Merge branch 'master' into techbar

Develop to Master for 25.03.4 Release

CHANGELOG.md

@@ -2,6 +2,44 @@
 
 This file documents all notable changes made to ITFlow.
 
+## [25.03.4]
+
+### Fixed
+- Ability to remove additional assets from the ticket details screen.
+- Fix the ability to remove assets from edit ticket not working when only 1 asset exists.
+- Fix Database Backup corruption.
+- Client Portal - show ticket number instead of ticket id in ticket listing.
+- Add Purchase Reference to copy asset.
+- Add Link to asset details from the global search.
+- Fix Bulk assign ticket only showing contacts instead of ITFlow users.
+
+
+## [25.03.3]
+
+### Fixed
+- Fix adding ITFlow user.
+- Do not alert on inactive recurring invoices.
+- Fix ticket user assignment including bulk assignment.
+- Fix adding a location phone extension.
+- Do not default to +1 Country code, instead default to null.
+- Do not format numbers unless a country code is entered.
+- Fix editing network location.
+- Fix ticket redaction on client replies.
+- Remove more from user activity as it requires admin privledges.
+- Fix MFA Enforcement page.
+
+## [25.03.2]
+
+### Fixed
+- Revert DB.sql change
+
+## [25.03.1]
+
+### Fixed
+- Phone number missing in various sections.
+- Match Database.
+- Client Export Only display licenses users and assets from the selected client only.
+
 ## [25.03]
 
 ### Fixed

admin_settings_company.php

@@ -119,7 +119,7 @@ $company_initials = nullable_htmlentities(initials($company_name));
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="phone_country_code" value="+<?php echo $company_phone_country_code; ?>" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $company_phone_country_code; ?>" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="phone" value="<?php echo $company_phone; ?>" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>

ajax/ajax_asset_copy.php

@@ -364,6 +364,16 @@ ob_start();
                 </div>
 
                 <?php if ($asset_type !== 'Virtual Machine') { ?>
+                    <div class="form-group">
+                        <label>Purchase Reference</label>
+                        <div class="input-group">
+                            <div class="input-group-prepend">
+                                <span class="input-group-text"><i class="fa fa-fw fa-shopping-cart"></i></span>
+                            </div>
+                            <input type="text" class="form-control" name="purchase_reference" placeholder="eg. Invoice, PO Number" >
+                        </div>
+                    </div>
+
                     <div class="form-group">
                         <label>Purchase Date</label>
                         <div class="input-group">

ajax/ajax_contact_details.php

@@ -22,7 +22,7 @@ $contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_
 $contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
 $contact_extension = nullable_htmlentities($row['contact_extension']);
 $contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
-$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_mobile_country_code));
+$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
 $contact_email = nullable_htmlentities($row['contact_email']);
 $contact_photo = nullable_htmlentities($row['contact_photo']);
 $contact_pin = nullable_htmlentities($row['contact_pin']);

ajax/ajax_contact_edit.php

@@ -19,7 +19,7 @@ $contact_extension = nullable_htmlentities($row['contact_extension']);
 $contact_phone_country_code = nullable_htmlentities($row['contact_phone_country_code']);
 $contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
 $contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
-$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_mobile_country_code));
+$contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
 $contact_email = nullable_htmlentities($row['contact_email']);
 $contact_pin = nullable_htmlentities($row['contact_pin']);
 $contact_photo = nullable_htmlentities($row['contact_photo']);
@@ -121,7 +121,7 @@ ob_start();
                                 <div class="input-group-prepend">
                                     <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                 </div>
-                                <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "+$contact_phone_country_code"; ?>" placeholder="Code" maxlength="4">
+                                <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "$contact_phone_country_code"; ?>" placeholder="+" maxlength="4">
                                 <input type="tel" class="form-control" name="phone" value="<?php echo $contact_phone; ?>" placeholder="Phone Number" maxlength="200">
                             </div>
                         </div>
@@ -141,7 +141,7 @@ ob_start();
                                 <div class="input-group-prepend">
                                     <span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
                                 </div>
-                                <input type="tel" class="form-control col-2" name="mobile_country_code" value="<?php echo "+$contact_mobile_country_code"; ?>" placeholder="Code" maxlength="4">
+                                <input type="tel" class="form-control col-2" name="mobile_country_code" value="<?php echo "$contact_mobile_country_code"; ?>" placeholder="+" maxlength="4">
                                 <input type="tel" class="form-control" name="mobile" value="<?php echo $contact_mobile; ?>" placeholder="Phone Number">
                             </div>
                         </div>

ajax/ajax_location_edit.php

@@ -209,7 +209,7 @@ ob_start();
                                 <div class="input-group-prepend">
                                     <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                 </div>
-                                <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "+$location_phone_country_code"; ?>" placeholder="Code" maxlength="4">
+                                <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $location_phone_country_code; ?>" placeholder="+" maxlength="4">
                                 <input type="tel" class="form-control" name="phone" value="<?php echo $location_phone; ?>" placeholder="Phone Number" maxlength="200">
                             </div>
                         </div>
@@ -229,7 +229,7 @@ ob_start();
                                 <div class="input-group-prepend">
                                     <span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
                                 </div>
-                                <input type="tel" class="form-control col-2" name="fax_country_code" value="<?php echo "+$location_fax_country_code"; ?>" placeholder="Code" maxlength="4">
+                                <input type="tel" class="form-control col-2" name="fax_country_code" value="<?php echo $location_fax_country_code; ?>" placeholder="+" maxlength="4">
                                 <input type="tel" class="form-control" name="fax" value="<?php echo $location_fax; ?>" placeholder="Phone Number" maxlength="200">
                             </div>
                         </div>

ajax/ajax_network_edit.php

@@ -90,7 +90,7 @@ ob_start();
                                 $location_id = intval($row['location_id']);
                                 $location_name = nullable_htmlentities($row['location_name']);
                                 ?>
-                                <option value="<?php echo $location_id; ?>" <?php if ($location_id = $network_location_id) { echo "selected"; } ?>>
+                                <option value="<?php echo $location_id; ?>" <?php if ($location_id == $network_location_id) { echo "selected"; } ?>>
                                     <?php echo $location_name; ?>
                                 </option>
                             <?php

ajax/ajax_ticket_reply_redact.php

@@ -11,9 +11,6 @@ $sql = mysqli_query($mysqli, "SELECT * FROM ticket_replies
 );
 
