ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ThaMunsta/itflow:e4c4a98460b7426b8cd960219141086586e3c381
Branches Tags
ThaMunsta/itflow:main ThaMunsta/itflow:stage
...
compare: ThaMunsta/itflow:28c7a7202864c94d87b7178c6602b6c3ffba9763
Branches Tags
ThaMunsta/itflow:stage ThaMunsta/itflow:main

46 Commits
e4c4a98460 ... 28c7a72028

Author SHA1 Message Date
ThaMunsta 28c7a72028 Merge branch 'master' into techbar 2025-04-09 11:17:22 -04:00
Johnny d92f0fc49b Merge pull request #1206 from itflow-org/develop 
Develop to Master for 25.03.4 Release
 2025-04-07 13:31:20 -04:00
johnnyq f206a28cf7 Update Changelog and App version to 25.03.4 2025-04-07 13:07:03 -04:00
johnnyq 70cb0ac635 Add the ability to remove additional assets from the ticket details screen 2025-04-07 12:58:55 -04:00
johnnyq a0ece18876 Allow to remove additional assets in a ticket 2025-04-07 11:59:56 -04:00
wrongecho 4a22b03952 Global search - assets 
When global search returns an asset, include a hyperlink to the asset details as part of the asset name
 2025-04-04 15:12:32 +01:00
wrongecho 5ebf797c90 rm asset_mac - no longer in assets table 2025-04-04 15:08:04 +01:00
wrongecho a20759f1f2 rm asset_mac - no longer in assets table 2025-04-04 15:07:47 +01:00
wrongecho c273cab36e Portal - View all ticket bugfix 
View all tickets should display the ticket_number rather than the database ID
 2025-04-04 14:50:36 +01:00
johnnyq 8306a04eda Add Purchase Reference to Copy Asset 2025-04-03 15:07:56 -04:00
johnnyq f078203136 Fix Database Export, was not properly exporting utf8, html data and such. Also disable foreign key contraint check in the export then renable it in the end. This fixes the issue with importing the database into phpmyadmin or using the mysql command 2025-04-03 15:01:47 -04:00
johnnyq 15e89c3c4e Fix Bulk Assign ticket to only show ITflow users and not client users 2025-04-01 17:23:44 -04:00
Johnny 595c4f1440 Merge pull request #1205 from itflow-org/develop 
Develop to Master for 25.03.3 release
 2025-04-01 11:45:41 -04:00
johnnyq 91a523dc23 Update Changelog 2025-04-01 11:40:24 -04:00
johnnyq 8567c97c09 Merge branch 'develop' of github.com:itflow-org/itflow into develop 2025-04-01 11:33:16 -04:00
johnnyq 3621e99c61 Update Changelog and app version 2025-04-01 11:33:04 -04:00
Johnny d99b9cbe68 Merge pull request #1204 from itflow-org/fix-assign2 
Ticket assign
 2025-04-01 10:56:56 -04:00
Johnny e319768fd3 Merge pull request #1203 from itflow-org/fix-bulk-assign 
Tickets - Fix bulk assign
 2025-04-01 10:56:27 -04:00
Johnny c30ffcf096 Merge pull request #1202 from itflow-org/user-activity 
User activity
 2025-04-01 10:55:17 -04:00
wrongecho 7286248fef Ticket assign 
Remove the role check altogether, its the old way of doing the roles anyway
 2025-04-01 09:12:24 +01:00
wrongecho dc49f80cc3 Tickets - Fix bulk assign 
Fix bulk assigning tickets to agents
 2025-04-01 09:03:33 +01:00
wrongecho 1ae2da8054 User activity 
Hide the See More button if the user can't actually access the logs due to not being an admin
 2025-04-01 08:46:22 +01:00
johnnyq 090f4cb560 Fix adding location phone extension when addign a client 2025-03-31 19:33:07 -04:00
johnnyq 0914716b8e Allow user to redact client replied tickets 2025-03-31 18:42:56 -04:00
johnnyq ab463c1773 Tidy Phone Country code add + placeholder 2025-03-31 17:30:33 -04:00
johnnyq 36af4d11fc Few more phone fixes 2025-03-31 16:52:47 -04:00
johnnyq 14d8dc6fa6 Fix php errors thrown when formatPhone is blank 2025-03-31 16:35:36 -04:00
johnnyq 2032b48ad3 DB Update Set Country codes to default to NULL and not 1 Nullify all current country codes 2025-03-31 12:06:36 -04:00
Johnny 2af795f548 Merge pull request #1201 from itflow-org/fix-users 
Fix users
 2025-03-31 11:22:47 -04:00
Johnny 7b4edb2948 Merge pull request #1200 from itflow-org/recurring-invoices 
Recurring invoices
 2025-03-31 11:22:30 -04:00
wrongecho 17a906fd03 Users bugfixes 
- Fix syntax error when adding user, thanks @fleetlognorge
- Fix old reference to scheduled_tickets
 2025-03-31 08:35:42 +01:00
wrongecho af46a1fd96 Fix syntax error when adding user, thanks @fleetlognorge 2025-03-31 08:32:14 +01:00
wrongecho 393c0b8c11 Recurring invoices 
- Fix the delete link
- Cron should only flag recurring invoices that with a next-run in the past if the recurring invoice is active
 2025-03-31 08:28:22 +01:00
johnnyq e92f2f714d Fix Ticket Assign to 2025-03-30 20:48:12 -04:00
johnnyq 42606067c0 If no country code is entered display the number only no spaces hyphens or perenthesis 2025-03-30 12:22:43 -04:00
johnnyq 98bb65509d Fix setting country code in company details 2025-03-30 11:45:27 -04:00
johnnyq a2599e5d43 Fix network location edit 2025-03-30 02:14:06 -04:00
Johnny 0390b1bc2a Merge pull request #1198 from itflow-org/develop 
Develop to Master
 2025-03-29 18:23:37 -04:00
johnnyq 531f3ec741 Update app version and changelog 2025-03-29 18:18:52 -04:00
johnnyq 127afdca0d DB.sql revert 2 2025-03-29 18:16:25 -04:00
johnnyq c4df5bf988 DB.sql revert 2025-03-29 18:12:32 -04:00
Johnny 30234e044d Merge pull request #1197 from itflow-org/develop 
Merge Develop into Master
 2025-03-29 17:47:08 -04:00
johnnyq 1e98ee8916 Update app version and Changelog hotfix 2025-03-29 17:43:00 -04:00
johnnyq d5665c2577 Update db.sql to match the mediumtext of the updates 2025-03-29 17:35:53 -04:00
johnnyq 762ec51a19 Fix issue with missing phone numbers 2025-03-29 16:41:40 -04:00
johnnyq 309ad724ec Fix client export to only show licnesed software by the selected client only 2025-03-29 16:22:48 -04:00
38 changed files with 325 additions and 171 deletions
Expand all files Collapse all files
CHANGELOG.md
+38
View File
@@ -2,6 +2,44 @@
This file documents all notable changes made to ITFlow.
