Merge pull request #1223 from itflow-org/develop

25.06 Release

Author: johnnyq

CHANGELOG.md

@@ -2,6 +2,43 @@
 
 This file documents all notable changes made to ITFlow.
 
+## [25.06]
+
+### Breaking CHANGES
+- Old Document Verions will be deleted due to the major backend rewrite how document versions work.
+
+### Added / Changed
+- Improved function for retrieving remote IP address for logging purposes.
+- Ticket categories are now sorted alphabetically.
+- Visiting a deleted invoice or recurring invoice now redirects to the listing page; delete option added to invoice details page.
+- Added "Mark as Sent" and "Make Payment" actions directly on the invoice listing page.
+- Introduced Ticket Category UI for recurring tickets.
+- In Project Details, bulk actions and sorting are now available for tickets.
+- Updated ticket details UI to use full card stacks with edit icons for stackable items (e.g., asset, watchers, contact).
+- Added a new setting to toggle AutoStart Timer in ticket details (disabled by default).
+- Applied gray accent theme in the client section to visually distinguish from the global view.
+- Introduced Ticket Due Date functionality (currently supports add/edit only; more updates coming next release).
+- Added settings option to display Company Tax ID on invoices.
+- Client overview now displays badge counts for all entities.
+- Overhauled UI for Invoice, Quote, and Recurring Invoice details; switched PDF generation to TCPDF PHP from PDFMake JS.
+- Document versioning has been moved to a separate backend table to resolve permanent link issues -- SEE Breaking CHANGES.
+- Migrated Document Templates, Vendor Templates, and Software/License Templates to dedicated tables.
+- Added functionality to mark all tasks in a ticket as complete or incomplete.
+- Asset CSV import now supports a purchase date field.
+- Recurring Payments have been restructured to auto-charge on the invoice due date instead of at generation time.
+- Added "Base Template" label for vendor templates when available.
+- Backup and restore processes now use a temporary directory; files are cleaned up automatically if operations fail.
+- Added confirmation prompt when accepting or declining a quote.
+- Other minor code UI/UX cleanups and refactoring throughout the app.
+
+### Fixed
+- Resolved issue with enabling MFA.
+- Fixed UI regression where ticket listing columns would misalign.
+- Non-billable invoices are no longer included in calculations.
+- Addressed multiple minor reported security vulnerabilities.
+- Tickets with open tasks are no longer resolved in bulk; a warning is shown along with a count of affected tickets.
+
+
 ## [25.05.1]
 
 ### Added / Changed

accounts.php

@@ -9,9 +9,6 @@
 // Perms
 enforceUserPermission('module_financial');
 
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM accounts

admin_api.php

@@ -6,10 +6,6 @@
 
 require_once "includes/inc_all_admin.php";
 
-
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM api_keys

admin_app_log.php

@@ -26,9 +26,6 @@
     $category_filter = '';
 }
 
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM app_logs

admin_audit_log.php

@@ -46,9 +46,6 @@
     $action_filter = '';
 }
 
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM logs

admin_category.php

@@ -13,10 +13,6 @@
     $category = "Expense";
 }
 
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM categories

admin_custom_link.php

@@ -6,10 +6,6 @@
 
 require_once "includes/inc_all_admin.php";
 
-
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM custom_links

admin_document_template.php

@@ -1,27 +1,16 @@
 <?php
 
     // Default Column Sort by Filter
-    $sort = "document_name";
+    $sort = "document_template_name";
     $order = "ASC";
 
     require_once "includes/inc_all_admin.php";
 
