From a59a6ce2b130f7bf65cdb28c7d6f40f95f019fef Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 30 Aug 2024 22:45:03 +0100 Subject: [PATCH 01/80] Check that a credential is shared before attempting to display the details to prevent debug error messages --- client_logins.php | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/client_logins.php b/client_logins.php index ae9753a7..f002b54a 100644 --- a/client_logins.php +++ b/client_logins.php @@ -96,7 +96,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- "> Archived @@ -159,7 +159,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $login_uri = nullable_htmlentities($row['login_uri']); if (empty($login_uri)) { $login_uri_display = "-"; - } else { + } else { $login_uri_display = truncate($login_uri,40) . ""; } $login_uri_2 = nullable_htmlentities($row['login_uri_2']); @@ -198,18 +198,20 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); AND item_related_id = $login_id LIMIT 1" ); - $row = mysqli_fetch_array($sql_shared); - $item_id = intval($row['item_id']); - $item_active = nullable_htmlentities($row['item_active']); - $item_key = nullable_htmlentities($row['item_key']); - $item_type = nullable_htmlentities($row['item_type']); - $item_related_id = intval($row['item_related_id']); - $item_note = nullable_htmlentities($row['item_note']); - $item_views = nullable_htmlentities($row['item_views']); - $item_view_limit = nullable_htmlentities($row['item_view_limit']); - $item_created_at = nullable_htmlentities($row['item_created_at']); - $item_expire_at = nullable_htmlentities($row['item_expire_at']); - $item_expire_at_human = timeAgo($row['item_expire_at']); + if (mysqli_num_rows($sql_shared) > 0) { + $row = mysqli_fetch_array($sql_shared); + $item_id = intval($row['item_id']); + $item_active = nullable_htmlentities($row['item_active']); + $item_key = nullable_htmlentities($row['item_key']); + $item_type = nullable_htmlentities($row['item_type']); + $item_related_id = intval($row['item_related_id']); + $item_note = nullable_htmlentities($row['item_note']); + $item_views = nullable_htmlentities($row['item_views']); + $item_view_limit = nullable_htmlentities($row['item_view_limit']); + $item_created_at = nullable_htmlentities($row['item_created_at']); + $item_expire_at = nullable_htmlentities($row['item_expire_at']); + $item_expire_at_human = timeAgo($row['item_expire_at']); + } ?> @@ -237,10 +239,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - -
- Shared -
+ 0) { ?> +
+ Shared +
From 78eead24f711d02d2944848be8f9326446ed58a1 Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 30 Aug 2024 22:49:18 +0100 Subject: [PATCH 02/80] Log when users navigate to the credentials page for a client --- client_logins.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/client_logins.php b/client_logins.php index ae9753a7..61eeef59 100644 --- a/client_logins.php +++ b/client_logins.php @@ -6,6 +6,9 @@ $order = "ASC"; require_once "inc_all_client.php"; +// Log when users load the Credentials/Logins page +mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'View', log_description = '$session_name viewed the Credentials page for client', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id"); + // Location Filter if (isset($_GET['location']) & !empty($_GET['location'])) { @@ -96,7 +99,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- "> Archived @@ -159,7 +162,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $login_uri = nullable_htmlentities($row['login_uri']); if (empty($login_uri)) { $login_uri_display = "-"; - } else { + } else { $login_uri_display = truncate($login_uri,40) . ""; } $login_uri_2 = nullable_htmlentities($row['login_uri_2']); From cf322b17bc06cd5159e91a17af1de79fabd0cd9b Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 30 Aug 2024 22:57:58 +0100 Subject: [PATCH 03/80] Hide the Export function when there are no records (locations, tickets, vendors) --- client_locations.php | 14 ++++++++------ client_tickets.php | 10 ++++++---- client_vendors.php | 20 +++++++++++--------- 3 files changed, 25 insertions(+), 19 deletions(-) diff --git a/client_locations.php b/client_locations.php index f1d5ec4c..4463d307 100644 --- a/client_locations.php +++ b/client_locations.php @@ -55,10 +55,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Import -
- - Export - + 0) { ?> +
+ + Export + +
@@ -95,7 +97,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- "> Archived @@ -265,7 +267,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Archive - +
diff --git a/client_tickets.php b/client_tickets.php index 49212d64..de2b951a 100644 --- a/client_tickets.php +++ b/client_tickets.php @@ -78,10 +78,12 @@ $total_tickets_closed = intval($row['total_tickets_closed']); From Template -
- - Export - + 0) { ?> +
+ + Export + +
diff --git a/client_vendors.php b/client_vendors.php index 4905c0da..74e6502e 100644 --- a/client_vendors.php +++ b/client_vendors.php @@ -37,10 +37,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Create from Template -
- - Export - + 0) { ?> +
+ + Export + + @@ -62,7 +64,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- "> Archived @@ -137,13 +139,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $vendor_created_at = nullable_htmlentities($row['vendor_created_at']); $vendor_archived_at = nullable_htmlentities($row['vendor_archived_at']); $vendor_template_id = intval($row['vendor_template_id']); - + if (empty($vendor_website)) { $vendor_website_display = "-"; } else { $vendor_website_display = ""; } - + ?> @@ -161,7 +163,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
- + - + Date: Fri, 30 Aug 2024 23:04:20 +0100 Subject: [PATCH 04/80] Log when client pack is exported to PDF --- post/client.php | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/post/client.php b/post/client.php index 2524077e..da599fab 100644 --- a/post/client.php +++ b/post/client.php @@ -508,15 +508,15 @@ if (isset($_POST["import_clients_csv"])) { // Create Contact mysqli_query($mysqli, "INSERT INTO contacts SET contact_name = '$contact_name', contact_title = '$title', contact_phone = '$contact_phone', contact_extension = '$contact_extension', contact_mobile = '$contact_mobile', contact_email = '$contact_email', contact_primary = 1, contact_important = 1, contact_client_id = $client_id"); - + $row_count = $row_count + 1; - + }else{ - + $duplicate_count = $duplicate_count + 1; - + } - + } fclose($file); @@ -583,6 +583,9 @@ if (isset($_POST['export_client_pdf'])) { $export_trips = intval($_POST['export_trips']); $export_logs = intval($_POST['export_logs']); + //Logging + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Export', log_description = '$session_name exported client data to a PDF file', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id"); + //get records from database $sql = mysqli_query($mysqli,"SELECT * FROM clients From 00e4e8a24b8faa0126356bcaae5bb9c05545cfe7 Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 30 Aug 2024 23:05:04 +0100 Subject: [PATCH 05/80] Log when client pack is exported to PDF --- post/client.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/post/client.php b/post/client.php index da599fab..548eb892 100644 --- a/post/client.php +++ b/post/client.php @@ -511,7 +511,7 @@ if (isset($_POST["import_clients_csv"])) { $row_count = $row_count + 1; - }else{ + } else { $duplicate_count = $duplicate_count + 1; From d9668f308620de533535239bb72dce3d90e8d18f Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Fri, 30 Aug 2024 23:15:48 +0100 Subject: [PATCH 06/80] Do not load most edit modals if ticket is closed. --- ticket.php | 48 +++++++++++++++++++++++++----------------------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/ticket.php b/ticket.php index b4b1502e..e78dd08b 100644 --- a/ticket.php +++ b/ticket.php @@ -343,11 +343,11 @@ if (isset($_GET['ticket_id'])) {
  • Ticket Details
    • - +
    - +
    - +
    @@ -357,7 +357,7 @@ if (isset($_GET['ticket_id'])) {
    - +
    @@ -429,12 +429,12 @@ if (isset($_GET['ticket_id'])) {
    - +
    -
    +
    @@ -605,12 +605,12 @@ if (isset($_GET['ticket_id'])) { Public Comment
    -
    - +
    +
    - +
    @@ -652,7 +652,7 @@ if (isset($_GET['ticket_id'])) {
    -
    +
    @@ -660,7 +660,7 @@ if (isset($_GET['ticket_id'])) {
    - +
    @@ -735,13 +735,13 @@ if (isset($_GET['ticket_id'])) {
    - +
    modified:
    - +
    @@ -1126,25 +1126,27 @@ if (isset($_GET['ticket_id'])) {
    Date: Tue, 3 Sep 2024 21:49:52 +0100 Subject: [PATCH 07/80] Enhance tickets by client report Enhancements ot the tickets by client report - Breakdown tickets by priority (low/med/high) - Breakdown stats per month, in addition to the existing per-year breakdown --- report_ticket_by_client.php | 275 ++++++++++++++++++++++++++++-------- 1 file changed, 214 insertions(+), 61 deletions(-) diff --git a/report_ticket_by_client.php b/report_ticket_by_client.php index cb69309e..02dcc48f 100644 --- a/report_ticket_by_client.php +++ b/report_ticket_by_client.php @@ -50,6 +50,12 @@ if (isset($_GET['year'])) { $year = date('Y'); } +if (isset($_GET['month'])) { + $month = intval($_GET['month']); +} else { + $month = date('m'); +} + $sql_ticket_years = mysqli_query($mysqli, "SELECT DISTINCT YEAR(ticket_created_at) AS ticket_year FROM tickets ORDER BY ticket_year DESC"); $sql_clients = mysqli_query($mysqli, "SELECT client_id, client_name FROM clients WHERE client_archived_at IS NULL ORDER BY client_name ASC"); @@ -72,73 +78,220 @@ $sql_clients = mysqli_query($mysqli, "SELECT client_id, client_name FROM clients + -
    - - - - - - - - - - - - 0) { - - // Calculate average time to solve - $count = 0; - $total = 0; - while ($row = mysqli_fetch_array($sql_tickets)) { - $openedTime = new DateTime($row['ticket_created_at']); - $resolvedTime = new DateTime($row['ticket_resolved_at']); - - $total += ($resolvedTime->getTimestamp() - $openedTime->getTimestamp()); - $count++; - } - $avg_time_to_resolve = $total / $count; - - ?> - +
    +
    +

    Yearly ()

    +
    +
    +
    +
    ClientTickets raisedTickets resolvedTotal Time worked (H:M:S)Avg time to resolve
    + - - - - - + + + + + + + + + + - -
    ClientTickets raisedBy priority: LowBy priority: MedBy priority: HighTickets resolvedTotal Time worked (H:M:S)Avg time to resolve
    + while ($row = mysqli_fetch_array($sql_clients)) { + $client_id = intval($row['client_id']); + $client_name = nullable_htmlentities($row['client_name']); + + // Calculate total tickets raised in period + $sql_ticket_raised_count = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_raised_count FROM tickets WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id"); + $row = mysqli_fetch_array($sql_ticket_raised_count); + $ticket_raised_count = intval($row['ticket_raised_count']); + + // Calculate total tickets raised in period that are resolved + $sql_ticket_resolved_count = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS ticket_resolved_count FROM tickets WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id AND ticket_resolved_at IS NOT NULL"); + $row = mysqli_fetch_array($sql_ticket_resolved_count); + $ticket_resolved_count = intval($row['ticket_resolved_count']); + + // Breakdown tickets for each priority - Low + $sql_low_ticket_count = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS low_ticket_count FROM TICKETS WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id AND ticket_priority = 'Low'"); + $row = mysqli_fetch_array($sql_low_ticket_count); + $low_ticket_count = intval($row['low_ticket_count']); + + // Breakdown tickets for each priority - Low + $sql_med_ticket_count = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS med_ticket_count FROM TICKETS WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id AND ticket_priority = 'Medium'"); + $row = mysqli_fetch_array($sql_med_ticket_count); + $med_ticket_count = intval($row['med_ticket_count']); + + // Breakdown tickets for each priority - Low + $sql_high_ticket_count = mysqli_query($mysqli, "SELECT COUNT(ticket_id) AS high_ticket_count FROM TICKETS WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id AND ticket_priority = 'High'"); + $row = mysqli_fetch_array($sql_high_ticket_count); + $high_ticket_count = intval($row['high_ticket_count']); + + // Used to calculate average time to resolve tickets that were raised in period specified + $sql_tickets = mysqli_query($mysqli, "SELECT ticket_created_at, ticket_resolved_at FROM tickets WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id AND ticket_resolved_at IS NOT NULL"); + + // Calculate total time tracked towards tickets in the period + $sql_time = mysqli_query($mysqli, "SELECT SEC_TO_TIME(SUM(TIME_TO_SEC(ticket_reply_time_worked))) as total_time FROM ticket_replies LEFT JOIN tickets ON tickets.ticket_id = ticket_replies.ticket_reply_ticket_id WHERE YEAR(ticket_created_at) = $year AND ticket_client_id = $client_id AND ticket_reply_time_worked IS NOT NULL"); + $row = mysqli_fetch_array($sql_time); + $ticket_total_time_worked = nullable_htmlentities($row['total_time']); + + if ($ticket_raised_count > 0 || $ticket_resolved_count > 0) { + + $avg_time_to_resolve = '-'; + if ($ticket_resolved_count > 0) { + // Calculate average time to solve + $count = 0; + $total = 0; + while ($row = mysqli_fetch_array($sql_tickets)) { + $openedTime = new DateTime($row['ticket_created_at']); + $resolvedTime = new DateTime($row['ticket_resolved_at']); + + $total += ($resolvedTime->getTimestamp() - $openedTime->getTimestamp()); + $count++; + } + $avg_time_to_resolve = secondsToTime($total / $count); + } + + ?> + + + + + + + + + + + + + + +
    +
    + + + +
    +
    +

    Monthly ()

