mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-23 12:44:12 -08:00
Additional escaping
This commit is contained in:
parent
f1bdaeaf95
commit
27543d16f6
|
@ -26,6 +26,7 @@ use Slack;
|
|||
use Str;
|
||||
use View;
|
||||
use Auth;
|
||||
use Request;
|
||||
|
||||
/**
|
||||
* This class controls all actions related to accessories
|
||||
|
@ -42,7 +43,7 @@ class AccessoriesController extends Controller
|
|||
* @since [v1.0]
|
||||
* @return View
|
||||
*/
|
||||
public function getIndex()
|
||||
public function getIndex(Request $request)
|
||||
{
|
||||
return View::make('accessories/index');
|
||||
}
|
||||
|
@ -54,7 +55,7 @@ class AccessoriesController extends Controller
|
|||
* @author [A. Gianotto] [<snipe@snipe.net>]
|
||||
* @return View
|
||||
*/
|
||||
public function getCreate()
|
||||
public function getCreate(Request $request)
|
||||
{
|
||||
// Show the page
|
||||
$category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
|
||||
|
@ -74,7 +75,7 @@ class AccessoriesController extends Controller
|
|||
* @author [A. Gianotto] [<snipe@snipe.net>]
|
||||
* @return Redirect
|
||||
*/
|
||||
public function postCreate()
|
||||
public function postCreate(Request $request)
|
||||
{
|
||||
|
||||
// create a new model instance
|
||||
|
@ -120,7 +121,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return View
|
||||
*/
|
||||
public function getEdit($accessoryId = null)
|
||||
public function getEdit(Request $request, $accessoryId = null)
|
||||
{
|
||||
// Check if the accessory exists
|
||||
if (is_null($accessory = Accessory::find($accessoryId))) {
|
||||
|
@ -148,7 +149,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return Redirect
|
||||
*/
|
||||
public function postEdit($accessoryId = null)
|
||||
public function postEdit(Request $request, $accessoryId = null)
|
||||
{
|
||||
// Check if the blog post exists
|
||||
if (is_null($accessory = Accessory::find($accessoryId))) {
|
||||
|
@ -203,7 +204,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return Redirect
|
||||
*/
|
||||
public function getDelete($accessoryId)
|
||||
public function getDelete(Request $request, $accessoryId)
|
||||
{
|
||||
// Check if the blog post exists
|
||||
if (is_null($accessory = Accessory::find($accessoryId))) {
|
||||
|
@ -237,7 +238,7 @@ class AccessoriesController extends Controller
|
|||
* @since [v1.0]
|
||||
* @return View
|
||||
*/
|
||||
public function getView($accessoryID = null)
|
||||
public function getView(Request $request, $accessoryID = null)
|
||||
{
|
||||
$accessory = Accessory::find($accessoryID);
|
||||
|
||||
|
@ -266,7 +267,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return View
|
||||
*/
|
||||
public function getCheckout($accessoryId)
|
||||
public function getCheckout(Request $request, $accessoryId)
|
||||
{
|
||||
// Check if the accessory exists
|
||||
if (is_null($accessory = Accessory::find($accessoryId))) {
|
||||
|
@ -293,7 +294,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return Redirect
|
||||
*/
|
||||
public function postCheckout($accessoryId)
|
||||
public function postCheckout(Request $request, $accessoryId)
|
||||
{
|
||||
// Check if the accessory exists
|
||||
if (is_null($accessory = Accessory::find($accessoryId))) {
|
||||
|
@ -399,7 +400,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return View
|
||||
**/
|
||||
public function getCheckin($accessoryUserId = null, $backto = null)
|
||||
public function getCheckin(Request $request, $accessoryUserId = null, $backto = null)
|
||||
{
|
||||
// Check if the accessory exists
|
||||
if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
|
||||
|
@ -425,7 +426,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return Redirect
|
||||
**/
|
||||
public function postCheckin($accessoryUserId = null, $backto = null)
|
||||
public function postCheckin(Request $request, $accessoryUserId = null, $backto = null)
|
||||
{
|
||||
// Check if the accessory exists
|
||||
if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
|
||||
|
@ -441,18 +442,18 @@ class AccessoriesController extends Controller
|
|||
}
|
||||
|
||||
$logaction = new Actionlog();
|
||||
$logaction->checkedout_to = $accessory_user->assigned_to;
|
||||
$return_to = $accessory_user->assigned_to;
|
||||
$logaction->checkedout_to = e($accessory_user->assigned_to);
|
||||
$return_to = e($accessory_user->assigned_to);
|
||||
$admin_user = Auth::user();
|
||||
|
||||
|
||||
// Was the accessory updated?
|
||||
if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
|
||||
|
||||
$logaction->accessory_id = $accessory->id;
|
||||
$logaction->accessory_id = e($accessory->id);
|
||||
$logaction->location_id = null;
|
||||
$logaction->asset_type = 'accessory';
|
||||
$logaction->user_id = $admin_user->id;
|
||||
$logaction->user_id = e($admin_user->id);
|
||||
$logaction->note = e(Input::get('note'));
|
||||
|
||||
$settings = Setting::getSettings();
|
||||
|
@ -461,8 +462,8 @@ class AccessoriesController extends Controller
|
|||
|
||||
|
||||
$slack_settings = [
|
||||
'username' => $settings->botname,
|
||||
'channel' => $settings->slack_channel,
|
||||
'username' => e($settings->botname),
|
||||
'channel' => e($settings->slack_channel),
|
||||
'link_names' => true
|
||||
];
|
||||
|
||||
|
@ -474,7 +475,7 @@ class AccessoriesController extends Controller
|
|||
'fields' => [
|
||||
[
|
||||
'title' => 'Checked In:',
|
||||
'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked in by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
|
||||
'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
|
||||
],
|
||||
[
|
||||
'title' => 'Note:',
|
||||
|
@ -498,11 +499,11 @@ class AccessoriesController extends Controller
|
|||
}
|
||||
|
||||
$data['log_id'] = $logaction->id;
|
||||
$data['first_name'] = $user->first_name;
|
||||
$data['item_name'] = $accessory->name;
|
||||
$data['checkin_date'] = $logaction->created_at;
|
||||
$data['first_name'] = e($user->first_name);
|
||||
$data['item_name'] = e($accessory->name);
|
||||
$data['checkin_date'] = e($logaction->created_at);
|
||||
$data['item_tag'] = '';
|
||||
$data['note'] = $logaction->note;
|
||||
$data['note'] = e($logaction->note);
|
||||
|
||||
if (($accessory->checkin_email()=='1')) {
|
||||
|
||||
|
@ -550,13 +551,13 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return string JSON containing accessories and their associated atrributes.
