Change variable name to be clearer

* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code

.env.example

@@ -43,6 +43,7 @@ MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
+MAIL_BACKUP_NOTIFICATION_ADDRESS=you@example.com
 
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -65,6 +66,7 @@ SECURE_COOKIES=false
 # --------------------------------------------
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
+CORS_ALLOWED_ORIGINS=null
 
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS

.travis.yml

@@ -14,9 +14,7 @@ services:
 
 # list any PHP version you want to test against
 php:
-  - 5.6
-  - 7.0
-  - 7.1
+  - 7.1.2
   - 7.2
   - 7.3
 

Dockerfile

@@ -1,19 +1,21 @@
 FROM ubuntu:xenial
-MAINTAINER Brady Wetherington <uberbrady@gmail.com>
+LABEL maintainer="uberbrady, hinchk"
 
+RUN apt-get update && apt-get install -y software-properties-common
+RUN LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
 RUN apt-get update && apt-get install -y \
 apache2 \
 apache2-bin \
-libapache2-mod-php7.0 \
-php7.0-curl \
-php7.0-ldap \
-php7.0-mysql \
-php7.0-mcrypt \
-php7.0-gd \
-php7.0-xml \
-php7.0-mbstring \
-php7.0-zip \
-php7.0-bcmath \
+libapache2-mod-php7.1 \
+php7.1-curl \
+php7.1-ldap \
+php7.1-mysql \
+php7.1-mcrypt \
+php7.1-gd \
+php7.1-xml \
+php7.1-mbstring \
+php7.1-zip \
+php7.1-bcmath \
 patch \
 curl \
 vim \
@@ -27,8 +29,8 @@ RUN phpenmod mcrypt
 RUN phpenmod gd
 RUN phpenmod bcmath
 
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.1/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.1/cli/php.ini
 
 RUN useradd -m --uid 1000 --gid 50 docker
 

README.md

@@ -6,9 +6,9 @@
 
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
 
-It is built on [Laravel 5.4](http://laravel.com).
+It is built on [Laravel 5.5](http://laravel.com).
 
-Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
+Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
 
 __This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
 
@@ -58,13 +58,20 @@ Since the release of the JSON REST API, several third-party developers have been
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
-- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-II instance
+- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
+- [Snipe-IT plugin for Jira Service Desk (beta)](https://marketplace.atlassian.com/apps/1220379/snipe-it-for-jira-service-desk-beta?hosting=cloud&tab=overview) - for the upcoming Snipe-IT v5 only
 
 As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 
 
 -----
 
+### Security
+
+To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 
+
+-----
+
 ### Contributors
 
 Thanks goes to all of these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)) who have helped Snipe-IT get this far:
@@ -109,9 +116,3 @@ Please see the documentation on [contributing and developing for Snipe-IT](https
 
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
-
------
-
-### Security
-
-To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 

app/Console/Commands/ImportLocations.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use League\Csv\Reader;
+use App\Models\Location;
+
+class ImportLocations extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:import-locations {filename}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Import locations and their parents';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+
+        if (!ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
+
+        $filename = $this->argument('filename');
+        $csv = Reader::createFromPath(storage_path('private_uploads/imports/').$filename, 'r');
+        $this->info('Attempting to process: '.storage_path('private_uploads/imports/').$filename);
+        $csv->setHeaderOffset(0); //because we don't want to insert the header
+        $results = $csv->getRecords();
+
+        // Import parent location names first if they don't exist
+        foreach ($results as $parent_index => $parent_row) {
+
+            if (array_key_exists('Parent Name', $parent_row)) {
+                $parent_name = trim($parent_row['Parent Name']);
+                if (array_key_exists('Name', $parent_row)) {
+                    $this->info('- Parent: ' . $parent_name . ' in row as: ' . trim($parent_row['Parent Name']));
+                }
+
+                // Save parent location name
+                // This creates a sort of name-stub that we'll update later on in this script
+                $parent_location = Location::firstOrCreate(array('name' => $parent_name));
+                if (array_key_exists('Name', $parent_row)) {
+                    $this->info('Parent for ' . $parent_row['Name'] . ' is ' . $parent_name . '. Attempting to save ' . $parent_name . '.');
+                }
+
+                // Check if the record was updated or created.
+                // This is mostly for clearer debugging.
+                if ($parent_location->exists) {
+                    $this->info('- Parent location '.$parent_name.' already exists.');
+                } else {
+                    $this->info('- Parent location '.$parent_name.' was created.');
+                }
+
+            } else {
+                $this->info('- No Parent Name provided, so no parent location will be created.');
+            }
+
+        }
+
+        $this->info('----- Parents Created.... backfilling additional details... --------');
+        // Loop through ALL records and add/update them if there are additional fields
+        // besides name
+        foreach ($results as $index => $row) {
+
+            if (array_key_exists('Parent Name', $row)) {
+                $parent_name = trim($row['Parent Name']);
+            }
+
+            // Set the location attributes to save
+            if (array_key_exists('Name', $row)) {
+                $location = Location::firstOrNew(array('name' => trim($row['Name'])));
+                $location->name = trim($row['Name']);
+                $this->info('Checking location: '.$location->name);
+            } else {
+                $this->error('Location name is required and is missing from at least one row in this dataset. Check your CSV for extra trailing rows and try again.');
+                return false;
+            }
+            if (array_key_exists('Currency', $row)) {
+                $location->currency = trim($row['Currency']);
+            }
+            if (array_key_exists('Address 1', $row)) {
+                $location->address = trim($row['Address 1']);
+            }
+            if (array_key_exists('Address 2', $row)) {
+                $location->address2 = trim($row['Address 2']);
+            }
+            if (array_key_exists('City', $row)) {
+                $location->city = trim($row['City']);
+            }
+            if (array_key_exists('State', $row)) {
+                $location->state = trim($row['State']);
+            }
+            if (array_key_exists('Zip', $row)) {
+                $location->zip = trim($row['Zip']);
+            }
+            if (array_key_exists('Country', $row)) {
+                $location->country = trim($row['Country']);
+            }
+            if (array_key_exists('Country', $row)) {
+                $location->ldap_ou = trim($row['OU']);
+            }
+
+
+            // If a parent name is provided, we created it earlier in the script,
+            // so let's grab that ID
+            if ($parent_name) {
+                $this->info('-- Searching for Parent Name: '.$parent_name);
+                $parent = Location::where('name', '=', $parent_name)->first();
+                $location->parent_id = $parent->id;
+                $this->info('Parent: '.$parent_name.' - ID: '.$parent->id);
+            }
+
+            // Make sure the more advanced (non-name) fields pass validation
+            if (($location->isValid()) && ($location->save())) {
+
+                // Check if the record was updated or created.
+                // This is mostly for clearer debugging.
+                if ($location->exists) {
+                    $this->info('Location ' . $location->name . ' already exists. Updating...');
+                } else {
+                    $this->info('- Location '.$location->name.' was created. ');
+                }
+
+            // If there's a validation error, display that
+            } else {
+                $this->error('- Non-parent Location '.$location->name.' could not be created: '.$location->getErrors() );
+            }
+
+
+
+
+        }
+
+
+    }
+}

app/Console/Commands/LdapSync.php

@@ -67,10 +67,10 @@ class LdapSync extends Command
 
         $summary = array();
 
-        try {    
+        try {
             if ($this->option('base_dn') != '') {
                 $search_base = $this->option('base_dn');
-                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');                
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');
             } else {
                 $search_base = null;
             }
@@ -106,7 +106,7 @@ class LdapSync extends Command
             // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
             $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
             $ldap_ou_lengths = array();
-            
+
             foreach ($ldap_ou_locations as $location) {
                 $ldap_ou_lengths[] = strlen($location["ldap_ou"]);
             }
@@ -168,34 +168,36 @@ class LdapSync extends Command
                 $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
                 $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
 