    +
    +
    +
    + + + + + + + + + + + + + + + 0 || $ticket_resolved_count > 0) { + + $avg_time_to_resolve = '-'; + if ($ticket_resolved_count > 0) { + // Calculate average time to solve + $count = 0; + $total = 0; + while ($row = mysqli_fetch_array($sql_tickets)) { + $openedTime = new DateTime($row['ticket_created_at']); + $resolvedTime = new DateTime($row['ticket_resolved_at']); + + $total += ($resolvedTime->getTimestamp() - $openedTime->getTimestamp()); + $count++; + } + $avg_time_to_resolve = secondsToTime($total / $count); + } + + ?> + + + + + + + + + + + + + +
    ClientTickets raisedBy priority: LowBy priority: MedBy priority: HighTickets resolvedTotal Time worked (H:M:S)Avg time to resolve
    +
    + +
    +
    + From f433535a8bfb15dcc6196844edaf8f3f1c8c14cf Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Wed, 4 Sep 2024 08:52:08 +0100 Subject: [PATCH 08/80] Hide export function when module is empty --- client_assets.php | 12 +++++++----- client_certificates.php | 14 ++++++++------ client_domains.php | 16 +++++++++------- client_invoices.php | 14 ++++++++------ client_logins.php | 10 ++++++---- client_networks.php | 16 +++++++++------- client_payments.php | 8 +++++--- client_quotes.php | 16 +++++++++------- client_recurring_invoices.php | 26 ++++++++++++++------------ client_software.php | 12 +++++++----- client_trips.php | 14 ++++++++------ 11 files changed, 90 insertions(+), 68 deletions(-) diff --git a/client_assets.php b/client_assets.php index 59fe9d42..7e3847a3 100644 --- a/client_assets.php +++ b/client_assets.php @@ -105,10 +105,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Import -
    - - Export - + 0) { ?> +
    + + Export + + @@ -176,7 +178,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); } ?>
    - "> Archived diff --git a/client_certificates.php b/client_certificates.php index 63a0f451..4e116abc 100644 --- a/client_certificates.php +++ b/client_certificates.php @@ -26,12 +26,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - -
    - - Export - -
    + 0) { ?> + +
    + + Export + +
    +
    diff --git a/client_domains.php b/client_domains.php index 13e8b051..d0d65df9 100644 --- a/client_domains.php +++ b/client_domains.php @@ -35,12 +35,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - -
    - - Export - -
    + 0) { ?> + +
    + + Export + +
    +
    @@ -60,7 +62,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - "> Archived diff --git a/client_invoices.php b/client_invoices.php index d5e78706..0d8172a6 100644 --- a/client_invoices.php +++ b/client_invoices.php @@ -29,12 +29,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - -
    - - Export - -
    + 0) { ?> + +
    + + Export + +
    +
    diff --git a/client_logins.php b/client_logins.php index a2536100..f8b0c2dc 100644 --- a/client_logins.php +++ b/client_logins.php @@ -55,10 +55,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Import -
    - - Export - + 0) { ?> +
    + + Export + +
    diff --git a/client_networks.php b/client_networks.php index 63717dc2..a582ae8d 100644 --- a/client_networks.php +++ b/client_networks.php @@ -30,12 +30,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - -
    - - Export - -
    + 0) { ?> + +
    + + Export + +
    +
    @@ -115,7 +117,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $network_primary_dns = nullable_htmlentities($row['network_primary_dns']); $network_secondary_dns = nullable_htmlentities($row['network_secondary_dns']); if ($network_primary_dns && $network_secondary_dns) { - $network_dns_display = "$network_primary_dns
    $network_secondary_dns
    "; + $network_dns_display = "$network_primary_dns
    $network_secondary_dns
    "; } else { $network_dns_display = "-"; } diff --git a/client_payments.php b/client_payments.php index a7e0f47d..d1ea1c68 100644 --- a/client_payments.php +++ b/client_payments.php @@ -27,9 +27,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));

    Payments

    -
    - -
    + 0) { ?> +
    + +
    +
    diff --git a/client_quotes.php b/client_quotes.php index d4a7022c..fe1a2538 100644 --- a/client_quotes.php +++ b/client_quotes.php @@ -29,13 +29,15 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - -
    - - Export - -
    -
    + 0) { ?> + +
    + + Export + +
    + +
    diff --git a/client_recurring_invoices.php b/client_recurring_invoices.php index 3bcc9aec..ee7e125a 100644 --- a/client_recurring_invoices.php +++ b/client_recurring_invoices.php @@ -22,21 +22,23 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); ?> -
    -
    -

    Recurring Invoices

    -
    -
    - - -
    - - Export - +
    +
    +

    Recurring Invoices

    +
    +
    + + 0) { ?> + +
    + + Export + +
    +
    -
    diff --git a/client_software.php b/client_software.php index 4091a0c3..03b212b0 100644 --- a/client_software.php +++ b/client_software.php @@ -36,10 +36,12 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Create from Template -
    - - Export - + 0) { ?> +
    + + Export + +
    @@ -61,7 +63,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - "> Archived diff --git a/client_trips.php b/client_trips.php index 8debe53c..70a9a0e1 100644 --- a/client_trips.php +++ b/client_trips.php @@ -29,12 +29,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - -
    - - Export - -
    + 0) { ?> + +
    + + Export + +
    +
    From b3e6039ec55f009b80fca7ee6d7bb5511fd1ff29 Mon Sep 17 00:00:00 2001 From: Hugo Sampaio Date: Wed, 4 Sep 2024 17:37:20 -0300 Subject: [PATCH 09/80] fix pagination hidden fix pagination hidden, when number of rows is smaller than 10 --- pagination.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pagination.php b/pagination.php index 1b6bd017..7751714c 100644 --- a/pagination.php +++ b/pagination.php @@ -10,7 +10,7 @@ $total_found_rows = $num_rows[0]; $total_pages = ceil($total_found_rows / $user_config_records_per_page); -if ($total_found_rows > 10) { +if ($total_found_rows > 1) { $i = 0; ?> From bb12b020999a8a9aaf0baa0068f924716f23a3ee Mon Sep 17 00:00:00 2001 From: Hugo Sampaio Date: Wed, 4 Sep 2024 18:03:39 -0300 Subject: [PATCH 10/80] Update pagination.php makes more sense 5 because its the minimum page to set --- pagination.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pagination.php b/pagination.php index 7751714c..73d4099e 100644 --- a/pagination.php +++ b/pagination.php @@ -10,7 +10,7 @@ $total_found_rows = $num_rows[0]; $total_pages = ceil($total_found_rows / $user_config_records_per_page); -if ($total_found_rows > 1) { +if ($total_found_rows > 5) { $i = 0; ?> From 1a359a207fe924aace5f09df0b31247ee4cabf66 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 4 Sep 2024 19:20:32 -0400 Subject: [PATCH 11/80] Show Additional Columns in Assets --- client_assets.php | 49 ++++++++++++++++++++++++++++++++++++-------- client_contacts.php | 9 +++++--- client_locations.php | 4 ++-- 3 files changed, 49 insertions(+), 13 deletions(-) diff --git a/client_assets.php b/client_assets.php index 7e3847a3..099a20ad 100644 --- a/client_assets.php +++ b/client_assets.php @@ -149,7 +149,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -
    +
    +
    + +
    +
    +
    @@ -238,14 +253,26 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Serial - + + + OS - IP - Install Date + + + + IP + + + + + Install Date + + - Assigned To + + Assigned To + Location Status @@ -369,11 +396,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + - - + + + + + + + diff --git a/client_contacts.php b/client_contacts.php index c8eb15f3..ee832ae9 100644 --- a/client_contacts.php +++ b/client_contacts.php @@ -90,7 +90,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -
    +
    -
    +
    "> From 34b9e2978a23390ea30e1955599cd4d77cae3bc7 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 4 Sep 2024 19:39:06 -0400 Subject: [PATCH 12/80] Added Physical Location to the additonal asset columns option --- client_assets.php | 42 +++++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/client_assets.php b/client_assets.php index 099a20ad..c768ef71 100644 --- a/client_assets.php +++ b/client_assets.php @@ -161,6 +161,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); +
    @@ -275,6 +278,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); Location + + + Physical Location + + Status Action @@ -287,7 +295,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $asset_type = nullable_htmlentities($row['asset_type']); $asset_name = nullable_htmlentities($row['asset_name']); $asset_description = nullable_htmlentities($row['asset_description']); - if (empty($asset_description)) { + if ($asset_description) { $asset_description_display = "-"; } else { $asset_description_display = $asset_description; @@ -295,22 +303,22 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $asset_make = nullable_htmlentities($row['asset_make']); $asset_model = nullable_htmlentities($row['asset_model']); $asset_serial = nullable_htmlentities($row['asset_serial']); - if (empty($asset_serial)) { - $asset_serial_display = "-"; - } else { + if ($asset_serial) { $asset_serial_display = $asset_serial; + } else { + $asset_serial_display = "-"; } $asset_os = nullable_htmlentities($row['asset_os']); - if (empty($asset_os)) { - $asset_os_display = "-"; - } else { + if ($asset_os) { $asset_os_display = $asset_os; + } else { + $asset_os_display = "-"; } $asset_ip = nullable_htmlentities($row['interface_ip']); - if (empty($asset_ip)) { - $asset_ip_display = "-"; - } else { + if ($asset_ip) { $asset_ip_display = $asset_ip; + } else { + $asset_ip_display = "-"; } $asset_ipv6 = nullable_htmlentities($row['interface_ipv6']); $asset_nat_ip = nullable_htmlentities($row['interface_nat_ip']); @@ -321,13 +329,18 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']); $asset_install_date = nullable_htmlentities($row['asset_install_date']); - if (empty($asset_install_date)) { - $asset_install_date_display = "-"; - } else { + if ($asset_install_date) { $asset_install_date_display = $asset_install_date; + } else { + $asset_install_date_display = "-"; } $asset_photo = nullable_htmlentities($row['asset_photo']); $asset_physical_location = nullable_htmlentities($row['asset_physical_location']); + if ($asset_physical_location) { + $asset_physical_location_display = $asset_physical_location; + } else { + $asset_physical_location_display = "-"; + } $asset_notes = nullable_htmlentities($row['asset_notes']); $asset_created_at = nullable_htmlentities($row['asset_created_at']); $asset_archived_at = nullable_htmlentities($row['asset_archived_at']); @@ -411,6 +424,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + + +
    From 4458c874636a4edd5d2a2b287964d1f8d61eca85 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 10:31:18 +0100 Subject: [PATCH 13/80] Initial implementation of whitelabelling --- cron.php | 11 +++++++++++ database_updates.php | 13 ++++++++++--- database_version.php | 2 +- db.sql | 2 ++ functions.php | 22 ++++++++++++++++++++++ get_settings.php | 4 ++++ login.php | 4 ++-- portal/login.php | 8 +++++++- portal/portal_footer.php | 10 +++++++++- post/setting.php | 8 ++++++++ settings_modules.php | 31 +++++++++++++++++++++++++++++++ 11 files changed, 107 insertions(+), 8 deletions(-) diff --git a/cron.php b/cron.php index 47a46b3b..8fcbb977 100644 --- a/cron.php +++ b/cron.php @@ -75,6 +75,10 @@ $config_log_retention = intval($row['config_log_retention']); // Set Currency Format $currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY); +// White label +$config_whitelabel_enabled = intval($row['config_whitelabel_enabled']); +$config_whitelabel_key = $row['config_whitelabel_key']; + $argv = $_SERVER['argv']; // Check cron is enabled @@ -137,6 +141,13 @@ mysqli_query($mysqli, "DELETE FROM logs WHERE log_created_at < CURDATE() - INTER * ############################################################################################################### */ +// Whitelabel - Disable if expired/invalid +if ($config_whitelabel_enabled && !validateWhitelabelKey($config_whitelabel_key)) { + mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 0, config_whitelabel_key = '' WHERE company_id = 1"); + mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Settings', notification = 'White-labelling was disabled due to expired/invalid key', notification_action = 'settings_modules.php'"); +} + + // GET NOTIFICATIONS // DOMAINS EXPIRING diff --git a/database_updates.php b/database_updates.php index 257b7c6b..1b581ca2 100644 --- a/database_updates.php +++ b/database_updates.php @@ -2131,10 +2131,17 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.5'"); } - // if (CURRENT_DATABASE_VERSION == '1.4.5') { - // // Insert queries here required to update to DB version 1.4.6 + if (CURRENT_DATABASE_VERSION == '1.4.5') { + mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_whitelabel_enabled` INT(11) NOT NULL DEFAULT '0' AFTER `config_phone_mask`"); + mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_whitelabel_key` TEXT NULL DEFAULT NULL AFTER `config_whitelabel_enabled`"); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.6'"); + } + + // if (CURRENT_DATABASE_VERSION == '1.4.6') { + // // Insert queries here required to update to DB version 1.4.7 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.6'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.7'"); // } } else { diff --git a/database_version.php b/database_version.php index 02ae2a6a..21ed9407 100644 --- a/database_version.php +++ b/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "1.4.5"); +DEFINE("LATEST_DATABASE_VERSION", "1.4.6"); diff --git a/db.sql b/db.sql index 2b4ba70f..f775b60e 100644 --- a/db.sql +++ b/db.sql @@ -1509,6 +1509,8 @@ CREATE TABLE `settings` ( `config_timezone` varchar(200) NOT NULL DEFAULT 'America/New_York', `config_destructive_deletes_enable` tinyint(1) NOT NULL DEFAULT 0, `config_phone_mask` tinyint(1) NOT NULL DEFAULT 1, + `config_whitelabel_enabled` int(11) NOT NULL DEFAULT 0, + `config_whitelabel_key` text DEFAULT NULL, PRIMARY KEY (`company_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; diff --git a/functions.php b/functions.php index 3813981c..a233b393 100644 --- a/functions.php +++ b/functions.php @@ -1327,3 +1327,25 @@ function getDomainExpirationDate($domain) { return null; // Return null if expiration date is not found } + +function validateWhitelabelKey($key) +{ + $public_key = "-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0k+4ZJudkdGMCFLx5b9 +H/sOozvWphFJsjVIF0vPVx9J0bTdml65UdS+32JagIHfPtEUTohaMnI3IAxxCDzl +655qmtjL7RHHdx9UMIKCmtAZOtd2u6rEyZH7vB7cKA49ysKGIaQSGwTQc8DCgsrK +uxRuX04xq9T7T+zuzROw3Y9WjFy9RwrONqLuG8LqO0j7bk5LKYeLAV7u3E/QiqNx +lEljN2UVJ3FZ/LkXeg8ORkV+IHs/toRIfPs/4VQnjEwk5BU6DX2STOvbeZnTqwP3 +zgjRYR/zGN5l+az6RB3+0mJRdZdv/y2aRkBlwTxx2gOrPbQAco4a/IOmkE3EbHe7 +6wIDAQAP +-----END PUBLIC KEY-----"; + + if (openssl_public_decrypt(base64_decode($key), $decrypted, $public_key)) { + $key_info = json_decode($decrypted, true); + if ($key_info['expires'] > date('Y-m-d H:i:s', strtotime('-7 day'))) { + return $key_info; + } + } + + return false; +} \ No newline at end of file diff --git a/get_settings.php b/get_settings.php index 5aa4e320..46902edd 100644 --- a/get_settings.php +++ b/get_settings.php @@ -130,6 +130,10 @@ $config_telemetry = intval($row['config_telemetry']); // Destructive Deletes $config_destructive_deletes_enable = intval($row['config_destructive_deletes_enable']); +// White label +$config_whitelabel_enabled = intval($row['config_whitelabel_enabled']); +$config_whitelabel_key = $row['config_whitelabel_key']; + // Select Arrays diff --git a/login.php b/login.php index edfeef33..d1d41b21 100644 --- a/login.php +++ b/login.php @@ -378,8 +378,8 @@ if (isset($_POST['login'])) { -
    -
    Looking for the Client Portal?
    +
    +
    Looking for the Client Portal?
    diff --git a/portal/login.php b/portal/login.php index feb0f1ae..3cd2d715 100644 --- a/portal/login.php +++ b/portal/login.php @@ -154,7 +154,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { -
    Forgot password?
    +
    Forgot password?
    @@ -178,6 +178,12 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
    +Powered by ITFlow'; +//} +?> + diff --git a/portal/portal_footer.php b/portal/portal_footer.php index 692d6cdb..3552e7ee 100644 --- a/portal/portal_footer.php +++ b/portal/portal_footer.php @@ -11,7 +11,15 @@
    -