|
||||
**/
|
||||
public function getDatatable()
|
||||
public function getDatatable(Request $request)
|
||||
{
|
||||
$accessories = Accessory::select('accessories.*')->with('category', 'company')
|
||||
->whereNull('accessories.deleted_at');
|
||||
|
||||
if (Input::has('search')) {
|
||||
$accessories = $accessories->TextSearch(Input::get('search'));
|
||||
$accessories = $accessories->TextSearch(e(Input::get('search')));
|
||||
}
|
||||
|
||||
if (Input::has('offset')) {
|
||||
|
@ -574,7 +575,7 @@ class AccessoriesController extends Controller
|
|||
|
||||
$allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category'];
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
|
||||
|
||||
switch ($sort) {
|
||||
case 'category':
|
||||
|
@ -600,11 +601,11 @@ class AccessoriesController extends Controller
|
|||
$rows[] = array(
|
||||
'name' => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
|
||||
'category' => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
|
||||
'qty' => $accessory->qty,
|
||||
'order_number' => $accessory->order_number,
|
||||
'min_amt' => $accessory->min_amt,
|
||||
'location' => ($accessory->location) ? $accessory->location->name: '',
|
||||
'purchase_date' => $accessory->purchase_date,
|
||||
'qty' => e($accessory->qty),
|
||||
'order_number' => e($accessory->order_number),
|
||||
'min_amt' => e($accessory->min_amt),
|
||||
'location' => ($accessory->location) ? e($accessory->location->name): '',
|
||||
'purchase_date' => e($accessory->purchase_date),
|
||||
'purchase_cost' => number_format($accessory->purchase_cost, 2),
|
||||
'numRemaining' => $accessory->numRemaining(),
|
||||
'actions' => $actions,
|
||||
|
@ -643,7 +644,7 @@ class AccessoriesController extends Controller
|
|||
* @param int $accessoryId
|
||||
* @return string JSON containing accessories and their associated atrributes.
|
||||
**/
|
||||
public function getDataView($accessoryID)
|
||||
public function getDataView(Request $request, $accessoryID)
|
||||
{
|
||||
$accessory = Accessory::find($accessoryID);
|
||||
|
||||
|
@ -660,7 +661,7 @@ class AccessoriesController extends Controller
|
|||
$actions = '<a href="'.route('checkin/accessory', $user->pivot->id).'" class="btn btn-info btn-sm">Checkin</a>';
|
||||
|
||||
$rows[] = array(
|
||||
'name' =>(string) link_to('/admin/users/'.$user->id.'/view', $user->fullName()),
|
||||
'name' =>(string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())),
|
||||
'actions' => $actions
|
||||
);
|
||||
}
|
||||
|
|
|
@ -75,7 +75,7 @@ class AssetMaintenancesController extends Controller
|
|||
|
||||
$allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes'];
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
|
||||
|
||||
$maintenances->orderBy($sort, $order);
|
||||
|
||||
|
@ -428,7 +428,7 @@ class AssetMaintenancesController extends Controller
|
|||
->with('success', Lang::get('admin/asset_maintenances/message.create.success'));
|
||||
}
|
||||
return Redirect::back() ->withInput()->withErrors($assetMaintenance->getErrors());
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -441,7 +441,7 @@ class AssetModelsController extends Controller
|
|||
|
||||
$allowed_columns = ['id','name','modelno'];
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
|
||||
|
||||
$models = $models->orderBy($sort, $order);
|
||||
|
||||
|
@ -491,7 +491,7 @@ class AssetModelsController extends Controller
|
|||
$assets = Asset::where('model_id', '=', $modelID)->withTrashed()->with('company');
|
||||
|
||||
if (Input::has('search')) {
|
||||
$assets = $assets->TextSearch(Input::get('search'));
|
||||
$assets = $assets->TextSearch(e(Input::get('search')));
|
||||
}
|
||||
|
||||
if (Input::has('offset')) {
|
||||
|
@ -509,7 +509,7 @@ class AssetModelsController extends Controller
|
|||
|
||||
$allowed_columns = ['name', 'serial','asset_tag'];
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
|
||||
|
||||
$assets = $assets->orderBy($sort, $order);
|
||||
|
||||
|
|
|
@ -136,7 +136,7 @@ class AssetsController extends Controller
|
|||
|
||||
$asset->name = e(Input::get('name'));
|
||||
$asset->serial = e(Input::get('serial'));
|
||||
$asset->company_id = \App\Models\Company::getIdForCurrentUser(Input::get('company_id'));
|
||||
$asset->company_id = \App\Models\Company::getIdForCurrentUser(e(Input::get('company_id')));
|
||||
$asset->model_id = e(Input::get('model_id'));
|
||||
$asset->order_number = e(Input::get('order_number'));
|
||||
$asset->notes = e(Input::get('notes'));
|
||||
|
@ -358,12 +358,11 @@ class AssetsController extends Controller
|
|||
|
||||
|
||||
$checkModel = config('app.url').'/api/models/'.e(Input::get('model_id')).'/check';
|
||||
//$asset->mac_address = ($checkModel == true) ? e(Input::get('mac_address')) : NULL;
|
||||
|
||||
// Update the asset data
|
||||
$asset->name = e(Input::get('name'));
|
||||
$asset->serial = e(Input::get('serial'));
|
||||
$asset->company_id = Company::getIdForCurrentUser(Input::get('company_id'));
|
||||
$asset->company_id = Company::getIdForCurrentUser(e(Input::get('company_id')));
|
||||
$asset->model_id = e(Input::get('model_id'));
|
||||
$asset->order_number = e(Input::get('order_number'));
|
||||
$asset->asset_tag = e(Input::get('asset_tag'));
|
||||
|
@ -439,7 +438,7 @@ class AssetsController extends Controller
|
|||
public function getCheckout($assetId)
|
||||
{
|
||||
// Check if the asset exists
|
||||
if (is_null($asset = Asset::find($assetId))) {
|
||||
if (is_null($asset = Asset::find(e($assetId)))) {
|
||||
// Redirect to the asset management page with error
|
||||
return Redirect::to('hardware')->with('error', Lang::get('admin/hardware/message.does_not_exist'));
|
||||
} elseif (!Company::isCurrentUserHasAccess($asset)) {
|
||||
|
@ -582,8 +581,7 @@ class AssetsController extends Controller
|
|||
$logaction->note = e(Input::get('note'));
|
||||
$logaction->user_id = Auth::user()->id;
|
||||
$log = $logaction->logaction('checkin from');
|
||||
|
||||
$settings = Setting::getSettings();
|
||||
$settings = Setting::getSettings();
|
||||
|
||||
if ($settings->slack_endpoint) {
|
||||
|
||||
|
@ -601,7 +599,7 @@ class AssetsController extends Controller
|
|||
'fields' => [
|
||||
[
|
||||
'title' => 'Checked In:',
|
||||
'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> checked in by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
|
||||
'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.e($asset->showAssetName()).'> checked in by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.e(Auth::user()->fullName()).'>.'