 $row = mysqli_fetch_array($sql);
-$ticket_reply_type = nullable_htmlentities($row['ticket_reply_type']);
-$ticket_reply_time_worked = date_create($row['ticket_reply_time_worked']);
-$ticket_reply_time_worked_formatted = date_format($ticket_reply_time_worked, 'H:i:s');
 $ticket_reply = nullable_htmlentities($row['ticket_reply']);
 $client_id = intval($row['ticket_client_id']);
 
@@ -31,10 +28,6 @@ ob_start();
 <form action="post.php" method="post" autocomplete="off">
     <input type="hidden" name="ticket_reply_id" value="<?php echo $ticket_reply_id; ?>">
     <input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
-    <input type="hidden" name="ticket_reply_type" value="<?php echo $ticket_reply_type; ?>">
-    <?php if (!empty($ticket_reply_time_worked)) { ?>
-    <input type="hidden" name="time" value="<?php echo $ticket_reply_time_worked_formatted; ?>">
-    <?php } ?>
 
     <div class="modal-body bg-white">
 
@@ -44,7 +37,7 @@ ob_start();
 
     </div>
     <div class="modal-footer bg-white">
-        <button type="submit" name="edit_ticket_reply" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
+        <button type="submit" name="redact_ticket_reply" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>
         <button type="button" class="btn btn-light" data-dismiss="modal"><i class="fa fa-times mr-2"></i>Cancel</button>
     </div>
 </form>

ajax/ajax_vendor_edit.php

@@ -127,7 +127,7 @@ ob_start();
                                 <div class="input-group-prepend">
                                     <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                 </div>
-                                <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo "+$vendor_phone_country_code"; ?>" placeholder="Code" maxlength="4">
+                                <input type="tel" class="form-control col-2" name="phone_country_code" value="<?php echo $vendor_phone_country_code; ?>" placeholder="+" maxlength="4">
                                 <input type="tel" class="form-control" name="phone" value="<?php echo $vendor_phone; ?>" placeholder="Phone Number" maxlength="200">
                             </div>
                         </div>

client/ticket_view_all.php

@@ -62,7 +62,7 @@ $all_tickets = mysqli_query($mysqli, "SELECT ticket_id, ticket_prefix, ticket_nu
             $ticket_contact_name = nullable_htmlentities($row['contact_name']);
 
             echo "<tr>";
-            echo "<td> <a href='ticket.php?id=$ticket_id'> $ticket_prefix$ticket_id</a></td>";
+            echo "<td> <a href='ticket.php?id=$ticket_id'> $ticket_prefix$ticket_number</a></td>";
             echo "<td> <a href='ticket.php?id=$ticket_id'> $ticket_subject</a></td>";
             echo "<td>$ticket_contact_name</td>";
             echo "<td>$ticket_status</td>";

contact_details.php

@@ -32,7 +32,7 @@ if (isset($_GET['contact_id'])) {
     $contact_phone = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_phone_country_code));
     $contact_extension = nullable_htmlentities($row['contact_extension']);
     $contact_mobile_country_code = nullable_htmlentities($row['contact_mobile_country_code']);
-    $contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_phone'], $contact_mobile_country_code));
+    $contact_mobile = nullable_htmlentities(formatPhoneNumber($row['contact_mobile'], $contact_mobile_country_code));
     $contact_email = nullable_htmlentities($row['contact_email']);
     $contact_photo = nullable_htmlentities($row['contact_photo']);
     $contact_pin = nullable_htmlentities($row['contact_pin']);

database_updates.php

@@ -3424,10 +3424,43 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
         mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.2'");
     }
 
-    // if (CURRENT_DATABASE_VERSION == '2.1.2') {
+    if (CURRENT_DATABASE_VERSION == '2.1.2') {
-    //     // Insert queries here required to update to DB version 2.1.3
+        
+        // Update country_code to NULL for `contacts` table
+        mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_phone_country_code` VARCHAR(10) DEFAULT NULL");
+        mysqli_query($mysqli, "ALTER TABLE `contacts` MODIFY `contact_mobile_country_code` VARCHAR(10) DEFAULT NULL");
+
+        // Update country_code to NULL for `locations` table
+        mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_phone_country_code` VARCHAR(10) DEFAULT NULL");
+        mysqli_query($mysqli, "ALTER TABLE `locations` MODIFY `location_fax_country_code` VARCHAR(10) DEFAULT NULL");
+
+        // Update country_code to NULL for `vendors` table
+        mysqli_query($mysqli, "ALTER TABLE `vendors` MODIFY `vendor_phone_country_code` VARCHAR(10) DEFAULT NULL");
+
+        // Update country_code to NULL for `companies` table
+        mysqli_query($mysqli, "ALTER TABLE `companies` MODIFY `company_phone_country_code` VARCHAR(10) DEFAULT NULL");
+
+        // Set country_code to NULL for `contacts` table
+        mysqli_query($mysqli, "UPDATE `contacts` SET `contact_phone_country_code` = NULL");
+        mysqli_query($mysqli, "UPDATE `contacts` SET `contact_mobile_country_code` = NULL");
+
+        // Set country_code to NULL for `locations` table
+        mysqli_query($mysqli, "UPDATE `locations` SET `location_phone_country_code` = NULL");
+        mysqli_query($mysqli, "UPDATE `locations` SET `location_fax_country_code` = NULL");
+
+        // Set country_code to NULL for `vendors` table
+        mysqli_query($mysqli, "UPDATE `vendors` SET `vendor_phone_country_code` = NULL");
+
+        // Set country_code to NULL for `companies` table
+        mysqli_query($mysqli, "UPDATE `companies` SET `company_phone_country_code` = NULL");
+
+        mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'");
+    }
+
+    // if (CURRENT_DATABASE_VERSION == '2.1.3') {
+    //     // Insert queries here required to update to DB version 2.1.4
     //     // Then, update the database to the next sequential version
-    //     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.3'");
+    //     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.1.4'");
     // }
 