    +

    + Powered by ITFlow'; +// } + ?> +

    + diff --git a/post/setting.php b/post/setting.php index 721a327d..9b562043 100644 --- a/post/setting.php +++ b/post/setting.php @@ -524,9 +524,17 @@ if (isset($_POST['edit_module_settings'])) { $config_module_enable_ticketing = intval($_POST['config_module_enable_ticketing']); $config_module_enable_accounting = intval($_POST['config_module_enable_accounting']); $config_client_portal_enable = intval($_POST['config_client_portal_enable']); + $config_whitelabel_key = $_POST['config_whitelabel_key']; mysqli_query($mysqli,"UPDATE settings SET config_module_enable_itdoc = $config_module_enable_itdoc, config_module_enable_ticketing = $config_module_enable_ticketing, config_module_enable_accounting = $config_module_enable_accounting, config_client_portal_enable = $config_client_portal_enable WHERE company_id = 1"); + // Validate white label key + if (!empty($config_whitelabel_key && validateWhitelabelKey($config_whitelabel_key))) { + mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 1, config_whitelabel_key = '$config_whitelabel_key' WHERE company_id = 1"); + } else { + mysqli_query($mysqli, "UPDATE settings SET config_whitelabel_enabled = 0, config_whitelabel_key = '' WHERE company_id = 1"); + } + //Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified module settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); diff --git a/settings_modules.php b/settings_modules.php index a54661ac..fa0a6003 100644 --- a/settings_modules.php +++ b/settings_modules.php @@ -40,6 +40,37 @@ require_once "inc_all_admin.php";
    +
    +
    + value="1" id="customSwitch5"> + +
    +
    + +
    + + +
    + + +
    +

    White-labelling is active - thank you for your support! :)

    +
      +
    • Key:
      • +
    • Org:
      • +
    • Expires:
      • +
    + +
    + + +
    + From 3d16431d3260a2f2a88ddf7b313a5b35d88778ca Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 10:44:50 +0100 Subject: [PATCH 14/80] Initial implementation of whitelabelling --- functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/functions.php b/functions.php index a233b393..cbd021a1 100644 --- a/functions.php +++ b/functions.php @@ -1348,4 +1348,4 @@ zgjRYR/zGN5l+az6RB3+0mJRdZdv/y2aRkBlwTxx2gOrPbQAco4a/IOmkE3EbHe7 } return false; -} \ No newline at end of file +} From a23005babe30b7c0a0c0847e6e6318f9cf1496bb Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 14:05:51 +0100 Subject: [PATCH 15/80] Portal - show client contacts --- portal/contacts.php | 72 ++++++++++++++++++++++++++++++++++++++++ portal/documents.php | 1 + portal/invoices.php | 1 + portal/portal_header.php | 5 ++- portal/quotes.php | 1 + portal/tickets.php | 1 + 6 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 portal/contacts.php diff --git a/portal/contacts.php b/portal/contacts.php new file mode 100644 index 00000000..d0e40d77 --- /dev/null +++ b/portal/contacts.php @@ -0,0 +1,72 @@ + + +

    Contacts

    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + +
    NameEmailRoles
    + +
    + +
    + + +

    Documents

    diff --git a/portal/invoices.php b/portal/invoices.php index 028611d5..a6ed0bce 100644 --- a/portal/invoices.php +++ b/portal/invoices.php @@ -17,6 +17,7 @@ if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) { $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id = $session_client_id AND invoice_status != 'Draft' ORDER BY invoice_date DESC"); ?> +

    Invoices

    diff --git a/portal/portal_header.php b/portal/portal_header.php index 237204a1..524e2108 100644 --- a/portal/portal_header.php +++ b/portal/portal_header.php @@ -62,10 +62,13 @@ header("X-Frame-Options: DENY"); // Legacy " href="quotes.php">Quotes - +
  • " href="documents.php">Documents
    • +
  • + " href="contacts.php">Contacts +
    • diff --git a/portal/quotes.php b/portal/quotes.php index dfb3ce52..64266fea 100644 --- a/portal/quotes.php +++ b/portal/quotes.php @@ -16,6 +16,7 @@ if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) { $quotes_sql = mysqli_query($mysqli, "SELECT * FROM quotes WHERE quote_client_id = $session_client_id AND quote_status != 'Draft' ORDER BY quote_date DESC"); ?> +

    Quotes

    diff --git a/portal/tickets.php b/portal/tickets.php index 4fe60d06..045860b2 100644 --- a/portal/tickets.php +++ b/portal/tickets.php @@ -42,6 +42,7 @@ $total_tickets = intval($row['total_tickets']); ?> +

    Tickets

    From 49fddd4f1e98c74fe8b7cd7bb8bb0dfd1855f8ed Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 15:16:11 +0100 Subject: [PATCH 16/80] Portal - allow editing client contacts, few tweaks to header incl session notifications --- portal/contact_edit.php | 114 +++++++++++++++++++++++++++++++++++++++ portal/contacts.php | 2 +- portal/document.php | 23 ++++++-- portal/portal_header.php | 19 +++++++ portal/portal_post.php | 17 ++++++ portal/ticket_add.php | 2 +- 6 files changed, 171 insertions(+), 6 deletions(-) create mode 100644 portal/contact_edit.php diff --git a/portal/contact_edit.php b/portal/contact_edit.php new file mode 100644 index 00000000..e187cc94 --- /dev/null +++ b/portal/contact_edit.php @@ -0,0 +1,114 @@ +set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); +$purifier = new HTMLPurifier($purifier_config); + +// Check for a contact ID +if (!isset($_GET['id']) && !intval($_GET['id'])) { + header("Location: contacts.php"); + exit(); +} + +$contact_id = intval($_GET['id']); + +$sql_contact = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_primary, contact_technical, contact_billing, contact_auth_method FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $session_client_id AND contacts.contact_archived_at IS NULL LIMIT 1"); + +$row = mysqli_fetch_array($sql_contact); + +if ($row) { + $contact_id = intval($row['contact_id']); + $contact_name = nullable_htmlentities($row['contact_name']); + $contact_email = nullable_htmlentities($row['contact_email']); + $contact_primary = intval($row['contact_primary']); + $contact_technical = intval($row['contact_technical']); + $contact_billing = intval($row['contact_billing']); +} else { + header("Location: portal_post.php?logout"); + exit(); +} + +?> + +
      +
    1. + Home +
      2. +
    2. + Contacts +
      3. +
    3. Edit Contact
      4. +
    + +
    +
    + + + + + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + + +
    +
    +
    +
    + > + +
    +
    +
    +
    +
    +
    + > + +
    +
    +
    +
    + + Cannot edit the primary contact"; } else { ?> + + +
    +
    + + + - + diff --git a/portal/document.php b/portal/document.php index d007e9de..16b39ac0 100644 --- a/portal/document.php +++ b/portal/document.php @@ -27,16 +27,31 @@ if (!isset($_GET['id']) && !intval($_GET['id'])) { } $document_id = intval($_GET['id']); -$sql_document = mysqli_query($mysqli, "SELECT document_id, document_name, document_content FROM documents WHERE document_id = $document_id AND document_client_id = $session_client_id AND document_template = 0 LIMIT 1"); +$sql_document = mysqli_query($mysqli, "SELECT document_id, document_name, document_content FROM documents WHERE document_id = $document_id AND document_client_id = $session_client_id AND document_template = 0 AND document_archived_at IS NULL LIMIT 1"); $row = mysqli_fetch_array($sql_document); -$document_id = intval($row['document_id']); -$document_name = nullable_htmlentities($row['document_name']); -$document_content = $purifier->purify($row['document_content']); +if ($row) { + $document_id = intval($row['document_id']); + $document_name = nullable_htmlentities($row['document_name']); + $document_content = $purifier->purify($row['document_content']); +} else { + header("Location: portal_post.php?logout"); + exit(); +} ?> +
      +
    1. + Home +
      2. +
    2. + Documents +
      3. +
    3. Document
      4. +
    +

    diff --git a/portal/portal_header.php b/portal/portal_header.php index 524e2108..b141dc4a 100644 --- a/portal/portal_header.php +++ b/portal/portal_header.php @@ -112,3 +112,22 @@ header("X-Frame-Options: DENY"); // Legacy
    + + +
    + + +
    + diff --git a/portal/portal_post.php b/portal/portal_post.php index 2fb50ae0..97e9e393 100644 --- a/portal/portal_post.php +++ b/portal/portal_post.php @@ -287,3 +287,20 @@ if (isset($_POST['edit_profile'])) { } header('Location: index.php'); } + +if (isset($_POST['edit_contact'])) { + $contact_id = intval($_POST['contact_id']); + $contact_name = sanitizeInput($_POST['contact_name']); + $contact_email = sanitizeInput($_POST['contact_email']); + $contact_technical = intval($_POST['contact_technical']); + $contact_billing = intval($_POST['contact_billing']); + + mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$contact_name', contact_email = '$contact_email', contact_billing = $contact_billing, contact_technical = $contact_technical WHERE contact_id = $contact_id AND contact_client_id = $session_client_id AND contact_archived_at IS NULL AND contact_primary = 0"); + + // Logging + mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Client $session_contact_name modified contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $session_client_id, log_entity_id = $contact_id"); + + $_SESSION['alert_message'] = "Contact updated"; + header('Location: contacts.php'); + +} \ No newline at end of file diff --git a/portal/ticket_add.php b/portal/ticket_add.php index b2022df4..8993a6a3 100644 --- a/portal/ticket_add.php +++ b/portal/ticket_add.php @@ -18,7 +18,7 @@ require_once 'inc_portal.php';
  • New Ticket
    • -

    Raise a new ticket

    +

    Raise a new ticket

    From 7827522b4020c3b75d1c6825dfee877009f6ce73 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 15:19:17 +0100 Subject: [PATCH 17/80] Portal - allow editing client contacts, few tweaks to header incl session notifications --- portal/contact_edit.php | 2 +- portal/contacts.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/portal/contact_edit.php b/portal/contact_edit.php index e187cc94..8b69d1a7 100644 --- a/portal/contact_edit.php +++ b/portal/contact_edit.php @@ -1,7 +1,7 @@ Date: Thu, 5 Sep 2024 15:19:52 +0100 Subject: [PATCH 18/80] Portal - allow editing client contacts, few tweaks to header incl session notifications --- portal/portal_post.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/portal/portal_post.php b/portal/portal_post.php index 97e9e393..feb4e437 100644 --- a/portal/portal_post.php +++ b/portal/portal_post.php @@ -303,4 +303,4 @@ if (isset($_POST['edit_contact'])) { $_SESSION['alert_message'] = "Contact updated"; header('Location: contacts.php'); -} \ No newline at end of file +} From 92681a86b3cfbd604fe46bf243656ae3c646acdb Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 15:21:05 +0100 Subject: [PATCH 19/80] Portal - allow editing client contacts, few tweaks to header incl session notifications --- portal/contact_edit.php | 7 ------- 1 file changed, 7 deletions(-) diff --git a/portal/contact_edit.php b/portal/contact_edit.php index 8b69d1a7..66646f8c 100644 --- a/portal/contact_edit.php +++ b/portal/contact_edit.php @@ -13,13 +13,6 @@ if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) { exit(); } -//Initialize the HTML Purifier to prevent XSS -require_once "../plugins/htmlpurifier/HTMLPurifier.standalone.php"; - -$purifier_config = HTMLPurifier_Config::createDefault(); -$purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]); -$purifier = new HTMLPurifier($purifier_config); - // Check for a contact ID if (!isset($_GET['id']) && !intval($_GET['id'])) { header("Location: contacts.php"); From 726aaac56a0d9958b7ebd70479fd38738ac86eac Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 15:44:06 +0100 Subject: [PATCH 20/80] Portal - allow editing client contacts, few tweaks to header incl session notifications --- portal/contact_edit.php | 17 +++++++++++++++++ portal/portal_post.php | 3 ++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/portal/contact_edit.php b/portal/contact_edit.php index 66646f8c..777337f7 100644 --- a/portal/contact_edit.php +++ b/portal/contact_edit.php @@ -32,6 +32,7 @@ if ($row) { $contact_primary = intval($row['contact_primary']); $contact_technical = intval($row['contact_technical']); $contact_billing = intval($row['contact_billing']); + $contact_auth_method = nullable_htmlentities($row['contact_auth_method']); } else { header("Location: portal_post.php?logout"); exit(); @@ -96,6 +97,22 @@ if ($row) {
    +
    + +
    +
    + +
    + +
    +
    + Cannot edit the primary contact"; } else { ?> diff --git a/portal/portal_post.php b/portal/portal_post.php index feb4e437..eff15096 100644 --- a/portal/portal_post.php +++ b/portal/portal_post.php @@ -294,8 +294,9 @@ if (isset($_POST['edit_contact'])) { $contact_email = sanitizeInput($_POST['contact_email']); $contact_technical = intval($_POST['contact_technical']); $contact_billing = intval($_POST['contact_billing']); + $contact_auth_method = sanitizeInput($_POST['contact_auth_method']); - mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$contact_name', contact_email = '$contact_email', contact_billing = $contact_billing, contact_technical = $contact_technical WHERE contact_id = $contact_id AND contact_client_id = $session_client_id AND contact_archived_at IS NULL AND contact_primary = 0"); + mysqli_query($mysqli, "UPDATE contacts SET contact_name = '$contact_name', contact_email = '$contact_email', contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$contact_auth_method' WHERE contact_id = $contact_id AND contact_client_id = $session_client_id AND contact_archived_at IS NULL AND contact_primary = 0"); // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = 'Client $session_contact_name modified contact $contact_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $session_client_id, log_entity_id = $contact_id"); From 54c8d6d74add54d7f280ea5bc85c1576743e32af Mon Sep 17 00:00:00 2001 From: wrongecho Date: Thu, 5 Sep 2024 17:26:28 +0100 Subject: [PATCH 21/80] Portal - allow adding contacts --- portal/contact_add.php | 96 +++++++++++++++++++++++++++++++++++++++++ portal/contact_edit.php | 4 +- portal/contacts.php | 90 ++++++++++++++++++++------------------ portal/portal_post.php | 17 +++++++- 4 files changed, 162 insertions(+), 45 deletions(-) create mode 100644 portal/contact_add.php diff --git a/portal/contact_add.php b/portal/contact_add.php new file mode 100644 index 00000000..c63eac2b --- /dev/null +++ b/portal/contact_add.php @@ -0,0 +1,96 @@ + + +
      +
    1. + Home +
      2. +
    2. + Contacts +
      3. +
    3. Add Contact
      4. +
    + +
    + + + + + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + + +
    +
    +
    +
    + + +
    +
    +
    +
    +
    +
    + + +
    +
    +
    +
    + +
    + +
    +
    + +
    + +
    +
    + + + +
    + + +
    - +
    @@ -73,7 +73,7 @@ if ($row) {
    - +
    diff --git a/portal/contacts.php b/portal/contacts.php index eb8ee768..66f7a3cb 100644 --- a/portal/contacts.php +++ b/portal/contacts.php @@ -16,57 +16,63 @@ if ($session_contact_primary == 0 && !$session_contact_is_technical_contact) { $contacts_sql = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email, contact_primary, contact_technical, contact_billing FROM contacts WHERE contact_client_id = $session_client_id AND contacts.contact_archived_at IS NULL ORDER BY contact_created_at"); ?> -