|
||||
],
|
||||
[
|
||||
'title' => 'Note:',
|
||||
|
@ -1462,19 +1460,19 @@ class AssetsController extends Controller
|
|||
'checkbox' =>'<div class="text-center"><input type="checkbox" name="edit_asset['.$asset->id.']" class="one_required"></div>',
|
||||
'id' => $asset->id,
|
||||
'image' => (($asset->image) && ($asset->image!='')) ? '<img src="'.config('app.url').'/uploads/assets/'.$asset->image.'" height=50 width=50>' : ((($asset->model) && ($asset->model->image!='')) ? '<img src="'.config('app.url').'/uploads/models/'.$asset->model->image.'" height=40 width=50>' : ''),
|
||||
'name' => '<a title="'.$asset->name.'" href="hardware/'.$asset->id.'/view">'.$asset->name.'</a>',
|
||||
'asset_tag' => '<a title="'.$asset->asset_tag.'" href="hardware/'.$asset->id.'/view">'.$asset->asset_tag.'</a>',
|
||||
'serial' => $asset->serial,
|
||||
'model' => ($asset->model) ? (string)link_to('/hardware/models/'.$asset->model->id.'/view', $asset->model->name) : 'No model',
|
||||
'status_label' => ($asset->assigneduser) ? 'Deployed' : (($asset->assetstatus) ? $asset->assetstatus->name : ''),
|
||||
'assigned_to' => ($asset->assigneduser) ? (string)link_to('../admin/users/'.$asset->assigned_to.'/view', $asset->assigneduser->fullName()) : '',
|
||||
'location' => (($asset->assigneduser) && ($asset->assigneduser->userloc!='')) ? (string)link_to('admin/settings/locations/'.$asset->assigneduser->userloc->id.'/edit', $asset->assigneduser->userloc->name) : (($asset->defaultLoc!='') ? (string)link_to('admin/settings/locations/'.$asset->defaultLoc->id.'/edit', $asset->defaultLoc->name) : ''),
|
||||
'category' => (($asset->model) && ($asset->model->category)) ? $asset->model->category->name : '',
|
||||
'name' => '<a title="'.e($asset->name).'" href="hardware/'.$asset->id.'/view">'.e($asset->name).'</a>',
|
||||
'asset_tag' => '<a title="'.e($asset->asset_tag).'" href="hardware/'.$asset->id.'/view">'.e($asset->asset_tag).'</a>',
|
||||
'serial' => e($asset->serial),
|
||||
'model' => ($asset->model) ? (string)link_to('/hardware/models/'.$asset->model->id.'/view', e($asset->model->name)) : 'No model',
|
||||
'status_label' => ($asset->assigneduser) ? 'Deployed' : ((e($asset->assetstatus)) ? e($asset->assetstatus->name) : ''),
|
||||
'assigned_to' => ($asset->assigneduser) ? (string)link_to('../admin/users/'.$asset->assigned_to.'/view', e($asset->assigneduser->fullName())) : '',
|
||||
'location' => (($asset->assigneduser) && ($asset->assigneduser->userloc!='')) ? (string)link_to('admin/settings/locations/'.$asset->assigneduser->userloc->id.'/edit', e($asset->assigneduser->userloc->name)) : (($asset->defaultLoc!='') ? (string)link_to('admin/settings/locations/'.$asset->defaultLoc->id.'/edit', e($asset->defaultLoc->name)) : ''),
|
||||
'category' => (($asset->model) && ($asset->model->category)) ? e($asset->model->category->name) : '',
|
||||
'eol' => ($asset->eol_date()) ? $asset->eol_date() : '',
|
||||
'notes' => $asset->notes,
|
||||
'order_number' => ($asset->order_number!='') ? '<a href="'.config('app.url').'/hardware?order_number='.$asset->order_number.'">'.$asset->order_number.'</a>' : '',
|
||||
'last_checkout' => ($asset->last_checkout!='') ? $asset->last_checkout : '',
|
||||
'expected_checkin' => ($asset->expected_checkin!='') ? $asset->expected_checkin : '',
|
||||
'notes' => e($asset->notes),
|
||||
'order_number' => ($asset->order_number!='') ? '<a href="'.config('app.url').'/hardware?order_number='.e($asset->order_number).'">'.e($asset->order_number).'</a>' : '',
|
||||
'last_checkout' => ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
|
||||
'expected_checkin' => ($asset->expected_checkin!='') ? e($asset->expected_checkin) : '',
|
||||
'change' => ($inout) ? $inout : '',
|
||||
'actions' => ($actions) ? $actions : '',
|
||||
'companyName' => is_null($asset->company) ? '' : e($asset->company->name)
|
||||
|
|
|
@ -218,7 +218,7 @@ class CategoriesController extends Controller
|
|||
|
||||
$allowed_columns = ['id','name','category_type'];
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
|
||||
|
||||
$categories = $categories->orderBy($sort, $order);
|
||||
|
||||
|
@ -309,10 +309,10 @@ class CategoriesController extends Controller
|
|||
|
||||
$rows[] = array(
|
||||
'id' => $asset->id,
|
||||
'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->name),
|
||||
'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->name)),
|
||||
//'model' => $asset->model->name,
|
||||
'asset_tag' => $asset->asset_tag,
|
||||
'serial' => $asset->serial,
|
||||
'asset_tag' => e($asset->asset_tag),
|
||||
'serial' => e($asset->serial),
|
||||
'assigned_to' => ($asset->assigneduser) ? (string)link_to(config('app.url').'/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
|
||||
'change' => $inout,
|
||||
'actions' => $actions,
|
||||
|
|
|
@ -70,7 +70,7 @@ class ComponentsController extends Controller
|
|||
$component->location_id = e(Input::get('location_id'));
|
||||
$component->company_id = Company::getIdForCurrentUser(Input::get('company_id'));
|
||||
$component->order_number = e(Input::get('order_number'));
|
||||
$component->min_amt = e(Input::get('min_amt'));
|
||||
$component->min_amt = e(Input::get('min_amt'));
|
||||
|
||||
if (e(Input::get('purchase_date')) == '') {
|
||||
$component->purchase_date = null;
|
||||
|
@ -397,13 +397,13 @@ class ComponentsController extends Controller
|
|||
$rows[] = array(
|
||||
'checkbox' =>'<div class="text-center"><input type="checkbox" name="component['.$component->id.']" class="one_required"></div>',
|
||||
'id' => $component->id,
|
||||
'name' => (string)link_to('admin/components/'.$component->id.'/view', $component->name),
|
||||
'name' => (string)link_to('admin/components/'.$component->id.'/view', e($component->name)),
|
||||
'location' => ($component->location) ? e($component->location->name) : '',
|
||||
'total_qty' => $component->total_qty,
|
||||
'min_amt' => $component->min_amt,
|
||||
'category' => ($component->category) ? $component->category->name : 'Missing category',
|
||||
'order_number' => $component->order_number,
