encode($response);
}
/*
* Looks up info for a given certificate ID from the database, used to dynamically populate modal fields
*/
if(isset($_GET['certificate_get_json_details'])){
$certificate_id = intval($_GET['certificate_id']);
$client_id = intval($_GET['client_id']);
// Individual certificate lookup
$cert_sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_id = $certificate_id AND certificate_client_id = $client_id");
while($row = mysqli_fetch_array($cert_sql)){
$response['certificate'][] = $row;
}
// Get all domains for this client that could be linked to this certificate
$domains_sql = mysqli_query($mysqli, "SELECT domain_id, domain_name FROM domains WHERE domain_client_id = '$client_id' AND company_id = '$session_company_id'");
while($row = mysqli_fetch_array($domains_sql)){
$response['domains'][] = $row;
}
echo json_encode($response);
}
/*
* Looks up info on the ticket number provided, used to populate the ticket merge modal
*/
if(isset($_GET['merge_ticket_get_json_details'])){
$merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
$sql = mysqli_query($mysqli,"SELECT * FROM tickets
LEFT JOIN clients ON ticket_client_id = client_id
LEFT JOIN contacts ON ticket_contact_id = contact_id
WHERE ticket_number = '$merge_into_ticket_number' AND tickets.company_id = '$session_company_id'");
if(mysqli_num_rows($sql) == 0){
//Do nothing.
}
else {
//Return ticket, client and contact details for the given ticket number
$response = mysqli_fetch_array($sql);
echo json_encode($response);
}
}
/*
* Looks up info for a given network ID from the database, used to dynamically populate modal fields
*/
if(isset($_GET['network_get_json_details'])){
$network_id = intval($_GET['network_id']);
$client_id = intval($_GET['client_id']);
// Individual network lookup
$network_sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_id = $network_id AND network_client_id = $client_id");
while($row = mysqli_fetch_array($network_sql)){
$response['network'][] = $row;
}
// Lookup all client locations, as networks can be associated with any client location
$locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations
WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
);
while($row = mysqli_fetch_array($locations_sql)){
$response['locations'][] = $row;
}
echo json_encode($response);
}

8
client_certificates.php
View File

@@ -140,7 +140,7 @@ include("client_certificate_add_modal.php");
// Send a GET request to post.php as post.php?certificate_get_json_details=true&client_id=NUM&certificate_id=NUM // Send a GET request to post.php as post.php?certificate_get_json_details=true&client_id=NUM&certificate_id=NUM
jQuery.get( jQuery.get(
"post.php", "ajax.php",
{certificate_get_json_details: 'true', client_id: client_id, certificate_id: certificate_id}, {certificate_get_json_details: 'true', client_id: client_id, certificate_id: certificate_id},
function(data){ function(data){
@@ -203,10 +203,10 @@ include("client_certificate_add_modal.php");
var publicKey = document.getElementById("editPublicKey"); var publicKey = document.getElementById("editPublicKey");
} }
//Send a GET request to post.php as post.php?fetch_certificate=TRUE&domain=DOMAIN //Send a GET request to post.php as post.php?certificate_fetch_parse_json_details=TRUE&domain=DOMAIN
jQuery.get( jQuery.get(
"post.php", "ajax.php",
{fetch_certificate: 'TRUE', domain: domain}, {certificate_fetch_parse_json_details: 'TRUE', domain: domain},
function(data){ function(data){
//If we get a response from post.php, parse it as JSON //If we get a response from post.php, parse it as JSON
const ssl_data = JSON.parse(data); const ssl_data = JSON.parse(data);

2
client_contacts.php
View File

@@ -139,7 +139,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
if($contact_id == $primary_contact){ if($contact_id == $primary_contact){
$primary_contact_display = "<small class='text-success'>Primary Contact</small>"; $primary_contact_display = "<small class='text-success'>Primary Contact</small>";
}else{ }else{
$primary_contact_display = "<small class='text-danger'>Needs approval</small>"; $primary_contact_display = FALSE;
} }
$contact_location_id = $row['contact_location_id']; $contact_location_id = $row['contact_location_id'];
$location_name = $row['location_name']; $location_name = $row['location_name'];