 } else {

db.sql

@@ -546,7 +546,7 @@ CREATE TABLE `companies` (
   `company_state` varchar(200) DEFAULT NULL,
   `company_zip` varchar(200) DEFAULT NULL,
   `company_country` varchar(200) DEFAULT NULL,
-  `company_phone_country_code` varchar(10) DEFAULT '1',
+  `company_phone_country_code` varchar(10) DEFAULT NULL,
   `company_phone` varchar(200) DEFAULT NULL,
   `company_email` varchar(200) DEFAULT NULL,
   `company_website` varchar(200) DEFAULT NULL,
@@ -680,10 +680,10 @@ CREATE TABLE `contacts` (
   `contact_name` varchar(200) NOT NULL,
   `contact_title` varchar(200) DEFAULT NULL,
   `contact_email` varchar(200) DEFAULT NULL,
-  `contact_phone_country_code` varchar(10) DEFAULT '1',
+  `contact_phone_country_code` varchar(10) DEFAULT NULL,
   `contact_phone` varchar(200) DEFAULT NULL,
   `contact_extension` varchar(200) DEFAULT NULL,
-  `contact_mobile_country_code` varchar(10) DEFAULT '1',
+  `contact_mobile_country_code` varchar(10) DEFAULT NULL,
   `contact_mobile` varchar(200) DEFAULT NULL,
   `contact_photo` varchar(200) DEFAULT NULL,
   `contact_pin` varchar(255) DEFAULT NULL,
@@ -1115,10 +1115,10 @@ CREATE TABLE `locations` (
   `location_city` varchar(200) DEFAULT NULL,
   `location_state` varchar(200) DEFAULT NULL,
   `location_zip` varchar(200) DEFAULT NULL,
-  `location_phone_country_code` varchar(10) DEFAULT '1',
+  `location_phone_country_code` varchar(10) DEFAULT NULL,
   `location_phone` varchar(200) DEFAULT NULL,
   `location_phone_extension` varchar(10) DEFAULT NULL,
-  `location_fax_country_code` varchar(10) DEFAULT '1',
+  `location_fax_country_code` varchar(10) DEFAULT NULL,
   `location_fax` varchar(200) DEFAULT NULL,
   `location_hours` varchar(200) DEFAULT NULL,
   `location_photo` varchar(200) DEFAULT NULL,
@@ -2468,7 +2468,7 @@ CREATE TABLE `vendors` (
   `vendor_name` varchar(200) NOT NULL,
   `vendor_description` varchar(200) DEFAULT NULL,
   `vendor_contact_name` varchar(200) DEFAULT NULL,
-  `vendor_phone_country_code` varchar(10) DEFAULT '1',
+  `vendor_phone_country_code` varchar(10) DEFAULT NULL,
   `vendor_phone` varchar(200) DEFAULT NULL,
   `vendor_extension` varchar(200) DEFAULT NULL,
   `vendor_email` varchar(200) DEFAULT NULL,
@@ -2498,4 +2498,4 @@ CREATE TABLE `vendors` (
 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
 /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
 
--- Dump completed on 2025-03-26 11:13:46
+-- Dump completed on 2025-03-31 12:05:41

functions.php

@@ -194,140 +194,161 @@ function truncate($text, $chars) {
 }
 
 function formatPhoneNumber($phoneNumber, $country_code = '', $show_country_code = false) {
-
     // Remove all non-digit characters
     $digits = preg_replace('/\D/', '', $phoneNumber);
     $formatted = '';
 
+    // If no digits at all, fallback early
+    if (strlen($digits) === 0) {
+        return $phoneNumber;
+    }
+
+    // Helper function to safely check the first digit
+    $startsWith = function($str, $char) {
+        return isset($str[0]) && $str[0] === $char;
+    };
+
     switch ($country_code) {
-        case '1': // USA/Canada — (123) 456-7890
+        case '1': // USA/Canada
             if (strlen($digits) === 10) {
                 $formatted = '(' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6);
             }
             break;
 
-        case '44': // UK — 07123 456 789
+        case '44': // UK
-            if ($digits[0] === '0') $digits = substr($digits, 1);
+            if ($startsWith($digits, '0')) {
+                $digits = substr($digits, 1);
+            }
             if (strlen($digits) === 10) {
                 $formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
             }
             break;
 
-        case '61': // Australia — 0412 345 678
+        case '61': // Australia
-            if ($digits[0] === '0') $digits = substr($digits, 1);
+            if ($startsWith($digits, '0')) {
+                $digits = substr($digits, 1);
+            }
             if (strlen($digits) === 9) {
                 $formatted = '0' . substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
             }
             break;
 
-        case '91': // India — 91234 56789
+        case '91': // India
             if (strlen($digits) === 10) {
                 $formatted = substr($digits, 0, 5) . ' ' . substr($digits, 5);
             }
             break;
 
-        case '81': // Japan — 03-1234-5678
+        case '81': // Japan
-            if ($digits[0] === '0') $digits = substr($digits, 1);
+            if ($startsWith($digits, '0')) {
+                $digits = substr($digits, 1);
+            }
             if (strlen($digits) >= 9 && strlen($digits) <= 10) {
                 $formatted = '0' . substr($digits, 0, 2) . '-' . substr($digits, 2, 4) . '-' . substr($digits, 6);
             }
             break;
 
-        case '49': // Germany — 030 12345678
+        case '49': // Germany
-            if ($digits[0] === '0') $digits = substr($digits, 1);
+            if ($startsWith($digits, '0')) {
+                $digits = substr($digits, 1);
+            }
             if (strlen($digits) >= 10) {
                 $formatted = '0' . substr($digits, 0, 3) . ' ' . substr($digits, 3);
             }
             break;
 
-        case '33': // France — 01 23 45 67 89
+        case '33': // France
-            if ($digits[0] === '0') $digits = substr($digits, 1);
+            if ($startsWith($digits, '0')) {
+                $digits = substr($digits, 1);
+            }
             if (strlen($digits) === 9) {
                 $formatted = '0' . implode(' ', str_split($digits, 2));
             }
             break;
 
