Quote notifications

- Send an internal email when quotes are accepted/declined
- Clients are prompted to confirm accept/decline with confirm-link
- Tidy

Author: wrongecho

admin_settings_quote.php

@@ -35,6 +35,16 @@
                     <textarea class="form-control" rows="4" name="config_quote_footer"><?php echo nullable_htmlentities($config_quote_footer); ?></textarea>
                 </div>
 
+                <div class="form-group">
+                    <label>Email address to notify when quotes are accepted/declined <small class="text-secondary">(Ideally a distribution list/shared mailbox)</small></label>
+                    <div class="input-group">
+                        <div class="input-group-prepend">
+                            <span class="input-group-text"><i class="fa fa-fw fa-bell"></i></span>
+                        </div>
+                        <input type="email" class="form-control" name="config_quote_notification_email" placeholder="Address to notify for quote accept/declines, leave bank for none" value="<?php echo nullable_htmlentities($config_quote_notification_email); ?>">
+                    </div>
+                </div>
+
                 <hr>
 
                 <button type="submit" name="edit_quote_settings" class="btn btn-primary text-bold"><i class="fa fa-check mr-2"></i>Save</button>

database_updates.php

@@ -2232,10 +2232,16 @@ function processFile($file_path, $file_name, $mysqli) {
         mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.6.5'");
     }
 
-    // if (CURRENT_DATABASE_VERSION == '1.6.5') {
-    //     // Insert queries here required to update to DB version 1.6.6
+     if (CURRENT_DATABASE_VERSION == '1.6.5') {
+         mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_quote_notification_email` VARCHAR(200) DEFAULT NULL AFTER `config_quote_from_email`");
+
+         mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.6.6'");
+     }
+
+    // if (CURRENT_DATABASE_VERSION == '1.6.6') {
+    //     // Insert queries here required to update to DB version 1.6.7
     //     // Then, update the database to the next sequential version
-    //     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.6.6'");
+    //     mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.6.7'");
     // }
 
 } else {

database_version.php

@@ -5,4 +5,4 @@
  * It is used in conjunction with database_updates.php
  */
 
-DEFINE("LATEST_DATABASE_VERSION", "1.6.5");
+DEFINE("LATEST_DATABASE_VERSION", "1.6.6");

db.sql

@@ -1517,6 +1517,7 @@ CREATE TABLE `settings` (
   `config_quote_footer` text DEFAULT NULL,
   `config_quote_from_name` varchar(200) DEFAULT NULL,
   `config_quote_from_email` varchar(200) DEFAULT NULL,
+  `config_quote_notification_email` varchar(200) DEFAULT NULL,
   `config_ticket_prefix` varchar(200) DEFAULT NULL,
   `config_ticket_next_number` int(11) DEFAULT NULL,
   `config_ticket_from_name` varchar(200) DEFAULT NULL,

get_settings.php

@@ -58,6 +58,7 @@
 $config_quote_footer = $row['config_quote_footer'];
 $config_quote_from_name = $row['config_quote_from_name'];
 $config_quote_from_email = $row['config_quote_from_email'];
+$config_quote_notification_email = $row['config_quote_notification_email'];
 
 // Projects
 $config_project_prefix = $row['config_project_prefix'];

guest_footer.php

@@ -7,6 +7,7 @@
   <!-- ./wrapper -->
 
   <!-- REQUIRED SCRIPTS -->
+  <?php require_once "inc_confirm_modal.php"; ?>
 
   <!-- jQuery -->
   <script src="plugins/jquery/jquery.min.js"></script>
@@ -23,5 +24,7 @@
 
   <script src="js/app.js"></script>
 
+  <script src="js/confirm_modal.js"></script>
+
   </body>
 </html>

guest_post.php

@@ -23,11 +23,44 @@
 
         mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Accepted' WHERE quote_id = $quote_id");
         mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Accepted', history_description = 'Client accepted Quote!', history_quote_id = $quote_id");
+
         // Notification
         appNotify("Quote Accepted", "Quote $quote_prefix$quote_number has been accepted by $client_name", "quote.php?quote_id=$quote_id", $client_id);
+        customAction('quote_accept', $quote_id);
 
+        // Internal email notification
+
+        $sql_company = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = 1");
+        $row = mysqli_fetch_array($sql_company);
+        $company_name = sanitizeInput($row['company_name']);
+
+        $sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
+        $row = mysqli_fetch_array($sql_settings);
+        $config_smtp_host = $row['config_smtp_host'];
+        $config_smtp_port = intval($row['config_smtp_port']);
+        $config_smtp_encryption = $row['config_smtp_encryption'];
+        $config_smtp_username = $row['config_smtp_username'];
+        $config_smtp_password = $row['config_smtp_password'];
+        $config_quote_from_name = sanitizeInput($row['config_quote_from_name']);
+        $config_quote_from_email = sanitizeInput($row['config_quote_from_email']);
+        $config_quote_notification_email = sanitizeInput($row['config_quote_notification_email']);
+        $config_base_url = sanitizeInput($config_base_url);
+
+        if (!empty($config_smtp_host) && !empty($config_quote_notification_email)) {
+            $subject = "Quote Accepted - $client_name - Quote $quote_prefix$quote_number";
+            $body = "Hello, <br><br>This is a notification that a quote has been accepted in ITFlow. <br><br>Client: $client_name<br>Quote: <a href=\'https://$config_base_url/quote.php?quote_id=$quote_id\'>$quote_prefix$quote_number</a><br><br>~<br>$company_name - Billing<br>$config_quote_from_email";
+
+                $data[] = [
+                    'from' => $config_quote_from_email,
+                    'from_name' => $config_quote_from_name,
+                    'recipient' => $config_quote_notification_email,
+                    'subject' => $subject,
+                    'body' => $body,
+                ];
+
+            $mail = addToMailQueue($mysqli, $data);
+        }
 