2
client_networks.php
View File

@@ -170,7 +170,7 @@ function populateNetworkEditModal(client_id, network_id) {
// Send a GET request to post.php as post.php?network_get_json_details=true&client_id=NUM&network_id=NUM // Send a GET request to post.php as post.php?network_get_json_details=true&client_id=NUM&network_id=NUM
jQuery.get( jQuery.get(
"post.php", "ajax.php",
{network_get_json_details: 'true', client_id: client_id, network_id: network_id}, {network_get_json_details: 'true', client_id: client_id, network_id: network_id},
function(data){ function(data){

2
invoice.php
View File

@@ -299,7 +299,7 @@ if(isset($_GET['invoice_id'])){
<td><input type="text" class="form-control" id="name" name="name" placeholder="Item" required></td> <td><input type="text" class="form-control" id="name" name="name" placeholder="Item" required></td>
<td><textarea class="form-control" rows="2" id="desc" name="description" placeholder="Description"></textarea></td> <td><textarea class="form-control" rows="2" id="desc" name="description" placeholder="Description"></textarea></td>
<td><input type="number" step="0.01" min="0" class="form-control" style="text-align: center;" id="qty" name="qty" placeholder="QTY"></td> <td><input type="number" step="0.01" min="0" class="form-control" style="text-align: center;" id="qty" name="qty" placeholder="QTY"></td>
<td><input type="number" step="0.01" class="form-control" style="text-align: right;" id="price" name="price" placeholder="Price (<?php echo $client_currency_symbol; ?>)"></td> <td><input type="number" step="0.01" class="form-control" style="text-align: right;" id="price" name="price" placeholder="Price (<?php echo $invoice_currency_code; ?>)"></td>
<td> <td>
<select class="form-control select2" name="tax_id" required> <select class="form-control select2" name="tax_id" required>
<option value="0">None</option> <option value="0">None</option>

99
post.php
View File

@@ -5075,25 +5075,6 @@ if(isset($_POST['edit_network'])){
} }
if(isset($_GET['network_get_json_details'])){
$network_id = intval($_GET['network_id']);
$client_id = intval($_GET['client_id']);
$network_sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_id = $network_id AND network_client_id = $client_id");
while($row = mysqli_fetch_array($network_sql)){
$response['network'][] = $row;
}
$locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations
WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
);
while($row = mysqli_fetch_array($locations_sql)){
$response['locations'][] = $row;
}
echo json_encode($response);
}
if(isset($_GET['delete_network'])){ if(isset($_GET['delete_network'])){
$network_id = intval($_GET['delete_network']); $network_id = intval($_GET['delete_network']);
@@ -5221,68 +5202,6 @@ if(isset($_POST['edit_certificate'])){
} }
if(isset($_GET['certificate_get_json_details'])){
$certificate_id = intval($_GET['certificate_id']);
$client_id = intval($_GET['client_id']);
$cert_sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_id = $certificate_id AND certificate_client_id = $client_id");
while($row = mysqli_fetch_array($cert_sql)){
$response['certificate'][] = $row;
}
$domains_sql = mysqli_query($mysqli, "SELECT domain_id, domain_name FROM domains
WHERE domain_client_id = '$client_id' AND company_id = '$session_company_id'"
);
while($row = mysqli_fetch_array($domains_sql)){
$response['domains'][] = $row;
}
echo json_encode($response);
}
if(isset($_GET['fetch_certificate'])){
// PHP doesn't appreciate attempting SSL sockets to non-existent domains
if(empty($_GET['domain'])){
exit();
}
$domain = $_GET['domain'];
// FQDNs in database shouldn't have a URL scheme, adding one
$domain = "https://".$domain;
// Parse host and port
$url = parse_url($domain, PHP_URL_HOST);
$port = parse_url($domain, PHP_URL_PORT);
// Default port
if(!$port){
$port = "443";
}
// Get certificate
// Using verify peer false to allow for self-signed / internal CA certs
$socket = "ssl://$url:$port";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$read = stream_socket_client($socket, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
$cert = stream_context_get_params($read);
$cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
// Process data
if($cert_public_key_obj){
$cert_data['success'] = "TRUE";
$cert_data['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$cert_data['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$cert_data['public_key'] = $export; //nl2br
}
else{
$cert_data['success'] = "FALSE";
}
// Return as JSON
echo json_encode($cert_data);
}
if(isset($_GET['delete_certificate'])){ if(isset($_GET['delete_certificate'])){
$certificate_id = intval($_GET['delete_certificate']); $certificate_id = intval($_GET['delete_certificate']);
@@ -5730,24 +5649,6 @@ if(isset($_GET['archive_ticket_reply'])){
} }
if(isset($_GET['merge_ticket_get_json_details'])){
$merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
$sql = mysqli_query($mysqli,"SELECT * FROM tickets
LEFT JOIN clients ON ticket_client_id = client_id
LEFT JOIN contacts ON ticket_contact_id = contact_id
WHERE ticket_number = '$merge_into_ticket_number' AND tickets.company_id = '$session_company_id'");
if(mysqli_num_rows($sql) == 0){
//Do nothing.
}
else {
//Return ticket, client and contact details for the given ticket number
$row = mysqli_fetch_array($sql);
echo json_encode($row);
}
}
if(isset($_POST['merge_ticket'])){ if(isset($_POST['merge_ticket'])){
$ticket_id = intval($_POST['ticket_id']); $ticket_id = intval($_POST['ticket_id']);
$merge_into_ticket_number = intval($_POST['merge_into_ticket_number']); $merge_into_ticket_number = intval($_POST['merge_into_ticket_number']);