-        case '34': // Spain — 612 345 678
+        case '34': // Spain
             if (strlen($digits) === 9) {
                 $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
             }
             break;
 
-        case '39': // Italy — 312 345 6789
+        case '39': // Italy
-            if ($digits[0] === '0') $digits = substr($digits, 1);
+            if ($startsWith($digits, '0')) {
+                $digits = substr($digits, 1);
+            }
             $formatted = '0' . implode(' ', str_split($digits, 3));
             break;
 
-        case '55': // Brazil — (11) 91234-5678
+        case '55': // Brazil
             if (strlen($digits) === 11) {
                 $formatted = '(' . substr($digits, 0, 2) . ') ' . substr($digits, 2, 5) . '-' . substr($digits, 7);
             }
             break;
 
-        case '7': // Russia — 8 (912) 345-67-89
+        case '7': // Russia
-            if ($digits[0] === '8') $digits = substr($digits, 1);
+            if ($startsWith($digits, '8')) {
+                $digits = substr($digits, 1);
+            }
             if (strlen($digits) === 10) {
                 $formatted = '8 (' . substr($digits, 0, 3) . ') ' . substr($digits, 3, 3) . '-' . substr($digits, 6, 2) . '-' . substr($digits, 8);
             }
             break;
 
-        case '86': // China — 138 0013 8000
+        case '86': // China
             if (strlen($digits) === 11) {
                 $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 4) . ' ' . substr($digits, 7);
             }
             break;
 
-        case '82': // South Korea — 010-1234-5678
+        case '82': // South Korea
             if (strlen($digits) === 11) {
                 $formatted = substr($digits, 0, 3) . '-' . substr($digits, 3, 4) . '-' . substr($digits, 7);
             }
             break;
 
-        case '62': // Indonesia — 0812 3456 7890
+        case '62': // Indonesia
-            if ($digits[0] !== '0') $digits = '0' . $digits;
+            if (!$startsWith($digits, '0')) {
+                $digits = '0' . $digits;
+            }
             if (strlen($digits) === 12) {
                 $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 4) . ' ' . substr($digits, 8);
             }
             break;
 
-        case '63': // Philippines — 0912 345 6789
+        case '63': // Philippines
             if (strlen($digits) === 11) {
                 $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
             }
             break;
 
-        case '234': // Nigeria — 0801 234 5678
+        case '234': // Nigeria
-            if ($digits[0] !== '0') $digits = '0' . $digits;
+            if (!$startsWith($digits, '0')) {
+                $digits = '0' . $digits;
+            }
             if (strlen($digits) === 11) {
                 $formatted = substr($digits, 0, 4) . ' ' . substr($digits, 4, 3) . ' ' . substr($digits, 7);
             }
             break;
 
-        case '27': // South Africa — 082 123 4567
+        case '27': // South Africa
             if (strlen($digits) >= 9 && strlen($digits) <= 10) {
                 $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
             }
             break;
 
-        case '971': // UAE — 050 123 4567
+        case '971': // UAE
             if (strlen($digits) === 9) {
                 $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
             }
             break;
 
         default:
-            // If no match, do nothing here and use fallback below
+            // fallback — do nothing, use raw digits later
             break;
     }
 
-    // Fallback if formatting failed
-    if (!$formatted && strlen($digits) >= 7) {
-        $formatted = substr($digits, 0, 3) . ' ' . substr($digits, 3, 3) . ' ' . substr($digits, 6);
-    }
-
-    // Still no formatting? Use raw digits
     if (!$formatted) {
-        $formatted = $digits ?: $phoneNumber; // Use original input if digits are empty
+        $formatted = $digits ?: $phoneNumber;
     }
 
     return $show_country_code && $country_code ? "+$country_code $formatted" : $formatted;

global_search.php

@@ -721,7 +721,6 @@ if (isset($_GET['query'])) {
                                 } else {
                                     $asset_serial_display = $asset_serial;
                                 }
-                                $asset_mac = nullable_htmlentities($row['asset_mac']);
                                 $asset_uri = nullable_htmlentities($row['asset_uri']);
                                 $asset_status = nullable_htmlentities($row['asset_status']);
                                 $asset_created_at = nullable_htmlentities($row['asset_created_at']);
@@ -746,9 +745,9 @@ if (isset($_GET['query'])) {
                                 ?>
                                 <tr>
                                     <td>
-                                        <i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i><?php echo $asset_name; ?>
+                                        <i class="fa fa-fw text-secondary fa-<?php echo $device_icon; ?> mr-2"></i><a href="asset_details.php?client_id=<?php echo $client_id; ?>&asset_id=<?php echo $asset_id; ?>"><?php echo $asset_name; ?></a>
                                         <?php if(!empty($asset_uri)){ ?>
-                                        <a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
+                                            <a href="<?php echo $asset_uri; ?>" target="_blank"><i class="fas fa-fw fa-external-link-alt ml-2"></i></a>
                                         <?php } ?>
                                     </td>
                                     <td><?php echo $asset_type; ?></td>

includes/app_version.php

@@ -5,4 +5,4 @@
  * Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month.
  */
 
-DEFINE("APP_VERSION", "25.03");
+DEFINE("APP_VERSION", "25.03.4");

includes/database_version.php

@@ -5,4 +5,4 @@
  * It is used in conjunction with database_updates.php
  */
 
-DEFINE("LATEST_DATABASE_VERSION", "2.1.2");
+DEFINE("LATEST_DATABASE_VERSION", "2.1.3");

mfa_enforcement.php

@@ -1,7 +1,7 @@
 <?php
 require_once "config.php";
 require_once "functions.php";
-require_once "check_login.php";
+require_once "includes/check_login.php";
 require_once 'plugins/totp/totp.php'; //TOTP MFA Lib
 