-
-                // This is active directory, not regular LDAP
-                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
-                    $enabled_accounts = [
-                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
-                    ];
-                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
-
-                // Fall through to LDAP
+                $user = User::where('username', $item["username"])->first();
+                if ($user) {
+                    // Updating an existing user.
+                    $item["createorupdate"] = 'updated';
                 } else {
-                    $item['activated'] = 0;
-                }
-
-                // User exists
-                $item["createorupdate"] = 'updated';
-                if (!$user = User::where('username', $item["username"])->first()) {
+                    // Creating a new user.
                     $user = new User;
                     $user->password = $pass;
+                    $user->activated = 0;
                     $item["createorupdate"] = 'created';
                 }
 
-                // Create the user if they don't exist.
-                $user->first_name = e($item["firstname"]);
-                $user->last_name = e($item["lastname"]);
-                $user->username = e($item["username"]);
-                $user->email = e($item["email"]);
+                $user->first_name = $item["firstname"];
+                $user->last_name = $item["lastname"];
+                $user->username = $item["username"];
+                $user->email = $item["email"];
                 $user->employee_num = e($item["employee_number"]);
-                $user->activated = $item['activated'];
+
+                // Sync activated state for Active Directory.
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                  $enabled_accounts = [
+                    '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
+                  ];
+                  $user->activated = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                }
+
+                // If we're not using AD, and there isn't an activated flag set, activate all users
+                elseif (empty($ldap_result_active_flag)) {
+                  $user->activated = 1;
+                }
 
                 if ($item['ldap_location_override'] == true) {
                     $user->location_id = $item['location_id'];
@@ -209,7 +211,6 @@ class LdapSync extends Command
 
                 }
 
-                $user->notes = 'Imported from LDAP';
                 $user->ldap_import = 1;
 
                 $errors = '';

app/Console/Commands/ObjectImportCommand.php

@@ -65,7 +65,7 @@ class ObjectImportCommand extends Command
      *
      * @return mixed
      */
-    public function fire()
+    public function handle()
     {
         $filename = $this->argument('filename');
         $class = title_case($this->option('item-type'));

app/Console/Commands/Purge.php

@@ -33,7 +33,7 @@ class Purge extends Command
      *
      * @var string
      */
-    protected $description = 'Purge all soft-deleted deleted records in the database. This will rewrite history for items that have been edited, or checked in or out. It will also reqrite history for users associated with deleted items.';
+    protected $description = 'Purge all soft-deleted deleted records in the database. This will rewrite history for items that have been edited, or checked in or out. It will also rewrite history for users associated with deleted items.';
 
     /**
      * Create a new command instance.

app/Console/Commands/ReEncodeCustomFieldNames.php

@@ -0,0 +1,126 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+
+class ReEncodeCustomFieldNames extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:regenerate-fieldnames';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will regenerate the column names for custom fields. It should typically only be needed when a PHP upgrade changed the behavior of the unicode conversion between versions.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * All three of these things must match for the custom fields system to work as expected:
+     *
+     * - what the system thinks the output of $field->convertUnicodeDbSlug() is
+     * - the actual db_column name in the customfields table
+     * - the physical column name that was created on the assets table
+     *
+     * For some people who upgraded their version of PHP, the unicode converter now behaves
+     * differently in than it did when their custom fields were first created, specifically as it
+     * relates to handling slashes, ampersands, etc. This can result in the field names no longer
+     * matching up, as an older version of the PHP extension simply dropped slashes, etc, while the
+     * newer version of the PHP extension will convert them to underscores.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->confirm('This will regenerate all of the custom field database fieldnames in your database. THIS WILL CHANGE YOUR SCHEMA AND SHOULD NOT BE DONE WITHOUT MAKING A BACKUP FIRST. Do you wish to continue?'))
+        {
+
+            /** Get all of the custom fields */
+            $fields = CustomField::get();
+
+            $asset_columns = \DB::getSchemaBuilder()->getColumnListing('assets');
+            $custom_field_columns = array();
+
+            /** Loop through the columns on the assets table */
+            foreach ($asset_columns as $asset_column) {
+
+                /** Add ones that start with _snipeit_ to an array for handling */
+                if (strpos($asset_column, '_snipeit_') === 0) {
+
+                    /**
+                     * Get the ID of the custom field based on the fieldname.
+                     * For example, in _snipeit_mac_address_1, we grab the 1 because we know
+                     * that's the ID of the custom field that created the column.
+                     * Then use that ID as the array key for use comparing the actual assets field name
+                     * and the db_column value from the custom fields table.
+                     */
+                    $last_part = substr(strrchr($asset_column, "_snipeit_"), 1);
+                    $custom_field_columns[$last_part] = $asset_column;
+                }
+            }
+
+            foreach ($fields as $field) {
+
+                $this->info($field->name .' ('.$field->id.') column should be '. $field->convertUnicodeDbSlug().'');
+
+                /** The assets table has the column it should have, all is well */
+                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug()))
+                {
+                    $this->info('-- ✓ This field exists - all good');
+
+                /**
+                 * There is a mismatch between the fieldname on the assets table and
+                 * what $field->convertUnicodeDbSlug() is *now* expecting.
+                 */
+                } else {
+                        $this->warn('-- X Field mismatch: updating... ');
+
+                        /** Make sure the custom_field_columns array has the ID */
+                        if (array_key_exists($field->id, $custom_field_columns)) {
+
+                            /**
+                             * Update the asset schema to the corrected fieldname that will be recognized by the
+                             *  system elsewhere that we use $field->convertUnicodeDbSlug()
+                             */
+                            \Schema::table('assets', function($table) use ($custom_field_columns, $field) {
+                                $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
+                            });
+
+                            $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
+
+                        } else {
+                            $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
+                        }
+                }
+
+                /** Update the db_column property in the custom fields table, just in case it doesn't match the other
+                 * things.
+                 */
+                $field->db_column = $field->convertUnicodeDbSlug();
+                $field->save();
+
+
+            }
+
+        }
+
+
+    }
+}

app/Console/Commands/SendExpectedCheckinAlerts.php

@@ -42,7 +42,7 @@ class SendExpectedCheckinAlerts extends Command
      *
      * @return mixed
      */
-    public function fire()
+    public function handle()
     {
         $settings = Setting::getSettings();
         $whenNotify = Carbon::now()->addDays(7);

app/Console/Commands/SendExpirationAlerts.php

@@ -43,7 +43,7 @@ class SendExpirationAlerts extends Command
      *
      * @return mixed
      */
-    public function fire()
+    public function handle()
     {
 
         $settings = Setting::getSettings();

app/Console/Commands/SendUpcomingAuditReport.php

@@ -0,0 +1,91 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use App\Models\License;
+use App\Models\Setting;
+use App\Notifications\ExpiringAssetsNotification;
+use App\Models\Recipients;
+use DB;
+use Illuminate\Console\Command;
+use App\Notifications\SendUpcomingAuditNotification;
+use Carbon\Carbon;
+
+class SendUpcomingAuditReport extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:upcoming-audits';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Send email/slack notifications for upcoming asset audits.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $settings = Setting::getSettings();
+
+        if (($settings->alert_email != '') && ($settings->audit_warning_days) && ($settings->alerts_enabled == 1)) {
+
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new \App\Models\Recipients\AlertRecipient($item);
+            });
+
+
+            // Assets due for auditing
+
+            $assets = Asset::whereNotNull('next_audit_date')
+                    ->DueOrOverdueForAudit($settings)
+                    ->orderBy('last_audit_date', 'asc')->get();
+
+            if ($assets->count() > 0) {
+
+                $this->info(trans_choice('mail.upcoming-audits', $assets->count(),
+                    ['count' => $assets->count(), 'threshold' => $settings->audit_warning_days]));
+                \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
+                $this->info('Audit report sent to '.$settings->alert_email);
+            } else {
+                $this->info('No assets to be audited. No report sent.');
+            }
+
+
+
+        } elseif ($settings->alert_email=='') {
+            $this->error('Could not send email. No alert email configured in settings');
+        } elseif (!$settings->audit_warning_days) {
+            $this->error('No audit warning days set in Admin Notifications. No mail will be sent.');
+        } elseif ($settings->alerts_enabled!=1) {
+            $this->info('Alerts are disabled in the settings. No mail will be sent');
+        } else {
+            $this->error('Something went wrong. :( ');
+            $this->error('Admin Notifications Email Setting: '.$settings->alert_email);
+            $this->error('Admin Audit Warning Setting: '.$settings->audit_warning_days);
+            $this->error('Admin Alerts Emnabled: '.$settings->alerts_enabled);
+        }
+
+
+    }
+}

