Initial commit, from ORPM 4.2

.gitignore

@@ -0,0 +1,3 @@
+/.idea
+setup.md5
+config.php

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 BigProf Software
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,90 @@
+# Online Rental Property Manager (ORPM)
+
+Easy and lean invoicing for small businesses, consultants and freelancers, created using [AppGini](https://bigprof.com/appgini/).
+
+### [⇩ Download the latest release](https://github.com/bigprof-software/online-rental-property-manager)
+
+##### [_Changelog_](https://github.com/bigprof-software/online-rental-property-manager/releases)
+
+## Features
+
+* Easily define your billable items, whether products or services.
+* View customers activity and the full invoices history of each client.
+* Check which customers ordered which items.
+* Multiple customizable templates for invoices.
+* Apply discounts and taxes.
+* Show invoice total in digits and letters.
+* Price history for items to keep log of price changes and apply the correct price to invoices based on their issue date.
+
+This application was created using AppGini, and therefore it shares the features of any AppGini application as well, including:
+
+* Responsive Bootstrap apps that work beautifully on any device.
+* Support for multiple users and user groups, with easy-to-configure per-table permissions.
+* Quick and advanced search.
+* Export your data to CSV to work on them in Excel or other spreadsheets.
+* Import already-existing data from CSV files through a powerful import wizard.
+
+*Disclaimer: AppGini itself is not an open source application, but applications generated by AppGini can be distributed as open source with any license of choice.*
+
+## Installation
+
+This is a PHP/MySQL web application that you run from a browser. You can install it either locally on your own PC, or to a web/intranet server.
+
+### 1. Installing to a PC
+
+#### System requirements
+
+This application can be installed on Windows, Linux and MacOS. Before installing, you should have the following software set up and running:
+
+* A webserver (Apache, IIS, nginx, ... etc)
+* PHP 5.2 or higher.
+* MySQL 3.x and above; or MariaDB 5.1 and above.
+
+If you don't have the above software installed, we recommend installing
+[Xampp latest version](https://www.apachefriends.org/).
+
+#### Installation steps
+
+1. Download the latest release as a zip file from the download link at the top of this document.
+
+2. Extract the contents of the zip file into a folder inside your document root. (*[more info about how to find your 'document root'](http://www.karelia.com/sandvox/help/z/Document_Root.html)*).
+
+3. In your web browser, go to: `http://localhost/app-folder/` (change `app-folder` above to the name of the folder inside your document root where you extracted the zip in step 2).
+
+4. You should now see the setup wizard in your browser. Just follow the steps!
+
+### 2. Installing to a web/intranet server
+
+#### System requirements
+
+This application can be installed on both Windows and Linux servers. Before installing, make sure your server has the following software:
+
+* PHP 5.2 or higher
+* MySQL 3.x and above; or MariaDB 5.1 and above.
+
+Make sure your has access to a MySQL/MariaDB database. You might need to set up one in your server control panel. Please refer to your server documentation or the technical support staff	for help on this if necessary.
+
+If your server has cPanel installed, here is a [screencast explaining how to install your application using cPanel](https://bigprof.com/appgini/screencasts/how-to-upload-your-appgini-web-application-to-a-web-server-using-ftp-and-cpanel).
+
+#### Installation steps
+
+1. Download the latest release as a zip file from the download link at the top of this document.
+
+2. Extract the contents of the zip file and upload them to a folder inside your server document root. (*[more info about how to find your 'document root'](http://www.karelia.com/sandvox/help/z/Document_Root.html)*).
+
+3. In your web browser, visit `http://server.com/app-folder/` (change `server.com` above to the actual domain name or IP address of your server, and change `app-folder` to the name of the folder inside your document root where you uploaded the files in step 2).
+
+4. You should now see the setup wizard in your browser. Just follow the steps!
+
+## Customization
+
+Since this application was created using AppGini, you can easily customize it by opening the included AXP project file in AppGini. Examples of possible customization you can do from there include:
+
+* [Changing the application theme](https://bigprof.com/appgini/screencasts/how-to-easily-change-your-appgini-application-theme).
+* Adding more fields to existing tables, or entirely new tables to fit your use cases.
+* Changing the options/behavior of any table/field in your application.
+* For more details, check [the AppGini tutorials](https://bigprof.com/appgini/screencasts/).
+
+You can also perform more advanced customization, like adding reports, changing validation rules, adding business logic, ... etc. through hooks. Please refer to the [hooks documentation](https://bigprof.com/appgini/help/advanced-topics/hooks) for more details.
+
+_**Contributions to this project are always welcome :)**_