    Contacts

    -
    +
    +

    Contacts

    +
    + New Contact +
    +
    -
    +
    - - - - - - - - - - - +
    +
    NameEmailRoles
    + - - - + + + + + - + -
    NameEmailRoles
    + $contact_roles_display = '-'; + if ($contact_primary) { + $contact_roles_display = 'Primary contact'; + } else if ($contact_technical && $contact_billing) { + $contact_roles_display = 'Technical & Billing'; + } else if ($contact_technical) { + $contact_roles_display = 'Technical'; + } else if ($contact_billing) { + $contact_roles_display = 'Billing'; + } + + ?> + + + + + + + + + + + + +
    -
    - Date: Thu, 5 Sep 2024 17:56:42 +0100 Subject: [PATCH 22/80] Portal - allow clients to see certs/domains --- portal/certificates.php | 61 ++++++++++++++++++++++++++++++++++++++++ portal/domains.php | 55 ++++++++++++++++++++++++++++++++++++ portal/portal_header.php | 6 ++++ 3 files changed, 122 insertions(+) create mode 100644 portal/certificates.php create mode 100644 portal/domains.php diff --git a/portal/certificates.php b/portal/certificates.php new file mode 100644 index 00000000..aa30f4e4 --- /dev/null +++ b/portal/certificates.php @@ -0,0 +1,61 @@ + + +

    Web Certificates

    +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + +
    Certificate NameFQDNIssuerExpiry
    + +
    + +
    + + + +

    Domains

    +
    + +
    + + + + + + + + + + + + + + + + + + + + +
    Domain NameExpiry
    + +
    + +
    + + " href="contacts.php">Contacts +
  • + " href="domains.php">Domains +
    • +
  • + " href="certificates.php">Certificates +
    • From 6879300fe826a8fcc978d809aa88718afa76064c Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 5 Sep 2024 16:23:35 -0400 Subject: [PATCH 23/80] DB Structure Update for Custom Links --- database_updates.php | 21 ++++++++++++++++++--- database_version.php | 2 +- db.sql | 26 +++++++++++++++++++++++--- 3 files changed, 42 insertions(+), 7 deletions(-) diff --git a/database_updates.php b/database_updates.php index 1b581ca2..5418ca8d 100644 --- a/database_updates.php +++ b/database_updates.php @@ -2138,10 +2138,25 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.6'"); } - // if (CURRENT_DATABASE_VERSION == '1.4.6') { - // // Insert queries here required to update to DB version 1.4.7 + if (CURRENT_DATABASE_VERSION == '1.4.6') { + mysqli_query($mysqli, "CREATE TABLE `custom_links` ( + `custom_link_id` INT(11) NOT NULL AUTO_INCREMENT, + `custom_link_name` VARCHAR(200) NOT NULL, + `custom_link_description` TEXT DEFAULT NULL, + `custom_link_uri` VARCHAR(500) NOT NULL, + `custom_link_icon` VARCHAR(200) DEFAULT NULL, + `custom_link_created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP, + `custom_link_updated_at` DATETIME ON UPDATE CURRENT_TIMESTAMP NULL, + `custom_link_archived_at` DATETIME NULL, + PRIMARY KEY (`custom_link_id`) + )"); + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.7'"); + } + + // if (CURRENT_DATABASE_VERSION == '1.4.7') { + // // Insert queries here required to update to DB version 1.4.8 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.7'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.8'"); // } } else { diff --git a/database_version.php b/database_version.php index 21ed9407..c8b2825a 100644 --- a/database_version.php +++ b/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "1.4.6"); +DEFINE("LATEST_DATABASE_VERSION", "1.4.7"); diff --git a/db.sql b/db.sql index f775b60e..f4853405 100644 --- a/db.sql +++ b/db.sql @@ -66,7 +66,7 @@ CREATE TABLE `api_keys` ( `api_key_id` int(11) NOT NULL AUTO_INCREMENT, `api_key_name` varchar(255) NOT NULL, `api_key_secret` varchar(255) NOT NULL, - `api_key_decrypt_hash` varchar(255) NULL, + `api_key_decrypt_hash` varchar(200) NOT NULL, `api_key_created_at` datetime NOT NULL DEFAULT current_timestamp(), `api_key_expire` date NOT NULL, `api_key_client_id` int(11) NOT NULL DEFAULT 0, @@ -462,6 +462,26 @@ CREATE TABLE `custom_fields` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; +-- +-- Table structure for table `custom_links` +-- + +DROP TABLE IF EXISTS `custom_links`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8 */; +CREATE TABLE `custom_links` ( + `custom_link_id` int(11) NOT NULL AUTO_INCREMENT, + `custom_link_name` varchar(200) NOT NULL, + `custom_link_description` text DEFAULT NULL, + `custom_link_uri` varchar(500) NOT NULL, + `custom_link_icon` varchar(200) DEFAULT NULL, + `custom_link_created_at` datetime NOT NULL DEFAULT current_timestamp(), + `custom_link_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(), + `custom_link_archived_at` datetime DEFAULT NULL, + PRIMARY KEY (`custom_link_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; +/*!40101 SET character_set_client = @saved_cs_client */; + -- -- Table structure for table `custom_values` -- @@ -1468,7 +1488,7 @@ CREATE TABLE `settings` ( `config_ticket_from_name` varchar(200) DEFAULT NULL, `config_ticket_from_email` varchar(200) DEFAULT NULL, `config_ticket_email_parse` tinyint(1) NOT NULL DEFAULT 0, - `config_ticket_email_parse_unknown_senders` tinyint(1) NOT NULL DEFAULT 0, + `config_ticket_email_parse_unknown_senders` int(1) NOT NULL DEFAULT 0, `config_ticket_client_general_notifications` tinyint(1) NOT NULL DEFAULT 1, `config_ticket_autoclose_hours` int(5) NOT NULL DEFAULT 72, `config_ticket_new_ticket_notification_email` varchar(200) DEFAULT NULL, @@ -2073,4 +2093,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2024-06-13 12:39:55 +-- Dump completed on 2024-09-05 16:21:24 From 41276b55f006b66f10ff519ec3229543e963a3e1 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Thu, 5 Sep 2024 17:08:43 -0400 Subject: [PATCH 24/80] Feature: Custom Links on main side nav --- admin_custom_link_add_modal.php | 52 ++++++++++++++ admin_custom_link_edit_modal.php | 52 ++++++++++++++ admin_custom_links.php | 115 +++++++++++++++++++++++++++++++ admin_side_nav.php | 8 ++- post/admin.php | 50 ++++++++++++++ side_nav.php | 23 +++++++ 6 files changed, 299 insertions(+), 1 deletion(-) create mode 100644 admin_custom_link_add_modal.php create mode 100644 admin_custom_link_edit_modal.php create mode 100644 admin_custom_links.php diff --git a/admin_custom_link_add_modal.php b/admin_custom_link_add_modal.php new file mode 100644 index 00000000..5a662587 --- /dev/null +++ b/admin_custom_link_add_modal.php @@ -0,0 +1,52 @@ + \ No newline at end of file diff --git a/admin_custom_link_edit_modal.php b/admin_custom_link_edit_modal.php new file mode 100644 index 00000000..472cbe60 --- /dev/null +++ b/admin_custom_link_edit_modal.php @@ -0,0 +1,52 @@ + \ No newline at end of file diff --git a/admin_custom_links.php b/admin_custom_links.php new file mode 100644 index 00000000..e5daf063 --- /dev/null +++ b/admin_custom_links.php @@ -0,0 +1,115 @@ + + +
    +
    +

    Custom Links

    +
    + +
    +
    + +
    +
    +
    +
    +
    + +
    + +
    +
    +
    +
    +
    +
    +
    + +
    +
    + + "> + + + + + + + + + + + + + + + + + +
    NameURIAction
    + + + + + +
    + +
    + + Edit + +
    + + Delete + +
    +
    +
    +
    + +
    +
    + + - +
  • + + +

    Custom Links

    +     +
    • diff --git a/post/admin.php b/post/admin.php index 1661533f..afd759ff 100644 --- a/post/admin.php +++ b/post/admin.php @@ -293,3 +293,53 @@ if (isset($_GET['delete_ticket_status'])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } + +if (isset($_POST['add_custom_link'])) { + + $name = sanitizeInput($_POST['name']); + $uri = sanitizeInput($_POST['uri']); + $icon = preg_replace("/[^0-9a-zA-Z-]/", "", sanitizeInput($_POST['icon'])); + + mysqli_query($mysqli,"INSERT INTO custom_links SET custom_link_name = '$name', custom_link_uri = '$uri', custom_link_icon = '$icon'"); + + //Logging + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Link', log_action = 'Create', log_description = '$session_name created custom link $name --> $uri', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); + + $_SESSION['alert_message'] = "Custom link successfully created!"; + + header("Location: " . $_SERVER["HTTP_REFERER"]); + +} + +if (isset($_POST['edit_custom_link'])) { + + $custom_link_id = intval($_POST['custom_link_id']); + $name = sanitizeInput($_POST['name']); + $uri = sanitizeInput($_POST['uri']); + $icon = preg_replace("/[^0-9a-zA-Z-]/", "", sanitizeInput($_POST['icon'])); + + mysqli_query($mysqli,"UPDATE custom_links SET custom_link_name = '$name', custom_link_uri = '$uri', custom_link_icon = '$icon' WHERE custom_link_id = $custom_link_id"); + + //Logging + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Custom Link', log_action = 'Modify', log_description = '$session_name edited the custom link $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); + + $_SESSION['alert_message'] = "Custom Link modified"; + + header("Location: " . $_SERVER["HTTP_REFERER"]); + +} + +if (isset($_GET['delete_custom_link'])) { + $custom_link_id = intval($_GET['delete_custom_link']); + + mysqli_query($mysqli,"DELETE FROM custom_links WHERE custom_link_id = $custom_link_id"); + + //Logging + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Tag', log_action = '$session_name Deleted custom link', log_description = '$tag_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); + + $_SESSION['alert_message'] = "Cusatom Link deleted!"; + $_SESSION['alert_type'] = "error"; + + header("Location: " . $_SERVER["HTTP_REFERER"]); + +} \ No newline at end of file diff --git a/side_nav.php b/side_nav.php index 684c5644..def27aa4 100644 --- a/side_nav.php +++ b/side_nav.php @@ -182,6 +182,29 @@ + + + +
  • + "> + +