app/Console/Commands/SyncAssetCounters.php

@@ -39,7 +39,7 @@ class SyncAssetCounters extends Command
     public function handle()
     {
         $start = microtime(true);
-        $assets = Asset::withCount('checkins', 'checkouts', 'userRequests')
+        $assets = Asset::withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')
             ->withTrashed()->get();
 
         if ($assets) {

app/Console/Commands/SyncAssetLocations.php

@@ -64,7 +64,7 @@ class SyncAssetLocations extends Command
         $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
         foreach ($assigned_user_assets as $assigned_user_asset) {
             if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
-                $new_location=$assigned_user_asset->assignedTo->userloc->id;
+                $new_location = $assigned_user_asset->assignedTo->userLoc->id;
                 $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
             } else {
                 $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';

app/Console/Commands/SystemBackup.php

@@ -36,7 +36,7 @@ class SystemBackup extends Command
      *
      * @return mixed
      */
-    public function fire()
+    public function handle()
     {
         //
         $this->call('backup:run');

app/Console/Kernel.php

@@ -2,6 +2,8 @@
 
 namespace App\Console;
 
+use App\Console\Commands\ImportLocations;
+use App\Console\Commands\RestoreDeletedUsers;
 use Illuminate\Console\Scheduling\Schedule;
 use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
 
@@ -31,6 +33,9 @@ class Kernel extends ConsoleKernel
         Commands\RegenerateAssetTags::class,
         Commands\SyncAssetCounters::class,
         Commands\RestoreDeletedUsers::class,
+        Commands\SendUpcomingAuditReport::class,
+        Commands\ImportLocations::class,
+        Commands\ReEncodeCustomFieldNames::class,
     ];
 
     /**
@@ -47,10 +52,12 @@ class Kernel extends ConsoleKernel
         $schedule->command('snipeit:expected-checkin')->daily();
         $schedule->command('snipeit:backup')->weekly();
         $schedule->command('backup:clean')->daily();
+        $schedule->command('snipeit:upcoming-audits')->daily();
     }
 
     protected function commands()
     {
         require base_path('routes/console.php');
+        $this->load(__DIR__.'/Commands');
     }
 }

app/Exceptions/Handler.php

@@ -23,6 +23,7 @@ class Handler extends ExceptionHandler
         \Illuminate\Database\Eloquent\ModelNotFoundException::class,
         \Illuminate\Session\TokenMismatchException::class,
         \Illuminate\Validation\ValidationException::class,
+        \Intervention\Image\Exception\NotSupportedException::class,
     ];
 
     /**
@@ -66,10 +67,6 @@ class Handler extends ExceptionHandler
                 return response()->json(Helper::formatStandardApiResponse('error', null, $className . ' not found'), 200);
             }
 
-            if ($e instanceof \Illuminate\Validation\ValidationException) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, $e->response['messages'], 400));
-            }
-
             if ($this->isHttpException($e)) {
 
                 $statusCode = $e->getStatusCode();
@@ -84,11 +81,6 @@ class Handler extends ExceptionHandler
 
                 }
             }
-            // Try to parse 500 Errors in a bit nicer way when debug is enabled.
-            if (config('app.debug')) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, "An Error has occured! " . $e->getMessage()), 500);
-            }
-
         }
 
 
@@ -117,4 +109,16 @@ class Handler extends ExceptionHandler
 
         return redirect()->guest('login');
     }
+
+    /**
+     * Convert a validation exception into a JSON response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Illuminate\Validation\ValidationException  $exception
+     * @return \Illuminate\Http\JsonResponse
+     */
+    protected function invalidJson($request, ValidationException $exception)
+    {
+        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors(), 400));
+    }
 }

app/Helpers/Helper.php

@@ -281,9 +281,9 @@ class Helper
      */
     public static function checkLowInventory()
     {
-        $consumables = Consumable::withCount('consumableAssignments')->whereNotNull('min_amt')->get();
-        $accessories = Accessory::withCount('users')->whereNotNull('min_amt')->get();
-        $components = Component::withCount('assets')->whereNotNull('min_amt')->get();
+        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
+        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
+        $components = Component::withCount('assets as assets_count')->whereNotNull('min_amt')->get();
 
         $avail_consumables = 0;
         $items_array = array();

app/Http/Controllers/AccessoriesController.php

@@ -94,7 +94,7 @@ class AccessoriesController extends Controller
                 $file_name = "accessory-".str_random(18).'.'.$ext;
                 $path = public_path('/uploads/accessories');
                 if ($image->getClientOriginalExtension()!='svg') {
-                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                    Image::make($image->getRealPath())->resize(null, 800, function ($constraint) {
                         $constraint->aspectRatio();
                         $constraint->upsize();
                     })->save($path.'/'.$file_name);
@@ -173,7 +173,7 @@ class AccessoriesController extends Controller
                 $file_name = "accessory-".str_random(18).'.'.$ext;
                 $path = public_path('/uploads/accessories');
                 if ($image->getClientOriginalExtension()!='svg') {
-                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                    Image::make($image->getRealPath())->resize(null, 800, function ($constraint) {
                         $constraint->aspectRatio();
                         $constraint->upsize();
                     })->save($path.'/'.$file_name);

app/Http/Controllers/Api/AccessoriesController.php

@@ -26,23 +26,23 @@ class AccessoriesController extends Controller
 
         $accessories = Accessory::with('category', 'company', 'manufacturer', 'users', 'location');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $accessories = $accessories->TextSearch($request->input('search'));
         }
 
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $accessories->where('company_id','=',$request->input('company_id'));
         }
 
-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
             $accessories->where('category_id','=',$request->input('category_id'));
         }
 
-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
             $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
         }
 
-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
             $accessories->where('supplier_id','=',$request->input('supplier_id'));
         }
 

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -40,7 +40,7 @@ class AssetMaintenancesController extends Controller
             $maintenances = $maintenances->TextSearch(e($request->input('search')));
         }
 
-        if ($request->has('asset_id')) {
+        if ($request->filled('asset_id')) {
             $maintenances->where('asset_id', '=', $request->input('asset_id'));
         }
 

app/Http/Controllers/Api/AssetModelsController.php

@@ -48,15 +48,15 @@ class AssetModelsController extends Controller
             'models.updated_at',
          ])
             ->with('category','depreciation', 'manufacturer','fieldset')
-            ->withCount('assets');
+            ->withCount('assets as assets_count');
 
 
 
-        if ($request->has('status')) {
+        if ($request->filled('status')) {
             $assetmodels->onlyTrashed();
         }
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $assetmodels->TextSearch($request->input('search'));
         }
 
@@ -114,7 +114,7 @@ class AssetModelsController extends Controller
     public function show($id)
     {
         $this->authorize('view', AssetModel::class);
-        $assetmodel = AssetModel::withCount('assets')->findOrFail($id);
+        $assetmodel = AssetModel::withCount('assets as assets_count')->findOrFail($id);
         return (new AssetModelsTransformer)->transformAssetModel($assetmodel);
     }
 
@@ -210,7 +210,7 @@ class AssetModelsController extends Controller
 
         $settings = \App\Models\Setting::getSettings();
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $assetmodels = $assetmodels->SearchByManufacturerOrCat($request->input('search'));
         }
 

app/Http/Controllers/Api/AssetsController.php

@@ -52,7 +52,7 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function index(Request $request)
+    public function index(Request $request, $audit = null)
     {
 