-        customAction('quote_accept', $quote_id);
         $_SESSION['alert_message'] = "Quote Accepted";
         header("Location: " . $_SERVER["HTTP_REFERER"]);
     } else {
@@ -51,10 +84,44 @@
 
         mysqli_query($mysqli, "UPDATE quotes SET quote_status = 'Declined' WHERE quote_id = $quote_id");
         mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Declined', history_description = 'Client declined Quote!', history_quote_id = $quote_id");
+
         // Notification
         appNotify("Quote Declined", "Quote $quote_prefix$quote_number has been declined by $client_name", "quote.php?quote_id=$quote_id", $client_id);
-
         customAction('quote_decline', $quote_id);
+
+        // Internal email notification
+
+        $sql_company = mysqli_query($mysqli, "SELECT company_name FROM companies WHERE company_id = 1");
+        $row = mysqli_fetch_array($sql_company);
+        $company_name = sanitizeInput($row['company_name']);
+
+        $sql_settings = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
+        $row = mysqli_fetch_array($sql_settings);
+        $config_smtp_host = $row['config_smtp_host'];
+        $config_smtp_port = intval($row['config_smtp_port']);
+        $config_smtp_encryption = $row['config_smtp_encryption'];
+        $config_smtp_username = $row['config_smtp_username'];
+        $config_smtp_password = $row['config_smtp_password'];
+        $config_quote_from_name = sanitizeInput($row['config_quote_from_name']);
+        $config_quote_from_email = sanitizeInput($row['config_quote_from_email']);
+        $config_quote_notification_email = sanitizeInput($row['config_quote_notification_email']);
+        $config_base_url = sanitizeInput($config_base_url);
+
+        if (!empty($config_smtp_host) && !empty($config_quote_notification_email)) {
+            $subject = "Quote Declined - $client_name - Quote $quote_prefix$quote_number";
+            $body = "Hello, <br><br>This is a notification that a quote has been declined in ITFlow. <br><br>Client: $client_name<br>Quote: <a href=\'https://$config_base_url/quote.php?quote_id=$quote_id\'>$quote_prefix$quote_number</a><br><br>~<br>$company_name - Billing<br>$config_quote_from_email";
+
+            $data[] = [
+                'from' => $config_quote_from_email,
+                'from_name' => $config_quote_from_name,
+                'recipient' => $config_quote_notification_email,
+                'subject' => $subject,
+                'body' => $body,
+            ];
+
+            $mail = addToMailQueue($mysqli, $data);
+        }
+
         $_SESSION['alert_type'] = "danger";
         $_SESSION['alert_message'] = "Quote Declined";
         header("Location: " . $_SERVER["HTTP_REFERER"]);

guest_view_quote.php

@@ -44,7 +44,6 @@
 $quote_amount = floatval($row['quote_amount']);
 $quote_currency_code = nullable_htmlentities($row['quote_currency_code']);
 $quote_note = nullable_htmlentities($row['quote_note']);
-$category_id = intval($row['category_id']);
 $client_id = intval($row['client_id']);
 $client_name = nullable_htmlentities($row['client_name']);
 $client_name_escaped = sanitizeInput($row['client_name']);
@@ -273,10 +272,10 @@
                 <?php
                     if ($quote_status == "Sent" || $quote_status == "Viewed" && strtotime($quote_expire) > strtotime("now")) {
                         ?>
-                        <a class="btn btn-success" href="guest_post.php?accept_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
+                        <a class="btn btn-success confirm-link" href="guest_post.php?accept_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
                             <i class="fas fa-fw fa-thumbs-up mr-2"></i>Accept
                         </a>
-                        <a class="btn btn-danger" href="guest_post.php?decline_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
+                        <a class="btn btn-danger confirm-link" href="guest_post.php?decline_quote=<?php echo $quote_id; ?>&url_key=<?php echo $url_key; ?>">
                             <i class="fas fa-fw fa-thumbs-down mr-2"></i>Decline
                         </a>
                     <?php } ?>
@@ -712,7 +711,6 @@
         }
     </script>
 
-
 <?php
 require_once "guest_footer.php";
 

post/admin/admin_settings_quote.php

@@ -7,8 +7,12 @@
     $config_quote_prefix = sanitizeInput($_POST['config_quote_prefix']);
     $config_quote_next_number = intval($_POST['config_quote_next_number']);
     $config_quote_footer = sanitizeInput($_POST['config_quote_footer']);
+    $config_quote_notification_email = '';
+    if (filter_var($_POST['config_quote_notification_email'], FILTER_VALIDATE_EMAIL)) {
+        $config_quote_notification_email = sanitizeInput($_POST['config_quote_notification_email']);
+    }
 
-    mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer' WHERE company_id = 1");
+    mysqli_query($mysqli,"UPDATE settings SET config_quote_prefix = '$config_quote_prefix', config_quote_next_number = $config_quote_next_number, config_quote_footer = '$config_quote_footer', config_quote_notification_email = '$config_quote_notification_email' WHERE company_id = 1");
 
     //Logging
     mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified quote settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");