 // Get Company Logo

modals/admin_vendor_template_add_modal.php

@@ -75,20 +75,23 @@
 
                         <div class="tab-pane fade" id="pills-support">
 
-                            <label>Support Phone</label>
+                            <label>Support Phone / <span class="text-secondary">Extension</span></label>
                             <div class="form-row">
-                                <div class="col-8">
+                                <div class="col-9">
                                     <div class="form-group">
                                         <div class="input-group">
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="text" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
+                                            <input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
+                                            <input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>
                                 </div>
-                                <div class="col-4">
+                                <div class="col-3">
-                                    <input type="text" class="form-control" name="extension" placeholder="Prompts" maxlength="200">
+                                    <div class="form-group">
+                                        <input type="text" class="form-control" name="extension" placeholder="ext." maxlength="200">
+                                    </div>
                                 </div>
                             </div>
 

modals/client_add_modal.php

@@ -208,7 +208,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="location_phone_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="location_phone_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="location_phone" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>
@@ -228,7 +228,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="location_fax_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="location_fax_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="location_fax" placeholder="Fax Number">
                                         </div>
                                     </div>
@@ -267,7 +267,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="contact_phone_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="contact_phone_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="contact_phone" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>
@@ -287,7 +287,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="contact_mobile_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="contact_mobile_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="contact_mobile" placeholder="Mobile Phone Number">
                                         </div>
                                     </div>

modals/contact_add_modal.php

@@ -101,7 +101,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="phone_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>
@@ -121,7 +121,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-mobile-alt"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="mobile_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="mobile_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="mobile" placeholder="Mobile Phone Number">
                                         </div>
                                     </div>

modals/location_add_modal.php

@@ -184,7 +184,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="phone_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>
@@ -204,7 +204,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-fax"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="fax_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="fax_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="fax" placeholder="Fax Number" maxlength="200">
                                         </div>
                                     </div>

modals/ticket_add_watcher_modal.php

@@ -21,7 +21,7 @@
                                 <span class="input-group-text"><i class="fa fa-fw fa-envelope"></i></span>
                             </div>
                             <select class="form-control select2" data-tags="true" name="watcher_email">
-                                <option value="">-Select a contact-</option>
+                                <option value="">- Select a contact or enter an email -</option>
                                 <?php
 
                                 $sql_client_contacts_select = mysqli_query($mysqli, "SELECT contact_id, contact_name, contact_email FROM contacts WHERE contact_client_id = $client_id AND contact_email <> '' ORDER BY contact_name ASC");

modals/ticket_bulk_assign_modal.php

@@ -18,9 +18,8 @@
                         <select class="form-control select2" name="assign_to">
                             <option value="0">Not Assigned</option>
                             <?php
-                            $sql_users_select = mysqli_query($mysqli, "SELECT users.user_id, user_name FROM users 
+                            $sql_users_select = mysqli_query($mysqli, "SELECT user_id, user_name FROM users
-                                LEFT JOIN user_settings on users.user_id = user_settings.user_id
+                                WHERE user_type = 1
-                                AND user_type = 1
                                 AND user_status = 1
                                 AND user_archived_at IS NULL 
                                 ORDER BY user_name DESC"

modals/vendor_add_modal.php

@@ -77,7 +77,7 @@
                                             <div class="input-group-prepend">
                                                 <span class="input-group-text"><i class="fa fa-fw fa-phone"></i></span>
                                             </div>
-                                            <input type="tel" class="form-control col-2" name="phone_country_code" value="+1" placeholder="Code" maxlength="4">
+                                            <input type="tel" class="form-control col-2" name="phone_country_code" placeholder="+" maxlength="4">
                                             <input type="tel" class="form-control" name="phone" placeholder="Phone Number" maxlength="200">
                                         </div>
                                     </div>

post/admin/admin_backup.php

@@ -7,84 +7,68 @@
 defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
 
 if (isset($_GET['download_database'])) {
-
     validateCSRFToken($_GET['csrf_token']);
 
-    // Get All Table Names From the Database
+    global $mysqli, $database;
-    $tables = array();
-    $sql = "SHOW TABLES";
-    $result = mysqli_query($mysqli, $sql);
 
-    while ($row = mysqli_fetch_row($result)) {
+    $backupFileName = date('Y-m-d_H-i-s') . '_backup.sql';
+
+    header('Content-Type: application/sql');
+    header('Content-Disposition: attachment; filename="' . $backupFileName . '"');
+    header('Cache-Control: no-store, no-cache, must-revalidate');
+    header('Pragma: no-cache');
+    header('Expires: 0');
+
+    if (ob_get_level()) ob_end_clean();
+    flush();
+
+    // Start of dump file — charset declaration
+    echo "-- UTF-8 + Foreign Key Safe Dump\n";
+    echo "SET NAMES 'utf8mb4';\n";
+    echo "SET foreign_key_checks = 0;\n\n";
+
+    // Get all tables
+    $tables = [];
+    $res = $mysqli->query("SHOW TABLES");
+    while ($row = $res->fetch_row()) {
         $tables[] = $row[0];
     }
 
-    $sqlScript = "";
     foreach ($tables as $table) {
+        // Table structure
+        $createRes = $mysqli->query("SHOW CREATE TABLE `$table`");
+        $createRow = $createRes->fetch_assoc();
+        $createSQL = array_values($createRow)[1];
 
-        // Prepare SQLscript for creating table structure
+        echo "\n-- ----------------------------\n";
-        $query = "SHOW CREATE TABLE $table";
+        echo "-- Table structure for `$table`\n";
-        $result = mysqli_query($mysqli, $query);
+        echo "-- ----------------------------\n";
-        $row = mysqli_fetch_row($result);
+        echo "DROP TABLE IF EXISTS `$table`;\n";
+        echo $createSQL . ";\n\n";
 
-        $sqlScript .= "\n\n" . $row[1] . ";\n\n";
+        // Table data
+        $dataRes = $mysqli->query("SELECT * FROM `$table`");
+        if ($dataRes->num_rows > 0) {
+            echo "-- Dumping data for table `$table`\n";
+            while ($row = $dataRes->fetch_assoc()) {
+                $columns = array_map(fn($col) => '`' . $mysqli->real_escape_string($col) . '`', array_keys($row));
+                $values = array_map(function ($val) use ($mysqli) {
+                    if (is_null($val)) return "NULL";
+                    return "'" . $mysqli->real_escape_string($val) . "'";
+                }, array_values($row));
 