-    // Search query SQL snippet
-    if (!empty($q)) {
-        $query_snippet = "AND (MATCH(document_content_raw) AGAINST ('$q') OR document_name LIKE '%$q%')";
-    } else {
-        $query_snippet = ""; // empty
-    }
-
-    // Rebuild URL
-    $url_query_strings_sort = http_build_query($get_copy);
-
     $sql = mysqli_query(
         $mysqli,
-        "SELECT SQL_CALC_FOUND_ROWS * FROM documents
-        LEFT JOIN users ON document_created_by = user_id
-        WHERE document_template = 1
-        $query_snippet
+        "SELECT SQL_CALC_FOUND_ROWS * FROM document_templates
+        LEFT JOIN users ON document_template_created_by = user_id
+        WHERE user_name LIKE '%$q%' OR document_template_name LIKE '%$q%'
         ORDER BY $sort $order LIMIT $record_from, $record_to"
     );
 
@@ -55,18 +44,18 @@
                 <thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
                     <tr>
                         <th>
-                            <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_name&order=<?php echo $disp; ?>">
-                                Template Name <?php if ($sort == 'document_name') { echo $order_icon; } ?>
+                            <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_name&order=<?php echo $disp; ?>">
+                                Template Name <?php if ($sort == 'document_template_name') { echo $order_icon; } ?>
                             </a>
                         </th>
                         <th>
-                            <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_created_at&order=<?php echo $disp; ?>">
-                                Created <?php if ($sort == 'document_created_at') { echo $order_icon; } ?>
+                            <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_created_at&order=<?php echo $disp; ?>">
+                                Created <?php if ($sort == 'document_template_created_at') { echo $order_icon; } ?>
                             </a>
                         </th>
                         <th>
-                            <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_updated_at&order=<?php echo $disp; ?>">
-                                Updated <?php if ($sort == 'document_updated_at') { echo $order_icon; } ?>
+                            <a class="text-secondary" href="?<?php echo $url_query_strings_sort; ?>&sort=document_template_updated_at&order=<?php echo $disp; ?>">
+                                Updated <?php if ($sort == 'document_template_updated_at') { echo $order_icon; } ?>
                             </a>
                         </th>
                         <th class="text-center">
@@ -78,27 +67,26 @@
                     <?php
 
                         while ($row = mysqli_fetch_array($sql)) {
-                            $document_id = intval($row['document_id']);
-                            $document_name = nullable_htmlentities($row['document_name']);
-                            $document_description = nullable_htmlentities($row['document_description']);
-                            $document_content = nullable_htmlentities($row['document_content']);
-                            $document_created_by_name = nullable_htmlentities($row['user_name']);
-                            $document_created_at = nullable_htmlentities($row['document_created_at']);
-                            $document_updated_at = nullable_htmlentities($row['document_updated_at']);
-                            $document_folder_id = intval($row['document_folder_id']);
+                            $document_template_id = intval($row['document_template_id']);
+                            $document_template_name = nullable_htmlentities($row['document_template_name']);
+                            $document_template_description = nullable_htmlentities($row['document_template_description']);
+                            $document_template_content = nullable_htmlentities($row['document_template_content']);
+                            $document_template_created_by_name = nullable_htmlentities($row['user_name']);
+                            $document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
+                            $document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
 
                     ?>
 
                     <tr>
                         <td>
-                            <a class="text-bold" href="admin_document_template_details.php?document_id=<?php echo $document_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_name; ?></a>
-                            <div class="mt-1 text-secondary"><?php echo $document_description; ?></div>
+                            <a class="text-bold" href="admin_document_template_details.php?document_template_id=<?php echo $document_template_id; ?>"><i class="fas fa-fw fa-file-alt text-dark"></i> <?php echo $document_template_name; ?></a>
+                            <div class="mt-1 text-secondary"><?php echo $document_template_description; ?></div>
                         </td>
                         <td>
-                            <?php echo $document_created_at; ?>
-                            <div class="text-secondary"><?php echo $document_created_by_name; ?></div>
+                            <?php echo $document_template_created_at; ?>
+                            <div class="text-secondary"><?php echo $document_template_created_by_name; ?></div>
                         </td>
-                        <td><?php echo $document_updated_at; ?></td>
+                        <td><?php echo $document_template_updated_at; ?></td>
                         <td>
                             <div class="dropdown dropleft text-center">
                                 <button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
@@ -109,12 +97,12 @@
                                         data-toggle="ajax-modal"
                                         data-modal-size="xl"
                                         data-ajax-url="ajax/ajax_document_template_edit.php"
-                                        data-ajax-id="<?php echo $document_id; ?>"
+                                        data-ajax-id="<?php echo $document_template_id; ?>"
                                         >
                                         <i class="fas fa-fw fa-edit mr-2"></i>Edit
                                     </a>
                                     <div class="dropdown-divider"></div>
-                                    <a class="dropdown-item text-danger text-bold" href="post.php?delete_document=<?php echo $document_id; ?>">
+                                    <a class="dropdown-item text-danger text-bold" href="post.php?delete_document_template=<?php echo $document_template_id; ?>">
                                         <i class="fas fa-fw fa-trash mr-2"></i>Delete
                                     </a>
                                 </div>