app/admin/add-ons.cache

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<rss version="2.0" xml:base="http://bigprof.com/appgini"  xmlns:dc="http://purl.org/dc/elements/1.1/">
+<channel>
+ <title>BigProf AppGini - Add Ons</title>
+ <link>http://bigprof.com/appgini/taxonomy/term/6/0</link>
+ <description>AppGini add-ons allow you to extend the functionality of your generated application by adding specialized reports, charts, views ... We&#039;re developing an expanding list of add-ons to help you greatly enhance your web database applications.</description>
+ <language>en</language>
+</channel>
+</rss>

app/admin/adminStyles.css

@@ -0,0 +1,5 @@
+.clipped{
+	white-space: nowrap;
+	overflow: hidden;
+	text-overflow: ellipsis;
+}

app/admin/ajax-maintenance-mode.php

@@ -0,0 +1,10 @@
+<?php
+	$currDir = dirname(__FILE__);
+	require("{$currDir}/incCommon.php");
+
+	if(!getLoggedAdmin()) exit;
+
+	$status = $_REQUEST['status'];
+	if($status == 'on') maintenance_mode(true);
+	if($status == 'off') maintenance_mode(false);
+

app/admin/getUsers.php

@@ -0,0 +1,66 @@
+<?php
+// This script and data application were generated by AppGini 5.62
+// Download AppGini for free from https://bigprof.com/appgini/download/
+
+/*
+	ajax-callable script that retrieves a list of users for admin, indicating which ones have
+	access to supplied table.
+
+	REQUEST parameters:
+	===============
+	t: table name
+	id: optional, primary key value of current record
+	p: page number (default = 1)
+	s: search term
+*/
+
+	/* return json */
+	header('Content-type: application/json');
+
+	$start_ts = microtime(true);
+
+	$curr_dir=dirname(__FILE__);
+	require("{$curr_dir}/incCommon.php");
+
+	// how many results to return per call, in case of json output
+	$results_per_page = 50;
+
+	$id = false;
+	if(isset($_REQUEST['id'])) $id = iconv('UTF-8', datalist_db_encoding, $_REQUEST['id']);
+
+	$search_term = false;
+	if(isset($_REQUEST['s'])) $search_term = iconv('UTF-8', datalist_db_encoding, $_REQUEST['s']);
+
+	$page = intval($_REQUEST['p']);
+	if($page < 1) $page = 1;
+	$skip = $results_per_page * ($page - 1);
+
+	$table_name = $_REQUEST['t'];
+	if(!in_array($table_name, array_keys(getTableList()))){
+		/* invalid table */
+		echo '{"results":[{"id":"","text":"Invalid table"}],"more":false,"elapsed":0}';
+		exit;
+	}
+
+	/* if id is provided, get owner */
+	$owner = false;
+	if($id){
+		$owner = sqlValue("select memberID from membership_userrecords where tableName='{$table_name}' and pkValue='" . makeSafe($id) . "'");
+	}
+
+	$prepared_data = array();
+	$where = "g.name!='{$adminConfig['anonymousGroup']}' and p.allowView>0 ";
+	if($search_term){
+		$search_term = makeSafe($search_term);
+		$where .= "and (u.memberID like '%{$search_term}%' or g.name like '%{$search_term}%')";
+	}
+	$res = sql("select u.memberID, g.name from membership_users u left join membership_groups g on u.groupID=g.groupID left join  membership_grouppermissions p on g.groupID=p.groupID and p.tableName='{$table_name}' where {$where} order by g.name, u.memberID limit {$skip}, {$results_per_page}", $eo);
+	while($row = db_fetch_row($res)){
+		$prepared_data[] = array('id' => iconv(datalist_db_encoding, 'UTF-8', $row[0]), 'text' => iconv(datalist_db_encoding, 'UTF-8', "<b>{$row[1]}</b>/{$row[0]}"));
+	}
+
+	echo json_encode(array(
+		'results' => $prepared_data,
+		'more' => (@db_num_rows($res) >= $results_per_page),
+		'elapsed' => round(microtime(true) - $start_ts, 3)
+	));