## [25.03.4]
### Fixed
- Ability to remove additional assets from the ticket details screen.
- Fix the ability to remove assets from edit ticket not working when only 1 asset exists.
- Fix Database Backup corruption.
- Client Portal - show ticket number instead of ticket id in ticket listing.
- Add Purchase Reference to copy asset.
- Add Link to asset details from the global search.
- Fix Bulk assign ticket only showing contacts instead of ITFlow users.
## [25.03.3]
### Fixed
- Fix adding ITFlow user.
- Do not alert on inactive recurring invoices.
- Fix ticket user assignment including bulk assignment.
- Fix adding a location phone extension.
- Do not default to +1 Country code, instead default to null.
- Do not format numbers unless a country code is entered.
- Fix editing network location.
- Fix ticket redaction on client replies.
- Remove more from user activity as it requires admin privledges.
- Fix MFA Enforcement page.
## [25.03.2]
### Fixed
- Revert DB.sql change
## [25.03.1]
### Fixed
- Phone number missing in various sections.
- Match Database.
- Client Export Only display licenses users and assets from the selected client only.
## [25.03]
### Fixed
admin_settings_company.php
+1 -1
View File
@@ -119,7 +119,7 @@ $company_initials = nullable_htmlentities(initials($company_name));
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="+<?php echo $company_phone_country_code; ?>" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $company_phone_country_code; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" value="<?php echo $company_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
ajax/ajax_asset_copy.php
+10
View File
@@ -364,6 +364,16 @@ ob_start();
</div>
<?php if ($asset_type !== 'Virtual Machine') { ?>
<div class="form-group">
<label>Purchase Reference</label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
</div>
<input type="text" class="form-control" name="purchase_reference" placeholder="eg. Invoice, PO Number" >
</div>
</div>
<div class="form-group">
<label>Purchase Date</label>
<div class="input-group">
ajax/ajax_contact_details.php
+1 -1
View File
@@ -22,7 +22,7 @@ $contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_mobile_country_code));
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']);
$contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_pin = nullable_htmlentities($row['contact_pin']);
ajax/ajax_contact_edit.php
+3 -3
View File
@@ -19,7 +19,7 @@ $contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']);
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_mobile_country_code));
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']);
$contact_pin = nullable_htmlentities($row['contact_pin']);
$contact_photo = nullable_htmlentities($row['contact_photo']);
@@ -121,7 +121,7 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "+$contact_phone_country_code"; ?>" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "$contact_phone_country_code"; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" value="<?php echo $contact_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
@@ -141,7 +141,7 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
</div>
<input type="tel" class="form-control col-2" name="mobile_country_code" value="<?php echo "+$contact_mobile_country_code"; ?>" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="mobile_country_code" value="<?php echo "$contact_mobile_country_code"; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="mobile" value="<?php echo $contact_mobile; ?>" placeholder="Phone Number">
</div>
</div>
ajax/ajax_location_edit.php
+2 -2
View File
@@ -209,7 +209,7 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "+$location_phone_country_code"; ?>" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $location_phone_country_code; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" value="<?php echo $location_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
@@ -229,7 +229,7 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
</div>
<input type="tel" class="form-control col-2" name="fax_country_code" value="<?php echo "+$location_fax_country_code"; ?>" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="fax_country_code" value="<?php echo $location_fax_country_code; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="fax" value="<?php echo $location_fax; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
ajax/ajax_network_edit.php
+1 -1
View File
@@ -90,7 +90,7 @@ ob_start();
$location_id = intval($row['location_id']);
$location_name = nullable_htmlentities($row['location_name']);
?>
<option value="<?php echo $location_id; ?>" <?php if ($location_id = $network_location_id) { echo "selected"; } ?>>
<option value="<?php echo $location_id; ?>" <?php if ($location_id == $network_location_id) { echo "selected"; } ?>>
<?php echo $location_name; ?>
</option>
<?php
ajax/ajax_ticket_reply_redact.php
+1 -8
View File
@@ -11,9 +11,6 @@ $sql = mysqli_query($mysqli, "SELECT * FROM ticket_replies
);
$row = mysqli_fetch_array($sql);
$ticket_reply_type = nullable_htmlentities($row['ticket_reply_type']);
$ticket_reply_time_worked = date_create($row['ticket_reply_time_worked']);
$ticket_reply_time_worked_formatted = date_format($ticket_reply_time_worked, 'H:i:s');
$ticket_reply = nullable_htmlentities($row['ticket_reply']);
$client_id = intval($row['ticket_client_id']);
