Portal-related updates
- Bug fix contact password setting - Add invoice guest view link to invoices portal page - Billing contacts now have access to invoices on the portal - Technical contacts now have access to all tickets - General housekeeping/tidying
This commit is contained in:
Marcus Hill
@@ -8,6 +8,12 @@
|
||||
</button>
|
||||
</div>
|
||||
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
|
||||
<!-- Prevent undefined checkbox errors on submit -->
|
||||
<input type="hidden" name="primary_contact" value="0">
|
||||
<input type="hidden" name="contact_important" value="0">
|
||||
<input type="hidden" name="contact_billing" value="0">
|
||||
<input type="hidden" name="contact_technical" value="0">
|
||||
<!-- End prevent undefined errors -->
|
||||
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
|
||||
<div class="modal-body bg-white">
|
||||
|
||||
|
||||
@@ -8,6 +8,12 @@
|
||||
</button>
|
||||
</div>
|
||||
<form action="post.php" method="post" enctype="multipart/form-data" autocomplete="off">
|
||||
<!-- Prevent undefined checkbox errors on submit -->
|
||||
<input type="hidden" name="primary_contact" value="0">
|
||||
<input type="hidden" name="contact_important" value="0">
|
||||
<input type="hidden" name="contact_billing" value="0">
|
||||
<input type="hidden" name="contact_technical" value="0">
|
||||
<!-- End prevent undefined errors -->
|
||||
<input type="hidden" name="contact_id" value="<?php echo $contact_id; ?>">
|
||||
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
|
||||
<input type="hidden" name="existing_file_name" value="<?php echo $contact_photo; ?>">
|
||||
|
||||
+5
-7
@@ -1,12 +1,12 @@
|
||||
<?php
|
||||
|
||||
include("config.php");
|
||||
include("functions.php");
|
||||
require_once("config.php");
|
||||
require_once("functions.php");
|
||||
|
||||
session_start();
|
||||
|
||||
$ip = trim(strip_tags(mysqli_real_escape_string($mysqli,getIP())));
|
||||
$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
|
||||
$ip = trim(strip_tags(mysqli_real_escape_string($mysqli, getIP())));
|
||||
$user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
|
||||
|
||||
?>
|
||||
|
||||
@@ -24,8 +24,6 @@ $user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_A
|
||||
<link rel="stylesheet" href="plugins/fontawesome-free/css/all.min.css">
|
||||
<!-- Theme style -->
|
||||
<link rel="stylesheet" href="dist/css/adminlte.min.css">
|
||||
<!-- Google Font: Source Sans Pro -->
|
||||
<!-- <link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700" rel="stylesheet"> -->
|
||||
|
||||
<!-- Custom Style Sheet -->
|
||||
<link href="plugins/tempusdominus-bootstrap-4/css/tempusdominus-bootstrap-4.min.css" rel="stylesheet" type="text/css">
|
||||
@@ -35,7 +33,7 @@ $user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_A
|
||||
|
||||
</head>
|
||||
<body class="layout-top-nav">
|
||||
<div class="wrapper text-sm">
|
||||
<div class="wrapper text-sm">
|
||||
|
||||
<!-- Content Wrapper. Contains page content -->
|
||||
<div class="content-wrapper">
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
<?php include("guest_header.php");
|
||||
<?php
|
||||
|
||||
require_once("guest_header.php");
|
||||
|
||||
if (isset($_GET['invoice_id'], $_GET['url_key'])) {
|
||||
|
||||
@@ -71,6 +73,8 @@ if (isset($_GET['invoice_id'], $_GET['url_key'])) {
|
||||
$os = strip_tags(mysqli_real_escape_string($mysqli,getOS($session_user_agent)));
|
||||
$browser = strip_tags(mysqli_real_escape_string($mysqli,getWebBrowser($session_user_agent)));
|
||||
|
||||
$invoice_tally_total = 0; // Default
|
||||
|
||||
//Set Badge color based off of invoice status
|
||||
if ($invoice_status == "Sent") {
|
||||
$invoice_badge_color = "warning text-white";
|
||||