    + +     +
    • + + + From 1130c17196b979fbe83f9f7ac1a73bdbf7d7d1c0 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 13:26:17 -0400 Subject: [PATCH 25/80] Added purchase date, warranty expire to show addiitonal columns in client assets --- client_assets.php | 44 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/client_assets.php b/client_assets.php index c768ef71..6a04e080 100644 --- a/client_assets.php +++ b/client_assets.php @@ -159,10 +159,16 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); >IP + +
    @@ -267,18 +273,28 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); IP - + + + Purchase Date + + + Install Date + + + Warranty Expire + + Assigned To Location - + Physical Location @@ -327,7 +343,17 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $asset_uri_2 = nullable_htmlentities($row['asset_uri_2']); $asset_status = nullable_htmlentities($row['asset_status']); $asset_purchase_date = nullable_htmlentities($row['asset_purchase_date']); + if ($asset_purchase_date) { + $asset_purchase_date_display = $asset_purchase_date; + } else { + $asset_purchase_date_display = "-"; + } $asset_warranty_expire = nullable_htmlentities($row['asset_warranty_expire']); + if ($asset_warranty_expire) { + $asset_warranty_expire_display = $asset_warranty_expire; + } else { + $asset_warranty_expire_display = "-"; + } $asset_install_date = nullable_htmlentities($row['asset_install_date']); if ($asset_install_date) { $asset_install_date_display = $asset_install_date; @@ -417,14 +443,20 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - + + + + + + + - + From 208d6cadc459883113d0d1191d9b643c4a8c4fa0 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Fri, 6 Sep 2024 18:53:48 +0100 Subject: [PATCH 26/80] Add ITFlow attribution to client portal (1/2) --- portal/login.php | 6 +++--- portal/portal_footer.php | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/portal/login.php b/portal/login.php index 3cd2d715..6d6ce3db 100644 --- a/portal/login.php +++ b/portal/login.php @@ -179,9 +179,9 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { Powered by ITFlow'; -//} +if (!$config_whitelabel_enabled) { + echo 'Powered by ITFlow'; +} ?> diff --git a/portal/portal_footer.php b/portal/portal_footer.php index 3552e7ee..6ab4d9cb 100644 --- a/portal/portal_footer.php +++ b/portal/portal_footer.php @@ -14,9 +14,9 @@

    Powered by ITFlow'; -// } + if (!$config_whitelabel_enabled) { + echo '
    Powered by ITFlow'; + } ?>

    From 65f72665ad4c6e97191a82849abd1b6801c2c0a6 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 14:18:00 -0400 Subject: [PATCH 27/80] Update All Assets Report to be more like client assets --- report_all_assets_by_client.php | 76 --- ...rt_all_assets_by_client_custom_columns.php | 98 --- report_assets.php | 576 ++++++++++++++++++ reports_side_nav.php | 4 +- 4 files changed, 578 insertions(+), 176 deletions(-) delete mode 100644 report_all_assets_by_client.php delete mode 100644 report_all_assets_by_client_custom_columns.php create mode 100644 report_assets.php diff --git a/report_all_assets_by_client.php b/report_all_assets_by_client.php deleted file mode 100644 index 623af604..00000000 --- a/report_all_assets_by_client.php +++ /dev/null @@ -1,76 +0,0 @@ - - -
    -
    -

    All Assets by Client

    -
    - -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - -
    ClientAsset NameAsset Type - Asset Status -
    - - - - - - - -
    -
    -
    -
    - - - -
    -
    -

    All Assets by Client - with custom columns

    -
    - -
    -
    -
    -
    - - - - " . htmlspecialchars($col) . ""; - } - ?> - - - - "; - foreach ($selected_columns as $col) { - echo ""; - } - echo ""; - } - ?> - -
    " . nullable_htmlentities($row[$col]) . "
    -
    -
    - - - - - - - - - - - - - - -
    -
    -
    - - + +
    +
    +

    All Assets

    +
    +
    +
    +
    +
    + + +
    + +
    +
    + s"> +
    + +
    +
    +
    +
    +
    + +
    +
    +
    +
    + +
    +
    + +
    +
    + "> + Archived + + +
    +
    + +
    +
    +
    + + All Assets + + 0) { ?> + Workstations + 0) { ?> + Servers + 0) { ?> + Virtual + 0) { ?> + Network + 0) { ?> + Other + +
    +
    +
    +
    +
    +
    +
    +
    + + "> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + $contact_name"; + } else { + $contact_name_display = $contact_name; + } + + $location_name = nullable_htmlentities($row['location_name']); + if (empty($location_name)) { + $location_name = "-"; + } + $location_archived_at = nullable_htmlentities($row['location_archived_at']); + if ($location_archived_at) { + $location_name_display = "
    $location_name
    "; + } else { + $location_name_display = $location_name; + } + + $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE login_asset_id = $asset_id"); + $login_count = mysqli_num_rows($sql_logins); + + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    +
    + +
    +     		NameTypeModelSerialOS + IP + + Purchase Date + + Install Date + + Warranty Expire + + Assigned To + Location + Physical Location + StatusClientAction
    +
    + +
    +     		+ +
    + +
    +
    +
    +
    +
    +     +     		+ +
    + +
    +     		+
    + 0) { ?> + + + + + + +
    + +
    + + + + + + +
    + + + + +
    +
    + +
    + +
    + + Edit + + 2) { ?> + + + Unarchive + + + + Transfer + + + Archive + + + + + Delete + + + + +
    +
    +
    +
    +
    + +
    + +
    +
    + + + +OVERVIEWS
  • - "> - + "> +

    All Assets
    • From 25bc1d9055d9d5e541e728f11ede891ebd24fb2a Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 14:54:46 -0400 Subject: [PATCH 28/80] Update Client Overview to Show Recents ASC not DESC so most recent shows first and do not show already Expired Items, will reseve that for a new card --- client_overview.php | 73 ++++++++++++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 28 deletions(-) diff --git a/client_overview.php b/client_overview.php index 1f564ef5..455bcb4d 100644 --- a/client_overview.php +++ b/client_overview.php @@ -7,15 +7,20 @@ $sql_recent_activities = mysqli_query( $mysqli, "SELECT * FROM logs WHERE log_client_id = $client_id - ORDER BY log_created_at DESC LIMIT 5" + ORDER BY log_created_at ASC + LIMIT 5" ); $sql_important_contacts = mysqli_query( $mysqli, "SELECT * FROM contacts WHERE contact_client_id = $client_id - AND (contact_important = 1 OR contact_billing = 1 OR contact_technical = 1 OR contact_primary = 1) - AND contact_archived_at IS NULL + AND (contact_important = 1 + OR contact_billing = 1 + OR contact_technical = 1 + OR contact_primary = 1 + ) + AND contact_archived_at IS NULL ORDER BY contact_primary DESC, contact_name DESC LIMIT 5" ); @@ -23,24 +28,27 @@ $sql_recent_tickets = mysqli_query( $mysqli, "SELECT * FROM tickets WHERE ticket_client_id = $client_id - ORDER BY ticket_created_at DESC LIMIT 5" + ORDER BY ticket_created_at ASC + LIMIT 5" ); $sql_recent_logins = mysqli_query( $mysqli, "SELECT * FROM logins WHERE login_client_id = $client_id - ORDER BY login_updated_at DESC LIMIT 5" + ORDER BY login_updated_at ASC + LIMIT 5" ); $sql_shared_items = mysqli_query( $mysqli, "SELECT * FROM shared_items WHERE item_client_id = $client_id - AND item_active = 1 - AND item_views != item_view_limit - AND item_expire_at > NOW() - ORDER BY item_created_at DESC LIMIT 5" + AND item_active = 1 + AND item_views != item_view_limit + AND item_expire_at > NOW() + ORDER BY item_created_at ASC + LIMIT 5" ); /* @@ -52,9 +60,10 @@ $sql_stale_tickets = mysqli_query( $mysqli, "SELECT * FROM tickets WHERE ticket_client_id = $client_id - AND ticket_updated_at < CURRENT_DATE - INTERVAL 3 DAY - AND ticket_closed_at IS NULL - ORDER BY ticket_updated_at DESC LIMIT 5" + AND ticket_updated_at < CURRENT_DATE - INTERVAL 3 DAY + AND ticket_closed_at IS NULL + ORDER BY ticket_updated_at ASC + LIMIT 5" ); // Get Domains Expiring @@ -62,10 +71,12 @@ $sql_domains_expiring = mysqli_query( $mysqli, "SELECT * FROM domains WHERE domain_client_id = $client_id - AND domain_expire IS NOT NULL - AND domain_archived_at IS NULL - AND domain_expire < CURRENT_DATE + INTERVAL 90 DAY - ORDER BY domain_expire DESC LIMIT 5" + AND domain_expire IS NOT NULL + AND domain_archived_at IS NULL + AND domain_expire > CURRENT_DATE + AND domain_expire < CURRENT_DATE + INTERVAL 90 DAY + ORDER BY domain_expire ASC + LIMIT 5" ); // Get Licenses Expiring @@ -73,10 +84,12 @@ $sql_licenses_expiring = mysqli_query( $mysqli, "SELECT * FROM software WHERE software_client_id = $client_id - AND software_expire IS NOT NULL - AND software_archived_at IS NULL - AND software_expire < CURRENT_DATE + INTERVAL 90 DAY - ORDER BY software_expire DESC LIMIT 5" + AND software_expire IS NOT NULL + AND software_archived_at IS NULL + AND software_expire > CURRENT_DATE + AND software_expire < CURRENT_DATE + INTERVAL 90 DAY + ORDER BY software_expire ASC + LIMIT 5" ); // Get Asset Warranties Expiring @@ -84,10 +97,12 @@ $sql_asset_warranties_expiring = mysqli_query( $mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id - AND asset_warranty_expire IS NOT NULL - AND asset_archived_at IS NULL - AND asset_warranty_expire < CURRENT_DATE + INTERVAL 90 DAY - ORDER BY asset_warranty_expire DESC LIMIT 5" + AND asset_warranty_expire IS NOT NULL + AND asset_archived_at IS NULL + AND asset_warranty_expire > CURRENT_DATE + AND asset_warranty_expire < CURRENT_DATE + INTERVAL 90 DAY + ORDER BY asset_warranty_expire ASC + LIMIT 5" ); // Get Assets Retiring @@ -95,10 +110,12 @@ $sql_asset_retire = mysqli_query( $mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id - AND asset_install_date IS NOT NULL - AND asset_archived_at IS NULL - AND asset_install_date + INTERVAL 7 YEAR < CURRENT_DATE + INTERVAL 90 DAY - ORDER BY asset_install_date DESC LIMIT 5" + AND asset_install_date IS NOT NULL + AND asset_archived_at IS NULL + AND asset_install_date > CURRENT_DATE + AND asset_install_date + INTERVAL 7 YEAR < CURRENT_DATE + INTERVAL 90 DAY + ORDER BY asset_install_date ASC + LIMIT 5" ); ?> From 96c59422ea35f4c2b9adebc894da69d7ac636a1b Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 15:15:10 -0400 Subject: [PATCH 29/80] Added Cerificates Expiring/Expired and created a seperate card for expired items under client overview --- client_overview.php | 221 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 218 insertions(+), 3 deletions(-) diff --git a/client_overview.php b/client_overview.php index 455bcb4d..b6936ee6 100644 --- a/client_overview.php +++ b/client_overview.php @@ -79,6 +79,19 @@ $sql_domains_expiring = mysqli_query( LIMIT 5" ); +// Get Certificates Expiring +$sql_certificates_expiring = mysqli_query( + $mysqli, + "SELECT * FROM certificates + WHERE certificate_client_id = $client_id + AND certificate_expire IS NOT NULL + AND certificate_archived_at IS NULL + AND certificate_expire > CURRENT_DATE + AND certificate_expire < CURRENT_DATE + INTERVAL 90 DAY + ORDER BY certificate_expire ASC + LIMIT 5" +); + // Get Licenses Expiring $sql_licenses_expiring = mysqli_query( $mysqli, @@ -105,19 +118,84 @@ $sql_asset_warranties_expiring = mysqli_query( LIMIT 5" ); -// Get Assets Retiring +// Get Assets Retiring 7 Year $sql_asset_retire = mysqli_query( $mysqli, "SELECT * FROM assets WHERE asset_client_id = $client_id AND asset_install_date IS NOT NULL AND asset_archived_at IS NULL - AND asset_install_date > CURRENT_DATE - AND asset_install_date + INTERVAL 7 YEAR < CURRENT_DATE + INTERVAL 90 DAY + AND asset_install_date + INTERVAL 7 YEAR > CURRENT_DATE -- Not yet expired + AND asset_install_date + INTERVAL 7 YEAR <= CURRENT_DATE + INTERVAL 90 DAY -- Retiring within 90 days ORDER BY asset_install_date ASC LIMIT 5" ); +/* + * EXPIRED ITEMS + */ + +// Get Domains Expired +$sql_domains_expired = mysqli_query( + $mysqli, + "SELECT * FROM domains + WHERE domain_client_id = $client_id + AND domain_expire IS NOT NULL + AND domain_archived_at IS NULL + AND domain_expire < CURRENT_DATE + ORDER BY domain_expire ASC + LIMIT 5" +); + +// Get Certificates Expired +$sql_certificates_expired = mysqli_query( + $mysqli, + "SELECT * FROM certificates + WHERE certificate_client_id = $client_id + AND certificate_expire IS NOT NULL + AND certificate_archived_at IS NULL + AND certificate_expire < CURRENT_DATE + ORDER BY certificate_expire ASC + LIMIT 5" +); + +// Get Licenses Expired +$sql_licenses_expired = mysqli_query( + $mysqli, + "SELECT * FROM software + WHERE software_client_id = $client_id + AND software_expire IS NOT NULL + AND software_archived_at IS NULL + AND software_expire < CURRENT_DATE + ORDER BY software_expire ASC + LIMIT 5" +); + +// Get Asset Warranties Expired +$sql_asset_warranties_expired = mysqli_query( + $mysqli, + "SELECT * FROM assets + WHERE asset_client_id = $client_id + AND asset_warranty_expire IS NOT NULL + AND asset_archived_at IS NULL + AND asset_warranty_expire < CURRENT_DATE + ORDER BY asset_warranty_expire ASC + LIMIT 5" +); + +// Get Retired Assets +$sql_asset_retired = mysqli_query( + $mysqli, + "SELECT * FROM assets + WHERE asset_client_id = $client_id + AND asset_install_date IS NOT NULL + AND asset_archived_at IS NULL + AND asset_install_date + INTERVAL 7 YEAR < CURRENT_DATE -- Assets retired (installed more than 7 years ago) + ORDER BY asset_install_date ASC + LIMIT 5" +); + + ?>
    @@ -253,6 +331,7 @@ $sql_asset_retire = mysqli_query( 0 + || mysqli_num_rows($sql_certificates_expiring) > 0 || mysqli_num_rows($sql_asset_warranties_expiring) > 0 || mysqli_num_rows($sql_asset_retire) > 0 || mysqli_num_rows($sql_licenses_expiring) > 0 @@ -286,6 +365,24 @@ $sql_asset_retire = mysqli_query( +