|
||||
'purchase_date' => $component->purchase_date,
|
||||
'total_qty' => e($component->total_qty),
|
||||
'min_amt' => e($component->min_amt),
|
||||
'category' => ($component->category) ? e($component->category->name) : 'Missing category',
|
||||
'order_number' => e($component->order_number),
|
||||
'purchase_date' => e($component->purchase_date),
|
||||
'purchase_cost' => ($component->purchase_cost!='') ? number_format($component->purchase_cost, 2): '' ,
|
||||
'numRemaining' => $component->numRemaining(),
|
||||
'actions' => $actions,
|
||||
|
@ -432,8 +432,8 @@ class ComponentsController extends Controller
|
|||
|
||||
foreach ($component->assets as $component_assignment) {
|
||||
$rows[] = array(
|
||||
'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', $component_assignment->name),
|
||||
'qty' => $component_assignment->pivot->assigned_qty,
|
||||
'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->name)),
|
||||
'qty' => e($component_assignment->pivot->assigned_qty),
|
||||
'created_at' => ($component_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $component_assignment->created_at->format('Y-m-d H:i:s'),
|
||||
);
|
||||
}
|
||||
|
|
|
@ -68,7 +68,7 @@ class ConsumablesController extends Controller
|
|||
$consumable->location_id = e(Input::get('location_id'));
|
||||
$consumable->company_id = Company::getIdForCurrentUser(Input::get('company_id'));
|
||||
$consumable->order_number = e(Input::get('order_number'));
|
||||
$consumable->min_amt = e(Input::get('min_amt'));
|
||||
$consumable->min_amt = e(Input::get('min_amt'));
|
||||
|
||||
if (e(Input::get('purchase_date')) == '') {
|
||||
$consumable->purchase_date = null;
|
||||
|
@ -79,7 +79,7 @@ class ConsumablesController extends Controller
|
|||
if (e(Input::get('purchase_cost')) == '0.00') {
|
||||
$consumable->purchase_cost = null;
|
||||
} else {
|
||||
$consumable->purchase_cost = ParseFloat(e(Input::get('purchase_cost')));
|
||||
$consumable->purchase_cost = e(Input::get('purchase_cost'));
|
||||
}
|
||||
|
||||
$consumable->qty = e(Input::get('qty'));
|
||||
|
@ -157,7 +157,7 @@ class ConsumablesController extends Controller
|
|||
if (e(Input::get('purchase_cost')) == '0.00') {
|
||||
$consumable->purchase_cost = null;
|
||||
} else {
|
||||
$consumable->purchase_cost = ParseFloat(e(Input::get('purchase_cost')));
|
||||
$consumable->purchase_cost = e(Input::get('purchase_cost'));
|
||||
}
|
||||
|
||||
$consumable->qty = e(Input::get('qty'));
|
||||
|
@ -357,7 +357,7 @@ class ConsumablesController extends Controller
|
|||
->with('company', 'location', 'category', 'users');
|
||||
|
||||
if (Input::has('search')) {
|
||||
$consumables = $consumables->TextSearch(Input::get('search'));
|
||||
$consumables = $consumables->TextSearch(e(Input::get('search')));
|
||||
}
|
||||
|
||||
if (Input::has('offset')) {
|
||||
|
@ -398,17 +398,17 @@ class ConsumablesController extends Controller
|
|||
|
||||
foreach ($consumables as $consumable) {
|
||||
$actions = '<nobr><a href="'.route('checkout/consumable', $consumable->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($consumable->numRemaining() > 0 ) ? '' : ' disabled').'>'.Lang::get('general.checkout').'</a><a href="'.route('update/consumable', $consumable->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $consumable->id).'" data-content="'.Lang::get('admin/consumables/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($consumable->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
|
||||
$company = $consumable->company;
|
||||
$company = e($consumable->company);
|
||||
|
||||
$rows[] = array(
|
||||
'id' => $consumable->id,
|
||||
'name' => (string)link_to('admin/consumables/'.$consumable->id.'/view', $consumable->name),
|
||||
'name' => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
|
||||
'location' => ($consumable->location) ? e($consumable->location->name) : '',
|
||||
'min_amt' => $consumable->min_amt,
|
||||
'qty' => $consumable->qty,
|
||||
'category' => ($consumable->category) ? $consumable->category->name : 'Missing category',
|
||||
'order_number' => $consumable->order_number,
|
||||
'purchase_date' => $consumable->purchase_date,
|
||||
'min_amt' => e($consumable->min_amt),
|
||||
'qty' => e($consumable->qty),
|
||||
'category' => ($consumable->category) ? e($consumable->category->name) : 'Missing category',
|
||||
'order_number' => e($consumable->order_number),
|
||||
'purchase_date' => e($consumable->purchase_date),
|
||||
'purchase_cost' => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
|
||||
'numRemaining' => $consumable->numRemaining(),
|
||||
'actions' => $actions,
|
||||
|
@ -445,9 +445,9 @@ class ConsumablesController extends Controller
|
|||
|
||||
foreach ($consumable->consumableAssigments as $consumable_assignment) {
|
||||
$rows[] = array(
|
||||
'name' => (string)link_to('/admin/users/'.$consumable_assignment->user->id.'/view', $consumable_assignment->user->fullName()),
|
||||
'name' => (string)link_to('/admin/users/'.$consumable_assignment->user->id.'/view', e($consumable_assignment->user->fullName())),
|
||||
'created_at' => ($consumable_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $consumable_assignment->created_at->format('Y-m-d H:i:s'),
|
||||
'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->fullName() : '',
|
||||
'admin' => ($consumable_assignment->admin) ? e($consumable_assignment->admin->fullName()) : '',
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -184,8 +184,8 @@ class DepreciationsController extends Controller
|
|||
|
||||
$rows[] = array(
|
||||
'id' => $depreciation->id,
|
||||
'name' => $depreciation->name,
|
||||
'months' => $depreciation->months,
|
||||
'name' => e($depreciation->name),
|
||||
'months' => e($depreciation->months),
|
||||
'actions' => $actions
|
||||
);
|
||||
}
|
||||
|
|
|
@ -165,7 +165,7 @@ class GroupsController extends Controller
|
|||
//$users = Company::scopeCompanyables($users);
|
||||
|
||||
if (Input::has('search')) {
|
||||
$groups = $users->TextSearch(Input::get('search'));
|
||||
$groups = $users->TextSearch(e(Input::get('search')));