@@ -31,10 +28,6 @@ ob_start();
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="ticket_reply_id" value="<?php echo $ticket_reply_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="ticket_reply_type" value="<?php echo $ticket_reply_type; ?>">
<?php if (!empty($ticket_reply_time_worked)) { ?>
<input type="hidden" name="time" value="<?php echo $ticket_reply_time_worked_formatted; ?>">
<?php } ?>
<div class="modal-body bg-white">
@@ -44,7 +37,7 @@ ob_start();
</div>
<div class="modal-footer bg-white">
<button type="submit" name="edit_ticket_reply" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="submit" name="redact_ticket_reply" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
<button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
</div>
</form>
ajax/ajax_vendor_edit.php
+1 -1
View File
@@ -127,7 +127,7 @@ ob_start();
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "+$vendor_phone_country_code"; ?>" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $vendor_phone_country_code; ?>" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" value="<?php echo $vendor_phone; ?>" placeholder="Phone Number" maxlength="200">
</div>
</div>
client/ticket_view_all.php
+1 -1
View File
@@ -62,7 +62,7 @@ $all_tickets = mysqli_query($mysqli, "SELECT ticket_id, ticket_prefix, ticket_nu
$ticket_contact_name = nullable_htmlentities($row['contact_name']);
echo "<tr>";
echo "<td> <a href='ticket.php?id=$ticket_id'> $ticket_prefix$ticket_id</a></td>";
echo "<td> <a href='ticket.php?id=$ticket_id'> $ticket_prefix$ticket_number</a></td>";
echo "<td> <a href='ticket.php?id=$ticket_id'> $ticket_subject</a></td>";
echo "<td>$ticket_contact_name</td>";
echo "<td>$ticket_status</td>";
contact_details.php
+1 -1
View File
@@ -32,7 +32,7 @@ if (isset($_GET['contact_id'])) {
$contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row['contact_extension']);
$contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_mobile_country_code));
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row['contact_email']);
$contact_photo = nullable_htmlentities($row['contact_photo']);
$contact_pin = nullable_htmlentities($row['contact_pin']);
database_updates.php
+36 -3
View File
@@ -3424,10 +3424,43 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.2'");
}
// if (CURRENT_DATABASE_VERSION == '2.1.2') {
// // Insert queries here required to update to DB version 2.1.3
if (CURRENT_DATABASE_VERSION == '2.1.2') {
// Update country_code to NULL for `contacts` table
mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_phone_country_code` VARCHAR(10) DEFAULT NULL");
mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_mobile_country_code` VARCHAR(10) DEFAULT NULL");
// Update country_code to NULL for `locations` table
mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_phone_country_code` VARCHAR(10) DEFAULT NULL");
mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_fax_country_code` VARCHAR(10) DEFAULT NULL");
// Update country_code to NULL for `vendors` table
mysqli_query($mysqli, "ALTER TABLE `vendors` MODIFY `vendor_phone_country_code` VARCHAR(10) DEFAULT NULL");
// Update country_code to NULL for `companies` table
mysqli_query($mysqli, "ALTER TABLE `companies` MODIFY `company_phone_country_code` VARCHAR(10) DEFAULT NULL");
// Set country_code to NULL for `contacts` table
mysqli_query($mysqli, "UPDATE `contacts` SET `contact_phone_country_code` = NULL");
mysqli_query($mysqli, "UPDATE `contacts` SET `contact_mobile_country_code` = NULL");
// Set country_code to NULL for `locations` table
mysqli_query($mysqli, "UPDATE `locations` SET `location_phone_country_code` = NULL");
mysqli_query($mysqli, "UPDATE `locations` SET `location_fax_country_code` = NULL");
// Set country_code to NULL for `vendors` table
mysqli_query($mysqli, "UPDATE `vendors` SET `vendor_phone_country_code` = NULL");
// Set country_code to NULL for `companies` table
mysqli_query($mysqli, "UPDATE `companies` SET `company_phone_country_code` = NULL");
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'");
}
// if (CURRENT_DATABASE_VERSION == '2.1.3') {
// // Insert queries here required to update to DB version 2.1.4
// // Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'");
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.4'");
// }
} else {
db.sql
+7 -7
View File
@@ -546,7 +546,7 @@ CREATE TABLE `companies` (
`company_state` varchar(200) DEFAULT NULL,
`company_zip` varchar(200) DEFAULT NULL,
`company_country` varchar(200) DEFAULT NULL,
`company_phone_country_code` varchar(10) DEFAULT '1',
`company_phone_country_code` varchar(10) DEFAULT NULL,
`company_phone` varchar(200) DEFAULT NULL,
`company_email` varchar(200) DEFAULT NULL,
`company_website` varchar(200) DEFAULT NULL,
@@ -680,10 +680,10 @@ CREATE TABLE `contacts` (
`contact_name` varchar(200) NOT NULL,
`contact_title` varchar(200) DEFAULT NULL,
`contact_email` varchar(200) DEFAULT NULL,
`contact_phone_country_code` varchar(10) DEFAULT '1',
`contact_phone_country_code` varchar(10) DEFAULT NULL,
`contact_phone` varchar(200) DEFAULT NULL,
`contact_extension` varchar(200) DEFAULT NULL,
`contact_mobile_country_code` varchar(10) DEFAULT '1',
`contact_mobile_country_code` varchar(10) DEFAULT NULL,
`contact_mobile` varchar(200) DEFAULT NULL,
`contact_photo` varchar(200) DEFAULT NULL,
`contact_pin` varchar(255) DEFAULT NULL,
@@ -1115,10 +1115,10 @@ CREATE TABLE `locations` (