    + + + -- +

    + + + + + 0 + || mysqli_num_rows($sql_certificates_expired) > 0 + || mysqli_num_rows($sql_asset_warranties_expired) > 0 + || mysqli_num_rows($sql_asset_retired) > 0 + || mysqli_num_rows($sql_licenses_expired) > 0 + ) + { ?> + +
    + +
    +
    +
    Expired
    +
    +
    + + +

    + + + -- +

    + + + +

    + + + -- +

    + + + +

    + + + -- +

    + + + + + +

    + + + -- +

    + + + + +

    + + + -- +

    + + + +
    +
    +
    + + + 0) { ?> From 9dfc7d35cc8a0153e02551530bd23c108d67e105 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 15:39:00 -0400 Subject: [PATCH 30/80] In the client overview allow the widget Expiring in Days to be Selectable with 7 30 and 90 Day Options --- client_overview.php | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/client_overview.php b/client_overview.php index b6936ee6..fd60ecaf 100644 --- a/client_overview.php +++ b/client_overview.php @@ -2,6 +2,8 @@ require_once "inc_all_client.php"; +// Get expiration days from select box +$expiration_days = isset($_GET['expiration_days']) ? intval($_GET['expiration_days']) : 90; $sql_recent_activities = mysqli_query( $mysqli, @@ -74,7 +76,7 @@ $sql_domains_expiring = mysqli_query( AND domain_expire IS NOT NULL AND domain_archived_at IS NULL AND domain_expire > CURRENT_DATE - AND domain_expire < CURRENT_DATE + INTERVAL 90 DAY + AND domain_expire < CURRENT_DATE + INTERVAL $expiration_days DAY ORDER BY domain_expire ASC LIMIT 5" ); @@ -87,7 +89,7 @@ $sql_certificates_expiring = mysqli_query( AND certificate_expire IS NOT NULL AND certificate_archived_at IS NULL AND certificate_expire > CURRENT_DATE - AND certificate_expire < CURRENT_DATE + INTERVAL 90 DAY + AND certificate_expire < CURRENT_DATE + INTERVAL $expiration_days DAY ORDER BY certificate_expire ASC LIMIT 5" ); @@ -100,7 +102,7 @@ $sql_licenses_expiring = mysqli_query( AND software_expire IS NOT NULL AND software_archived_at IS NULL AND software_expire > CURRENT_DATE - AND software_expire < CURRENT_DATE + INTERVAL 90 DAY + AND software_expire < CURRENT_DATE + INTERVAL $expiration_days DAY ORDER BY software_expire ASC LIMIT 5" ); @@ -113,7 +115,7 @@ $sql_asset_warranties_expiring = mysqli_query( AND asset_warranty_expire IS NOT NULL AND asset_archived_at IS NULL AND asset_warranty_expire > CURRENT_DATE - AND asset_warranty_expire < CURRENT_DATE + INTERVAL 90 DAY + AND asset_warranty_expire < CURRENT_DATE + INTERVAL $expiration_days DAY ORDER BY asset_warranty_expire ASC LIMIT 5" ); @@ -126,7 +128,7 @@ $sql_asset_retire = mysqli_query( AND asset_install_date IS NOT NULL AND asset_archived_at IS NULL AND asset_install_date + INTERVAL 7 YEAR > CURRENT_DATE -- Not yet expired - AND asset_install_date + INTERVAL 7 YEAR <= CURRENT_DATE + INTERVAL 90 DAY -- Retiring within 90 days + AND asset_install_date + INTERVAL 7 YEAR <= CURRENT_DATE + INTERVAL $expiration_days DAY ORDER BY asset_install_date ASC LIMIT 5" ); @@ -341,7 +343,17 @@ $sql_asset_retired = mysqli_query(
    -
    Upcoming Expirations (Within 90 Days)
    +
    Upcoming Expirations
    +
    +
    + + +
    +
    From 4f0c7c5bf7d4ad0a865833c2087f25d6608fc6e5 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 15:41:35 -0400 Subject: [PATCH 31/80] Added within context to the upcoming expire select box --- client_overview.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/client_overview.php b/client_overview.php index fd60ecaf..007100fc 100644 --- a/client_overview.php +++ b/client_overview.php @@ -348,9 +348,9 @@ $sql_asset_retired = mysqli_query(
    From cf535372f54f4faf8fe1d4caf04036fb4fcb42ed Mon Sep 17 00:00:00 2001 From: johnnyq Date: Fri, 6 Sep 2024 15:55:55 -0400 Subject: [PATCH 32/80] Show most recent activity first in client overview --- client_overview.php | 84 ++++++++++++++++++++++----------------------- 1 file changed, 42 insertions(+), 42 deletions(-) diff --git a/client_overview.php b/client_overview.php index 007100fc..d5e0f153 100644 --- a/client_overview.php +++ b/client_overview.php @@ -9,7 +9,7 @@ $sql_recent_activities = mysqli_query( $mysqli, "SELECT * FROM logs WHERE log_client_id = $client_id - ORDER BY log_created_at ASC + ORDER BY log_created_at DESC LIMIT 5" ); @@ -214,57 +214,55 @@ $sql_asset_retired = mysqli_query(
    -
    - 0) { ?> +
    -
    + 0) { ?> +
    +
    +
    Important Contacts
    +
    +
    + + -
    -
    Important Contacts
    -
    -
    -
    - - - - - - + + + + + -
    - -
    - -     		- - $contact_phone $contact_extension"; ?> - - -
    -
    - -
    + +
    + +     		+ + $contact_phone $contact_extension"; ?> + + +
    +
    + +
    -
    +
    + - +
    0) { ?> @@ -663,6 +661,8 @@ $sql_asset_retired = mysqli_query(
    +
    + + set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'htt $purifier = new HTMLPurifier($purifier_config); if (isset($_GET['ticket_template_id'])) { - $ticket_template_id = intval($_GET['ticket_template_id']); + $ticket_template_id = intval($_GET['ticket_template_id']); } $sql_ticket_templates = mysqli_query($mysqli, "SELECT * FROM ticket_templates WHERE ticket_template_id = $ticket_template_id"); @@ -30,101 +30,101 @@ $sql_task_templates = mysqli_query($mysqli, "SELECT * FROM task_templates WHERE ?> -
      -
    1. - Home -
      2. -
    2. - Admin -
      3. -
    3. - Ticket Templates -
      4. -
      5. -
    +
      +
    1. + Home +
      2. +
    2. + Admin +
      3. +
    3. + Ticket Templates +
      4. +
      5. +
    -
    -
    +
    +
    -
    -
    -

    -
    - -
    -

    -
    +
    +
    +

    +
    + +
    +

    +
    +
    +
    +

    +
    + +
    +
    +
    +
    + +
    -
    -

    -
    - +
    -
    -
    -
    - -
    + +
    + +
    +
    +
    Tasks
    +
    +
    +
    + +
    +
    +
    + +
    + +
    + +
    +
    +
    +
    + + + + + + + + +
    + + + + +
    +
    +
    + +
    +
    -
    - -
    - -
    -
    -
    Tasks
    -
    -
    -
    - -
    -
    -
    - -
    - -
    - -
    -
    -
    -
    - - - - - - - - -
    - - - - -
    -
    -
    - -
    - -
    - - + - -
      -
    1. - Dashboard -
      2. -
    2. Blank Page
      3. -
    + +
      +
    1. + Dashboard +
      2. +
    2. Blank Page
      3. +
    - -

    Blank Page

    -
    -

    This is a great starting point for new custom pages.

    + +

    Blank Page

    +
    +

    This is a great starting point for new custom pages.

    -
    +
    -
    -
    Requester
    -
    Sam Adams
    +
    +
    Requester
    +
    Sam Adams
    -
    Created
    -
    +
    Created
    +
    -
    Last activity
    -
    -
    +
    Last activity
    +
    +
    - -
    + +
    $date_time"; +echo "Current Date and Time: $date_time"; ?> diff --git a/budget.php b/budget.php index 834ca0f5..d4ccf9c5 100644 --- a/budget.php +++ b/budget.php @@ -50,7 +50,7 @@ $grandTotal = 0;
    @@ -69,9 +69,9 @@ $grandTotal = 0; - $month): + foreach ($months as $index => $month): $amount = getBudgetAmount($budgets, $category['category_id'], $index + 1); $rowTotal += $amount; $columnTotals[$index] += $amount; @@ -80,7 +80,7 @@ $grandTotal = 0; - diff --git a/budget_edit.php b/budget_edit.php index c25007af..fe448b0c 100644 --- a/budget_edit.php +++ b/budget_edit.php @@ -66,9 +66,9 @@ $grandTotal = 0; - $month): + foreach ($months as $index => $month): $amount = getBudgetAmount($budgets, $category['category_id'], $index + 1); $rowTotal += $amount; $columnTotals[$index] += $amount; @@ -77,7 +77,7 @@ $grandTotal = 0; - diff --git a/client_location_bulk_assign_tags_modal.php b/client_location_bulk_assign_tags_modal.php index 5bd6c636..d92894f3 100644 --- a/client_location_bulk_assign_tags_modal.php +++ b/client_location_bulk_assign_tags_modal.php @@ -45,4 +45,4 @@
    -
    \ No newline at end of file +
    diff --git a/cron.php b/cron.php index 8fcbb977..07d73a84 100644 --- a/cron.php +++ b/cron.php @@ -696,7 +696,7 @@ while ($row = mysqli_fetch_array($sql_recurring_expenses)) { // TELEMETRY -if ($config_telemetry > 0 OR $config_telemetry == 2) { +if ($config_telemetry > 0 || $config_telemetry == 2) { $current_version = exec("git rev-parse HEAD"); diff --git a/cron_certificate_refresher.php b/cron_certificate_refresher.php index 3d0e76e5..61a4a346 100644 --- a/cron_certificate_refresher.php +++ b/cron_certificate_refresher.php @@ -59,4 +59,4 @@ while ($row = mysqli_fetch_array($sql_certificates)) { mysqli_query($mysqli,"UPDATE certificates SET certificate_issued_by = '$issued_by', certificate_expire = $expire, certificate_public_key = '$public_key' WHERE certificate_id = $certificate_id"); -} \ No newline at end of file +} diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php index 9fff2b81..68557e7f 100644 --- a/cron_ticket_email_parser.php +++ b/cron_ticket_email_parser.php @@ -345,7 +345,7 @@ function createMailboxFolder($client, $folderName) { } // Function to subscribe to a folder in the mailbox -function subscribeMailboxFolder($client, $folder) { +function subscribeMailboxFolder($folder) { if ($folder) { try { // Subscribe to the folder @@ -378,7 +378,7 @@ $client->connect(); $folder = createMailboxFolder($client, 'ITFlow'); // Subscribe to the "ITFlow" mailbox folder -subscribeMailboxFolder($client, $folder); +subscribeMailboxFolder($folder); // Possible names for the inbox folder $inboxNames = ['Inbox', 'INBOX', 'inbox']; diff --git a/functions.php b/functions.php index 1202e192..0821cb4d 100644 --- a/functions.php +++ b/functions.php @@ -867,23 +867,6 @@ function roundToNearest15($time) return number_format($decimalHours, 2); } -// Get the value of a setting from the database -function getSettingValue($mysqli, $setting_name) -{ - //if starts with config_ then get from config table - if (substr($setting_name, 0, 7) == "config_") { - $sql = mysqli_query($mysqli, "SELECT $setting_name FROM settings"); - $row = mysqli_fetch_array($sql); - return $row[$setting_name]; - } elseif (substr($setting_name, 0, 7) == "company") { - $sql = mysqli_query($mysqli, "SELECT $setting_name FROM companies"); - $row = mysqli_fetch_array($sql); - return $row[$setting_name]; - } else { - return "Cannot Find Setting Name"; - } -} - function getMonthlyTax($tax_name, $month, $year, $mysqli) { // SQL to calculate monthly tax @@ -932,8 +915,7 @@ function getAccountCurrencyCode($mysqli, $account_id) { $sql = mysqli_query($mysqli, "SELECT account_currency_code FROM accounts WHERE account_id = $account_id"); $row = mysqli_fetch_array($sql); - $account_currency_code = nullable_htmlentities($row['account_currency_code']); - return $account_currency_code; + return nullable_htmlentities($row['account_currency_code']); } function calculateAccountBalance($mysqli, $account_id) @@ -1059,32 +1041,6 @@ function addToMailQueue($mysqli, $data) { return true; } -function calculateInvoiceBalance($mysqli, $invoice_id) -{ - $invoice_id_int = intval($invoice_id); - $sql_invoice = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_id = $invoice_id_int"); - $row = mysqli_fetch_array($sql_invoice); - $invoice_amount = floatval($row['invoice_amount']); - - $sql_payments = mysqli_query( - $mysqli, - "SELECT SUM(payment_amount) AS total_payments FROM payments - WHERE payment_invoice_id = $invoice_id - " - ); - - $row = mysqli_fetch_array($sql_payments); - $total_payments = floatval($row['total_payments']); - - $balance = $invoice_amount - $total_payments; - - if ($balance == '') { - $balance = '0.00'; - } - - return $balance; -} - function createiCalStr($datetime, $title, $description, $location) { require_once "plugins/zapcal/zapcallib.php"; @@ -1148,21 +1104,6 @@ function createiCalStrCancel($originaliCalStr) { return $cal_event->export(); } -function getTicketStatusColor($ticket_status) { - - global $mysqli; - - $status_id = intval($ticket_status); - $row = mysqli_fetch_array(mysqli_query($mysqli, "SELECT ticket_status_color FROM ticket_statuses WHERE ticket_status_id = $status_id LIMIT 1")); - - if ($row) { - return nullable_htmlentities($row['ticket_status_color']); - } - - // Default return - return "Unknown"; -} - function getTicketStatusName($ticket_status) { global $mysqli; @@ -1195,7 +1136,6 @@ function fetchUpdates() { $update_message = "New Updates are Available [$latest_version]"; } - $updates = new stdClass(); $updates->output = $output; @@ -1203,8 +1143,7 @@ function fetchUpdates() { $updates->current_version = $current_version; $updates->latest_version = $latest_version; $updates->update_message = $update_message; - - + return $updates; diff --git a/guest_footer.php b/guest_footer.php index 1204bc87..c11e4c88 100644 --- a/guest_footer.php +++ b/guest_footer.php @@ -24,4 +24,4 @@ - \ No newline at end of file + diff --git a/guest_pay_invoice_stripe.php b/guest_pay_invoice_stripe.php index 9072519d..d3eb6b72 100644 --- a/guest_pay_invoice_stripe.php +++ b/guest_pay_invoice_stripe.php @@ -2,13 +2,6 @@ require_once 'guest_header.php'; -function log_to_console($message) { - $message = date("H:i:s") . " - $message - ".PHP_EOL; - print($message); - flush(); - ob_flush(); -} - // Define wording DEFINE("WORDING_PAYMENT_FAILED", "

    There was an error verifying your payment. Please contact us for more information before attempting payment again.