app/admin/images/index.html

@@ -0,0 +1 @@
+<!-- empty index page to avoid directory browsing -->

app/admin/incCommon.php

@@ -0,0 +1,83 @@
+<?php
+	error_reporting(E_ERROR | E_WARNING | E_PARSE);
+
+	if(!defined('datalist_db_encoding')) define('datalist_db_encoding', 'UTF-8');
+	if(function_exists('set_magic_quotes_runtime')) @set_magic_quotes_runtime(0);
+	ob_start();
+	$currDir = dirname(__FILE__);
+	include("{$currDir}/../db.php");
+	include("{$currDir}/../settings-manager.php");
+
+	// check if initial setup was performed or not
+	detect_config();
+	migrate_config();
+
+	$adminConfig = config('adminConfig');
+	include("{$currDir}/incFunctions.php");
+	@include_once("{$currDir}/../hooks/__global.php");
+	include("{$currDir}/../language.php");
+	include("{$currDir}/../defaultLang.php");
+	include("{$currDir}/../language-admin.php");
+
+	/* trim $_POST, $_GET, $_REQUEST */
+	if(count($_POST)) $_POST = array_trim($_POST);
+	if(count($_GET)) $_GET = array_trim($_GET);
+	if(count($_REQUEST)) $_REQUEST = array_trim($_REQUEST);
+
+	// check sessions config
+	$noPathCheck=True;
+	$arrPath=explode(';', ini_get('session.save_path'));
+	$save_path=$arrPath[count($arrPath)-1];
+	if(!$noPathCheck && !is_dir($save_path)){
+		?>
+		<link rel="stylesheet" href="adminStyles.css">
+		<center>
+		<div class="alert alert-danger">
+			Your site is not configured to support sessions correctly. Please edit your php.ini file and change the value of <i>session.save_path</i> to a valid path.
+			<br><br>
+			Current session.save_path value is '<?php echo $save_path; ?>'.
+			</div>
+			</center>
+		<?php
+		exit;
+	}
+	if(session_id()){ session_write_close(); }
+	$configured_save_handler = @ini_get('session.save_handler');
+	if($configured_save_handler != 'memcache' && $configured_save_handler != 'memcached')
+		@ini_set('session.save_handler', 'files');
+	@ini_set('session.serialize_handler', 'php');
+	@ini_set('session.use_cookies', '1');
+	@ini_set('session.use_only_cookies', '1');
+	@header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1.
+	@header('Pragma: no-cache'); // HTTP 1.0.
+	@header('Expires: 0'); // Proxies.
+	@session_name('real_estate');
+	session_start();
+
+
+	// check if membership system exists
+	setupMembership();
+
+
+	########################################################################
+
+	// do we have an admin log out request?
+	if($_GET['signOut']==1){
+		logOutUser();
+		?><META HTTP-EQUIV="Refresh" CONTENT="0;url=../index.php"><?php
+		exit;
+	}
+
+	// is there a logged user?
+	if(!$uname=getLoggedAdmin()){
+		// is there a user trying to log in?
+		if(!checkUser($_POST['username'], $_POST['password'])){
+			// display login form
+			?><META HTTP-EQUIV="Refresh" CONTENT="0;url=../index.php?signIn=1"><?php
+			exit;
+		}else{
+			redirect('admin/pageHome.php');
+		}
+	}
+
+?>

app/admin/incFooter.php

@@ -0,0 +1,5 @@
+
+		</div><!-- /div class="container" -->
+		</body>
+	</html>
+<?php exit; ?>