         $this->authorize('index', Asset::class);
@@ -84,7 +84,7 @@ class AssetsController extends Controller
 
         $filter = array();
 
-        if ($request->has('filter')) {
+        if ($request->filled('filter')) {
             $filter = json_decode($request->input('filter'), true);
         }
 
@@ -101,7 +101,7 @@ class AssetsController extends Controller
         // These are used by the API to query against specific ID numbers.
         // They are also used by the individual searches on detail pages like
         // locations, etc.
-        if ($request->has('status_id')) {
+        if ($request->filled('status_id')) {
             $assets->where('assets.status_id', '=', $request->input('status_id'));
         }
 
@@ -109,45 +109,60 @@ class AssetsController extends Controller
             $assets->where('assets.requestable', '=', '1');
         }
 
-        if ($request->has('model_id')) {
+        if ($request->filled('model_id')) {
             $assets->InModelList([$request->input('model_id')]);
         }
 
-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
             $assets->InCategory($request->input('category_id'));
         }
 
-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
             $assets->where('assets.location_id', '=', $request->input('location_id'));
         }
 
-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
             $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
         }
 
-        if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
+        if (($request->filled('assigned_to')) && ($request->filled('assigned_type'))) {
             $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
                 ->where('assets.assigned_type', '=', $request->input('assigned_type'));
         }
 
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $assets->where('assets.company_id', '=', $request->input('company_id'));
         }
 
-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
             $assets->ByManufacturer($request->input('manufacturer_id'));
         }
 
-        if ($request->has('depreciation_id')) {
+        if ($request->filled('depreciation_id')) {
             $assets->ByDepreciationId($request->input('depreciation_id'));
         }
 
-        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
+        $request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
 
         $offset = (($assets) && (request('offset') > $assets->count())) ? 0 : request('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
+        // This is used by the audit reporting routes
+        if (Gate::allows('audit', Asset::class)) {
+
+            switch ($audit) {
+                case 'due':
+                    $assets->DueOrOverdueForAudit($settings);
+                    break;
+                case 'overdue':
+                    $assets->overdueForAudit($settings);
+                    break;
+            }
+        }
+
+
+
         // This is used by the sidenav, mostly
 
         // We switched from using query scopes here because of a Laravel bug
@@ -201,7 +216,7 @@ class AssetsController extends Controller
                 break;
             default:
 
-                if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
+                if ((!$request->filled('status_id')) && ($settings->show_archived_in_list!='1')) {
                     // terrible workaround for complex-query Laravel bug in fulltext
                     $assets->join('status_labels AS status_alias',function ($join) {
                         $join->on('status_alias.id', "=", "assets.status_id")
@@ -220,7 +235,7 @@ class AssetsController extends Controller
 
         if ((!is_null($filter)) && (count($filter)) > 0) {
             $assets->ByFilter($filter);
-        } elseif ($request->has('search')) {
+        } elseif ($request->filled('search')) {
             $assets->TextSearch($request->input('search'));
         }
 
@@ -326,7 +341,7 @@ class AssetsController extends Controller
      */
     public function show($id)
     {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins', 'checkouts', 'userRequests')->findOrFail($id)) {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as userRequests_count')->findOrFail($id)) {
             $this->authorize('view', $asset);
             return (new AssetsTransformer)->transformAsset($asset);
         }
@@ -356,11 +371,11 @@ class AssetsController extends Controller
             'assets.status_id'
         ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(),'company_id', 'assets');
 
-        if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
+        if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
             $assets = $assets->RTD();
         }
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $assets = $assets->AssignedSearch($request->input('search'));
         }
 
@@ -431,9 +446,15 @@ class AssetsController extends Controller
         // Update custom fields in the database.
         // Validation for these fields is handled through the AssetRequest form request
         $model = AssetModel::find($request->get('model_id'));
-        if ($model->fieldset) {
+        if (($model) && ($model->fieldset)) {
             foreach ($model->fieldset->fields as $field) {
-                $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
+                if ($field->field_encrypted=='1') {
+                    if (Gate::allows('admin')) {
+                        $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                    }
+                } else {
+                    $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                }
             }
         }
 
@@ -472,18 +493,24 @@ class AssetsController extends Controller
 
             $asset->fill($request->all());
 
-            ($request->has('model_id')) ?
+            ($request->filled('model_id')) ?
                 $asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
-            ($request->has('company_id')) ?
+            ($request->filled('company_id')) ?
                 $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : null;
-            ($request->has('rtd_location_id')) ?
+            ($request->filled('rtd_location_id')) ?
                 $asset->location_id = $request->get('rtd_location_id') : null;
 
             // Update custom fields
             if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                 foreach ($model->fieldset->fields as $field) {
                     if ($request->has($field->convertUnicodeDbSlug())) {
-                        $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
+                        if ($field->field_encrypted=='1') {
+                            if (Gate::allows('admin')) {
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                            }
+                        } else {
+                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                        }
                     }
                 }
             }
@@ -491,11 +518,11 @@ class AssetsController extends Controller
 
             if ($asset->save()) {
 
-                if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
+                if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
                     $location = $target->location_id;
-                } elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
+                } elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
                     $location = $target->location_id;
-                } elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
+                } elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
                     $location = $target->id;
                 }
 
@@ -650,7 +677,7 @@ class AssetsController extends Controller
         $asset->name = Input::get('name');
         $asset->location_id =  $asset->rtd_location_id;
 
-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
             $asset->location_id =  $request->input('location_id');
         }
 

app/Http/Controllers/Api/CategoriesController.php

@@ -24,9 +24,9 @@ class CategoriesController extends Controller
         $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count','licenses_count', 'image'];
 
         $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
-            ->withCount('assets', 'accessories', 'consumables', 'components','licenses');
+            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count','licenses as licenses_count');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $categories = $categories->TextSearch($request->input('search'));
         }
 
@@ -148,7 +148,7 @@ class CategoriesController extends Controller
             'image',
         ]);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $categories = $categories->where('name', 'LIKE', '%'.$request->get('search').'%');
         }
 

app/Http/Controllers/Api/CompaniesController.php

@@ -35,9 +35,9 @@ class CompaniesController extends Controller
             'components_count',
         ];
 
-        $companies = Company::withCount('assets','licenses','accessories','consumables','components','users');
+        $companies = Company::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count','components as components_count','users as users_count');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $companies->TextSearch($request->input('search'));
         }
 
@@ -168,7 +168,7 @@ class CompaniesController extends Controller
             'companies.image',
         ]);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
         }
 

app/Http/Controllers/Api/ComponentsController.php

@@ -27,19 +27,19 @@ class ComponentsController extends Controller
         $components = Company::scopeCompanyables(Component::select('components.*')
             ->with('company', 'location', 'category'));
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $components = $components->TextSearch($request->input('search'));
         }
 
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $components->where('company_id','=',$request->input('company_id'));
         }
 
-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
             $components->where('category_id','=',$request->input('category_id'));
         }
 
-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
             $components->where('location_id','=',$request->input('location_id'));
         }
 

app/Http/Controllers/Api/ConsumablesController.php

@@ -27,19 +27,19 @@ class ConsumablesController extends Controller
                 ->with('company', 'location', 'category', 'users', 'manufacturer')
         );
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $consumables = $consumables->TextSearch(e($request->input('search')));
         }
 
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $consumables->where('company_id','=',$request->input('company_id'));
         }
 
-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
             $consumables->where('category_id','=',$request->input('category_id'));
         }
 
-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
             $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
         }
 
@@ -165,7 +165,7 @@ class ConsumablesController extends Controller
     {
         $consumable = Consumable::with(array('consumableAssignments'=>
         function ($query) {
-            $query->orderBy('created_at', 'DESC');
+            $query->orderBy($query->getModel()->getTable().'.created_at', 'DESC');
         },
         'consumableAssignments.admin'=> function ($query) {
         },

app/Http/Controllers/Api/CustomFieldsetsController.php

@@ -43,7 +43,7 @@ class CustomFieldsetsController extends Controller
     public function index()
     {
         $this->authorize('index', CustomFieldset::class);
-        $fieldsets = CustomFieldset::withCount(['fields', 'models'])->get();
+        $fieldsets = CustomFieldset::withCount('fields as fields_count', 'models as models_count')->get();
         return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
 