-
+                echo "INSERT INTO `$table` (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $values) . ");\n";
-        $query = "SELECT * FROM $table";
-        $result = mysqli_query($mysqli, $query);
-
-        $columnCount = mysqli_num_fields($result);
-
-        // Prepare SQLscript for dumping data for each table
-        for ($i = 0; $i < $columnCount; $i ++) {
-            while ($row = mysqli_fetch_row($result)) {
-                $sqlScript .= "INSERT INTO $table VALUES(";
-                for ($j = 0; $j < $columnCount; $j ++) {
-
-                    if (isset($row[$j])) {
-                        $sqlScript .= '"' . $row[$j] . '"';
-                    } else {
-                        $sqlScript .= '""';
-                    }
-                    if ($j < ($columnCount - 1)) {
-                        $sqlScript .= ',';
-                    }
-                }
-                $sqlScript .= ");\n";
             }
+            echo "\n";
         }
-
-        $sqlScript .= "\n";
     }
 
-    if (!empty($sqlScript)) {
+    //FINAL STEP: Re-enable foreign key checks
-
+    echo "\nSET foreign_key_checks = 1;\n";
-        $company_name = $session_company_name;
-        // Save the SQL script to a backup file
-        $backup_file_name = date('Y-m-d') . '_ITFlow_backup.sql';
-        $fileHandler = fopen($backup_file_name, 'w+');
-        $number_of_lines = fwrite($fileHandler, $sqlScript);
-        fclose($fileHandler);
-
-        // Download the SQL backup file to the browser
-        header('Content-Description: File Transfer');
-        header('Content-Type: application/octet-stream');
-        header('Content-Disposition: attachment; filename=' . basename($backup_file_name));
-        header('Content-Transfer-Encoding: binary');
-        header('Expires: 0');
-        header('Cache-Control: must-revalidate');
-        header('Pragma: public');
-        header('Content-Length: ' . filesize($backup_file_name));
-        ob_clean();
-        flush();
-        readfile($backup_file_name);
-        exec('rm ' . $backup_file_name);
-    }
-
-    // Logging
-    logAction("Database", "Download", "$session_name downloaded the database");
 
+    logAction("Database", "Download", "$session_name downloaded the database.");
     $_SESSION['alert_message'] = "Database downloaded";
+    exit;
 }
 
 if (isset($_POST['backup_master_key'])) {

post/admin/admin_settings_company.php

@@ -12,6 +12,7 @@ if (isset($_POST['edit_company'])) {
     $state = sanitizeInput($_POST['state']);
     $zip = sanitizeInput($_POST['zip']);
     $country = sanitizeInput($_POST['country']);
+    $phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']);
     $phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
     $email = sanitizeInput($_POST['email']);
     $website = sanitizeInput($_POST['website']);
@@ -40,7 +41,7 @@ if (isset($_POST['edit_company'])) {
         }
     }
 
-    mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
+    mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone_country_code = '$phone_country_code', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
 
     // Logging
     logAction("Settings", "Edit", "$session_name edited company details");

post/admin/admin_user.php

@@ -15,7 +15,7 @@ if (isset($_POST['add_user'])) {
     $password = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
     $user_specific_encryption_ciphertext = encryptUserSpecificKey(trim($_POST['password']));
 
-    mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext' user_role_id = $role");
+    mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password', user_specific_encryption_ciphertext = '$user_specific_encryption_ciphertext', user_role_id = $role");
 
     $user_id = mysqli_insert_id($mysqli);
 
@@ -217,7 +217,7 @@ if (isset($_GET['disable_user'])) {
 
     // Un-assign tickets
     mysqli_query($mysqli, "UPDATE tickets SET ticket_assigned_to = 0 WHERE ticket_assigned_to = $user_id AND ticket_closed_at IS NULL");
-    mysqli_query($mysqli, "UPDATE scheduled_tickets SET scheduled_ticket_assigned_to = 0 WHERE scheduled_ticket_assigned_to = $user_id");
+    mysqli_query($mysqli, "UPDATE recurring_tickets SET recurring_ticket_assigned_to = 0 WHERE recurring_ticket_assigned_to = $user_id");
 
     // Logging
     logAction("User", "Disable", "$session_name disabled user $name", 0, $user_id);

post/user/client.php

@@ -54,7 +54,7 @@ if (isset($_POST['add_client'])) {
 
     // Create Location
     if (!empty($location_phone) || !empty($address) || !empty($city) || !empty($state) || !empty($zip)) {
-        mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id");
+        mysqli_query($mysqli, "INSERT INTO locations SET location_name = 'Primary', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$location_phone_country_code', location_phone = '$location_phone', location_phone_extension = '$location_extension', location_fax_country_code = '$location_fax_country_code', location_fax = '$location_fax', location_country = '$country', location_primary = 1, location_client_id = $client_id");
 
         //Extended Logging
         $extended_log_description .= ", primary location $address added";
@@ -641,7 +641,7 @@ if (isset($_POST["export_client_pdf"])) {
     $contact_phone = nullable_htmlentities(formatPhoneNumber($row["contact_phone"], $contact_phone_country_code));
     $contact_extension = nullable_htmlentities($row["contact_extension"]);
     $contact_mobile_country_code = nullable_htmlentities($row["contact_mobile_country_code"]);
-    $contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_phone"], $contact_mobile_country_code));
+    $contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_mobile"], $contact_mobile_country_code));
     $contact_email = nullable_htmlentities($row["contact_email"]);
     $client_website = nullable_htmlentities($row["client_website"]);
 