|
||||
}
|
||||
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
|
|
|
@ -936,7 +936,7 @@ class LicensesController extends Controller
|
|||
|
||||
$allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial'];
|
||||
$order = Input::get('order') === 'asc' ? 'asc' : 'desc';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
|
||||
$sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
|
||||
|
||||
$licenses = $licenses->orderBy($sort, $order);
|
||||
|
||||
|
@ -954,14 +954,14 @@ class LicensesController extends Controller
|
|||
'serial' => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
|
||||
'totalSeats' => $license->totalSeatsByLicenseID(),
|
||||
'remaining' => $license->remaincount(),
|
||||
'license_name' => $license->license_name,
|
||||
'license_email' => $license->license_email,
|
||||
'license_name' => e($license->license_name),
|
||||
'license_email' => e($license->license_email),
|
||||
'purchase_date' => ($license->purchase_date) ? $license->purchase_date : '',
|
||||
'expiration_date' => ($license->expiration_date) ? $license->expiration_date : '',
|
||||
'purchase_cost' => ($license->purchase_cost) ? $license->purchase_cost : '',
|
||||
'purchase_order' => ($license->purchase_order) ? $license->purchase_order : '',
|
||||
'order_number' => ($license->order_number) ? $license->order_number : '',
|
||||
'notes' => ($license->notes) ? $license->notes : '',
|
||||
'purchase_order' => ($license->purchase_order) ? e($license->purchase_order) : '',
|
||||
'order_number' => ($license->order_number) ? e($license->order_number) : '',
|
||||
'notes' => ($license->notes) ? e($license->notes) : '',
|
||||
'actions' => $actions,
|
||||
'companyName' => is_null($license->company) ? '' : e($license->company->name)
|
||||
);
|
||||
|
|
|
@ -71,7 +71,7 @@ class LocationsController extends Controller
|
|||
} else {
|
||||
$location->parent_id = e(Input::get('parent_id'));
|
||||
}
|
||||
$location->currency = Input::get('currency', '$');
|
||||
$location->currency = e(Input::get('currency', '$'));
|
||||
$location->address = e(Input::get('address'));
|
||||
$location->address2 = e(Input::get('address2'));
|
||||
$location->city = e(Input::get('city'));
|
||||
|
@ -172,7 +172,7 @@ class LocationsController extends Controller
|
|||
} else {
|
||||
$location->parent_id = e(Input::get('parent_id', ''));
|
||||
}
|
||||
$location->currency = Input::get('currency', '$');
|
||||
$location->currency = e(Input::get('currency', '$'));
|
||||
$location->address = e(Input::get('address'));
|
||||
$location->address2 = e(Input::get('address2'));
|
||||
$location->city = e(Input::get('city'));
|
||||
|
@ -302,16 +302,16 @@ class LocationsController extends Controller
|
|||
|
||||
$rows[] = array(
|
||||
'id' => $location->id,
|
||||
'name' => (string)link_to('admin/settings/locations/'.$location->id.'/view', $location->name),
|
||||
'parent' => ($location->parent) ? $location->parent->name : '',
|
||||
'name' => (string)link_to('admin/settings/locations/'.$location->id.'/view', e($location->name)),
|
||||
'parent' => ($location->parent) ? e($location->parent->name) : '',
|
||||
// 'assets' => ($location->assets->count() + $location->assignedassets->count()),
|
||||
'assets_default' => $location->assignedassets->count(),
|
||||
'assets_checkedout' => $location->assets->count(),
|
||||
'address' => ($location->address) ? $location->address: '',
|
||||
'city' => $location->city,
|
||||
'state' => $location->state,
|
||||
'country' => $location->country,
|
||||
'currency' => $location->currency,
|
||||
'address' => ($location->address) ? e($location->address): '',
|
||||
'city' => e($location->city),
|
||||
'state' => e($location->state),
|
||||
'country' => e($location->country),
|
||||
'currency' => e($location->currency),
|
||||
'actions' => $actions
|
||||
);
|
||||
}
|
||||
|
@ -339,7 +339,7 @@ class LocationsController extends Controller
|
|||
|
||||
foreach ($location_users as $user) {
|
||||
$rows[] = array(
|
||||
'name' => (string)link_to('/admin/users/'.$user->id.'/view', $user->fullName())
|
||||
'name' => (string)link_to('/admin/users/'.$user->id.'/view', e($user->fullName()))
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -364,10 +364,10 @@ class LocationsController extends Controller
|
|||
|
||||
foreach ($location->assets as $asset) {
|
||||
$rows[] = array(
|
||||
'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
|
||||
'asset_tag' => $asset->asset_tag,
|
||||
'serial' => $asset->serial,
|
||||
'model' => $asset->model->name,
|
||||
'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
|
||||
'asset_tag' => e($asset->asset_tag),
|
||||
'serial' => e($asset->serial),
|
||||
'model' => e($asset->model->name),
|
||||
|
||||
);
|
||||
}
|
||||
|
|
|
@ -132,11 +132,6 @@ class ManufacturersController extends Controller
|
|||
return Redirect::to('admin/settings/manufacturers')->with('success', Lang::get('admin/manufacturers/message.delete.success'));
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
@ -201,7 +196,7 @@ class ManufacturersController extends Controller
|
|||
|
||||
$rows[] = array(
|
||||
'id' => $manufacturer->id,
|
||||
'name' => (string)link_to('admin/settings/manufacturers/'.$manufacturer->id.'/view', $manufacturer->name),
|
||||
'name' => (string)link_to('admin/settings/manufacturers/'.$manufacturer->id.'/view', e($manufacturer->name)),
|
||||
'assets' => $manufacturer->assets->count(),
|
||||
'actions' => $actions
|
||||
);
|
||||
|
@ -266,13 +261,13 @@ class ManufacturersController extends Controller
|
|||
|
||||
$row = array(
|
||||
'id' => $asset->id,
|
||||
'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
|
||||
'model' => $asset->model->name,
|
||||
'asset_tag' => $asset->asset_tag,
|
||||
'serial' => $asset->serial,
|
||||
'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
|
||||
'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
|
||||
'model' => e($asset->model->name),
|
||||
'asset_tag' => e($asset->asset_tag),
|
||||
'serial' => e($asset->serial),
|
||||
'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
