ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 0f3fdbec51 -f typo Xander Luedtke 2023-01-04 18:50:04 -07:00
  • 0e0a67ef4f fix for settings_update.php Xander Luedtke 2023-01-04 18:40:47 -07:00
  • 65c1e7f4b8 Merge branch 'itflow-org:master' into docker Xander Luedtke 2023-01-04 16:06:23 -07:00
  • f7e3d63a65 Merge pull request #552 from chandachewe10/master Johnny 2023-01-04 16:28:42 -05:00
  • 27154883ed SHOWING REVENUES IN EACH PARTICULAR MONTH COLUMN chandachewe10 2023-01-04 09:04:09 +00:00
  • 9f832cb527 Adding REPO_BRANCH Xander Luedtke 2023-01-03 22:36:20 -07:00
  • 252deefdcd initial docker commit Xander Luedtke 2023-01-03 18:22:36 -07:00
  • 09bb1d4636 Merge pull request #550 from wrongecho/code-audit-pt2 Johnny 2023-01-03 17:17:22 -05:00
  • 56899e60cf Move ticket merge javascript to separate file Marcus Hill 2023-01-03 20:43:51 +00:00
  • f23d7a5263 Commented unused code. Converted to 4 spaces Marcus Hill 2023-01-03 20:39:14 +00:00
  • 7e81882bff Separate out time tracking and collision detection JS into separate javascript files Marcus Hill 2023-01-03 20:30:39 +00:00
  • a780df5205 Change spacing to 4 spaces; general refactor/tidy up Marcus Hill 2023-01-03 20:20:54 +00:00
  • d8410d95b2 Rem old commented code Marcus Hill 2023-01-03 20:00:01 +00:00
  • c324fbbfff Update more UI modals to nicer look johnnyq 2023-01-02 22:21:12 -05:00
  • 893f4405ff Merge pull request #547 from wrongecho/code-audit Johnny 2023-01-02 21:16:17 -05:00
  • b70052b864 - Validate user email before sending welcome message - Remove old code from edit_user - we now enforce admin role properly - Users may only edit their own profiles - enforced via session id rather than role - Rem ticket views deletion comment - ticket views are cleaned up daily via cron - Require CSRF Token when adding/removing 2FA and backing up master key Marcus Hill 2023-01-02 21:06:51 +00:00
  • 637712aa71 Eworked year selector on the dashboard johnnyq 2023-01-02 16:03:52 -05:00
  • 1b96f8659e Rem comment - we set this info in the session at login and enforce roles there, and will be updating overall site role enforcement Marcus Hill 2023-01-02 19:40:09 +00:00
  • 9eea00bccf Change stripslashes to htmlentities Marcus Hill 2023-01-02 19:29:00 +00:00
  • a66b6052df Change stripslashes to strip_tags for better html sanitization Marcus Hill 2023-01-02 19:28:24 +00:00
  • 24f825ca08 SQL Escape tech username in session. The username is added to most log entries meaning that a simple apostrophe in the name breaks all logging for the user Marcus Hill 2023-01-02 19:22:21 +00:00
  • 019776f538 Change manual admin role verification to use the function Marcus Hill 2023-01-02 19:10:00 +00:00
  • 7688356a5f Remove commented calendar CSS from header as it's loaded by itself on the relevant pages Marcus Hill 2023-01-02 19:06:12 +00:00
  • a3a4dafaf5 Add item name to shared file view logs Marcus Hill 2023-01-02 18:47:06 +00:00
  • 3b3c0ee5db Prevent access to unused file Marcus Hill 2023-01-02 18:38:21 +00:00
  • 0673e550e5 Add file name to shared file download logs Marcus Hill 2023-01-02 18:35:07 +00:00
  • d9fdcb8702 Fixed wording on edit invoice modal instead of payment due changed to invoice due johnnyq 2023-01-02 12:18:10 -05:00
  • 4c0acc87b1 Change include to require Marcus Hill 2023-01-02 16:07:51 +00:00
  • 66259c295b Escape potential HTML data from ticket fields Marcus Hill 2023-01-02 15:54:37 +00:00
  • f7bfeedf54 Escape potential HTML data from ticket reply contact/user fields Marcus Hill 2023-01-02 15:50:35 +00:00
  • f2efa79c57 Escape potential HTML data from ticket fields Marcus Hill 2023-01-02 15:48:47 +00:00
  • 4b10a2ac68 Improve security of password reset token for client portal Marcus Hill 2023-01-02 15:38:40 +00:00