@@ -716,6 +716,8 @@ if (isset($_POST["export_client_pdf"])) {
             software ON software_contacts.software_id = software.software_id
         WHERE software_archived_at IS NULL
         AND contact_archived_at IS NULL
+        AND software_client_id = $client_id
+        AND contact_client_id = $client_id
         ORDER BY 
             contact_name, software_name;"
     );
@@ -732,6 +734,8 @@ if (isset($_POST["export_client_pdf"])) {
             software ON software_assets.software_id = software.software_id
         WHERE software_archived_at IS NULL
         AND asset_archived_at IS NULL
+        AND software_client_id = $client_id
+        AND asset_client_id = $client_id
         ORDER BY 
             asset_name, software_name;"
     );
@@ -825,7 +829,7 @@ if (isset($_POST["export_client_pdf"])) {
                 $contact_extension = "x$contact_extension";
             }
             $contact_mobile_country_code = nullable_htmlentities($row["contact_mobile_country_code"]);
-            $contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_phone"], $contact_mobile_country_code));
+            $contact_mobile = nullable_htmlentities(formatPhoneNumber($row["contact_mobile"], $contact_mobile_country_code));
             $html .= "
             <tr>
               <td>$contact_name</td>

post/user/contact.php

@@ -122,7 +122,7 @@ if (isset($_POST['edit_contact'])) {
 
     }
 
-    mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$phone_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id");
+    mysqli_query($mysqli,"UPDATE contacts SET contact_name = '$name', contact_title = '$title', contact_phone_country_code = '$phone_country_code', contact_phone = '$phone', contact_extension = '$extension', contact_mobile_country_code = '$mobile_country_code', contact_mobile = '$mobile', contact_email = '$email', contact_pin = '$pin', contact_notes = '$notes', contact_important = $contact_important, contact_billing = $contact_billing, contact_technical = $contact_technical, contact_department = '$department', contact_location_id = $location_id, contact_user_id = $contact_user_id WHERE contact_id = $contact_id");
 
     // Upload Photo
     if (isset($_FILES['file']['tmp_name'])) {

post/user/location.php

@@ -17,7 +17,7 @@ if(isset($_POST['add_location'])){
         mkdir("uploads/clients/$client_id");
     }
 
-    mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id");
+    mysqli_query($mysqli,"INSERT INTO locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension', location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact, location_client_id = $client_id");
 
     $location_id = mysqli_insert_id($mysqli);
 
@@ -79,7 +79,7 @@ if(isset($_POST['edit_location'])){
         mkdir("uploads/clients/$client_id");
     }
 
-    mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip', location_phone = '$phone', location_phone_extension = '$extension', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id");
+    mysqli_query($mysqli,"UPDATE locations SET location_name = '$name', location_description = '$description', location_country = '$country', location_address = '$address', location_city = '$city', location_state = '$state', location_zip = '$zip',  location_phone_country_code = '$phone_country_code', location_phone = '$phone', location_phone_extension = '$extension',  location_fax_country_code = '$fax_country_code', location_fax = '$fax', location_hours = '$hours', location_notes = '$notes', location_contact_id = $contact WHERE location_id = $location_id");
 
     // Update Primay location in clients if primary location is checked
     if ($location_primary == 1) {

post/user/location_model.php

@@ -10,8 +10,10 @@ $city = sanitizeInput($_POST['city']);
 $state = sanitizeInput($_POST['state']);
 $zip = sanitizeInput($_POST['zip']);
 $phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
+$phone_country_code = preg_replace("/[^0-9]/", '',$_POST['phone_country_code']);
 $extension = preg_replace("/[^0-9]/", '',$_POST['extension']);
 $fax = preg_replace("/[^0-9]/", '',$_POST['fax']);
+$fax_country_code = preg_replace("/[^0-9]/", '',$_POST['fax_country_code']);
 $hours = sanitizeInput($_POST['hours']);
 $notes = sanitizeInput($_POST['notes']);
 $contact = intval($_POST['contact'] ?? 0);

post/user/ticket.php

@@ -203,6 +203,10 @@ if (isset($_POST['edit_ticket'])) {
             $additional_asset_id = intval($additional_asset);
             mysqli_query($mysqli, "INSERT INTO ticket_assets SET ticket_id = $ticket_id, asset_id = $additional_asset_id");
         }
+    } else {
+        // If no additional assets are provided, delete them all
+        // This handles cases where the assets input might be cleared or not set at all.
+        mysqli_query($mysqli, "DELETE FROM ticket_assets WHERE ticket_id = $ticket_id");
     }
 
     // Get contact/ticket details after update for logging / email purposes
@@ -494,6 +498,41 @@ if (isset($_GET['delete_ticket_watcher'])) {
     header("Location: " . $_SERVER["HTTP_REFERER"]);
 }
 
+if (isset($_GET['delete_ticket_additional_asset'])) {
+
+    enforceUserPermission('module_support', 2);
+
+    $asset_id = intval($_GET['delete_ticket_additional_asset']);
+    $ticket_id = intval($_GET['ticket_id']);
+
+    // Get ticket / asset details for logging
+    $sql = mysqli_query($mysqli, "SELECT asset_name, ticket_prefix, ticket_number, ticket_status_name, ticket_client_id FROM assets
+        JOIN tickets ON ticket_id = $ticket_id 
+        JOIN ticket_statuses ON ticket_status = ticket_status_id
+        WHERE asset_id = $asset_id"
+    );
+    $row = mysqli_fetch_array($sql);
+
+    $ticket_prefix = sanitizeInput($row['ticket_prefix']);
+    $ticket_number = intval($row['ticket_number']);
+    $ticket_status_name = sanitizeInput($row['ticket_status_name']);
+    $asset_name = sanitizeInput($row['asset_name']);
+    $client_id = intval($row['ticket_client_id']);
+
+    mysqli_query($mysqli, "DELETE FROM ticket_assets WHERE ticket_id = $ticket_id AND asset_id = $asset_id");
+
+    // History
+    mysqli_query($mysqli, "INSERT INTO ticket_history SET ticket_history_status = '$ticket_status_name', ticket_history_description = '$session_name removed additional asset $asset_name', ticket_history_ticket_id = $ticket_id");
+
+    // Logging
+    logAction("Ticket", "Edit", "$session_name removed asset $asset_name from ticket $ticket_prefix$ticket_number", $client_id, $ticket_id);
+
+    $_SESSION['alert_type'] = "error";
+    $_SESSION['alert_message'] = "Removed asset <strong>$asset_name</strong> from ticket.";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+}
+
 if (isset($_POST['edit_ticket_asset'])) {
 
     enforceUserPermission('module_support', 2);
@@ -576,7 +615,7 @@ if (isset($_POST['assign_ticket'])) {
         $agent_name = "No One";
     } else {
         // Get & verify assigned agent details
-        $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assigned_to AND user_settings.user_role > 1");
+        $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users WHERE users.user_id = $assigned_to");
         $agent_details = mysqli_fetch_array($agent_details_sql);
 