|
||||
'actions' => $actions,
|
||||
'companyName' => Company::getName($asset),
|
||||
'companyName' => e(Company::getName($asset)),
|
||||
);
|
||||
|
||||
if (isset($inout)) {
|
||||
|
|
|
@ -36,12 +36,12 @@ class ProfileController extends Controller
|
|||
$user = Auth::user();
|
||||
|
||||
// Update the user information
|
||||
$user->first_name = Input::get('first_name');
|
||||
$user->last_name = Input::get('last_name');
|
||||
$user->website = Input::get('website');
|
||||
$user->location_id = Input::get('location_id');
|
||||
$user->gravatar = Input::get('gravatar');
|
||||
$user->locale = Input::get('locale');
|
||||
$user->first_name = e(Input::get('first_name'));
|
||||
$user->last_name = e(Input::get('last_name'));
|
||||
$user->website = e(Input::get('website'));
|
||||
$user->location_id = e(Input::get('location_id'));
|
||||
$user->gravatar = e(Input::get('gravatar'));
|
||||
$user->locale = e(Input::get('locale'));
|
||||
|
||||
if (Input::file('avatar')) {
|
||||
$image = Input::file('avatar');
|
||||
|
|
|
@ -58,10 +58,10 @@ class ReportsController extends Controller
|
|||
// Row per accessory
|
||||
foreach ($accessories as $accessory) {
|
||||
$row = array();
|
||||
$row[] = $accessory->accessory_name;
|
||||
$row[] = $accessory->accessory_category;
|
||||
$row[] = $accessory->total;
|
||||
$row[] = $accessory->remaining;
|
||||
$row[] = e($accessory->accessory_name);
|
||||
$row[] = e($accessory->accessory_category);
|
||||
$row[] = e($accessory->total);
|
||||
$row[] = e($accessory->remaining);
|
||||
|
||||
$rows[] = implode($row, ',');
|
||||
}
|
||||
|
@ -133,37 +133,37 @@ class ReportsController extends Controller
|
|||
// Create a row per asset
|
||||
foreach ($assets as $asset) {
|
||||
$row = [ ];
|
||||
$row[] = $asset->asset_tag;
|
||||
$row[] = e($asset->asset_tag);
|
||||
if ($asset->model->manufacturer) {
|
||||
$row[] = $asset->model->manufacturer->name;
|
||||
$row[] = e($asset->model->manufacturer->name);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
$row[] = '"' . $asset->model->name . '"';
|
||||
$row[] = '"' . $asset->model->modelno . '"';
|
||||
$row[] = $asset->name;
|
||||
$row[] = $asset->serial;
|
||||
$row[] = '"' . e($asset->model->name) . '"';
|
||||
$row[] = '"' . e($asset->model->modelno) . '"';
|
||||
$row[] = e($asset->name);
|
||||
$row[] = e($asset->serial);
|
||||
if ($asset->assetstatus) {
|
||||
$row[] = $asset->assetstatus->name;
|
||||
$row[] = e($asset->assetstatus->name);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
$row[] = $asset->purchase_date;
|
||||
$row[] = '"' . number_format($asset->purchase_cost) . '"';
|
||||
$row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
|
||||
if ($asset->order_number) {
|
||||
$row[] = $asset->order_number;
|
||||
$row[] = e($asset->order_number);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
if ($asset->supplier_id) {
|
||||
$row[] = $asset->supplier->name;
|
||||
$row[] = e($asset->supplier->name);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
|
||||
if ($asset->assigned_to > 0) {
|
||||
$user = User::find($asset->assigned_to);
|
||||
$row[] = $user->fullName();
|
||||
$row[] = e($user->fullName());
|
||||
} else {
|
||||
$row[] = ''; // Empty string if unassigned
|
||||
}
|
||||
|
@ -171,14 +171,14 @@ class ReportsController extends Controller
|
|||
if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id > 0 )) {
|
||||
$location = Location::find($asset->assigneduser->location_id);
|
||||
if ($location) {
|
||||
$row[] = $location->name;
|
||||
$row[] = e($location->name);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
} elseif ($asset->rtd_location_id) {
|
||||
$location = Location::find($asset->rtd_location_id);
|
||||
if ($location->name) {
|
||||
$row[] = $location->name;
|
||||
$row[] = e($location->name);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
|
@ -187,7 +187,7 @@ class ReportsController extends Controller
|
|||
}
|
||||
|
||||
if ($asset->notes) {
|
||||
$row[] = '"' . $asset->notes . '"';
|
||||
$row[] = '"' . e($asset->notes) . '"';
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
|
@ -255,13 +255,13 @@ class ReportsController extends Controller
|
|||
// Create a row per asset
|
||||
foreach ($assets as $asset) {
|
||||
$row = [ ];
|
||||
$row[] = $asset->asset_tag;
|
||||
$row[] = $asset->name;
|
||||
$row[] = $asset->serial;
|
||||
$row[] = e($asset->asset_tag);
|
||||
$row[] = e($asset->name);
|
||||
$row[] = e($asset->serial);
|
||||
|
||||
if ($asset->assigned_to > 0) {
|
||||
$user = User::find($asset->assigned_to);
|
||||
$row[] = $user->fullName();
|
||||
$row[] = e($user->fullName());
|
||||
} else {
|
||||
$row[] = ''; // Empty string if unassigned
|
||||
}
|
||||
|
@ -269,9 +269,9 @@ class ReportsController extends Controller
|
|||
if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id > 0 )) {
|
||||
$location = Location::find($asset->assigneduser->location_id);
|
||||
if ($location->city) {
|
||||
$row[] = $location->city . ', ' . $location->state;
|
||||
$row[] = e($location->city) . ', ' . e($location->state);
|
||||
} elseif ($location->name) {
|
||||
$row[] = $location->name;
|
||||
$row[] = e($location->name);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
|
@ -280,15 +280,15 @@ class ReportsController extends Controller
|
|||
}
|
||||
|
||||
if ($asset->assetloc) {
|
||||
$currency = $asset->assetloc->currency;
|
||||
$currency = e($asset->assetloc->currency);
|
||||
} else {
|
||||
$currency = Setting::first()->default_currency;
|
||||
$currency = e(Setting::first()->default_currency);
|
||||
}
|
||||
|
||||
$row[] = $asset->purchase_date;
|
||||
$row[] = $currency . number_format($asset->purchase_cost);
|
||||
$row[] = $currency . number_format($asset->getDepreciatedValue());
|
||||
$row[] = $currency . number_format(( $asset->purchase_cost - $asset->getDepreciatedValue() ));
|
||||
$row[] = $currency . number_format($asset->purchase_cost, 2);
|
||||
$row[] = $currency . number_format($asset->getDepreciatedValue(), 2);
|
||||