`location_city` varchar(200) DEFAULT NULL,
`location_state` varchar(200) DEFAULT NULL,
`location_zip` varchar(200) DEFAULT NULL,
`location_phone_country_code` varchar(10) DEFAULT '1',
`location_phone_country_code` varchar(10) DEFAULT NULL,
`location_phone` varchar(200) DEFAULT NULL,
`location_phone_extension` varchar(10) DEFAULT NULL,
`location_fax_country_code` varchar(10) DEFAULT '1',
`location_fax_country_code` varchar(10) DEFAULT NULL,
`location_fax` varchar(200) DEFAULT NULL,
`location_hours` varchar(200) DEFAULT NULL,
`location_photo` varchar(200) DEFAULT NULL,
@@ -2468,7 +2468,7 @@ CREATE TABLE `vendors` (
`vendor_name` varchar(200) NOT NULL,
`vendor_description` varchar(200) DEFAULT NULL,
`vendor_contact_name` varchar(200) DEFAULT NULL,
`vendor_phone_country_code` varchar(10) DEFAULT '1',
`vendor_phone_country_code` varchar(10) DEFAULT NULL,
`vendor_phone` varchar(200) DEFAULT NULL,
`vendor_extension` varchar(200) DEFAULT NULL,
`vendor_email` varchar(200) DEFAULT NULL,
@@ -2498,4 +2498,4 @@ CREATE TABLE `vendors` (
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2025-03-26 11:13:46
-- Dump completed on 2025-03-31 12:05:41
functions.php
+57 -36
View File
@@ -194,140 +194,161 @@ function truncate($text, $chars) {
}
function formatPhoneNumber($phoneNumber, $country_code = '', $show_country_code = false) {
// Remove all non-digit characters
$digits = preg_replace('/\D/', '', $phoneNumber);
$formatted = '';
// If no digits at all, fallback early
if (strlen($digits) === 0) {
return $phoneNumber;
}
// Helper function to safely check the first digit
$startsWith = function($str, $char) {
return isset($str[0]) && $str[0] === $char;
};
switch ($country_code) {
case '1': // USA/Canada — (123) 456-7890
case '1': // USA/Canada
if (strlen($digits) === 10) {
$formatted = '(' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6);
}
break;
case '44': // UK — 07123 456 789
if ($digits[0] === '0') $digits = substr($digits, 1);
case '44': // UK
if ($startsWith($digits, '0')) {
$digits = substr($digits, 1);
}
if (strlen($digits) === 10) {
$formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
}
break;
case '61': // Australia — 0412 345 678
if ($digits[0] === '0') $digits = substr($digits, 1);
case '61': // Australia
if ($startsWith($digits, '0')) {
$digits = substr($digits, 1);
}
if (strlen($digits) === 9) {
$formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
}
break;
case '91': // India — 91234 56789
case '91': // India
if (strlen($digits) === 10) {
$formatted = substr($digits, 0, 5) . ' ' . substr($digits, 5);
}
break;
case '81': // Japan — 03-1234-5678
if ($digits[0] === '0') $digits = substr($digits, 1);
case '81': // Japan
if ($startsWith($digits, '0')) {
$digits = substr($digits, 1);
}
if (strlen($digits) >= 9 && strlen($digits) <= 10) {
$formatted = '0' . substr($digits, 0, 2) . '-' . substr($digits, 2, 4) . '-' . substr($digits, 6);
}
break;
case '49': // Germany — 030 12345678
if ($digits[0] === '0') $digits = substr($digits, 1);
case '49': // Germany
if ($startsWith($digits, '0')) {
$digits = substr($digits, 1);
}
if (strlen($digits) >= 10) {
$formatted = '0' . substr($digits, 0, 3) . ' ' . substr($digits, 3);
}
break;
case '33': // France — 01 23 45 67 89
if ($digits[0] === '0') $digits = substr($digits, 1);
case '33': // France
if ($startsWith($digits, '0')) {
$digits = substr($digits, 1);
}
if (strlen($digits) === 9) {
$formatted = '0' . implode(' ', str_split($digits, 2));
}
break;
case '34': // Spain — 612 345 678
case '34': // Spain
if (strlen($digits) === 9) {
$formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
}
break;
case '39': // Italy — 312 345 6789
if ($digits[0] === '0') $digits = substr($digits, 1);
case '39': // Italy
if ($startsWith($digits, '0')) {
$digits = substr($digits, 1);
}
$formatted = '0' . implode(' ', str_split($digits, 3));
break;
case '55': // Brazil — (11) 91234-5678
case '55': // Brazil
if (strlen($digits) === 11) {
$formatted = '(' . substr($digits, 0, 2) . ') ' . substr($digits, 2, 5) . '-' . substr($digits, 7);
}
break;
case '7': // Russia — 8 (912) 345-67-89
if ($digits[0] === '8') $digits = substr($digits, 1);
case '7': // Russia
if ($startsWith($digits, '8')) {
$digits = substr($digits, 1);
}
if (strlen($digits) === 10) {
$formatted = '8 (' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6, 2) . '-' . substr($digits, 8);
}
break;
case '86': // China — 138 0013 8000
case '86': // China
if (strlen($digits) === 11) {
$formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 4) . ' ' . substr($digits, 7);
}
break;
case '82': // South Korea — 010-1234-5678
case '82': // South Korea
if (strlen($digits) === 11) {
$formatted = substr($digits, 0, 3) . '-' . substr($digits, 3, 4) . '-' . substr($digits, 7);
}
break;
case '62': // Indonesia — 0812 3456 7890
if ($digits[0] !== '0') $digits = '0' . $digits;
case '62': // Indonesia
if (!$startsWith($digits, '0')) {
$digits = '0' . $digits;
}
if (strlen($digits) === 12) {
$formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 4) . ' ' . substr($digits, 8);
}
break;
case '63': // Philippines — 0912 345 6789
case '63': // Philippines
if (strlen($digits) === 11) {
$formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
}
break;
case '234': // Nigeria — 0801 234 5678
if ($digits[0] !== '0') $digits = '0' . $digits;
case '234': // Nigeria
if (!$startsWith($digits, '0')) {