2
quote.php
View File

@@ -263,7 +263,7 @@ if(isset($_GET['quote_id'])){
<td><input type="text" class="form-control" name="name" id="name" placeholder="Item" required></td> <td><input type="text" class="form-control" name="name" id="name" placeholder="Item" required></td>
<td><textarea class="form-control" rows="2" name="description" id="desc" placeholder="Description"></textarea></td> <td><textarea class="form-control" rows="2" name="description" id="desc" placeholder="Description"></textarea></td>
<td><input type="number" step="0.01" min="0" class="form-control" id="qty" style="text-align: center;" name="qty" placeholder="QTY"></td> <td><input type="number" step="0.01" min="0" class="form-control" id="qty" style="text-align: center;" name="qty" placeholder="QTY"></td>
<td><input type="number" step="0.01" min="0" class="form-control" id="price" style="text-align: right;" name="price" placeholder="Price (<?php echo $client_currency_symbol; ?>)"></td> <td><input type="number" step="0.01" min="0" class="form-control" id="price" style="text-align: right;" name="price" placeholder="Price (<?php echo $quote_currency_code; ?>)"></td>
<td> <td>
<select class="form-control select2" id="tax" name="tax_id" required> <select class="form-control select2" id="tax" name="tax_id" required>
<option value="0">None</option> <option value="0">None</option>