     }

app/Http/Controllers/Api/DepartmentsController.php

@@ -33,9 +33,9 @@ class DepartmentsController extends Controller
             'departments.created_at',
             'departments.updated_at',
             'departments.image'
-        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users');
+        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $departments = $departments->TextSearch($request->input('search'));
         }
 
@@ -76,7 +76,7 @@ class DepartmentsController extends Controller
         $department = new Department;
         $department->fill($request->all());
         $department->user_id = Auth::user()->id;
-        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+        $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);
 
         if ($department->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
@@ -142,7 +142,7 @@ class DepartmentsController extends Controller
             'image',
         ]);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $departments = $departments->where('name', 'LIKE', '%'.$request->get('search').'%');
         }
 

app/Http/Controllers/Api/DepreciationsController.php

@@ -24,7 +24,7 @@ class DepreciationsController extends Controller
 
         $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $depreciations = $depreciations->TextSearch($request->input('search'));
         }
 

app/Http/Controllers/Api/GroupsController.php

@@ -22,9 +22,9 @@ class GroupsController extends Controller
         $this->authorize('view', Group::class);
         $allowed_columns = ['id','name','created_at', 'users_count'];
 
-        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users');
+        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users as users_count');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $groups = $groups->TextSearch($request->input('search'));
         }
 

app/Http/Controllers/Api/LicensesController.php

@@ -25,59 +25,59 @@ class LicensesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats'));
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats as free_seats_count'));
 
 
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $licenses->where('company_id','=',$request->input('company_id'));
         }
 
-        if ($request->has('name')) {
+        if ($request->filled('name')) {
             $licenses->where('licenses.name','=',$request->input('name'));
         }
 
-        if ($request->has('product_key')) {
+        if ($request->filled('product_key')) {
             $licenses->where('licenses.serial','=',$request->input('product_key'));
         }
 
-        if ($request->has('order_number')) {
+        if ($request->filled('order_number')) {
             $licenses->where('order_number','=',$request->input('order_number'));
         }
 
-        if ($request->has('purchase_order')) {
+        if ($request->filled('purchase_order')) {
             $licenses->where('purchase_order','=',$request->input('purchase_order'));
         }
 
-        if ($request->has('license_name')) {
+        if ($request->filled('license_name')) {
             $licenses->where('license_name','=',$request->input('license_name'));
         }
 
-        if ($request->has('license_email')) {
+        if ($request->filled('license_email')) {
             $licenses->where('license_email','=',$request->input('license_email'));
         }
 
-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
             $licenses->where('manufacturer_id','=',$request->input('manufacturer_id'));
         }
 
-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
             $licenses->where('supplier_id','=',$request->input('supplier_id'));
         }
 
-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
             $licenses->where('category_id','=',$request->input('category_id'));
         }
 
-        if ($request->has('depreciation_id')) {
+        if ($request->filled('depreciation_id')) {
             $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
         }
 
-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
             $licenses->where('supplier_id','=',$request->input('supplier_id'));
         }
 
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $licenses = $licenses->TextSearch($request->input('search'));
         }
 
@@ -227,7 +227,8 @@ class LicensesController extends Controller
 
             $seats = LicenseSeat::where('license_id', $licenseId)->with('license', 'user', 'asset');
 
-            $offset = request('offset', 0);
+            $offset = (($seats) && (request('offset') > $seats->count())) ? 0 : request('offset', 0);
+
             $limit = request('limit', 50);
             $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 

app/Http/Controllers/Api/LocationsController.php

@@ -41,11 +41,11 @@ class LocationsController extends Controller
             'locations.updated_at',
             'locations.image',
             'locations.currency'
-        ])->withCount('assignedAssets')
-        ->withCount('assets')
-        ->withCount('users');
+        ])->withCount('assignedAssets as assigned_assets_count')
+        ->withCount('assets as assets_count')
+        ->withCount('users as users_count');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $locations = $locations->TextSearch($request->input('search'));
         }
 
@@ -123,9 +123,9 @@ class LocationsController extends Controller
                 'locations.image',
                 'locations.currency'
             ])
-            ->withCount('assignedAssets')
-            ->withCount('assets')
-            ->withCount('users')->findOrFail($id);
+            ->withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assets as assets_count')
+            ->withCount('users as users_count')->findOrFail($id);
         return (new LocationsTransformer)->transformLocation($location);
     }
 
@@ -192,7 +192,7 @@ class LocationsController extends Controller
             'locations.image',
         ]);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $locations = $locations->where('locations.name', 'LIKE', '%'.$request->get('search').'%');
         }
 

app/Http/Controllers/Api/ManufacturersController.php

@@ -26,13 +26,13 @@ class ManufacturersController extends Controller
 
         $manufacturers = Manufacturer::select(
             array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
-        )->withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories');
+        )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count');
 
         if ($request->input('deleted')=='true') {
             $manufacturers->onlyTrashed();
         }
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $manufacturers = $manufacturers->TextSearch($request->input('search'));
         }
 
@@ -83,7 +83,7 @@ class ManufacturersController extends Controller
     public function show($id)
     {
         $this->authorize('view', Manufacturer::class);
-        $manufacturer = Manufacturer::withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories')->findOrFail($id);
+        $manufacturer = Manufacturer::withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count')->findOrFail($id);
         return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
     }
 
@@ -145,7 +145,7 @@ class ManufacturersController extends Controller
             'image',
         ]);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $manufacturers = $manufacturers->where('name', 'LIKE', '%'.$request->get('search').'%');
         }
 

app/Http/Controllers/Api/ReportsController.php

@@ -22,25 +22,25 @@ class ReportsController extends Controller
         
         $actionlogs = Actionlog::with('item', 'user', 'target','location');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
         }
 
-        if (($request->has('target_type'))  && ($request->has('target_id'))) {
+        if (($request->filled('target_type'))  && ($request->filled('target_id'))) {
             $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
                 ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
         }
 
-        if (($request->has('item_type'))  && ($request->has('item_id'))) {
+        if (($request->filled('item_type'))  && ($request->filled('item_id'))) {
             $actionlogs = $actionlogs->where('item_id','=',$request->input('item_id'))
                 ->where('item_type','=',"App\\Models\\".ucwords($request->input('item_type')));
         }
 
-        if ($request->has('action_type')) {
+        if ($request->filled('action_type')) {
             $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
         }
 
-        if ($request->has('uploads')) {
+        if ($request->filled('uploads')) {
             $actionlogs = $actionlogs->whereNotNull('filename')->orderBy('created_at', 'desc');
         }
 

app/Http/Controllers/Api/SettingsController.php

@@ -38,7 +38,7 @@ class SettingsController extends Controller
                 //return response()->json(['message' => $e->getMessage()], 500);
             }
         } catch (\Exception $e) {
-            \Log::debug('Connection failed');
+            \Log::debug('Connection failed but we cannot debug it any further on our end.');
             return response()->json(['message' => $e->getMessage()], 600);
         }
 

app/Http/Controllers/Api/StatuslabelsController.php

@@ -24,9 +24,9 @@ class StatuslabelsController extends Controller
         $this->authorize('view', Statuslabel::class);
         $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];
 
-        $statuslabels = Statuslabel::withCount('assets');
+        $statuslabels = Statuslabel::withCount('assets as assets_count');
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $statuslabels = $statuslabels->TextSearch($request->input('search'));
         }
 
@@ -55,7 +55,7 @@ class StatuslabelsController extends Controller
         $this->authorize('create', Statuslabel::class);
         $request->except('deployable', 'pending','archived');
 
-        if (!$request->has('type')) {
+        if (!$request->filled('type')) {
             return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
         }
 