$digits = '0' . $digits;
}
if (strlen($digits) === 11) {
$formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
}
break;
case '27': // South Africa — 082 123 4567
case '27': // South Africa
if (strlen($digits) >= 9 && strlen($digits) <= 10) {
$formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
}
break;
case '971': // UAE — 050 123 4567
case '971': // UAE
if (strlen($digits) === 9) {
$formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
}
break;
default:
// If no match, do nothing here and use fallback below
// fallback — do nothing, use raw digits later
break;
}
// Fallback if formatting failed
if (!$formatted && strlen($digits) >= 7) {
$formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
}
// Still no formatting? Use raw digits
if (!$formatted) {
$formatted = $digits ?: $phoneNumber; // Use original input if digits are empty
$formatted = $digits ?: $phoneNumber;
}
return $show_country_code && $country_code ? "+$country_code $formatted" : $formatted;
global_search.php
+2 -3
View File
@@ -721,7 +721,6 @@ if (isset($_GET['query'])) {
} else {
$asset_serial_display = $asset_serial;
}
$asset_mac = nullable_htmlentities($row['asset_mac']);
$asset_uri = nullable_htmlentities($row['asset_uri']);
$asset_status = nullable_htmlentities($row['asset_status']);
$asset_created_at = nullable_htmlentities($row['asset_created_at']);
@@ -746,9 +745,9 @@ if (isset($_GET['query'])) {
?>
<tr>
<td>
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i><?php echo $asset_name; ?>
<i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i><a href="asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
<?php if(!empty($asset_uri)){ ?>
<a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
<a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
<?php } ?>
</td>
<td><?php echo $asset_type; ?></td>
includes/app_version.php
+1 -1
View File
@@ -5,4 +5,4 @@
* Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month.
*/
DEFINE("APP_VERSION", "25.03");
DEFINE("APP_VERSION", "25.03.4");
includes/database_version.php
+1 -1
View File
@@ -5,4 +5,4 @@
* It is used in conjunction with database_updates.php
*/
DEFINE("LATEST_DATABASE_VERSION", "2.1.2");
DEFINE("LATEST_DATABASE_VERSION", "2.1.3");
mfa_enforcement.php
+1 -1
View File
@@ -1,7 +1,7 @@
<?php
require_once "config.php";
require_once "functions.php";
require_once "check_login.php";
require_once "includes/check_login.php";
require_once 'plugins/totp/totp.php'; //TOTP MFA Lib
// Get Company Logo
modals/admin_vendor_template_add_modal.php
+8 -5
View File
@@ -75,20 +75,23 @@
<div class="tab-pane fade" id="pills-support">
<label>Support Phone</label>
<label>Support Phone / <span class="text-secondary">Extension</span></label>
<div class="form-row">
<div class="col-8">
<div class="col-9">
<div class="form-group">
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
<input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
</div>
<div class="col-4">
<input type="text" class="form-control" name="extension" placeholder="Prompts" maxlength="200">
<div class="col-3">
<div class="form-group">
<input type="text" class="form-control" name="extension" placeholder="ext." maxlength="200">
</div>
</div>
</div>
modals/client_add_modal.php
+4 -4
View File
@@ -208,7 +208,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="location_phone_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="location_phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="location_phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
@@ -228,7 +228,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
</div>
<input type="tel" class="form-control col-2" name="location_fax_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="location_fax_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="location_fax" placeholder="Fax Number">
</div>
</div>
@@ -267,7 +267,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="contact_phone_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="contact_phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="contact_phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
@@ -287,7 +287,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
</div>
<input type="tel" class="form-control col-2" name="contact_mobile_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="contact_mobile_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="contact_mobile" placeholder="Mobile Phone Number">
</div>
</div>
modals/contact_add_modal.php
+2 -2
View File
@@ -101,7 +101,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
@@ -121,7 +121,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
</div>
<input type="tel" class="form-control col-2" name="mobile_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="mobile_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="mobile" placeholder="Mobile Phone Number">
</div>
</div>
modals/location_add_modal.php
+2 -2
View File
@@ -184,7 +184,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
@@ -204,7 +204,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
</div>
<input type="tel" class="form-control col-2" name="fax_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="fax_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="fax" placeholder="Fax Number" maxlength="200">
</div>
</div>
modals/ticket_add_watcher_modal.php
+1 -1
View File
@@ -21,7 +21,7 @@