@@ -108,6 +112,7 @@ if (isset($_GET['invoice_id'], $_GET['url_key'])) {
|
||||
$balance = $invoice_amount - $amount_paid;
|
||||
|
||||
//check to see if overdue
|
||||
$invoice_color = $invoice_badge_color; // Default
|
||||
if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled") {
|
||||
$unixtime_invoice_due = strtotime($invoice_due) + 86400;
|
||||
if ($unixtime_invoice_due < time()) {
|
||||
|
||||
+77
-77
@@ -1,125 +1,125 @@
|
||||
<?php
|
||||
|
||||
include("inc_all.php");
|
||||
include("inc_all.php");
|
||||
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id"));
|
||||
$sent_count = $row['num'];
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id"));
|
||||
$sent_count = $row['num'];
|
||||
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Viewed' AND company_id = $session_company_id"));
|
||||
$viewed_count = $row['num'];
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Viewed' AND company_id = $session_company_id"));
|
||||
$viewed_count = $row['num'];
|
||||
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND company_id = $session_company_id"));
|
||||
$partial_count = $row['num'];
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Partial' AND company_id = $session_company_id"));
|
||||
$partial_count = $row['num'];
|
||||
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id"));
|
||||
$draft_count = $row['num'];
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id"));
|
||||
$draft_count = $row['num'];
|
||||
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id"));
|
||||
$cancelled_count = $row['num'];
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id"));
|
||||
$cancelled_count = $row['num'];
|
||||
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_due > CURDATE() AND company_id = $session_company_id"));
|
||||
$overdue_count = $row['num'];
|
||||
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('invoice_id') AS num FROM invoices WHERE invoice_due > CURDATE() AND company_id = $session_company_id"));
|
||||
$overdue_count = $row['num'];
|
||||
|
||||
$sql_total_draft = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_draft FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_draft);
|
||||
$total_draft = $row['total_draft'];
|
||||
$sql_total_draft = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_draft FROM invoices WHERE invoice_status = 'Draft' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_draft);
|
||||
$total_draft = $row['total_draft'];
|
||||
|
||||
$sql_total_sent = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_sent FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_sent);
|
||||
$total_sent = $row['total_sent'];
|
||||
$sql_total_sent = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_sent FROM invoices WHERE invoice_status = 'Sent' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_sent);
|
||||
$total_sent = $row['total_sent'];
|
||||
|
||||
$sql_total_viewed = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_viewed FROM invoices WHERE invoice_status = 'Viewed' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_viewed);
|
||||
$total_viewed = $row['total_viewed'];
|
||||
$sql_total_viewed = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_viewed FROM invoices WHERE invoice_status = 'Viewed' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_viewed);
|
||||
$total_viewed = $row['total_viewed'];
|
||||
|
||||
$sql_total_cancelled = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_cancelled FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_cancelled);
|
||||
$total_cancelled = $row['total_cancelled'];
|
||||
$sql_total_cancelled = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_cancelled FROM invoices WHERE invoice_status = 'Cancelled' AND company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_cancelled);