@@ -106,7 +106,7 @@ class StatuslabelsController extends Controller
         
         $request->except('deployable', 'pending','archived');
 
-        if (!$request->has('type')) {
+        if (!$request->filled('type')) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
         }
 
@@ -162,7 +162,7 @@ class StatuslabelsController extends Controller
     {
         $this->authorize('view', Statuslabel::class);
 
-        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets')->get();
+        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets as assets_count')->get();
 
         $labels=[];
         $points=[];

app/Http/Controllers/Api/SuppliersController.php

@@ -26,10 +26,10 @@ class SuppliersController extends Controller
         
         $suppliers = Supplier::select(
                 array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image','notes')
-            )->withCount('assets')->withCount('licenses')->withCount('accessories');
+            )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('accessories as accessories_count');
 
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $suppliers = $suppliers->TextSearch($request->input('search'));
         }
 
@@ -115,7 +115,7 @@ class SuppliersController extends Controller
     public function destroy($id)
     {
         $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets', 'licenses')->findOrFail($id);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count','assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
         $this->authorize('delete', $supplier);
 
 
@@ -153,7 +153,7 @@ class SuppliersController extends Controller
             'image',
         ]);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $suppliers = $suppliers->where('suppliers.name', 'LIKE', '%'.$request->get('search').'%');
         }
 

app/Http/Controllers/Api/UsersController.php

@@ -58,31 +58,31 @@ class UsersController extends Controller
             'users.zip',
 
         ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
-            ->withCount('assets','licenses','accessories','consumables');
+            ->withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count');
         $users = Company::scopeCompanyables($users);
 
 
-        if (($request->has('deleted')) && ($request->input('deleted')=='true')) {
+        if (($request->filled('deleted')) && ($request->input('deleted')=='true')) {
             $users = $users->GetDeleted();
         }
 
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $users = $users->where('users.company_id', '=', $request->input('company_id'));
         }
 
-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
             $users = $users->where('users.location_id', '=', $request->input('location_id'));
         }
 
-        if ($request->has('group_id')) {
+        if ($request->filled('group_id')) {
             $users = $users->ByGroup($request->get('group_id'));
         }
 
-        if ($request->has('department_id')) {
+        if ($request->filled('department_id')) {
             $users = $users->where('users.department_id','=',$request->input('department_id'));
         }
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $users = $users->TextSearch($request->input('search'));
         }
 
@@ -100,6 +100,9 @@ class UsersController extends Controller
             case 'department':
                 $users = $users->OrderDepartment($order);
                 break;
+            case 'company':
+                $users = $users->OrderCompany($order);
+                break;
             default:
                 $allowed_columns =
                     [
@@ -148,7 +151,7 @@ class UsersController extends Controller
 
         $users = Company::scopeCompanyables($users);
 
-        if ($request->has('search')) {
+        if ($request->filled('search')) {
             $users = $users->SimpleNameSearch($request->get('search'))
                 ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
                 ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
@@ -201,7 +204,7 @@ class UsersController extends Controller
         $user->password = bcrypt($request->get('password', $tmp_pass));
 
         if ($user->save()) {
-            if ($request->has('groups')) {
+            if ($request->filled('groups')) {
                 $user->groups()->sync($request->input('groups'));
             } else {
                 $user->groups()->sync(array());
@@ -247,7 +250,7 @@ class UsersController extends Controller
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
         }
 
-        if ($request->has('password')) {
+        if ($request->filled('password')) {
             $user->password = bcrypt($request->input('password'));
         }
 
@@ -256,6 +259,22 @@ class UsersController extends Controller
             ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
 
         if ($user->save()) {
+
+            // Sync group memberships:
+            // This was changed in Snipe-IT v4.6.x to 4.7, since we upgraded to Laravel 5.5
+            // which changes the behavior of has vs filled.
+            // The $request->has method will now return true even if the input value is an empty string or null.
+            // A new $request->filled method has was added that provides the previous behavior of the has method.
+
+            // Check if the request has groups passed and has a value
+            if ($request->filled('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            // The groups field has been passed but it is null, so we should blank it out
+            } elseif ($request->has('groups'))  {
+                $user->groups()->sync(array());
+            }
+
+
             return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
         }
 
@@ -277,10 +296,23 @@ class UsersController extends Controller
         $this->authorize('delete', $user);
 
 
-        if ($user->assets()->count() > 0) {
+        if (($user->assets) && ($user->assets->count() > 0)) {
             return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete_has_assets')));
         }
 
+        if (($user->licenses) && ($user->licenses->count() > 0)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->licenses->count() . ' license(s) associated with them and cannot be deleted.'));
+        }
+
+        if (($user->accessories) && ($user->accessories->count() > 0)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->accessories->count() . ' accessories associated with them.'));
+        }
+
+        if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.'));
+        }
+
+
         if ($user->delete()) {
             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/users/message.success.delete')));
         }
@@ -333,7 +365,7 @@ class UsersController extends Controller
 
         $this->authorize('update', User::class);
 
-        if ($request->has('id')) {
+        if ($request->filled('id')) {
             try {
                 $user = User::find($request->get('id'));
                 $user->two_factor_secret = null;

app/Http/Controllers/AssetCheckinController.php

@@ -65,15 +65,15 @@ class AssetCheckinController extends Controller
         $asset->assignedTo()->disassociate($asset);
         $asset->assigned_type = null;
         $asset->accepted = null;
-        $asset->name = e($request->get('name'));
+        $asset->name = $request->get('name');
 
-        if ($request->has('status_id')) {
+        if ($request->filled('status_id')) {
             $asset->status_id =  e($request->get('status_id'));
         }
 
         $asset->location_id = $asset->rtd_location_id;
 
-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
             $asset->location_id =  e($request->get('location_id'));
         }
 
@@ -93,7 +93,7 @@ class AssetCheckinController extends Controller
             $data['model_name'] = $asset->model->name;
             $data['model_number'] = $asset->model->model_number;
 
-            if ($backto=='user') {
+            if ((isset($user)) && ($backto =='user')) {
                 return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
             }
             return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));

app/Http/Controllers/AssetCheckoutController.php

@@ -28,7 +28,6 @@ class AssetCheckoutController extends Controller
     {
         // Check if the asset exists
         if (is_null($asset = Asset::find(e($assetId)))) {
-            // Redirect to the asset management page with error
             return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
 
@@ -39,7 +38,6 @@ class AssetCheckoutController extends Controller
         }
         return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
 
-        // Get the dropdown of users and then pass it to the checkout view
 
     }
 
@@ -71,12 +69,12 @@ class AssetCheckoutController extends Controller
             $asset = $this->updateAssetLocation($asset, $target);
 
             $checkout_at = date("Y-m-d H:i:s");
-            if (($request->has('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
                 $checkout_at = $request->get('checkout_at');
             }
 
             $expected_checkin = '';
-            if ($request->has('expected_checkin')) {
+            if ($request->filled('expected_checkin')) {
                 $expected_checkin = $request->get('expected_checkin');
             }
 

app/Http/Controllers/AssetFilesController.php

@@ -111,12 +111,16 @@ class AssetFilesController extends Controller
             $this->authorize('update', $asset);
 
             $log = Actionlog::find($fileId);
-            $full_filename = $destinationPath.'/'.$log->filename;
-            if (file_exists($full_filename)) {
-                unlink($destinationPath.'/'.$log->filename);
+            if ($log) {
+                $full_filename = $destinationPath.'/'.$log->filename;
+                if (file_exists($full_filename)) {
+                    unlink($destinationPath.'/'.$log->filename);
+                }
+                $log->delete();
+                return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
             }
-            $log->delete();
-            return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+            return redirect()->back()->with('error', 'Could not find matching upload log.');
+
         }
 
         // Redirect to the hardware management page

app/Http/Controllers/AssetModelsController.php

@@ -97,7 +97,7 @@ class AssetModelsController extends Controller
             $path = app('models_upload_path');
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save($path.'/'.$file_name);
@@ -194,7 +194,7 @@ class AssetModelsController extends Controller
             $file_name = $model->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('models_upload_path').$file_name);
@@ -373,7 +373,7 @@ class AssetModelsController extends Controller
         if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
 
