ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

General cleanup/tidying

Browse Source
This commit is contained in:
Marcus Hill
2023-02-09 11:32:40 +00:00
parent 9e549adb7e
commit b36719eb99
22 changed files with 1222 additions and 1244 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/v1/contacts/create.php
View File

@@ -7,7 +7,7 @@ require_once('../require_post_method.php');
require_once('contact_model.php');
// Default
$insert_id = FALSE;
$insert_id = false;
if (!empty($name) && !empty($email) && !empty($client_id)) {

2
api/v1/contacts/delete.php
View File

@@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$delete_count = FALSE;
$delete_count = false;
if (!empty($contact_id)) {
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_id = $contact_id AND contact_client_id = $client_id AND company_id = '$company_id' LIMIT 1"));

2
api/v1/contacts/update.php
View File

@@ -7,7 +7,7 @@ require_once('../require_post_method.php');
$contact_id = intval($_POST['contact_id']);
// Default
$update_count = FALSE;
$update_count = false;
if (!empty($contact_id)) {

2
client_contact_details.php
View File

@@ -29,7 +29,7 @@ if (isset($_GET['contact_id'])) {
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);

2
client_contacts.php
View File

@@ -133,7 +133,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
if ($contact_id == $primary_contact) {
$primary_contact_display = "<small class='text-success'>Primary Contact</small>";
} else {
$primary_contact_display = FALSE;
$primary_contact_display = false;
}
$contact_location_id = $row['contact_location_id'];
$location_name = htmlentities($row['location_name']);

19
client_invoices.php
View File

@@ -1,6 +1,5 @@
<?php require_once("inc_all_client.php"); ?>
<?php
require_once("inc_all_client.php");
if (!empty($_GET['sb'])) {
$sb = strip_tags(mysqli_real_escape_string($mysqli,$_GET['sb']));
@@ -17,7 +16,9 @@ if (!isset($_GET['o'])) {
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
$sql = mysqli_query(
$mysqli,
"SELECT SQL_CALC_FOUND_ROWS * FROM invoices
LEFT JOIN categories ON invoice_category_id = category_id
WHERE invoice_client_id = $client_id
AND (CONCAT(invoice_prefix,invoice_number) LIKE '%$q%' OR invoice_scope LIKE '%$q%' OR category_name LIKE '%$q%' OR invoice_status LIKE '%$q%' OR invoice_amount LIKE '%$q%')
@@ -149,8 +150,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<?php
include("invoice_copy_modal.php");
include("invoice_edit_modal.php");
require("invoice_copy_modal.php");
require("invoice_edit_modal.php");
}
?>
@@ -158,10 +159,10 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</tbody>
</table>
</div>
<?php include("pagination.php"); ?>
<?php require_once("pagination.php"); ?>
</div>
</div>
<?php include("invoice_add_modal.php"); ?>
<?php include("footer.php"); ?>
<?php
require_once("invoice_add_modal.php");
require_once("footer.php");

6
functions.php
View File

@@ -405,7 +405,7 @@ function getDomainRecords($name) {
function getSSL($name) {
$certificate = array();
$certificate['success'] = FALSE;
$certificate['success'] = false;
// Only run if we think the domain is valid
if (!filter_var($name, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
@@ -417,7 +417,7 @@ function getSSL($name) {
// Get SSL/TSL certificate (using verify peer false to allow for self-signed certs) for domain on default port
$socket = "ssl://$name:443";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => true, "verify_peer" => false,)));
$read = stream_socket_client($socket, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $get);
// If the socket connected
@@ -427,7 +427,7 @@ function getSSL($name) {
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
if ($cert_public_key_obj) {
$certificate['success'] = TRUE;
$certificate['success'] = true;
$certificate['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$certificate['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$certificate['public_key'] = $export;

2
guest_view_item.php
View File

@@ -1,7 +1,7 @@
<?php
header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
require_once("guest_header.php"); ?>

6
login.php
View File

@@ -47,11 +47,11 @@ $config_mail_from_email = $row['config_mail_from_email'];
$config_mail_from_name = $row['config_mail_from_name'];
// HTTP-Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
// Tell client to only send cookie(s) over HTTPS
if ($config_https_only) {
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
// Handle POST login request
@@ -120,7 +120,7 @@ if (isset($_POST['login'])) {
$_SESSION['user_name'] = $user_name;
$_SESSION['user_role'] = $row['user_role'];
$_SESSION['csrf_token'] = randomString(156);
$_SESSION['logged'] = TRUE;
$_SESSION['logged'] = true;
// Setup encryption session key
if (isset($row['user_specific_encryption_ciphertext']) && $row['user_role'] > 1) {

4
portal/inc_portal.php
View File

@@ -11,10 +11,10 @@ require_once('portal_functions.php');
if (!isset($_SESSION)) {
// HTTP Only cookies
ini_set("session.cookie_httponly", True);
ini_set("session.cookie_httponly", true);
if ($config_https_only) {
// Tell client to only send cookie(s) over HTTPS
ini_set("session.cookie_secure", True);
ini_set("session.cookie_secure", true);
}
session_start();
}

7
portal/invoices.php
View File

@@ -18,9 +18,7 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
<div class="col-md-1 text-center">
<?php if (!empty($session_contact_photo)) { ?>
<img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<?php } else { ?>
<span class="fa-stack fa-2x rounded-left">
<i class="fa fa-circle fa-stack-2x text-secondary"></i>
<span class="fa fa-stack-1x text-white"><?php echo $session_contact_initials; ?></span>
@@ -107,9 +105,8 @@ $invoices_sql = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_clie
</td>
</tr>
<?php
}
?>
<?php } ?>
</tbody>
</table>