|
||||
$total_cancelled = $row['total_cancelled'];
|
||||
|
||||
$sql_total_partial = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_partial FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_status = 'Partial' AND invoices.company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_partial);
|
||||
$total_partial = $row['total_partial'];
|
||||
$total_partial_count = mysqli_num_rows($sql_total_partial);
|
||||
$sql_total_partial = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_partial FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_status = 'Partial' AND invoices.company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_partial);
|
||||
$total_partial = $row['total_partial'];
|
||||
$total_partial_count = mysqli_num_rows($sql_total_partial);
|
||||
|
||||
$sql_total_overdue_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_overdue_partial FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_status = 'Partial' AND invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_overdue_partial);
|
||||
$total_overdue_partial = $row['total_overdue_partial'];
|
||||
$sql_total_overdue_partial = mysqli_query($mysqli,"SELECT SUM(payment_amount) AS total_overdue_partial FROM payments, invoices WHERE payment_invoice_id = invoice_id AND invoice_status = 'Partial' AND invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_overdue_partial);
|
||||
$total_overdue_partial = $row['total_overdue_partial'];
|
||||
|
||||
$sql_total_overdue = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_overdue FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_overdue);
|
||||
$total_overdue = $row['total_overdue'];
|
||||
$sql_total_overdue = mysqli_query($mysqli,"SELECT SUM(invoice_amount) AS total_overdue FROM invoices WHERE invoice_status NOT LIKE 'Draft' AND invoice_status NOT LIKE 'Paid' AND invoice_due < CURDATE() AND invoices.company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql_total_overdue);
|
||||
$total_overdue = $row['total_overdue'];
|
||||
|
||||
$real_overdue_amount = $total_overdue - $total_overdue_partial;
|
||||
$real_overdue_amount = $total_overdue - $total_overdue_partial;
|
||||
|
||||
|
||||
if (!empty($_GET['sb'])) {
|
||||
if (!empty($_GET['sb'])) {
|
||||
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
|
||||
}else{
|
||||
} else {
|
||||
$sb = "invoice_number";
|
||||
}
|
||||
}
|
||||
|
||||
// Reverse default sort
|
||||
if (!isset($_GET['o'])) {
|
||||
// Reverse default sort
|
||||
if (!isset($_GET['o'])) {
|
||||
$o = "DESC";
|
||||
$disp = "ASC";
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($_GET['canned_date'])) {
|
||||
if (empty($_GET['canned_date'])) {
|
||||
//Prevents lots of undefined variable errors.
|
||||
// $dtf and $dtt will be set by the below else to 0000-00-00 / 9999-00-00
|
||||
$_GET['canned_date'] = 'custom';
|
||||
}
|
||||
}
|
||||
|
||||
//Invoice status from GET
|
||||
if (isset($_GET['status']) && ($_GET['status']) == 'Draft') {
|
||||
//Invoice status from GET
|
||||
if (isset($_GET['status']) && ($_GET['status']) == 'Draft') {
|
||||
$status_query = 'Draft';
|
||||
}elseif (isset($_GET['status']) && ($_GET['status']) == 'Sent') {
|
||||
} elseif (isset($_GET['status']) && ($_GET['status']) == 'Sent') {
|
||||
$status_query = 'Sent';
|
||||
}elseif (isset($_GET['status']) && ($_GET['status']) == 'Viewed') {
|
||||
} elseif (isset($_GET['status']) && ($_GET['status']) == 'Viewed') {
|
||||
$status_query = 'Viewed';
|
||||
}elseif (isset($_GET['status']) && ($_GET['status']) == 'Partial') {
|
||||
} elseif (isset($_GET['status']) && ($_GET['status']) == 'Partial') {
|
||||
$status_query = 'Partial';
|
||||
}else{
|
||||
} else {
|
||||
$status_query = '%';
|
||||
}