    "); diff --git a/notifications_dismissed.php b/notifications_dismissed.php index 8b63899c..ff5992af 100644 --- a/notifications_dismissed.php +++ b/notifications_dismissed.php @@ -13,8 +13,8 @@ $url_query_strings_sort = http_build_query($get_copy); $sql = mysqli_query( $mysqli, - "SELECT SQL_CALC_FOUND_ROWS * FROM notifications - LEFT JOIN users ON notification_dismissed_by = user_id + "SELECT SQL_CALC_FOUND_ROWS * FROM notifications + LEFT JOIN users ON notification_dismissed_by = user_id LEFT JOIN clients ON notification_client_id = client_id WHERE (notification_type LIKE '%$q%' OR notification LIKE '%$q%' OR user_name LIKE '%$q%' OR client_name LIKE '%$q%') AND DATE(notification_timestamp) BETWEEN '$dtf' AND '$dtt' diff --git a/pagination.php b/pagination.php index 73d4099e..88b91444 100644 --- a/pagination.php +++ b/pagination.php @@ -59,9 +59,8 @@ if ($total_found_rows > 5) { $next_class = "disabled"; } $get_copy = $_GET; // create a copy of the $_GET array - //unset($get_copy['page']); // Unset Array Var to prevent Duplicate Get VARs - unset($get_copy['page']); + unset($get_copy['page']); $url_query_strings_page = http_build_query($get_copy); $prev_page = $page - 1; $next_page = $page + 1; diff --git a/pagination_head.php b/pagination_head.php index b2e5033d..600b4cb3 100644 --- a/pagination_head.php +++ b/pagination_head.php @@ -11,7 +11,7 @@ $get_copy = $_GET; // create a copy of the $_GET array //unset($get_copy['page']); unset($get_copy['sort']); -unset($get_copy['order']); +unset($get_copy['order']); // Paging if (isset($_GET['page'])) { @@ -107,8 +107,8 @@ if (isset($_GET['archived'])) { $archived = intval($_GET['archived']); } -if($archived == 1){ +if ($archived == 1){ $archive_query = "archived_at IS NOT NULL"; } else { $archive_query = "archived_at IS NULL"; -} \ No newline at end of file +} diff --git a/portal/portal_footer.php b/portal/portal_footer.php index 6ab4d9cb..7793f8e7 100644 --- a/portal/portal_footer.php +++ b/portal/portal_footer.php @@ -64,4 +64,4 @@ - \ No newline at end of file + diff --git a/portal/portal_header.php b/portal/portal_header.php index 17cc1b29..1e6f6c55 100644 --- a/portal/portal_header.php +++ b/portal/portal_header.php @@ -18,11 +18,8 @@ header("X-Frame-Options: DENY"); // Legacy - - + + @@ -50,10 +47,10 @@ header("X-Frame-Options: DENY"); // Legacy
  • "> Home
    • -
  • - " href="tickets.php">Tickets -
    • - +
  • + " href="tickets.php">Tickets +
    • +
  • " href="invoices.php">Invoices diff --git a/portal/ticket.php b/portal/ticket.php index 24ca2205..be059896 100644 --- a/portal/ticket.php +++ b/portal/ticket.php @@ -21,18 +21,18 @@ if (isset($_GET['id']) && intval($_GET['id'])) { if ($session_contact_primary == 1 || $session_contact_is_technical_contact) { // For a primary / technical contact viewing all tickets $ticket_sql = mysqli_query($mysqli, - "SELECT * FROM tickets - LEFT JOIN users on ticket_assigned_to = user_id - LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id + "SELECT * FROM tickets + LEFT JOIN users on ticket_assigned_to = user_id + LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id" ); } else { // For a user viewing their own ticket $ticket_sql = mysqli_query($mysqli, - "SELECT * FROM tickets - LEFT JOIN users on ticket_assigned_to = user_id - LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id + "SELECT * FROM tickets + LEFT JOIN users on ticket_assigned_to = user_id + LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id WHERE ticket_id = $ticket_id AND ticket_client_id = $session_client_id AND ticket_contact_id = $session_contact_id" ); } @@ -238,7 +238,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) { - 0 AND months_behind >= 2 ORDER BY - months_behind DESC;"; + months_behind DESC"; + $result_client_balance_report = mysqli_query($mysqli, $sql_client_balance_report); - //get currency format from settings - $config_currency_code = getSettingValue($mysqli, "company_currency"); + $currency_row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT company_currency FROM companies WHERE company_id = 1")); + $company_currency = nullable_htmlentities($currency_row['company_currency']); + ?>
    @@ -102,9 +104,9 @@ $behind_amount = floatval($row['behind_amount']); $months_behind = number_format($row['months_behind']); - $formatted_balance = numfmt_format_currency($currency_format, $balance, $config_currency_code); - $formatted_recurring_monthly_total = numfmt_format_currency($currency_format, $recurring_monthly_total, $config_currency_code); - $formatted_behind_amount = numfmt_format_currency($currency_format, $behind_amount, $config_currency_code); + $formatted_balance = numfmt_format_currency($currency_format, $balance, $company_currency); + $formatted_recurring_monthly_total = numfmt_format_currency($currency_format, $recurring_monthly_total, $company_currency); + $formatted_behind_amount = numfmt_format_currency($currency_format, $behind_amount, $company_currency); echo ""; echo "$client_name"; diff --git a/domains.php b/report_domains.php similarity index 97% rename from domains.php rename to report_domains.php index ce34ecbc..7f6e7428 100644 --- a/domains.php +++ b/report_domains.php @@ -23,7 +23,8 @@ $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS domains.*, LEFT JOIN vendors AS webhost ON domains.domain_webhost = webhost.vendor_id WHERE domain_archived_at IS NULL AND (domain_name LIKE '%$q%' OR domain_description LIKE '%$q%' OR registrar.vendor_name LIKE '%$q%' OR dnshost.vendor_name LIKE '%$q%' OR mailhost.vendor_name LIKE '%$q%' OR webhost.vendor_name LIKE '%$q%' OR client_name LIKE '%$q%') - ORDER BY $sort $order LIMIT $record_from, $record_to"); + ORDER BY $sort $order LIMIT $record_from, $record_to" +); $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); @@ -122,7 +123,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); } $domain_registrar_name = nullable_htmlentities($row['registrar_name']); - if($domain_registrar_name) { + if ($domain_registrar_name) { $domain_registrar_name_display = $domain_registrar_name; } else { $domain_registrar_name_display = "-"; @@ -148,7 +149,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - )" data-target="#editDomainModal"> +
    @@ -203,7 +204,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - @@ -42,7 +41,7 @@ $sql_tax = mysqli_query($mysqli, - +
    From 5dc9f47799207b62203e9e945ec52a3d3288b791 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sat, 14 Sep 2024 23:47:19 +0100 Subject: [PATCH 69/80] Tidying --- tickets.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tickets.php b/tickets.php index 112627f3..f113977f 100644 --- a/tickets.php +++ b/tickets.php @@ -20,16 +20,15 @@ if (isset($_GET['status']) && is_array($_GET['status']) && !empty($_GET['status' $sanitizedStatusesString = implode(",", $sanitizedStatuses); $ticket_status_snippet = "ticket_status IN ($sanitizedStatusesString)"; - var_dump($status); - } else { + // TODO: Convert this to use the status IDs if (isset($_GET['status']) && ($_GET['status']) == 'Closed') { $status = 'Closed'; $ticket_status_snippet = "ticket_resolved_at IS NOT NULL"; } else { // Default - Show open tickets - $status = 2; + $status = 'Open'; $ticket_status_snippet = "ticket_resolved_at IS NULL"; } } From 4a6d312ea0cb544985ef228ecb79ffe856138474 Mon Sep 17 00:00:00 2001 From: wrongecho Date: Sat, 14 Sep 2024 23:50:05 +0100 Subject: [PATCH 70/80] Tidying --- report_domains.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/report_domains.php b/report_domains.php index 7f6e7428..8ec4c792 100644 --- a/report_domains.php +++ b/report_domains.php @@ -22,7 +22,7 @@ $sql = mysqli_query($mysqli, "SELECT SQL_CALC_FOUND_ROWS domains.*, LEFT JOIN vendors AS mailhost ON domains.domain_mailhost = mailhost.vendor_id LEFT JOIN vendors AS webhost ON domains.domain_webhost = webhost.vendor_id WHERE domain_archived_at IS NULL - AND (domain_name LIKE '%$q%' OR domain_description LIKE '%$q%' OR registrar.vendor_name LIKE '%$q%' OR dnshost.vendor_name LIKE '%$q%' OR mailhost.vendor_name LIKE '%$q%' OR webhost.vendor_name LIKE '%$q%' OR client_name LIKE '%$q%') + AND (domain_name LIKE '%$q%' OR domain_description LIKE '%$q%' OR registrar.vendor_name LIKE '%$q%' OR dnshost.vendor_name LIKE '%$q%' OR mailhost.vendor_name LIKE '%$q%' OR webhost.vendor_name LIKE '%$q%' OR client_name LIKE '%$q%') ORDER BY $sort $order LIMIT $record_from, $record_to" ); From 147df7f2929013e0ed372156b9ce5e07fb1a6943 Mon Sep 17 00:00:00 2001 From: wrongecho <32306651+wrongecho@users.noreply.github.com> Date: Sun, 15 Sep 2024 00:10:42 +0100 Subject: [PATCH 71/80] Update SECURITY.md Add badge --- SECURITY.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index b5f161ca..f374eeac 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -12,6 +12,8 @@ ITFlow is currently in beta and is a work in progress. We attempt to follow security best practices where possible, including [automated code scanning](https://sonarcloud.io/component_measures?id=itflow-org_itflow&metric=security_rating&view=list). +[![Security](https://sonarcloud.io/api/project_badges/measure?project=itflow-org_itflow&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=itflow-org_itflow) + ## Supported Versions | Version | Supported | @@ -25,4 +27,4 @@ We attempt to follow security best practices where possible, including [automate If you have discovered a security issue, please **[report it](https://github.com/itflow-org/itflow/security/advisories/new)** to us in as much detail as possible, so we can fix it. -You should expect to receive an initial acknowledgement within 72 hours. If you don't receive any feedback, we may have missed the initial email from GitHub (we're human!). Please raise a private forum discussion with johnny and wrongecho quoting ONLY the assigned GHSA ref. +You should expect to receive an initial acknowledgement within 72 hours. If you don't receive any feedback, we may have missed the initial email from GitHub (we're human!). Please raise a forum discussion quoting ONLY the assigned GHSA ref. From 0d0483b0a431648f74b0acfb55b72711a5970c47 Mon Sep 17 00:00:00 2001 From: wrongecho <32306651+wrongecho@users.noreply.github.com> Date: Sun, 15 Sep 2024 00:18:12 +0100 Subject: [PATCH 72/80] Update README.md Move 'Built With' to docs --- README.md | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/README.md b/README.md index 8a63b0c3..baf6d339 100644 --- a/README.md +++ b/README.md @@ -60,32 +60,6 @@ * Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free. Use your best judgement before deciding to store highly confidential information in ITFlow. * We are hoping to have a stable 1.0 release by early 2024. - -### Built With - -* Backend / PHP libs - * PHP - * MariaDB - * PHPMailer - * HTML Purifier - * PHP Mime Mail Parser - * Zap Calendar - -* CSS - * Bootstrap - * AdminLTE - * fontawesome - -* JS Libraries - * chart.js - * moments.js - * jQuery - * pdfmake - * Select2 - * TinyMCE - * FullCalendar.io - - ## Getting Started From b251b7a15fb08f66a69ff1b02eaf687adb4fc4ca Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 16 Sep 2024 18:16:13 -0400 Subject: [PATCH 73/80] Remove 120 Day Notifications for Domain, Cert, Warranty --- cron.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cron.php b/cron.php index 07d73a84..703f673c 100644 --- a/cron.php +++ b/cron.php @@ -154,7 +154,7 @@ if ($config_whitelabel_enabled && !validateWhitelabelKey($config_whitelabel_key) if($config_enable_alert_domain_expire == 1){ - $domainAlertArray = [1,7,14,30,90,120]; + $domainAlertArray = [1,7,14,30,90]; foreach ($domainAlertArray as $day) { @@ -184,7 +184,7 @@ if($config_enable_alert_domain_expire == 1){ // CERTIFICATES EXPIRING -$certificateAlertArray = [1,7,14,30,90,120]; +$certificateAlertArray = [1,7,14,30,90]; foreach ($certificateAlertArray as $day) { @@ -214,7 +214,7 @@ foreach ($certificateAlertArray as $day) { // Asset Warranties Expiring -$warranty_alert_array = [1,7,14,30,90,120]; +$warranty_alert_array = [1,7,14,30,90]; foreach ($warranty_alert_array as $day) { From 7e9b9249274a52193b775336385ef47126cfb786 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 17 Sep 2024 12:45:47 -0400 Subject: [PATCH 74/80] Allow Columns to be sorted in Recurring Tickets --- client_recurring_tickets.php | 8 ++++---- recurring_tickets.php | 14 ++++++-------- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/client_recurring_tickets.php b/client_recurring_tickets.php index 5349f1e1..e3acf9ac 100644 --- a/client_recurring_tickets.php +++ b/client_recurring_tickets.php @@ -84,10 +84,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -     Subject - Priority - Frequency - Next Run Date + Subject + Priority + Frequency + Next Run Date Action diff --git a/recurring_tickets.php b/recurring_tickets.php index e0d7fb85..e57eaf64 100644 --- a/recurring_tickets.php +++ b/recurring_tickets.php @@ -48,9 +48,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -89,11 +87,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - Client - Subject - Priority - Frequency - Next Run Date + Client + Subject + Priority + Frequency + Next Run Date Action From 273483151f02e7c57f5f7b3310c79800dca0da6e Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 17 Sep 2024 13:18:46 -0400 Subject: [PATCH 75/80] Add Expiration Date Column to Software Licenses --- client_software.php | 42 +++++++++++++++++++++++++----------------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/client_software.php b/client_software.php index 9afdb187..c95f4d7b 100644 --- a/client_software.php +++ b/client_software.php @@ -74,13 +74,14 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    "> + @@ -98,27 +99,33 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $software_seats = nullable_htmlentities($row['software_seats']); $software_purchase = nullable_htmlentities($row['software_purchase']); $software_expire = nullable_htmlentities($row['software_expire']); - $software_notes = nullable_htmlentities($row['software_notes']); - $software_created_at = nullable_htmlentities($row['software_created_at']); + if ($software_expire) { + $software_expire_ago = timeAgo($software_expire); + $software_expire_display = "
    $software_expire
    $software_expire_ago
    "; + + // Convert the expiry date to a timestamp + $software_expire_timestamp = strtotime($row['software_expire']); + $current_timestamp = time(); // Get current timestamp - $software_expire_ago = timeAgo($software_expire); - // Convert the expiry date to a timestamp - $software_expire_timestamp = strtotime($row['software_expire']); - $current_timestamp = time(); // Get current timestamp + // Calculate the difference in days + $days_until_expiry = ($software_expire_timestamp - $current_timestamp) / (60 * 60 * 24); - // Calculate the difference in days - $days_until_expiry = ($software_expire_timestamp - $current_timestamp) / (60 * 60 * 24); - - // Determine the class based on the number of days until expiry - if ($days_until_expiry <= 0) { - $tr_class = "table-secondary"; - } elseif ($days_until_expiry <= 14) { - $tr_class = "table-danger"; - } elseif ($days_until_expiry <= 90) { - $tr_class = "table-warning"; + // Determine the class based on the number of days until expiry + if ($days_until_expiry <= 0) { + $tr_class = "table-secondary"; + } elseif ($days_until_expiry <= 14) { + $tr_class = "table-danger"; + } elseif ($days_until_expiry <= 90) { + $tr_class = "table-warning"; + } + } else { + $software_expire_display = "-"; $tr_class = ''; } + + $software_notes = nullable_htmlentities($row['software_notes']); + $software_created_at = nullable_htmlentities($row['software_created_at']); $seat_count = 0; @@ -158,6 +165,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); + "> - @@ -59,8 +57,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $opening_balance = floatval($row['opening_balance']); $account_currency_code = nullable_htmlentities($row['account_currency_code']); $account_notes = nullable_htmlentities($row['account_notes']); - $account_type = intval($row['account_type']); - $account_type_name = nullable_htmlentities($row['account_type_name']); $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id"); $row = mysqli_fetch_array($sql_payments); @@ -79,7 +75,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); - "; - echo ""; - echo ""; - echo ""; - echo ""; - } -} - -?> - -
    -
    -