$row[] = $currency . number_format(( $asset->purchase_cost - $asset->getDepreciatedValue() ), 2);
|
||||
$csv->insertOne($row);
|
||||
}
|
||||
|
||||
|
@ -357,13 +357,13 @@ class ReportsController extends Controller
|
|||
// Row per license
|
||||
foreach ($licenses as $license) {
|
||||
$row = [ ];
|
||||
$row[] = $license->name;
|
||||
$row[] = $license->serial;
|
||||
$row[] = $license->seats;
|
||||
$row[] = e($license->name);
|
||||
$row[] = e($license->serial);
|
||||
$row[] = e($license->seats);
|
||||
$row[] = $license->remaincount();
|
||||
$row[] = $license->expiration_date;
|
||||
$row[] = $license->purchase_date;
|
||||
$row[] = '"' . number_format($license->purchase_cost) . '"';
|
||||
$row[] = '"' . number_format($license->purchase_cost, 2) . '"';
|
||||
|
||||
$rows[] = implode($row, ',');
|
||||
}
|
||||
|
@ -445,45 +445,45 @@ class ReportsController extends Controller
|
|||
foreach ($assets as $asset) {
|
||||
$row = [ ];
|
||||
if (e(Input::get('asset_name')) == '1') {
|
||||
$row[] = '"' .$asset->name . '"';
|
||||
$row[] = '"' .e($asset->name) . '"';
|
||||
}
|
||||
if (e(Input::get('asset_tag')) == '1') {
|
||||
$row[] = $asset->asset_tag;
|
||||
$row[] = e($asset->asset_tag);
|
||||
}
|
||||
if (e(Input::get('manufacturer')) == '1') {
|
||||
if ($asset->model->manufacturer) {
|
||||
$row[] = '"' .$asset->model->manufacturer->name . '"';
|
||||
$row[] = '"' .e($asset->model->manufacturer->name) . '"';
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
}
|
||||
if (e(Input::get('model')) == '1') {
|
||||
$row[] = '"' . $asset->model->name . '"';
|
||||
$row[] = '"' . $asset->model->modelno . '"';
|
||||
$row[] = '"' . e($asset->model->name) . '"';
|
||||
$row[] = '"' . e($asset->model->modelno) . '"';
|
||||
}
|
||||
if (e(Input::get('category')) == '1') {
|
||||
$row[] = '"' .$asset->model->category->name . '"';
|
||||
$row[] = '"' .e($asset->model->category->name) . '"';
|
||||
}
|
||||
|
||||
if (e(Input::get('serial')) == '1') {
|
||||
$row[] = $asset->serial;
|
||||
$row[] = e($asset->serial);
|
||||
}
|
||||
if (e(Input::get('purchase_date')) == '1') {
|
||||
$row[] = $asset->purchase_date;
|
||||
$row[] = e($asset->purchase_date);
|
||||
}
|
||||
if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
|
||||
$row[] = '"' . number_format($asset->purchase_cost) . '"';
|
||||
$row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
|
||||
}
|
||||
if (e(Input::get('order')) == '1') {
|
||||
if ($asset->order_number) {
|
||||
$row[] = $asset->order_number;
|
||||
$row[] = e($asset->order_number);
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
}
|
||||
if (e(Input::get('supplier')) == '1') {
|
||||
if ($asset->supplier_id) {
|
||||
$row[] = '"' .$asset->supplier->name . '"';
|
||||
$row[] = '"' .e($asset->supplier->name) . '"';
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
|
@ -493,14 +493,14 @@ class ReportsController extends Controller
|
|||
if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id !='' )) {
|
||||
$location = Location::find($asset->assigneduser->location_id);
|
||||
if ($location) {
|
||||
$show_loc .= '"' .$location->name. '"';
|
||||
$show_loc .= '"' .e($location->name). '"';
|
||||
} else {
|
||||
$show_loc .= 'User location '.$asset->assigneduser->location_id.' is invalid';
|
||||
}
|
||||
} elseif ($asset->rtd_location_id!='') {
|
||||
$location = Location::find($asset->rtd_location_id);
|
||||
if ($location) {
|
||||
$show_loc .= '"' .$location->name. '"';
|
||||
$show_loc .= '"' .e($location->name). '"';
|
||||
} else {
|
||||
$show_loc .= 'Default location '.$asset->rtd_location_id.' is invalid';
|
||||
}
|
||||
|
@ -512,7 +512,7 @@ class ReportsController extends Controller
|
|||
if (e(Input::get('assigned_to')) == '1') {
|
||||
if ($asset->assigned_to > 0) {
|
||||
$user = User::find($asset->assigned_to);
|
||||
$row[] = '"' .$user->fullName(). '"';
|
||||
$row[] = '"' .e($user->fullName()). '"';
|
||||
} else {
|
||||
$row[] = ''; // Empty string if unassigned
|
||||
}
|
||||
|
@ -523,7 +523,7 @@ class ReportsController extends Controller
|
|||
} elseif (( $asset->status_id == '' ) && ( $asset->assigned_to == '0' )) {
|
||||
$row[] = Lang::get('general.pending');
|
||||
} elseif ($asset->assetstatus) {
|
||||
$row[] = '"' .$asset->assetstatus->name. '"';
|
||||
$row[] = '"' .e($asset->assetstatus->name). '"';
|
||||
} else {
|
||||
$row[] = '';
|
||||
}
|
||||
|
@ -539,9 +539,9 @@ class ReportsController extends Controller
|
|||
}
|
||||
if (e(Input::get('depreciation')) == '1') {
|
||||
$depreciation = $asset->getDepreciatedValue();
|
||||
$row[] = '"' . number_format($asset->purchase_cost) . '"';
|
||||
$row[] = '"' . number_format($depreciation) . '"';
|
||||
$row[] = '"' . number_format($asset->purchase_cost - $depreciation) . '"';
|
||||
$row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
|
||||
$row[] = '"' . number_format($depreciation, 2) . '"';
|
||||
$row[] = '"' . number_format($asset->purchase_cost - $depreciation, 2) . '"';
|
||||
}
|
||||
$rows[] = implode($row, ',');
|
||||
}
|
||||
|
@ -610,12 +610,12 @@ class ReportsController extends Controller
|
|||
|
||||
foreach ($assetMaintenances as $assetMaintenance) {
|
||||
$row = [ ];
|
||||
$row[] = str_replace(',', '', $assetMaintenance->asset->name);
|
||||
$row[] = str_replace(',', '', $assetMaintenance->supplier->name);
|
||||
$row[] = $assetMaintenance->improvement_type;
|
||||
$row[] = $assetMaintenance->title;
|
||||
$row[] = $assetMaintenance->start_date;
|
||||
$row[] = $assetMaintenance->completion_date;
|
||||
$row[] = str_replace(',', '', e($assetMaintenance->asset->name));
|
||||
$row[] = str_replace(',', '', e($assetMaintenance->supplier->name));
|
||||
$row[] = e($assetMaintenance->improvement_type);
|
||||
$row[] = e($assetMaintenance->title);
|
||||
$row[] = e($assetMaintenance->start_date);
|
||||
$row[] = e($assetMaintenance->completion_date;)
|
||||
if (is_null($assetMaintenance->asset_maintenance_time)) {
|
||||
$improvementTime = intval(Carbon::now()
|
||||
->diffInDays(Carbon::parse($assetMaintenance->start_date)));
|
||||
|