 
-            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->orderBy('assets_count', 'ASC')->get();
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->orderBy('assets_count', 'ASC')->get();
 
             // If deleting....
             if ($request->input('bulk_actions')=='delete') {
@@ -420,10 +420,10 @@ class AssetModelsController extends Controller
         $update_array = array();
 
 
-        if (($request->has('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
             $update_array['manufacturer_id'] = $request->input('manufacturer_id');
         }
-        if (($request->has('category_id') && ($request->input('category_id')!='NC'))) {
+        if (($request->filled('category_id') && ($request->input('category_id')!='NC'))) {
             $update_array['category_id'] = $request->input('category_id');
         }
         if ($request->input('fieldset_id')!='NC') {
@@ -461,7 +461,7 @@ class AssetModelsController extends Controller
 
         if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
 
-            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->get();
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->get();
 
             $del_error_count = 0;
             $del_count = 0;

app/Http/Controllers/AssetsController.php

@@ -71,7 +71,7 @@ class AssetsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('index', Asset::class);
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $company = Company::find($request->input('company_id'));
         } else {
             $company = null;
@@ -96,7 +96,7 @@ class AssetsController extends Controller
             ->with('item', new Asset)
             ->with('statuslabel_types', Helper::statusTypeList());
 
-        if ($request->has('model_id')) {
+        if ($request->filled('model_id')) {
             $selected_model = AssetModel::find($request->input('model_id'));
             $view->with('selected_model', $selected_model);
         }
@@ -143,7 +143,7 @@ class AssetsController extends Controller
         }
 
         // Create the image (if one was chosen.)
-        if ($request->has('image')) {
+        if ($request->filled('image')) {
             $image = $request->input('image');
 
             // After modification, the image is prefixed by mime info like the following:
@@ -163,7 +163,7 @@ class AssetsController extends Controller
             }
             $path = public_path('uploads/assets/'.$file_name);
             try {
-                Image::make($image)->resize(500, 500, function ($constraint) {
+                Image::make($image)->resize(800, 800, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save($path);
@@ -183,7 +183,7 @@ class AssetsController extends Controller
         // Validation for these fields is handled through the AssetRequest form request
         $model = AssetModel::find($request->get('model_id'));
 
-        if ($model->fieldset) {
+        if (($model) && ($model->fieldset)) {
             foreach ($model->fieldset->fields as $field) {
                 if ($field->field_encrypted=='1') {
                     if (Gate::allows('admin')) {
@@ -313,7 +313,7 @@ class AssetsController extends Controller
         $asset->supplier_id = $request->input('supplier_id', null);
 
         // If the box isn't checked, it's not in the request at all.
-        $asset->requestable = $request->has('requestable');
+        $asset->requestable = $request->filled('requestable');
         $asset->rtd_location_id = $request->input('rtd_location_id', null);
 
         if ($asset->assigned_to=='') {
@@ -321,7 +321,7 @@ class AssetsController extends Controller
         }
 
 
-        if ($request->has('image_delete')) {
+        if ($request->filled('image_delete')) {
             try {
                 unlink(public_path().'/uploads/assets/'.$asset->image);
                 $asset->image = '';
@@ -343,7 +343,7 @@ class AssetsController extends Controller
         $asset->physical     = '1';
 
         // Update the image
-        if ($request->has('image')) {
+        if ($request->filled('image')) {
             $image = $request->input('image');
             // See postCreate for more explaination of the following.
             $header = explode(';', $image, 2)[0];
@@ -359,7 +359,7 @@ class AssetsController extends Controller
             $file_name = str_random(25).".".$extension;
             $path = public_path('uploads/assets/'.$file_name);
             try {
-                Image::make($image)->resize(500, 500, function ($constraint) {
+                Image::make($image)->resize(800, 800, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save($path);
@@ -380,7 +380,7 @@ class AssetsController extends Controller
         // FIXME: No idea why this is returning a Builder error on db_column_name.
         // Need to investigate and fix. Using static method for now.
         $model = AssetModel::find($request->get('model_id'));
-        if ($model->fieldset) {
+        if (($model) && ($model->fieldset)) {
             foreach ($model->fieldset->fields as $field) {
                 if ($field->field_encrypted=='1') {
                     if (Gate::allows('admin')) {
@@ -579,7 +579,7 @@ class AssetsController extends Controller
         //get the first row, usually the CSV header
         //$headers = $csv->fetchOne();
 
-        $results = $csv->fetchAssoc();
+        $results = $csv->getRecords();
         $item = array();
         $status = array();
         $status['error'] = array();
@@ -744,6 +744,18 @@ class AssetsController extends Controller
         return view('hardware/audit')->with('asset', $asset)->with('next_audit_date', $dt)->with('locations_list');
     }
 
+    public function dueForAudit()
+    {
+        $this->authorize('audit', Asset::class);
+        return view('hardware/audit-due');
+    }
+
+    public function overdueForAudit()
+    {
+        $this->authorize('audit', Asset::class);
+        return view('hardware/audit-overdue');
+    }
+
 
     public function auditStore(AssetFileRequest $request, $id)
     {

app/Http/Controllers/Auth/LoginController.php

@@ -193,7 +193,6 @@ class LoginController extends Controller
 
         if ($user = Auth::user()) {
             $user->last_login = \Carbon::now();
-            \Log::debug('Last login:'.$user->last_login);
             $user->save();
         }
         // Redirect to the users page
@@ -276,7 +275,7 @@ class LoginController extends Controller
             return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
         }
 
-        if (!$request->has('two_factor_secret')) {
+        if (!$request->filled('two_factor_secret')) {
             return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
         }
 
@@ -314,7 +313,7 @@ class LoginController extends Controller
             return redirect()->away($customLogoutUrl);
         }
 
-        return redirect()->route('login')->with('success',  trans('auth/general.logout.success'));
+        return redirect()->route('login')->with('success',  trans('auth/message.logout.success'));
     }
 
 

app/Http/Controllers/BulkAssetsController.php

@@ -26,13 +26,13 @@ class BulkAssetsController extends Controller
     {
         $this->authorize('update', Asset::class);
 
-        if (!$request->has('ids')) {
+        if (!$request->filled('ids')) {
             return redirect()->back()->with('error', 'No assets selected');
         }
 
         $asset_ids = array_keys($request->input('ids'));
 
-        if ($request->has('bulk_actions')) {
+        if ($request->filled('bulk_actions')) {
             switch($request->input('bulk_actions')) {
                 case 'labels':
                     return view('hardware/labels')
@@ -68,22 +68,22 @@ class BulkAssetsController extends Controller
 
         \Log::debug($request->input('ids'));
 
-        if(!$request->has('ids') || count($request->input('ids')) <= 0) {
+        if(!$request->filled('ids') || count($request->input('ids')) <= 0) {
             return redirect()->route("hardware.index")->with('warning', trans('No assets selected, so nothing was updated.'));
         }
 
         $assets = array_keys($request->input('ids'));
 
-        if (($request->has('purchase_date'))
-            || ($request->has('purchase_cost'))
-            || ($request->has('supplier_id'))
-            || ($request->has('order_number'))
-            || ($request->has('warranty_months'))
-            || ($request->has('rtd_location_id'))
-            || ($request->has('requestable'))
-            || ($request->has('company_id'))
-            || ($request->has('status_id'))
-            || ($request->has('model_id'))
+        if (($request->filled('purchase_date'))
+            || ($request->filled('purchase_cost'))
+            || ($request->filled('supplier_id'))
+            || ($request->filled('order_number'))
+            || ($request->filled('warranty_months'))
+            || ($request->filled('rtd_location_id'))
+            || ($request->filled('requestable'))
+            || ($request->filled('company_id'))
+            || ($request->filled('status_id'))
+            || ($request->filled('model_id'))
         ) {
             foreach ($assets as $assetId) {
                 $this->update_array = [];
@@ -96,20 +96,20 @@ class BulkAssetsController extends Controller
                     ->conditionallyAddItem('supplier_id')
                     ->conditionallyAddItem('warranty_months');
 