0
api_keys.php → settings-api.php
View File

1804
setup.php
View File

File diff suppressed because it is too large Load Diff

62
ticket.php
View File

@@ -70,12 +70,14 @@ if(isset($_GET['ticket_id'])){
$contact_mobile = formatPhoneNumber($row['contact_mobile']); $contact_mobile = formatPhoneNumber($row['contact_mobile']);
$asset_id = $row['asset_id']; $asset_id = $row['asset_id'];
$asset_ip = htmlentities($row['asset_ip']);
$asset_name = htmlentities($row['asset_name']); $asset_name = htmlentities($row['asset_name']);
$asset_type = htmlentities($row['asset_type']); $asset_type = htmlentities($row['asset_type']);
$asset_make = htmlentities($row['asset_make']); $asset_make = htmlentities($row['asset_make']);
$asset_model = htmlentities($row['asset_model']); $asset_model = htmlentities($row['asset_model']);
$asset_serial = htmlentities($row['asset_serial']); $asset_serial = htmlentities($row['asset_serial']);
$asset_os = htmlentities($row['asset_os']); $asset_os = htmlentities($row['asset_os']);
$asset_warranty_expire = $row['asset_warranty_expire'];
$location_name = $row['location_name']; $location_name = $row['location_name'];
$location_address = $row['location_address']; $location_address = $row['location_address'];
@@ -145,6 +147,18 @@ if(isset($_GET['ticket_id'])){
$client_tag_name_display_array[] = "<span class='badge bg-$client_tag_color'><i class='fa fa-fw fa-$client_tag_icon'></i> $client_tag_name</span>"; $client_tag_name_display_array[] = "<span class='badge bg-$client_tag_color'><i class='fa fa-fw fa-$client_tag_icon'></i> $client_tag_name</span>";
} }
$client_tags_display = implode(' ', $client_tag_name_display_array); $client_tags_display = implode(' ', $client_tag_name_display_array);
// Get the asset warranty expiry
$date = date('Y-m-d H:i:s');
$dt_value = $asset_warranty_expire; //sample date
$warranty_check = date('m/d/Y',strtotime('-8 hours'));
if($dt_value <= $date){
$dt_value = "Expired on $asset_warranty_expire"; $color ='red';
}else{
$color = 'green';
}
?> ?>
@@ -392,20 +406,7 @@ if(isset($_GET['ticket_id'])){
<div class="card card-body card-outline card-dark mb-3"> <div class="card card-body card-outline card-dark mb-3">
<div> <div>
<h4 class="text-secondary">Asset</h4> <h4 class="text-secondary">Asset</h4>
<i class="fa fa-fw fa-desktop text-secondary ml-1 mr-2 mb-2"></i><strong><?php echo $asset_name; ?></strong> <i class="fa fa-fw fa-desktop text-secondary ml-1 mr-2 mb-2"></i> Asset name: <strong><?php echo $asset_name; ?></strong>
<br>
<?php
if(!empty($asset_make)){
?>
<i class="fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2"></i><?php echo "$asset_make $asset_model"; ?>
<br>
<?php
}
?>
<?php
if(!empty($asset_serial)){
?>
<i class="fa fa-fw fa-barcode text-secondary ml-1 mr-2 mb-2"></i><?php echo $asset_serial; ?>
<br> <br>
<?php <?php
} }
@@ -413,7 +414,38 @@ if(isset($_GET['ticket_id'])){
<?php <?php
if(!empty($asset_os)){ if(!empty($asset_os)){
?> ?>
<i class="fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2"></i><?php echo $asset_os; ?> <i class="fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2"></i> OS: <?php echo $asset_os; ?>
<br>
<?php
if(!empty($asset_ip)){
?>
<i class="fa fa-fw fa-network-wired text-secondary ml-1 mr-2 mb-2"></i> IP: <?php echo "$asset_ip"; ?>
<br>
<?php
}
?>
<?php
if(!empty($asset_make)){
?>
<i class="fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2"></i> Model: <?php echo "$asset_make $asset_model"; ?>
<br>
<?php
}
?>
<?php
if(!empty($asset_serial)){
?>
<i class="fa fa-fw fa-barcode text-secondary ml-1 mr-2 mb-2"></i> Service Tag: <?php echo $asset_serial; ?>
<br>
<?php
}
?>
<?php
if(!empty($asset_warranty_expire)){
?>
<i class="fa fa-fw fa-tag text-secondary ml-1 mr-2 mb-2"></i> Warranty expire: <strong><font color="<?php echo $color?>" > <?php echo $dt_value?></font></strong>
<br> <br>
<?php <?php
} }

2
ticket_merge_modal.php
View File

@@ -74,7 +74,7 @@
//Send a GET request to post.php as post.php?merge_ticket_get_json_details=true&merge_into_ticket_number=NUMBER //Send a GET request to post.php as post.php?merge_ticket_get_json_details=true&merge_into_ticket_number=NUMBER
jQuery.get( jQuery.get(
"post.php", "ajax.php",
{merge_ticket_get_json_details: 'true', merge_into_ticket_number: merge_into_ticket_number}, {merge_ticket_get_json_details: 'true', merge_into_ticket_number: merge_into_ticket_number},
function(data){ function(data){
//If we get a response from post.php, parse it as JSON //If we get a response from post.php, parse it as JSON