|
||||
}
|
||||
|
||||
//Date Filter
|
||||
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
|
||||
//Date Filter
|
||||
if ($_GET['canned_date'] == "custom" && !empty($_GET['dtf'])) {
|
||||
$dtf = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtf']));
|
||||
$dtt = strip_tags(mysqli_real_escape_string($mysqli,$_GET['dtt']));
|
||||
}elseif ($_GET['canned_date'] == "today") {
|
||||
} elseif ($_GET['canned_date'] == "today") {
|
||||
$dtf = date('Y-m-d');
|
||||
$dtt = date('Y-m-d');
|
||||
}elseif ($_GET['canned_date'] == "yesterday") {
|
||||
} elseif ($_GET['canned_date'] == "yesterday") {
|
||||
$dtf = date('Y-m-d',strtotime("yesterday"));
|
||||
$dtt = date('Y-m-d',strtotime("yesterday"));
|
||||
}elseif ($_GET['canned_date'] == "thisweek") {
|
||||
} elseif ($_GET['canned_date'] == "thisweek") {
|
||||
$dtf = date('Y-m-d',strtotime("monday this week"));
|
||||
$dtt = date('Y-m-d');
|
||||
}elseif ($_GET['canned_date'] == "lastweek") {
|
||||
} elseif ($_GET['canned_date'] == "lastweek") {
|
||||
$dtf = date('Y-m-d',strtotime("monday last week"));
|
||||
$dtt = date('Y-m-d',strtotime("sunday last week"));
|
||||
}elseif ($_GET['canned_date'] == "thismonth") {
|
||||
} elseif ($_GET['canned_date'] == "thismonth") {
|
||||
$dtf = date('Y-m-01');
|
||||
$dtt = date('Y-m-d');
|
||||
}elseif ($_GET['canned_date'] == "lastmonth") {
|
||||
} elseif ($_GET['canned_date'] == "lastmonth") {
|
||||
$dtf = date('Y-m-d',strtotime("first day of last month"));
|
||||
$dtt = date('Y-m-d',strtotime("last day of last month"));
|
||||
}elseif ($_GET['canned_date'] == "thisyear") {
|
||||
} elseif ($_GET['canned_date'] == "thisyear") {
|
||||
$dtf = date('Y-01-01');
|
||||
$dtt = date('Y-m-d');
|
||||
}elseif ($_GET['canned_date'] == "lastyear") {
|
||||
} elseif ($_GET['canned_date'] == "lastyear") {
|
||||
$dtf = date('Y-m-d',strtotime("first day of january last year"));
|
||||
$dtt = date('Y-m-d',strtotime("last day of december last year"));
|
||||
}else{
|
||||
} else {
|
||||
$dtf = "0000-00-00";
|
||||
$dtt = "9999-00-00";
|
||||
}
|
||||
}
|
||||
|
||||
//Rebuild URL
|
||||
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
|
||||
//Rebuild URL
|
||||
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
|
||||
|
||||
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
|
||||
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
|
||||
LEFT JOIN clients ON invoice_client_id = client_id
|
||||
LEFT JOIN categories ON invoice_category_id = category_id
|
||||
WHERE invoices.company_id = $session_company_id
|
||||
@@ -128,7 +128,7 @@
|
||||
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR client_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%' OR category_name LIKE '%$q%')
|
||||
ORDER BY $sb $o LIMIT $record_from, $record_to");
|
||||
|
||||
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
|
||||
$num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
|
||||
|
||||
?>
|
||||
|
||||
@@ -272,7 +272,7 @@
|
||||
$invoice_scope = htmlentities($row['invoice_scope']);
|
||||
if (empty($invoice_scope)) {
|
||||
$invoice_scope_display = "-";
|
||||
}else{
|
||||
} else {
|
||||
$invoice_scope_display = $invoice_scope;
|
||||
}
|
||||
$invoice_status = htmlentities($row['invoice_status']);
|
||||
@@ -295,21 +295,21 @@
|
||||
|
||||
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
|
||||
$overdue_color = "text-danger font-weight-bold";
|
||||
}else{
|
||||
} else {
|
||||
$overdue_color = "";
|
||||
}
|
||||
|
||||
if ($invoice_status == "Sent") {
|
||||
$invoice_badge_color = "warning text-white";
|
||||
}elseif ($invoice_status == "Viewed") {
|
||||
} elseif ($invoice_status == "Viewed") {
|
||||
$invoice_badge_color = "info";
|
||||
}elseif ($invoice_status == "Partial") {