<span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
</div>
<select class="form-control select2" data-tags="true" name="watcher_email">
<option value="">-Select a contact-</option>
<option value="">- Select a contact or enter an email -</option>
<?php
$sql_client_contacts_select = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email FROM contacts WHERE contact_client_id = $client_id AND contact_email <> '' ORDER BY contact_name ASC");
modals/ticket_bulk_assign_modal.php
+2 -3
View File
@@ -18,9 +18,8 @@
<select class="form-control select2" name="assign_to">
<option value="0">Not Assigned</option>
<?php
$sql_users_select = mysqli_query($mysqli, "SELECT users.user_id, user_name FROM users
LEFT JOIN user_settings on users.user_id = user_settings.user_id
AND user_type = 1
$sql_users_select = mysqli_query($mysqli, "SELECT user_id, user_name FROM users
WHERE user_type = 1
AND user_status = 1
AND user_archived_at IS NULL
ORDER BY user_name DESC"
modals/vendor_add_modal.php
+1 -1
View File
@@ -77,7 +77,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
</div>
<input type="tel" class="form-control col-2" name="phone_country_code" value="+1" placeholder="Code" maxlength="4">
<input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
<input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
</div>
</div>
post/admin/admin_backup.php
+46 -62
View File
@@ -7,84 +7,68 @@
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_GET['download_database'])) {
validateCSRFToken($_GET['csrf_token']);
// Get All Table Names From the Database
$tables = array();
$sql = "SHOW TABLES";
$result = mysqli_query($mysqli, $sql);
global $mysqli, $database;
while ($row = mysqli_fetch_row($result)) {
$backupFileName = date('Y-m-d_H-i-s') . '_backup.sql';
header('Content-Type: application/sql');
header('Content-Disposition: attachment; filename="' . $backupFileName . '"');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');
if (ob_get_level()) ob_end_clean();
flush();
// Start of dump file — charset declaration
echo "-- UTF-8 + Foreign Key Safe Dump\n";
echo "SET NAMES 'utf8mb4';\n";
echo "SET foreign_key_checks = 0;\n\n";
// Get all tables
$tables = [];
$res = $mysqli->query("SHOW TABLES");
while ($row = $res->fetch_row()) {
$tables[] = $row[0];
}
$sqlScript = "";
foreach ($tables as $table) {
// Table structure
$createRes = $mysqli->query("SHOW CREATE TABLE `$table`");
$createRow = $createRes->fetch_assoc();
$createSQL = array_values($createRow)[1];
// Prepare SQLscript for creating table structure
$query = "SHOW CREATE TABLE $table";
$result = mysqli_query($mysqli, $query);
$row = mysqli_fetch_row($result);
echo "\n-- ----------------------------\n";
echo "-- Table structure for `$table`\n";
echo "-- ----------------------------\n";
echo "DROP TABLE IF EXISTS `$table`;\n";
echo $createSQL . ";\n\n";
$sqlScript .= "\n\n" . $row[1] . ";\n\n";
// Table data
$dataRes = $mysqli->query("SELECT * FROM `$table`");
if ($dataRes->num_rows > 0) {
echo "-- Dumping data for table `$table`\n";
while ($row = $dataRes->fetch_assoc()) {
$columns = array_map(fn($col) => '`' . $mysqli->real_escape_string($col) . '`', array_keys($row));
$values = array_map(function ($val) use ($mysqli) {
if (is_null($val)) return "NULL";
return "'" . $mysqli->real_escape_string($val) . "'";
}, array_values($row));
$query = "SELECT * FROM $table";
$result = mysqli_query($mysqli, $query);
$columnCount = mysqli_num_fields($result);
// Prepare SQLscript for dumping data for each table
for ($i = 0; $i < $columnCount; $i ++) {
while ($row = mysqli_fetch_row($result)) {
$sqlScript .= "INSERT INTO $table VALUES(";
for ($j = 0; $j < $columnCount; $j ++) {
if (isset($row[$j])) {
$sqlScript .= '"' . $row[$j] . '"';
} else {
$sqlScript .= '""';
}
if ($j < ($columnCount - 1)) {
$sqlScript .= ',';
}
}
$sqlScript .= ");\n";
echo "INSERT INTO `$table` (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $values) . ");\n";
}
echo "\n";
}
$sqlScript .= "\n";
}
if (!empty($sqlScript)) {
$company_name = $session_company_name;
// Save the SQL script to a backup file
$backup_file_name = date('Y-m-d') . '_ITFlow_backup.sql';
$fileHandler = fopen($backup_file_name, 'w+');
$number_of_lines = fwrite($fileHandler, $sqlScript);
fclose($fileHandler);
// Download the SQL backup file to the browser
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($backup_file_name));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($backup_file_name));
ob_clean();
flush();
readfile($backup_file_name);
exec('rm ' . $backup_file_name);
}
// Logging
logAction("Database", "Download", "$session_name downloaded the database");
//FINAL STEP: Re-enable foreign key checks
echo "\nSET foreign_key_checks = 1;\n";
logAction("Database", "Download", "$session_name downloaded the database.");
$_SESSION['alert_message'] = "Database downloaded";
exit;
}
if (isset($_POST['backup_master_key'])) {
post/admin/admin_settings_company.php
+2 -1
View File
@@ -12,6 +12,7 @@ if (isset($_POST['edit_company'])) {
$state = sanitizeInput($_POST['state']);
$zip = sanitizeInput($_POST['zip']);
$country = sanitizeInput($_POST['country']);
$phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']);
$phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
$email = sanitizeInput($_POST['email']);
$website = sanitizeInput($_POST['website']);
@@ -40,7 +41,7 @@ if (isset($_POST['edit_company'])) {
}
}