@ -679,11 +679,11 @@ class ReportsController extends Controller
|
|||
|
||||
foreach ($assetsForReport as $assetItem) {
|
||||
$row = [ ];
|
||||
$row[] = str_replace(',', '', $assetItem->assetlog->model->category->name);
|
||||
$row[] = str_replace(',', '', $assetItem->assetlog->model->name);
|
||||
$row[] = str_replace(',', '', $assetItem->assetlog->showAssetName());
|
||||
$row[] = str_replace(',', '', $assetItem->assetlog->asset_tag);
|
||||
$row[] = str_replace(',', '', $assetItem->assetlog->assigneduser->fullName());
|
||||
$row[] = str_replace(',', '', e($assetItem->assetlog->model->category->name));
|
||||
$row[] = str_replace(',', '', e($assetItem->assetlog->model->name));
|
||||
$row[] = str_replace(',', '', e($assetItem->assetlog->showAssetName()));
|
||||
$row[] = str_replace(',', '', e($assetItem->assetlog->asset_tag));
|
||||
$row[] = str_replace(',', '', e($assetItem->assetlog->assigneduser->fullName()));
|
||||
$rows[] = implode($row, ',');
|
||||
}
|
||||
|
||||
|
|
|
@ -379,23 +379,23 @@ class SettingsController extends Controller
|
|||
$setting->slack_endpoint = e(Input::get('slack_endpoint'));
|
||||
$setting->slack_channel = e(Input::get('slack_channel'));
|
||||
$setting->slack_botname = e(Input::get('slack_botname'));
|
||||
$setting->ldap_enabled = Input::get('ldap_enabled', '0');
|
||||
$setting->ldap_server = Input::get('ldap_server');
|
||||
$setting->ldap_enabled = e(Input::get('ldap_enabled', '0'));
|
||||
$setting->ldap_server = e(Input::get('ldap_server'));
|
||||
$setting->ldap_server_cert_ignore = e(Input::get('ldap_server_cert_ignore', false));
|
||||
$setting->ldap_uname = Input::get('ldap_uname');
|
||||
$setting->ldap_uname = e(Input::get('ldap_uname'));
|
||||
if (Input::has('ldap_pword')) {
|
||||
$setting->ldap_pword = Crypt::encrypt(Input::get('ldap_pword'));
|
||||
}
|
||||
$setting->ldap_basedn = e(Input::get('ldap_basedn'));
|
||||
$setting->ldap_filter = Input::get('ldap_filter');
|
||||
$setting->ldap_username_field = Input::get('ldap_username_field');
|
||||
$setting->ldap_lname_field = Input::get('ldap_lname_field');
|
||||
$setting->ldap_fname_field = Input::get('ldap_fname_field');
|
||||
$setting->ldap_lname_field = e(Input::get('ldap_lname_field'));
|
||||
$setting->ldap_fname_field = e(Input::get('ldap_fname_field'));
|
||||
$setting->ldap_auth_filter_query = Input::get('ldap_auth_filter_query');
|
||||
$setting->ldap_version = Input::get('ldap_version');
|
||||
$setting->ldap_active_flag = Input::get('ldap_active_flag');
|
||||
$setting->ldap_emp_num = Input::get('ldap_emp_num');
|
||||
$setting->ldap_email = Input::get('ldap_email');
|
||||
$setting->ldap_version = e(Input::get('ldap_version'));
|
||||
$setting->ldap_active_flag = e(Input::get('ldap_active_flag'));
|
||||
$setting->ldap_emp_num = e(Input::get('ldap_emp_num'));
|
||||
$setting->ldap_email = e(Input::get('ldap_email'));
|
||||
|
||||
// If validation fails, we'll exit the operation now.
|
||||
if ($setting->save()) {
|
||||
|
|
|
@ -248,8 +248,8 @@ class StatuslabelsController extends Controller
|
|||
$actions = '<a href="'.route('update/statuslabel', $statuslabel->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/statuslabel', $statuslabel->id).'" data-content="'.Lang::get('admin/statuslabels/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($statuslabel->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
|
||||
|
||||
$rows[] = array(
|
||||
'id' => $statuslabel->id,
|
||||
'type' => $label_type,
|
||||
'id' => e($statuslabel->id),
|
||||
'type' => e($label_type),
|
||||
'name' => e($statuslabel->name),
|
||||
'actions' => $actions
|
||||
);
|
||||
|
|
|
@ -270,12 +270,12 @@ class SuppliersController extends Controller
|
|||
|
||||
$rows[] = array(
|
||||
'id' => $supplier->id,
|
||||
'name' => (string)link_to('admin/settings/suppliers/'.$supplier->id.'/view', $supplier->name),
|
||||
'contact' => $supplier->contact,
|
||||
'address' => $supplier->address.' '.$supplier->address2.' '.$supplier->city.' '.$supplier->state.' '.$supplier->country,
|
||||
'phone' => $supplier->phone,
|
||||
'fax' => $supplier->fax,
|
||||
'email' => ($supplier->email!='') ? '<a href="mailto:'.$supplier->email.'">'.$supplier->email.'</a>' : '',
|
||||
'name' => (string)link_to('admin/settings/suppliers/'.$supplier->id.'/view', e($supplier->name)),
|
||||
'contact' => e($supplier->contact),
|
||||
'address' => e($supplier->address).' '.e($supplier->address2).' '.e($supplier->city).' '.e($supplier->state).' '.e($supplier->country),
|
||||
'phone' => e($supplier->phone),
|
||||
'fax' => e($supplier->fax),
|
||||
'email' => ($supplier->email!='') ? '<a href="mailto:'.e($supplier->email).'">'.e($supplier->email).'</a>' : '',
|
||||
'assets' => $supplier->num_assets(),
|
||||
'licenses' => $supplier->num_licenses(),
|
||||
'actions' => $actions
|
||||
|
|
|
@ -1101,7 +1101,7 @@ class UsersController extends Controller
|
|||
public function postLDAP()
|
||||
{
|
||||
|
||||
$location_id = Input::get('location_id');
|
||||
$location_id = e(Input::get('location_id'));
|
||||
|
||||
$ldap_version = Setting::getSettings()->ldap_version;
|
||||
$url = Setting::getSettings()->ldap_server;
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
name="models"
|
||||
class="table table-striped"
|
||||
id="table"
|
||||
data-url="{{ route('api.models.list',array('status'=>Input::get('status'))) }}"
|
||||
data-url="{{ route('api.models.list',array('status'=>e(Input::get('status')))) }}"
|
||||
data-cookie="true"
|
||||
data-click-to-select="true"
|
||||
data-cookie-id-table="modelsTable-{{ config('version.hash_version') }}">
|
||||
|
|
|
@ -56,7 +56,7 @@
|
|||
class="table table-striped"
|
||||
id="table"
|
||||
data-toggle="table"
|
||||
data-url="{{ route('api.users.list', array(''=>Input::get('status'))) }}"
|
||||
data-url="{{ route('api.users.list', array(''=>e(Input::get('status')))) }}"
|
||||
data-cookie="true"
|
||||
data-click-to-select="true"
|
||||
data-cookie-id-table="userTableDisplay-{{ config('version.hash_version') }}">
|
||||
|
|
Loading…
Reference in a new issue