  • 3ea7406c2e Better name azure client id variable as to not be confusing with itflow client ids Marcus Hill 2023-01-02 15:27:29 +00:00
  • e32439cc4c Escape potential HTML from ticket fields Marcus Hill 2023-01-02 15:24:30 +00:00
  • 67b306795b Sanitize portal session vars against sql/html code Marcus Hill 2023-01-02 15:17:58 +00:00
  • fcdeee6321 SQL Escape client name field to prevent potentially breaking SQL queries Marcus Hill 2023-01-02 15:06:51 +00:00
  • d86285aafd SQL Escape domain/cert/client/ticket fields to prevent them potentially breaking SQL queries Marcus Hill 2023-01-02 15:03:56 +00:00
  • f150b3cb27 Tidy comment Marcus Hill 2023-01-02 14:57:46 +00:00
  • b1bb854328 Escape potential HTML in ticket prefix Marcus Hill 2023-01-02 14:56:04 +00:00
  • 72fd102e57 SQL Escape tech username. The username is added to most log entries meaning that a simple apostrophe in the name breaks all logging for the user Marcus Hill 2023-01-02 14:54:49 +00:00
  • 5460825ece Replace stripslashes with strip_tags Marcus Hill 2023-01-02 14:44:46 +00:00
  • dcf0bb67d1 Escape potential HTML characters in client name Marcus Hill 2023-01-02 14:41:14 +00:00
  • 447f20c91c Escape potential HTML characters in the API Key name, as this is used in logs Marcus Hill 2023-01-02 14:38:52 +00:00
  • 1aa87ccaeb API Key error wording Marcus Hill 2023-01-02 14:37:56 +00:00
  • cf8713fc73 Fix software read API query via key Marcus Hill 2023-01-02 14:34:59 +00:00
  • 5a35f508c6 Remove unrequired trim & strip tags - only needs sql escape Marcus Hill 2023-01-02 14:32:17 +00:00
  • 8687f56eb0 Remove unrequired trim & strip tags - only needs sql escape Marcus Hill 2023-01-02 14:31:29 +00:00
  • 2454961389 Escape special characters in a shared doc/file/login name to prevent potentially breaking the ajax sharing log query Marcus Hill 2023-01-02 14:14:30 +00:00
  • b37778b7a1 Escape potential HTML and limit output from SQL query to required fields when calling merge ticket details ajax query Marcus Hill 2023-01-02 14:00:37 +00:00
  • 79dc34da92 Escape potential HTML characters in usernames (ticket collision detection) Marcus Hill 2023-01-02 13:48:16 +00:00
  • 3bf4d7a1f1 Remove test file Marcus Hill 2023-01-02 13:03:41 +00:00
  • f5a2b1df68 Rename & disable unused stripe test page Marcus Hill 2023-01-02 12:56:51 +00:00
  • 17850f3510 Remove test/old client print and client header pages Marcus Hill 2023-01-02 12:50:42 +00:00
  • 8ea674d35e Remove unused assets.php file Marcus Hill 2023-01-02 12:45:13 +00:00
  • 3fd62cd16e Merge pull request #545 from wrongecho/tidy Johnny 2023-01-01 15:56:34 -05:00
  • 94d8ec5360 Merge pull request #544 from wrongecho/cert-expiring-circle Johnny 2023-01-01 15:56:14 -05:00
  • 070d9ac1f5 Merge pull request #543 from wrongecho/dashboards Johnny 2023-01-01 15:55:39 -05:00
  • c7381195ac Merge pull request #542 from wrongecho/contact-important-db-fix Johnny 2023-01-01 15:55:23 -05:00
  • dd00f48e5b Portal code style tidy Marcus Hill 2023-01-01 16:05:48 +00:00
  • ff741c223e API code style tidy Marcus Hill 2023-01-01 16:00:07 +00:00
  • 6746edda1a Misc tidying code spacing & formatting in accordance with SonarCloud/PSR Marcus Hill 2023-01-01 15:41:21 +00:00
  • 60ece6ee00 Tidy sidenav too Marcus Hill 2023-01-01 14:42:40 +00:00
  • 86327b3595 Tidy Marcus Hill 2023-01-01 14:40:06 +00:00
  • a07dfb45e0 Tidy Marcus Hill 2023-01-01 14:33:13 +00:00
  • 4d1b13d85e Small tidy Marcus Hill 2023-01-01 14:15:31 +00:00
  • 93773a6ca3 Add yellow circle to certificate nav menu if expiring Marcus Hill 2023-01-01 14:12:44 +00:00
  • 66d692d0f6 Add domain and cert expiring numbers to tech dashboard Marcus Hill 2023-01-01 14:02:00 +00:00