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone_country_code = '$phone_country_code', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
// Logging
logAction("Settings", "Edit", "$session_name edited company details");
post/admin/admin_user.php
+2 -2
View File
@@ -15,7 +15,7 @@ if (isset($_POST['add_user'])) {
$password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
$user_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password']));
mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' user_role_id = $role");
mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext', user_role_id = $role");
$user_id = mysqli_insert_id($mysqli);
@@ -217,7 +217,7 @@ if (isset($_GET['disable_user'])) {
// Un-assign tickets
mysqli_query($mysqli, "UPDATE tickets SET ticket_assigned_to = 0 WHERE ticket_assigned_to = $user_id AND ticket_closed_at IS NULL");
mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_assigned_to = 0 WHERE scheduled_ticket_assigned_to = $user_id");
mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_assigned_to = 0 WHERE recurring_ticket_assigned_to = $user_id");
// Logging
logAction("User", "Disable", "$session_name disabled user $name", 0, $user_id);
post/user/client.php
+7 -3
View File
@@ -54,7 +54,7 @@ if (isset($_POST['add_client'])) {
// Create Location
if (!empty($location_phone) || !empty($address) || !empty($city) || !empty($state) || !empty($zip)) {
mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id");
mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_phone_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id");
//Extended Logging
$extended_log_description .= ", primary location $address added";
@@ -641,7 +641,7 @@ if (isset($_POST["export_client_pdf"])) {
$contact_phone = nullable_htmlentities(formatPhoneNumber($row["contact_phone"], $contact_phone_country_code));
$contact_extension = nullable_htmlentities($row["contact_extension"]);
$contact_mobile_country_code = nullable_htmlentities($row["contact_mobile_country_code"]);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_phone"], $contact_mobile_country_code));
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_mobile"], $contact_mobile_country_code));
$contact_email = nullable_htmlentities($row["contact_email"]);
$client_website = nullable_htmlentities($row["client_website"]);
@@ -716,6 +716,8 @@ if (isset($_POST["export_client_pdf"])) {
software ON software_contacts.software_id = software.software_id
WHERE software_archived_at IS NULL
AND contact_archived_at IS NULL
AND software_client_id = $client_id
AND contact_client_id = $client_id
ORDER BY
contact_name, software_name;"
);
@@ -732,6 +734,8 @@ if (isset($_POST["export_client_pdf"])) {
software ON software_assets.software_id = software.software_id
WHERE software_archived_at IS NULL
AND asset_archived_at IS NULL
AND software_client_id = $client_id
AND asset_client_id = $client_id
ORDER BY
asset_name, software_name;"
);
@@ -825,7 +829,7 @@ if (isset($_POST["export_client_pdf"])) {
$contact_extension = "x$contact_extension";
}
$contact_mobile_country_code = nullable_htmlentities($row["contact_mobile_country_code"]);
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_phone"], $contact_mobile_country_code));
$contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_mobile"], $contact_mobile_country_code));
$html .= "
<tr>
<td>$contact_name</td>
post/user/contact.php
+1 -1
View File
@@ -122,7 +122,7 @@ if (isset($_POST['edit_contact'])) {
}
mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$phone_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id");
mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$mobile_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id");
// Upload Photo
if (isset($_FILES['file']['tmp_name'])) {
post/user/location.php
+2 -2
View File
@@ -17,7 +17,7 @@ if(isset($_POST['add_location'])){
mkdir("uploads/clients/$client_id");
}
mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id");
mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id");
$location_id = mysqli_insert_id($mysqli);
@@ -79,7 +79,7 @@ if(isset($_POST['edit_location'])){
mkdir("uploads/clients/$client_id");
}
mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id");
mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id");
// Update Primay location in clients if primary location is checked
if ($location_primary == 1) {
post/user/location_model.php
+2
View File
@@ -10,8 +10,10 @@ $city = sanitizeInput($_POST['city']);
$state = sanitizeInput($_POST['state']);
$zip = sanitizeInput($_POST['zip']);
$phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
$phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']);
$extension = preg_replace("/[^0-9]/", '',$_POST['extension']);
$fax = preg_replace("/[^0-9]/", '',$_POST['fax']);
$fax_country_code = preg_replace("/[^0-9]/", '',$_POST['fax_country_code']);
$hours = sanitizeInput($_POST['hours']);
$notes = sanitizeInput($_POST['notes']);
$contact = intval($_POST['contact'] ?? 0);
post/user/ticket.php
+60 -2
View File
@@ -203,6 +203,10 @@ if (isset($_POST['edit_ticket'])) {
$additional_asset_id = intval($additional_asset);
mysqli_query($mysqli, "INSERT INTO ticket_assets SET ticket_id = $ticket_id, asset_id = $additional_asset_id");
}
} else {
// If no additional assets are provided, delete them all
// This handles cases where the assets input might be cleared or not set at all.