         $agent_name = sanitizeInput($agent_details['user_name']);
@@ -732,7 +771,7 @@ if (isset($_POST['bulk_assign_ticket'])) {
                 $agent_name = "No One";
             } else {
                 // Get & verify assigned agent details
-                $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to AND user_settings.user_role > 1");
+                $agent_details_sql = mysqli_query($mysqli, "SELECT user_name, user_email FROM users LEFT JOIN user_settings ON users.user_id = user_settings.user_id WHERE users.user_id = $assign_to");
                 $agent_details = mysqli_fetch_array($agent_details_sql);
 
                 $agent_name = sanitizeInput($agent_details['user_name']);
@@ -1572,6 +1611,25 @@ if (isset($_POST['edit_ticket_reply'])) {
     header("Location: " . $_SERVER["HTTP_REFERER"]);
 }
 
+if (isset($_POST['redact_ticket_reply'])) {
+
+    enforceUserPermission('module_support', 2);
+
+    $ticket_reply_id = intval($_POST['ticket_reply_id']);
+    $ticket_reply = mysqli_real_escape_string($mysqli, $_POST['ticket_reply']);
+
+    $client_id = intval($_POST['client_id']);
+
+    mysqli_query($mysqli, "UPDATE ticket_replies SET ticket_reply = '$ticket_reply' WHERE ticket_reply_id = $ticket_reply_id");
+
+    // Logging
+    logAction("Ticket", "Reply", "$session_name redacted ticket_reply", $client_id, $ticket_reply_id);
+
+    $_SESSION['alert_message'] = "Ticket reply redacted";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+}
+
 if (isset($_GET['archive_ticket_reply'])) {
 
     enforceUserPermission('module_support', 2);

recurring_invoice.php

@@ -164,7 +164,7 @@ if (isset($_GET['recurring_invoice_id'])) {
                                 <i class="fa fa-fw fa-paper-plane text-secondary mr-2"></i>Force Send
                             </a>
                             <div class="dropdown-divider"></div>
-                            <a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring=<?php echo $recurring_invoice_id; ?>">
+                            <a class="dropdown-item text-danger confirm-link" href="post.php?delete_recurring_invoice=<?php echo $recurring_invoice_id; ?>">
                                 <i class="fa fa-fw fa-trash mr-2"></i>Delete
                             </a>
                         </div>

recurring_invoices.php

@@ -257,7 +257,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                     </a>
                                     <?php if ($status !== 'Active') { ?>
                                         <div class="dropdown-divider"></div>
-                                        <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_recurring=<?php echo $recurring_invoice_id; ?>">
+                                        <a class="dropdown-item text-danger text-bold confirm-link" href="post.php?delete_recurring_invoice=<?php echo $recurring_invoice_id; ?>">
                                             <i class="fas fa-fw fa-trash mr-2"></i>Delete
                                         </a>
                                     <?php } ?>

scripts/cron.php

@@ -879,7 +879,7 @@ while ($row = mysqli_fetch_array($sql_recurring_invoices)) {
 } //End Recurring Invoices Loop
 
 // Flag any active recurring "next run" dates that are in the past
-$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE()");
+$sql_invalid_recurring_invoices = mysqli_query($mysqli, "SELECT * FROM recurring_invoices WHERE recurring_invoice_next_date < CURDATE() AND recurring_invoice_status = 1");
 while ($row = mysqli_fetch_array($sql_invalid_recurring_invoices)) {
     $invoice_prefix = sanitizeInput($row['recurring_invoice_prefix']);
     $invoice_number = intval($row['recurring_invoice_number']);

ticket.php

@@ -1058,6 +1058,11 @@ if (isset($_GET['ticket_id'])) {
                                     data-ajax-id="<?php echo $additional_asset_id; ?>">
                                     <i class="fa fa-fw fa-<?php echo $additional_asset_icon; ?> text-secondary mr-2"></i><?php echo $additional_asset_name; ?>
                                 </a>
+                                <?php if (empty($ticket_closed_at)) { ?>
+                                    <a class="confirm-link float-right" href="post.php?delete_ticket_additional_asset=<?php echo $additional_asset_id; ?>&ticket_id=<?php echo $ticket_id; ?>" title="Remove asset from ticket">
+                                        <i class="fas fa-fw fa-trash-alt text-secondary"></i>
+                                    </a>
+                                <?php } ?>
                             </div>
                         <?php
 

user_activity.php

@@ -41,9 +41,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs
         <?php } ?>
         </tbody>
     </table>
-    <div class="card-footer">
+    <?php if (isset($session_is_admin) && $session_is_admin === true) { ?>
-        <a href="admin_audit_log.php?q=<?php echo "$session_name successfully logged in"; ?>">See More...</a>
+        <div class="card-footer">
-    </div>
+            <a href="admin_audit_log.php?q=<?php echo "$session_name successfully logged in"; ?>">See More...</a>
+        </div>
+    <?php } ?>
 </div>
 
 <div class="card card-dark">
@@ -86,9 +88,11 @@ $sql_recent_logs = mysqli_query($mysqli, "SELECT * FROM logs
         ?>
         </tbody>
     </table>
-    <div class="card-footer">
+    <?php if (isset($session_is_admin) && $session_is_admin === true) { ?>
-        <a href="admin_audit_log.php?q=<?php echo nullable_htmlentities($session_name); ?>">See More...</a>
+        <div class="card-footer">
-    </div>
+            <a href="admin_audit_log.php?q=<?php echo nullable_htmlentities($session_name); ?>">See More...</a>
+        </div>
+    <?php } ?>
 </div>
 
 <?php