  • d255f05192 Remove unused monthly recurring query Marcus Hill 2023-01-01 13:45:47 +00:00
  • fa24516ad5 Redirect techs to technical dashboard instead of clients.php page Marcus Hill 2023-01-01 13:42:08 +00:00
  • 07986954f5 Redirect/show techs to technical dashboard on login/navbar Marcus Hill 2023-01-01 13:41:29 +00:00
  • 4ec88257d7 Add basic outline for technical dashboard Marcus Hill 2023-01-01 13:40:54 +00:00
  • 40789eff32 Deduplicate sql payment years query Marcus Hill 2023-01-01 13:40:18 +00:00
  • d2bbf3436a Adjust contact_important field to after contact_password_reset_token instead Marcus Hill 2023-01-01 11:26:58 +00:00
  • ab34712bd9 Add contact_important DB field to database updater Marcus Hill 2023-01-01 11:25:12 +00:00
  • 807d374b90 Merge branch 'master' of github.com:itflow-org/itflow johnnyq 2022-12-31 15:54:51 -05:00
  • e943faecf0 Added Important Functionality to Contacts, Cleaned up UI elements in the contacts and users modals. Added partial User and contact Invite functionality. johnnyq 2022-12-31 15:54:34 -05:00
  • 51a7e59c16 Merge pull request #541 from wrongecho/license-export Johnny 2022-12-31 14:38:30 -05:00
  • edf071c677 Merge pull request #540 from wrongecho/portal-user-instructions Johnny 2022-12-31 14:38:04 -05:00
  • 8db42df93e Merge pull request #536 from wrongecho/ticket-emails Johnny 2022-12-31 14:37:50 -05:00
  • 7fd2d0677c Add more fields to software CSV export Marcus Hill 2022-12-31 18:20:31 +00:00
  • a97ce3c59a Add option on the contact edit modal to send client a welcome email Marcus Hill 2022-12-31 17:25:10 +00:00
  • be3ec96ef6 Add functionality to send emails to clients when their tickets are closed. Marcus Hill 2022-12-31 15:36:27 +00:00
  • cb6211526c better keygen for masterkey on setup johnnyq 2022-12-29 18:29:14 -05:00
  • 6dab710b6b Merge branch 'master' of github.com:itflow-org/itflow johnnyq 2022-12-29 18:23:35 -05:00
  • 29a9d6ef8f Generate longer more secure Key for logins johnnyq 2022-12-29 18:23:11 -05:00
  • 14a405ee6d Merge pull request #534 from wrongecho/revert Johnny 2022-12-29 18:22:14 -05:00
  • ba7f4ab83d Merge pull request #533 from wrongecho/deprecate-multi-company Johnny 2022-12-29 18:21:47 -05:00
  • ad26daa465 Show techs the sales menu in accordance with new access matrix Marcus Hill 2022-12-29 22:33:36 +00:00
  • 8906a1960f Revert "Enforce accountant or admin role to peform accounting related post requests" Marcus Hill 2022-12-29 22:30:40 +00:00
  • d842dbb863 Revert "Hide invoice ticket button for techs" Marcus Hill 2022-12-29 22:29:54 +00:00
  • 5d6b03141b Generate longer more secure Key for browser extension johnnyq 2022-12-29 16:59:47 -05:00
  • 13d2429a45 Merge branch 'master' of github.com:itflow-org/itflow johnnyq 2022-12-29 16:51:40 -05:00
  • d6d908f0b8 Generate longer more secure Keys for shareable URLs using best practice johnnyq 2022-12-29 16:50:57 -05:00
  • 93cb97f630 Add deprecated notice to companies module and associated functionality (#532) Marcus Hill 2022-12-29 21:41:53 +00:00
  • ad6afc4d29 Merge pull request #529 from wrongecho/deduplicate Johnny 2022-12-29 11:48:11 -05:00
  • 7874690560 Merge pull request #528 from wrongecho/accountant-role-enforcements Johnny 2022-12-29 11:47:56 -05:00
  • 5edd71facc Deduplicate client overviw SQL queries Marcus Hill 2022-12-28 21:09:56 +00:00
  • 6df24d859e Hide invoice ticket button for techs Marcus Hill 2022-12-28 20:51:24 +00:00
  • ea3a12bdd7 Enforce accountant or admin role to peform accounting related post requests Marcus Hill 2022-12-28 20:46:24 +00:00
  • a255441bc3 Merge pull request #526 from wrongecho/setup-db-auth-helper Johnny 2022-12-26 23:54:27 -05:00