|
||||
} elseif ($invoice_status == "Partial") {
|
||||
$invoice_badge_color = "primary";
|
||||
}elseif ($invoice_status == "Paid") {
|
||||
} elseif ($invoice_status == "Paid") {
|
||||
$invoice_badge_color = "success";
|
||||
}elseif ($invoice_status == "Cancelled") {
|
||||
} elseif ($invoice_status == "Cancelled") {
|
||||
$invoice_badge_color = "danger";
|
||||
}else{
|
||||
} else{
|
||||
$invoice_badge_color = "secondary";
|
||||
}
|
||||
|
||||
@@ -366,9 +366,9 @@
|
||||
|
||||
<?php
|
||||
|
||||
include("invoice_add_modal.php");
|
||||
include("category_quick_add_modal.php");
|
||||
include("invoice_add_modal.php");
|
||||
include("category_quick_add_modal.php");
|
||||
|
||||
include("footer.php");
|
||||
include("footer.php");
|
||||
|
||||
?>
|
||||
+25
-3
@@ -20,17 +20,28 @@ if (!$_SESSION['client_logged_in']) {
|
||||
die;
|
||||
}
|
||||
|
||||
// SESSION FINGERPRINT
|
||||
// User IP & UA
|
||||
$session_ip = strip_tags(mysqli_real_escape_string($mysqli, getIP()));
|
||||
|
||||
// Get user agent
|
||||
$session_user_agent = strip_tags(mysqli_real_escape_string($mysqli, $_SERVER['HTTP_USER_AGENT']));
|
||||
|
||||
|
||||
// Get info from session
|
||||
$session_client_id = $_SESSION['client_id'];
|
||||
$session_contact_id = $_SESSION['contact_id'];
|
||||
$session_company_id = $_SESSION['company_id'];
|
||||
|
||||
|
||||
// Get company info from database
|
||||
$sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = $session_company_id");
|
||||
$row = mysqli_fetch_array($sql);
|
||||
|
||||
$session_company_name = $row['company_name'];
|
||||
$session_company_country = $row['company_country'];
|
||||
$session_company_locale = $row['company_locale'];
|
||||
$session_company_currency = $row['company_currency'];
|
||||
$currency_format = numfmt_create($session_company_locale, NumberFormatter::CURRENCY);
|
||||
|
||||
|
||||
// Get contact info
|
||||
$contact_sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = '$session_contact_id' AND contact_client_id = '$session_client_id'");
|
||||
$contact = mysqli_fetch_array($contact_sql);
|
||||
@@ -41,6 +52,17 @@ $session_contact_title = strip_tags(mysqli_real_escape_string($mysqli, $contact[
|
||||
$session_contact_email = strip_tags(mysqli_real_escape_string($mysqli, $contact['contact_email']));
|
||||
$session_contact_photo = $contact['contact_photo'];
|
||||
|
||||
$session_contact_is_technical_contact = false;
|
||||
$session_contact_is_billing_contact = false;
|
||||
if ($contact['contact_technical'] == 1) {
|
||||
$session_contact_is_technical_contact = true;
|
||||
}
|
||||
if ($contact['contact_billing'] == 1) {
|
||||
$session_contact_is_billing_contact = true;
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Get client info
|
||||
$client_sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_id = '$session_client_id'");
|
||||
$client = mysqli_fetch_array($client_sql);
|
||||
|
||||
+45
-13
@@ -4,21 +4,14 @@
|
||||
* Invoices for PTC
|
||||
*/
|
||||
|
||||
/*
|
||||
TODO:
|
||||
- Allow accounting contacts to see this page
|
||||
- Tidy styling and add currency codes
|
||||
- Add links to see the invoice in full (similar to invoice guest view)
|
||||
*/
|
||||
|
||||
require_once("inc_portal.php");
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id) {
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_billing_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
$invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id = $session_client_id AND invoice_status = 'Paid' ORDER BY invoice_date DESC");
|
||||
$invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_client_id = $session_client_id AND (invoice_status = 'Sent' OR invoice_status = 'Viewed' OR invoice_status = 'Paid') ORDER BY invoice_date DESC");