mysqli_query($mysqli, "DELETE FROM ticket_assets WHERE ticket_id = $ticket_id");
}
// Get contact/ticket details after update for logging / email purposes
@@ -494,6 +498,41 @@ if (isset($_GET['delete_ticket_watcher'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_ticket_additional_asset'])) {
enforceUserPermission('module_support', 2);
$asset_id = intval($_GET['delete_ticket_additional_asset']);
$ticket_id = intval($_GET['ticket_id']);
// Get ticket / asset details for logging
$sql = mysqli_query($mysqli, "SELECT asset_name, ticket_prefix, ticket_number, ticket_status_name, ticket_client_id FROM assets
JOIN tickets ON ticket_id = $ticket_id
JOIN ticket_statuses ON ticket_status = ticket_status_id
WHERE asset_id = $asset_id"
);
$row = mysqli_fetch_array($sql);
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
$ticket_number = intval($row['ticket_number']);
$ticket_status_name = sanitizeInput($row['ticket_status_name']);
$asset_name = sanitizeInput($row['asset_name']);
$client_id = intval($row['ticket_client_id']);
mysqli_query($mysqli, "DELETE FROM ticket_assets WHERE ticket_id = $ticket_id AND asset_id = $asset_id");
// History
mysqli_query($mysqli, "INSERT INTO ticket_history SET ticket_history_status = '$ticket_status_name', ticket_history_description = '$session_name removed additional asset $asset_name', ticket_history_ticket_id = $ticket_id");
// Logging
logAction("Ticket", "Edit", "$session_name removed asset $asset_name from ticket $ticket_prefix$ticket_number", $client_id, $ticket_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Removed asset <strong>$asset_name</strong> from ticket.";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['edit_ticket_asset'])) {
enforceUserPermission('module_support', 2);
@@ -576,7 +615,7 @@ if (isset($_POST['assign_ticket'])) {
$agent_name = "No One";
} else {
// Get & verify assigned agent details
$agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND user_settings.user_role > 1");
$agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users WHERE users.user_id = $assigned_to");
$agent_details = mysqli_fetch_array($agent_details_sql);
$agent_name = sanitizeInput($agent_details['user_name']);
@@ -732,7 +771,7 @@ if (isset($_POST['bulk_assign_ticket'])) {
$agent_name = "No One";
} else {
// Get & verify assigned agent details
$agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to AND user_settings.user_role > 1");
$agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to");
$agent_details = mysqli_fetch_array($agent_details_sql);
$agent_name = sanitizeInput($agent_details['user_name']);
@@ -1572,6 +1611,25 @@ if (isset($_POST['edit_ticket_reply'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['redact_ticket_reply'])) {
enforceUserPermission('module_support', 2);
$ticket_reply_id = intval($_POST['ticket_reply_id']);
$ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']);
$client_id = intval($_POST['client_id']);
mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id");
// Logging
logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id);
$_SESSION['alert_message'] = "Ticket reply redacted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['archive_ticket_reply'])) {
enforceUserPermission('module_support', 2);
recurring_invoice.php
+1 -1
View File
@@ -164,7 +164,7 @@ if (isset($_GET['recurring_invoice_id'])) {
<i class="fa fa-fw fa-paper-plane text-secondary mr-2"></i>Force Send
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring=<?php echo $recurring_invoice_id; ?>">
<a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring_invoice=<?php echo $recurring_invoice_id; ?>">
<i class="fa fa-fw fa-trash mr-2"></i>Delete
</a>
</div>
recurring_invoices.php
+1 -1
View File
@@ -257,7 +257,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
</a>
<?php if ($status !== 'Active') { ?>
<div class="dropdown-divider"></div>
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_recurring=<?php echo $recurring_invoice_id; ?>">
<a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_recurring_invoice=<?php echo $recurring_invoice_id; ?>">
<i class="fas fa-fw fa-trash mr-2"></i>Delete
</a>
<?php } ?>
scripts/cron.php
+1 -1
View File
@@ -879,7 +879,7 @@ while ($row = mysqli_fetch_array($sql_recurring_invoices)) {
} //End Recurring Invoices Loop
// Flag any active recurring "next run" dates that are in the past
$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE()");
$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE() AND recurring_invoice_status = 1");
while ($row = mysqli_fetch_array($sql_invalid_recurring_invoices)) {
$invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
$invoice_number = intval($row['recurring_invoice_number']);
ticket.php
+5
View File
@@ -1058,6 +1058,11 @@ if (isset($_GET['ticket_id'])) {
data-ajax-id="<?php echo $additional_asset_id; ?>">
<i class="fa fa-fw fa-<?php echo $additional_asset_icon; ?> text-secondary mr-2"></i><?php echo $additional_asset_name; ?>
</a>
<?php if (empty($ticket_closed_at)) { ?>
<a class="confirm-link float-right" href="post.php?delete_ticket_additional_asset=<?php echo $additional_asset_id; ?>&ticket_id=<?php echo $ticket_id; ?>" title="Remove asset from ticket">
<i class="fas fa-fw fa-trash-alt text-secondary"></i>
</a>
<?php } ?>
</div>
<?php
user_activity.php
+10 -6
View File
@@ -41,9 +41,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs
<?php } ?>
</tbody>
</table>
<div class="card-footer">
<a href="admin_audit_log.php?q=<?php echo "$session_name successfully logged in"; ?>">See More...</a>
</div>
<?php if (isset($session_is_admin) && $session_is_admin === true) { ?>
<div class="card-footer">
<a href="admin_audit_log.php?q=<?php echo "$session_name successfully logged in"; ?>">See More...</a>
</div>
<?php } ?>
</div>
<div class="card card-dark">
@@ -86,9 +88,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs
?>
</tbody>
</table>
<div class="card-footer">
<a href="admin_audit_log.php?q=<?php echo nullable_htmlentities($session_name); ?>">See More...</a>
</div>
<?php if (isset($session_is_admin) && $session_is_admin === true) { ?>
<div class="card-footer">
<a href="admin_audit_log.php?q=<?php echo nullable_htmlentities($session_name); ?>">See More...</a>
</div>
<?php } ?>
</div>
<?php