admin_document_template_details.php

@@ -11,19 +11,19 @@
 $purifier_config->set('URI.AllowedSchemes', ['data' => true, 'src' => true, 'http' => true, 'https' => true]);
 $purifier = new HTMLPurifier($purifier_config);
 
-if (isset($_GET['document_id'])) {
-    $document_id = intval($_GET['document_id']);
+if (isset($_GET['document_template_id'])) {
+    $document_template_id = intval($_GET['document_template_id']);
 }
 
-$sql_document = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_template = 1 AND document_id = $document_id");
+$sql_document = mysqli_query($mysqli, "SELECT * FROM document_templates WHERE document_template_id = $document_template_id");
 
 $row = mysqli_fetch_array($sql_document);
 
-$document_name = nullable_htmlentities($row['document_name']);
-$document_description = nullable_htmlentities($row['document_description']);
-$document_content = $purifier->purify($row['document_content']);
-$document_created_at = nullable_htmlentities($row['document_created_at']);
-$document_updated_at = nullable_htmlentities($row['document_updated_at']);
+$document_template_name = nullable_htmlentities($row['document_template_name']);
+$document_template_description = nullable_htmlentities($row['document_template_description']);
+$document_template_content = $purifier->purify($row['document_template_content']);
+$document_template_created_at = nullable_htmlentities($row['document_template_created_at']);
+$document_template_updated_at = nullable_htmlentities($row['document_template_updated_at']);
 
 ?>
 
@@ -37,27 +37,27 @@
     <li class="breadcrumb-item">
         <a href="admin_document_template.php">Document Templates</a>
     </li>
-    <li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_name; ?></li>
+    <li class="breadcrumb-item active"><i class="fas fa-file mr-2"></i><?php echo $document_template_name; ?></li>
 </ol>
 
 <div class="card card-dark">
     <div class="card-header py-2">
 
-        <h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_name; ?></h3>
+        <h3 class="card-title mt-2"><i class="fa fa-fw fa-file mr-2"></i><?php echo $document_template_name; ?></h3>
 
         <div class="card-tools">
             <button type="button" class="btn btn-primary"
                 data-toggle="ajax-modal"
                 data-modal-size="xl"
                 data-ajax-url="ajax/ajax_document_template_edit.php"
-                data-ajax-id="<?php echo $document_id; ?>"
+                data-ajax-id="<?php echo $document_template_id; ?>"
                 >
                 <i class="fas fa-edit mr-2"></i>Edit
             </button>
         </div>
     </div>
     <div class="card-body prettyContent">
-        <?php echo $document_content; ?>
+        <?php echo $document_template_content; ?>
     </div>
 </div>
 

admin_mail_queue.php

@@ -6,9 +6,6 @@
 
 require_once "includes/inc_all_admin.php";
 
-//Rebuild URL
-$url_query_strings_sort = http_build_query($get_copy);
-
 $sql = mysqli_query(
     $mysqli,
     "SELECT SQL_CALC_FOUND_ROWS * FROM email_queue