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
@@ -53,8 +46,10 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
|
||||
<tr>
|
||||
<th>#</th>
|
||||
<th>Scope</th>
|
||||
<th>Date</th>
|
||||
<th>Amount</th>
|
||||
<th>Date</th>
|
||||
<th>Due</th>
|
||||
<th>Status</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
@@ -65,15 +60,52 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
|
||||
$invoice_prefix = htmlentities($row['invoice_prefix']);
|
||||
$invoice_number = htmlentities($row['invoice_number']);
|
||||
$invoice_scope = htmlentities($row['invoice_scope']);
|
||||
$invoice_status = htmlentities($row['invoice_status']);
|
||||
$invoice_date = $row['invoice_date'];
|
||||
$invoice_due = $row['invoice_due'];
|
||||
$invoice_amount = floatval($row['invoice_amount']);
|
||||
$invoice_url_key = htmlentities($row['invoice_url_key']);
|
||||
|
||||
if (empty($invoice_scope)) {
|
||||
$invoice_scope_display = "-";
|
||||
} else {
|
||||
$invoice_scope_display = $invoice_scope;
|
||||
}
|
||||
|
||||
$now = time();
|
||||
if (($invoice_status == "Sent" || $invoice_status == "Partial" || $invoice_status == "Viewed") && strtotime($invoice_due) + 86400 < $now ) {
|
||||
$overdue_color = "text-danger font-weight-bold";
|
||||
} else {
|
||||
$overdue_color = "";
|
||||
}
|
||||
|
||||
if ($invoice_status == "Sent") {
|
||||
$invoice_badge_color = "warning text-white";
|
||||
} elseif ($invoice_status == "Viewed") {
|
||||
$invoice_badge_color = "info";
|
||||
} elseif ($invoice_status == "Partial") {
|
||||
$invoice_badge_color = "primary";
|
||||
} elseif ($invoice_status == "Paid") {
|
||||
$invoice_badge_color = "success";
|
||||
} elseif ($invoice_status == "Cancelled") {
|
||||
$invoice_badge_color = "danger";
|
||||
} else{
|
||||
$invoice_badge_color = "secondary";
|
||||
}
|
||||
?>
|
||||
|
||||
<tr>
|
||||
<td><?php echo "$invoice_prefix$invoice_number"; ?></a></td>
|
||||
<td><?php echo $invoice_scope; ?></td>
|
||||
<td><a target="_blank" href="\\<?php echo $config_base_url ?>/guest_view_invoice.php?invoice_id=<?php echo "$invoice_id&url_key=$invoice_url_key"?>"> <?php echo "$invoice_prefix$invoice_number"; ?></a></td>
|
||||
<td><?php echo $invoice_scope_display; ?></td>
|
||||
<td><?php echo numfmt_format_currency($currency_format, $invoice_amount, $session_company_currency); ?></td>
|
||||
<td><?php echo $invoice_date; ?></td>
|
||||
<td><?php echo $invoice_amount; ?></td>
|
||||
<td class="<?php echo $overdue_color; ?>"><?php echo $invoice_due; ?></td>
|
||||
<td>
|
||||
<span class="p-2 badge badge-<?php echo $invoice_badge_color; ?>">
|
||||
<?php echo $invoice_status; ?>
|
||||
</span>
|
||||
</td>
|
||||
|
||||
</tr>
|
||||
<?php
|
||||
}
|
||||
|
||||
@@ -7,17 +7,17 @@
|
||||
/*
|
||||
* Verifies a contact has access to a particular ticket ID, and that the ticket is in the correct state (open/closed) to perform an action
|
||||
*/
|
||||
function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state) {
|
||||
function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state)
|
||||
{
|
||||
|
||||
// Access the global variables
|
||||
global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_client_id;
|
||||
global $mysqli, $session_contact_id, $session_client_primary_contact_id, $session_contact_is_technical_contact, $session_client_id;
|
||||
|
||||
// Setup
|
||||
if ($expected_ticket_state == "Closed") {
|
||||
// Closed tickets
|
||||
$ticket_state_snippet = "ticket_status = 'Closed'";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
// Open (working/hold) tickets
|
||||
$ticket_state_snippet = "ticket_status != 'Closed'";
|
||||
}
|
||||
@@ -27,12 +27,12 @@ function verifyContactTicketAccess($requested_ticket_id, $expected_ticket_state)