2
portal/login.php
View File

@@ -46,7 +46,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
if ($row['contact_auth_method'] == 'local') {
if (password_verify($password, $row['contact_password_hash'])) {
$_SESSION['client_logged_in'] = TRUE;
$_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id'];

2
portal/login_microsoft.php
View File

@@ -95,7 +95,7 @@ if (isset($_POST['code']) && $_POST['state'] == session_id()) {
$row = mysqli_fetch_array($sql);
if ($row['contact_auth_method'] == 'azure') {
$_SESSION['client_logged_in'] = TRUE;
$_SESSION['client_logged_in'] = true;
$_SESSION['client_id'] = $row['contact_client_id'];
$_SESSION['contact_id'] = $row['contact_id'];
$_SESSION['company_id'] = $row['company_id'];

46
post.php
View File

@@ -284,7 +284,7 @@ if(isset($_POST['edit_profile'])){
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$new_password = trim($_POST['new_password']);
$existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
$logout = FALSE;
$logout = false;
$extended_log_description = '';
// Email notification when password or email is changed
@@ -367,7 +367,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli,"UPDATE users SET user_password = '$new_password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' WHERE user_id = $user_id");
$extended_log_description .= ", password changed";
$logout = TRUE;
$logout = true;
}
// Enable extension access, only if it isn't already setup (user doesn't have cookie)
@@ -377,7 +377,7 @@ if(isset($_POST['edit_profile'])){
mysqli_query($mysqli, "UPDATE users SET user_extension_key = '$extension_key' WHERE user_id = $user_id");
$extended_log_description .= ", extension access enabled";
$logout = TRUE;
$logout = true;
}
}
@@ -4788,19 +4788,19 @@ if(isset($_POST["import_client_contacts_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@@ -4808,7 +4808,7 @@ if(isset($_POST["import_client_contacts_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@@ -4818,7 +4818,7 @@ if(isset($_POST["import_client_contacts_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@@ -5209,19 +5209,19 @@ if(isset($_POST["import_client_locations_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@@ -5229,7 +5229,7 @@ if(isset($_POST["import_client_locations_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 7) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@@ -5239,7 +5239,7 @@ if(isset($_POST["import_client_locations_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@@ -5519,19 +5519,19 @@ if(isset($_POST["import_client_assets_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@@ -5539,7 +5539,7 @@ if(isset($_POST["import_client_assets_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 8) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@@ -5549,7 +5549,7 @@ if(isset($_POST["import_client_assets_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));
@@ -6163,19 +6163,19 @@ if(isset($_POST["import_client_logins_csv"])){
$client_id = intval($_POST['client_id']);
$file_name = $_FILES["file"]["tmp_name"];
$error = FALSE;
$error = false;
//Check file is CSV
$file_extension = strtolower(end(explode('.',$_FILES['file']['name'])));
$allowed_file_extensions = array('csv');
if(in_array($file_extension,$allowed_file_extensions) === false){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file extension";
}
//Check file isn't empty
elseif($_FILES["file"]["size"] < 1){
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad file size (empty?)";
}
@@ -6183,7 +6183,7 @@ if(isset($_POST["import_client_logins_csv"])){
$f = fopen($file_name, "r");
$f_columns = fgetcsv($f, 1000, ",");
if(!$error & count($f_columns) != 4) {
$error = TRUE;
$error = true;
$_SESSION['alert_message'] = "Bad column count.";
}
@@ -6193,7 +6193,7 @@ if(isset($_POST["import_client_logins_csv"])){
fgetcsv($file, 1000, ","); // Skip first line
$row_count = 0;
$duplicate_count = 0;
while(($column = fgetcsv($file, 1000, ",")) !== FALSE){
while(($column = fgetcsv($file, 1000, ",")) !== false){
$duplicate_detect = 0;
if(isset($column[0])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $column[0])));

19
rfc6238.php
View File

@@ -65,26 +65,7 @@
return $url;
}
public static function generateRandomClue($length = 16) {
$b32 = "234567QWERTYUIOPASDFGHJKLZXCVBNM";
$s = "";
for ($i = 0; $i < $length; $i++)
$s .= $b32[rand(0,31)];
return $s;
}
private static function hotp_tobytestream($key) {
$result = array();
$last = strlen($key);
for ($i = 0; $i < $last; $i = $i + 2) {
$x = $key[$i] + $key[$i + 1];
$x = strtoupper($x);
$x = hexdec($x);
$result = $result.chr($x);
}
return $result;
}
private static function oath_hotp ($key, $counter, $debug=false) {
$result = "";
$orgcounter = $counter;

15
ticket.php
View File

@@ -1,4 +1,5 @@
<?php include("inc_all.php");
<?php
require_once("inc_all.php");
if (isset($_GET['ticket_id'])) {
$ticket_id = intval($_GET['ticket_id']);
@@ -374,7 +375,7 @@ if (isset($_GET['ticket_id'])) {
<?php
include("ticket_reply_edit_modal.php");
require("ticket_reply_edit_modal.php");
}
@@ -617,17 +618,15 @@ if (isset($_GET['ticket_id'])) {
</div>
<?php
include("ticket_edit_modal.php");
include("ticket_merge_modal.php");
include("ticket_invoice_add_modal.php");
require("ticket_edit_modal.php");
require("ticket_merge_modal.php");
require("ticket_invoice_add_modal.php");
}
}
?>
<?php include_once("footer.php");
require_once("footer.php");
if ($ticket_status !== "Closed") { ?>
<!-- Ticket Time Tracking JS -->