    Balance Sheet

    -
    - -
    -
    -
    -
    - -
    -

    - -

    -

    Balance Sheet

    -
    As of
    -
    -
    -
    Software Type License Type SeatsExpire Action
    -
    - -
    -
    -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - All - Assets - Liabilities - Equity - Archived -
    - -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - No Records Here"; - } - - ?> - -
    Account Type ParentAccount Type NameDescription
    - - - - - - -
    - -
    - - Edit - -
    - - - Archive - - - - Unarchive - - - -
    -
    -
    -
    -
    - - - - diff --git a/admin_account_types_add_modal.php b/admin_account_types_add_modal.php deleted file mode 100644 index 7a6ed71d..00000000 --- a/admin_account_types_add_modal.php +++ /dev/null @@ -1,37 +0,0 @@ - diff --git a/admin_account_types_edit_modal.php b/admin_account_types_edit_modal.php deleted file mode 100644 index a9542bc6..00000000 --- a/admin_account_types_edit_modal.php +++ /dev/null @@ -1,40 +0,0 @@ - \ No newline at end of file From 7b2566b6546edea97f0a72995e5d7e214543c94d Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 17 Sep 2024 13:59:58 -0400 Subject: [PATCH 79/80] Remove all reminense of Account Types next is deleting the DB Tables for account types --- account_add_modal.php | 22 ----- account_edit_modal.php | 21 ----- accounts.php | 7 +- invoice_payment_add_bulk_modal.php | 3 +- invoice_payment_add_modal.php | 3 +- post.php | 2 - post/account.php | 6 +- post/account_type.php | 68 --------------- report_balance_sheet.php | 110 ------------------------ report_collections.php | 131 ----------------------------- reports_side_nav.php | 12 --- setup.php | 24 +----- 12 files changed, 8 insertions(+), 401 deletions(-) delete mode 100644 post/account_type.php delete mode 100644 report_balance_sheet.php delete mode 100644 report_collections.php diff --git a/account_add_modal.php b/account_add_modal.php index dfc7bccf..9af3da36 100644 --- a/account_add_modal.php +++ b/account_add_modal.php @@ -22,28 +22,6 @@ -
    - -
    -
    - -
    - -
    -
    -
    diff --git a/account_edit_modal.php b/account_edit_modal.php index b521c839..58df3b62 100644 --- a/account_edit_modal.php +++ b/account_edit_modal.php @@ -21,27 +21,6 @@
    -
    - -
    -
    - -
    - -
    -
    -
    diff --git a/accounts.php b/accounts.php index e2fb7a15..9703d683 100644 --- a/accounts.php +++ b/accounts.php @@ -12,8 +12,7 @@ $url_query_strings_sort = http_build_query($get_copy); $sql = mysqli_query( $mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM accounts - LEFT JOIN account_types ON account_types.account_type_id = accounts.account_type - WHERE (account_name LIKE '%$q%' OR account_type_name LIKE '%$q%') + WHERE (account_name LIKE '%$q%') AND account_archived_at IS NULL ORDER BY $sort $order LIMIT $record_from, $record_to" ); @@ -44,7 +43,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    NameType Currency Balance Action
    diff --git a/invoice_payment_add_bulk_modal.php b/invoice_payment_add_bulk_modal.php index 90c13ee2..aa036489 100644 --- a/invoice_payment_add_bulk_modal.php +++ b/invoice_payment_add_bulk_modal.php @@ -59,9 +59,8 @@ - Select an Account - $account_id, - 'name' => $row['account_name'], - 'type' => $row['account_type_name'], - 'balance' => $balance - ]; -} - -function display_account_section($mysqli, $accounts, $type) { - foreach ($accounts[$type] as $account) { - global $currency_format; - global $currency_code; - $currency_code = getAccountCurrencyCode($mysqli, $account['id']); - echo "
    {$account['type']}{$account['name']}" . numfmt_format_currency($currency_format, $account['balance'], $currency_code) . "
    - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Total Assets
    Total Liabilities
    Total Equities
    - -
    -
    -
    - - \ No newline at end of file diff --git a/report_collections.php b/report_collections.php deleted file mode 100644 index 3eb51c70..00000000 --- a/report_collections.php +++ /dev/null @@ -1,131 +0,0 @@ - 0 THEN - (IFNULL(SUM(invoices.invoice_amount), 0) - IFNULL(SUM(payments.payment_amount), 0) - IFNULL(recurring_totals.recurring_monthly_total, 0)) / recurring_totals.recurring_monthly_total - ELSE - 0 - END AS months_behind - FROM - clients - LEFT JOIN - invoices - ON - clients.client_id = invoices.invoice_client_id - AND invoices.invoice_status NOT LIKE 'Draft' - AND invoices.invoice_status NOT LIKE 'Cancelled' - LEFT JOIN - (SELECT - payment_invoice_id, - SUM(payment_amount) as payment_amount - FROM payments - GROUP BY payment_invoice_id) as payments - ON - invoices.invoice_id = payments.payment_invoice_id - LEFT JOIN - contacts - ON - clients.client_id = contacts.contact_client_id AND contacts.contact_billing = 1 - LEFT JOIN - (SELECT - recurring_client_id, - SUM(recurring_amount) AS recurring_monthly_total - FROM recurring - WHERE recurring_status = 1 AND recurring_frequency = 'month' - GROUP BY recurring_client_id) as recurring_totals - ON - clients.client_id = recurring_totals.recurring_client_id - GROUP BY - clients.client_id, - clients.client_name, - contacts.contact_phone, - recurring_totals.recurring_monthly_total - HAVING - balance > 0 AND months_behind >= 2 - ORDER BY - months_behind DESC"; - - $result_client_balance_report = mysqli_query($mysqli, $sql_client_balance_report); - - $currency_row = mysqli_fetch_array(mysqli_query($mysqli,"SELECT company_currency FROM companies WHERE company_id = 1")); - $company_currency = nullable_htmlentities($currency_row['company_currency']); - -?> - -
    -
    -

    Collections

    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - - - - "; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - } - ?> - -
    Client NameBalanceBilling Contact PhoneMonthly Recurring AmountPast Due BalanceMonths Past Due
    $client_name$formatted_balance$billing_contact_phone$formatted_recurring_monthly_total$formatted_behind_amount$months_behind
    -
    -
    -
    -
    - - diff --git a/reports_side_nav.php b/reports_side_nav.php index f4190fc6..718278b7 100644 --- a/reports_side_nav.php +++ b/reports_side_nav.php @@ -70,18 +70,6 @@

    Profit & Loss

    • -
  • - "> - -

    Balance Sheet

    -     -
    • -
  • - "> - -

    Collections

    -     -
  • "> diff --git a/setup.php b/setup.php index 94cbdd0c..bf9baba5 100644 --- a/setup.php +++ b/setup.php @@ -258,28 +258,10 @@ if (isset($_POST['add_company_settings'])) { unlink('uploads/tmp/cronkey.php'); } - - - // Create Main Account Types - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Asset', account_type_parent = 1, account_type_description = 'Assets are economic resources which are expected to benefit the business in the future.'"); - - $account_type_id = mysqli_insert_id($mysqli); - // Create Default Cash Account - mysqli_query($mysqli,"INSERT INTO accounts SET account_name = 'Cash', account_type = $account_type_id, account_currency_code = '$currency_code'"); + mysqli_query($mysqli,"INSERT INTO accounts SET account_name = 'Cash', account_currency_code = '$currency_code'"); - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Liability', account_type_parent = 2, account_type_description = 'Liabilities are obligations of the business entity. They are usually classified as current liabilities (due within one year or less) and long-term liabilities (due after one year).'"); - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Equity', account_type_parent = 3, account_type_description = 'Equity represents the owners stake in the business after liabilities have been deducted.'"); - //Create Secondary Account Types - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Current Asset', account_type_parent = 1, account_type_description = 'Current assets are expected to be consumed within one year or less.'"); - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Fixed Asset', account_type_parent = 1, account_type_description = 'Fixed assets are expected to benefit the business for more than one year.'"); - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Other Asset', account_type_parent = 1, account_type_description = 'Other assets are assets that do not fit into any of the other asset categories.'"); - - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Current Liability', account_type_parent = 2, account_type_description = 'Current liabilities are expected to be paid within one year or less.'"); - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Long Term Liability', account_type_parent = 2, account_type_description = 'Long term liabilities are expected to be paid after one year.'"); - mysqli_query($mysqli,"INSERT INTO account_types SET account_type_name = 'Other Liability', account_type_parent = 2, account_type_description = 'Other liabilities are liabilities that do not fit into any of the other liability categories.'"); - - //Create Categories + // Create Categories mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Office Supplies', category_type = 'Expense', category_color = 'blue'"); mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Travel', category_type = 'Expense', category_color = 'red'"); mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Advertising', category_type = 'Expense', category_color = 'green'"); @@ -293,7 +275,7 @@ if (isset($_POST['add_company_settings'])) { mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Check', category_type = 'Payment Method', category_color = 'red'"); mysqli_query($mysqli,"INSERT INTO categories SET category_name = 'Bank Transfer', category_type = 'Payment Method', category_color = 'green'"); - //Create Calendar + // Create Calendar mysqli_query($mysqli,"INSERT INTO calendars SET calendar_name = 'Default', calendar_color = 'blue'"); // Add default ticket statuses From eaee42f1f5732d5fcc0cd8ba97dd94d1a1712a7f Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 17 Sep 2024 14:55:02 -0400 Subject: [PATCH 80/80] Add the ability to edit ticket reply types to puiblic or internal, note there is no client email option here --- post/ticket.php | 3 ++- ticket_reply_edit_modal.php | 11 +++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/post/ticket.php b/post/ticket.php index f9260bd8..9b799e7c 100644 --- a/post/ticket.php +++ b/post/ticket.php @@ -1310,11 +1310,12 @@ if (isset($_POST['edit_ticket_reply'])) { $ticket_reply_id = intval($_POST['ticket_reply_id']); $ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']); + $ticket_reply_type = sanitizeInput($_POST['ticket_reply_type']); $ticket_reply_time_worked = sanitizeInput($_POST['time']); $client_id = intval($_POST['client_id']); - mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_time_worked = '$ticket_reply_time_worked' WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_type != 'Client'") or die(mysqli_error($mysqli)); + mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply', ticket_reply_type = '$ticket_reply_type', ticket_reply_time_worked = '$ticket_reply_time_worked' WHERE ticket_reply_id = $ticket_reply_id AND ticket_reply_type != 'Client'") or die(mysqli_error($mysqli)); //Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket Reply', log_action = 'Modify', log_description = '$session_name modified ticket reply', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $ticket_reply_id"); diff --git a/ticket_reply_edit_modal.php b/ticket_reply_edit_modal.php index 7f9ea01e..4d6e8ce3 100644 --- a/ticket_reply_edit_modal.php +++ b/ticket_reply_edit_modal.php @@ -13,6 +13,17 @@
    +
    +
    + + +
    +
    +