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$ticket_id = $row['ticket_id'];
|
||||
|
||||
if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id)) {
|
||||
// Client is ticket owner, or primary contact
|
||||
return TRUE;
|
||||
if (intval($ticket_id) && ($session_contact_id == $row['ticket_contact_id'] || $session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact)) {
|
||||
// Client is ticket owner, primary contact, or a technical contact
|
||||
return true;
|
||||
}
|
||||
|
||||
// Client is NOT ticket owner or primary contact
|
||||
return FALSE;
|
||||
// Client is NOT ticket owner or primary/tech contact
|
||||
return false;
|
||||
|
||||
}
|
||||
@@ -43,7 +43,7 @@
|
||||
<li class="nav-item">
|
||||
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "tickets.php" || basename($_SERVER['PHP_SELF']) == "ticket_add.php" || basename($_SERVER['PHP_SELF']) == "ticket.php") {echo "active";} ?>" href="tickets.php">Tickets</a>
|
||||
</li>
|
||||
<?php if ($session_contact_id == $session_client_primary_contact_id) { ?>
|
||||
<?php if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_billing_contact) { ?>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link <?php if (basename($_SERVER['PHP_SELF']) == "invoices.php") {echo "active";} ?>" href="invoices.php">Invoices</a>
|
||||
</li>
|
||||
|
||||
+12
-8
@@ -4,16 +4,21 @@
|
||||
* User profile
|
||||
*/
|
||||
|
||||
require('inc_portal.php');
|
||||
require_once('inc_portal.php');
|
||||
?>
|
||||
|
||||
<h2>Profile</h2>
|
||||
<h2>Profile</h2>
|
||||
|
||||
<p>Name: <?php echo $session_contact_name ?></p>
|
||||
<p>Email: <?php echo $session_contact_email ?></p>
|
||||
<p>Client: <?php echo $session_client_name ?></p>
|
||||
<p>Client Primary Contact: <?php if ($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
<p>Login via: <?php echo $_SESSION['login_method'] ?> </p>
|
||||
<p>Name: <?php echo $session_contact_name ?></p>
|
||||
<p>Email: <?php echo $session_contact_email ?></p>
|
||||
<p>Client: <?php echo $session_client_name ?></p>
|
||||
<br>
|
||||
<p>Client Primary Contact: <?php if ($session_client_primary_contact_id == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
<p>Client Technical Contact: <?php if ($session_contact_is_technical_contact) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
<p>Client Billing Contact: <?php if ($session_contact_is_billing_contact == $session_contact_id) {echo "Yes"; } else {echo "No";} ?></p>
|
||||
|
||||
|
||||
<p>Login via: <?php echo $_SESSION['login_method'] ?> </p>
|
||||
|
||||
|
||||
<!-- // Show option to change password if auth provider is local -->
|
||||
@@ -34,7 +39,6 @@ require('inc_portal.php');
|
||||
<button type="submit" name="edit_profile" class="btn btn-primary mt-3"><i class="fa fa-fw fa-check"></i> Save password</button>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<?php endif ?>
|
||||
|
||||
<?php
|
||||
|
||||
+4
-7
@@ -9,7 +9,7 @@ require_once("inc_portal.php");
|
||||
if (isset($_GET['id']) && intval($_GET['id'])) {
|
||||
$ticket_id = intval($_GET['id']);
|
||||
|
||||
if ($session_contact_id == $session_client_primary_contact_id) {
|
||||
if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) {
|
||||
$ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id'");
|
||||
} else {
|
||||
$ticket_sql = mysqli_query($mysqli, "SELECT * FROM tickets WHERE ticket_id = '$ticket_id' AND ticket_client_id = '$session_client_id' AND ticket_contact_id = '$session_contact_id'");
|
||||
@@ -44,12 +44,9 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
|
||||
<h4 class="mt-1">
|
||||
Ticket <?php echo $ticket_prefix, $ticket_number ?>
|
||||
<?php
|
||||
if ($ticket_status !== "Closed") {
|
||||
?>
|
||||
if ($ticket_status !== "Closed") { ?>
|
||||
<a href="portal_post.php?close_ticket=<?php echo $ticket_id; ?>" class="btn btn-sm btn-outline-success float-right text-white"><i class="fas fa-fw fa-check text-success"></i> Close ticket</a>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<?php } ?>
|
||||
</h4>
|
||||
</div>
|
||||
|
||||
@@ -61,7 +58,7 @@ if (isset($_GET['id']) && intval($_GET['id'])) {
|
||||
<br>
|
||||
<strong>Priority:</strong> <?php echo $ticket_priority ?>
|
||||
</p>
|
||||
<strong>Issue:</strong> <?php echo $ticket_details ?>
|
||||
<?php echo $ticket_details ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
@@ -4,10 +4,10 @@
|
||||
* New ticket form
|
||||
*/
|
||||
|
||||
require('inc_portal.php');
|
||||
require_once('inc_portal.php');
|
||||
?>
|
||||
|
||||
<ol class="breadcrumb d-print-none">
|
||||
<ol class="breadcrumb d-print-none">
|
||||
<li class="breadcrumb-item">
|
||||
<a href="index.php">Home</a>
|
||||
</li>
|
||||
@@ -15,11 +15,11 @@ require('inc_portal.php');
|
||||
<a href="tickets.php">Tickets</a>
|
||||
</li>
|
||||
<li class="breadcrumb-item active">New Ticket</li>
|
||||
</ol>
|
||||
</ol>
|
||||
|
||||
<h2>Raise a new ticket</h2>
|
||||
<h2>Raise a new ticket</h2>
|
||||
|
||||
<div class="col-md-8">
|
||||
<div class="col-md-8">
|
||||
<form action="portal_post.php" method="post">
|
||||
|
||||
<div class="form-group">
|
||||
@@ -54,7 +54,7 @@ require('inc_portal.php');
|
||||
<button class="btn btn-primary" name="add_ticket">Raise ticket</button>
|
||||
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
require_once('portal_footer.php');
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
|
||||
require_once('inc_portal.php');
|
||||
|
||||
if ($session_contact_id !== $session_client_primary_contact_id) {
|
||||
if ($session_contact_id !== $session_client_primary_contact_id && !$session_contact_is_technical_contact) {
|
||||
header("Location: portal_post.php?logout");
|
||||
exit();
|
||||
}
|
||||
|
||||
+1
-1
@@ -117,7 +117,7 @@ $total_tickets = $row['total_tickets'];
|
||||
|
||||
<a href="?status=%" class="btn btn-secondary btn-block p-3 mb-3 text-left">All my tickets | <strong><?php echo $total_tickets ?></strong></a>
|
||||
<?php
|
||||
if ($session_contact_id == $session_client_primary_contact_id) {
|
||||
if ($session_contact_id == $session_client_primary_contact_id || $session_contact_is_technical_contact) {
|
||||
?>
|
||||
|
||||
<hr>
|
||||
|
||||
@@ -4597,14 +4597,14 @@ if(isset($_POST['edit_contact'])){
|
||||
mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone = '$phone', contact_extension = '$extension', contact_mobile = '$mobile', contact_email = '$email', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_auth_method = '$auth_method', contact_department = '$department', contact_location_id = $location_id WHERE contact_id = $contact_id AND company_id = $session_company_id");
|
||||
|
||||
// Update Primary contact in clients if primary contact is checked
|
||||
if($primary_contact > 0){
|
||||
if ($primary_contact > 0){
|
||||
mysqli_query($mysqli,"UPDATE clients SET primary_contact = $contact_id WHERE client_id = $client_id");
|
||||
}
|
||||
|
||||
// Set password
|
||||
if(!empty($_POST['contact_password'])){
|
||||
$password_hash = mysqli_real_escape_string($mysqli,password_hash($_POST['contact_password'], PASSWORD_DEFAULT));
|
||||
mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password_hash' WHERE contact_client_id = '$client_id'");
|
||||
mysqli_query($mysqli, "UPDATE contacts SET contact_password_hash = '$password_hash' WHERE contact_id = '$contact_id' AND contact_client_id = '$client_id'");
|
||||
}
|
||||
|
||||
// Send contact a welcome e-mail, if specified
|
||||
|
||||
Reference in New Issue
Block a user