-                if ($request->has('purchase_cost')) {
+                if ($request->filled('purchase_cost')) {
                     $this->update_array['purchase_cost'] =  Helper::ParseFloat($request->input('purchase_cost'));
                 }
 
-                if ($request->has('company_id')) {
+                if ($request->filled('company_id')) {
                     $this->update_array['company_id'] =  $request->input('company_id');
                     if ($request->input('company_id')=="clear") {
                         $this->update_array['company_id'] = null;
                     }
                 }
 
-                if ($request->has('rtd_location_id')) {
+                if ($request->filled('rtd_location_id')) {
                     $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
-                    if (($request->has('update_real_loc')) && (($request->input('update_real_loc')) == '1')) {
+                    if (($request->filled('update_real_loc')) && (($request->input('update_real_loc')) == '1')) {
                         $this->update_array['location_id'] = $request->input('rtd_location_id');
                     }
                 }
@@ -137,7 +137,7 @@ class BulkAssetsController extends Controller
      */
     protected function conditionallyAddItem($field)
     {
-        if(request()->has($field)) {
+        if(request()->filled($field)) {
             $this->update_array[$field] = request()->input($field);
         }
         return $this;
@@ -155,7 +155,7 @@ class BulkAssetsController extends Controller
     {
         $this->authorize('delete', Asset::class);
 
-        if ($request->has('ids')) {
+        if ($request->filled('ids')) {
             $assets = Asset::find($request->get('ids'));
             foreach ($assets as $asset) {
                 $update_array['deleted_at'] = date('Y-m-d H:i:s');
@@ -206,13 +206,13 @@ class BulkAssetsController extends Controller
                 }
             }
             $checkout_at = date("Y-m-d H:i:s");
-            if (($request->has('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
                 $checkout_at = e($request->get('checkout_at'));
             }
 
             $expected_checkin = '';
 
-            if ($request->has('expected_checkin')) {
+            if ($request->filled('expected_checkin')) {
                 $expected_checkin = e($request->get('expected_checkin'));
             }
 

app/Http/Controllers/CategoriesController.php

@@ -87,7 +87,7 @@ class CategoriesController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/categories/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -164,7 +164,7 @@ class CategoriesController extends Controller
             $file_name = $category->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('categories_upload_path').$file_name);

app/Http/Controllers/CompaniesController.php

@@ -67,7 +67,7 @@ final class CompaniesController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/companies/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -133,7 +133,7 @@ final class CompaniesController extends Controller
             $file_name = $company->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('companies_upload_path').$file_name);

app/Http/Controllers/ComponentsController.php

@@ -95,7 +95,7 @@ class ComponentsController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/components/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -168,7 +168,7 @@ class ComponentsController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/components/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);

app/Http/Controllers/ConsumablesController.php

@@ -91,7 +91,7 @@ class ConsumablesController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/consumables/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -162,7 +162,7 @@ class ConsumablesController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/consumables/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);

app/Http/Controllers/CustomFieldsetsController.php

@@ -44,7 +44,7 @@ class CustomFieldsetsController extends Controller
             $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();
 
             $maxid = 0;
-            foreach ($cfset->fields() as $field) {
+            foreach ($cfset->fields as $field) {
                 if ($field->pivot->order > $maxid) {
                     $maxid=$field->pivot->order;
                 }
@@ -172,7 +172,7 @@ class CustomFieldsetsController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function associate($id)
+    public function associate(Request $request, $id)
     {
 
         $set = CustomFieldset::find($id);
@@ -180,12 +180,12 @@ class CustomFieldsetsController extends Controller
         $this->authorize('update', $set);
 
         foreach ($set->fields as $field) {
-            if ($field->id == Input::get('field_id')) {
+            if ($field->id == $request->input('field_id')) {
                 return redirect()->route("fieldsets.show", [$id])->withInput()->withErrors(['field_id' => trans('admin/custom_fields/message.field.already_added')]);
             }
         }
 
-        $results=$set->fields()->attach(Input::get('field_id'), ["required" => (Input::get('required') == "on"),"order" => Input::get('order')]);
+        $results = $set->fields()->attach(Input::get('field_id'), ["required" => ($request->input('required') == "on"),"order" => $request->input('order', 1)]);
 
         return redirect()->route("fieldsets.show", [$id])->with("success", trans('admin/custom_fields/message.field.create.assoc_success'));
     }

app/Http/Controllers/DepartmentsController.php

@@ -30,7 +30,7 @@ class DepartmentsController extends Controller
     {
         $this->authorize('index', Department::class);
         $company = null;
-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
             $company = Company::find($request->input('company_id'));
         }
         return view('departments/index')->with('company', $company);
@@ -51,13 +51,13 @@ class DepartmentsController extends Controller
         $department = new Department;
         $department->fill($request->all());
         $department->user_id = Auth::user()->id;
-        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+        $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);
 
         if ($request->file('image')) {
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/departments/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -162,7 +162,7 @@ class DepartmentsController extends Controller
         $this->authorize('update', $department);
 
         $department->fill($request->all());
-        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+        $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);
 
         $old_image = $department->image;
 
@@ -176,7 +176,7 @@ class DepartmentsController extends Controller
             $file_name = $department->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('departments_upload_path').$file_name);

app/Http/Controllers/LicensesController.php

@@ -179,7 +179,9 @@ class LicensesController extends Controller
         $license->purchase_date     = $request->input('purchase_date');
         $license->purchase_order    = $request->input('purchase_order');
         $license->reassignable      = $request->input('reassignable', 0);
-        $license->serial            = $request->input('serial');
+        if (Gate::allows('viewKeys', $license)) {
+            $license->serial        = $request->input('serial');
+        }
         $license->termination_date  = $request->input('termination_date');
         $license->seats             = e($request->input('seats'));
         $license->manufacturer_id   =  $request->input('manufacturer_id');
@@ -413,20 +415,7 @@ class LicensesController extends Controller
             return redirect()->back()->withInput();
         }
 
-        // Declare the rules for the form validation
-        $rules = array(
-            'note'   => 'string',
-            'notes'   => 'string',
-        );
 
-        // Create a new validator instance from our validation rules
-        $validator = Validator::make(Input::all(), $rules);
-
-        // If validation fails, we'll exit the operation now.
-        if ($validator->fails()) {
-            // Ooops.. something went wrong
-            return redirect()->back()->withInput()->withErrors($validator);
-        }
         $return_to = User::find($licenseSeat->assigned_to);
         if (!$return_to) {
             $return_to = Asset::find($licenseSeat->asset_id);
@@ -438,7 +427,7 @@ class LicensesController extends Controller
 
         // Was the asset updated?
         if ($licenseSeat->save()) {
-            $licenseSeat->logCheckin($return_to, e(request('note')));
+            $licenseSeat->logCheckin($license, e(request('note')));
             if ($backTo=='user') {
                 return redirect()->route("users.show", $return_to->id)->with('success', trans('admin/licenses/message.checkin.success'));
             }
@@ -556,21 +545,24 @@ class LicensesController extends Controller
         $destinationPath = config('app.private_uploads').'/licenses';
 
         // the license is valid
-        if (isset($license->id)) {
+        if ($license) {
             $this->authorize('edit', $license);
             $log = Actionlog::find($fileId);
-            $full_filename = $destinationPath.'/'.$log->filename;
-            if (file_exists($full_filename)) {
-                unlink($destinationPath.'/'.$log->filename);
+            if ($log) {
+                $full_filename = $destinationPath.'/'.$log->filename;
+                if (file_exists($full_filename)) {
+                    unlink($destinationPath.'/'.$log->filename);
+                }
+                $log->delete();
+                return redirect()->back()->with('success', trans('admin/licenses/message.deletefile.success'));
             }
-            $log->delete();
-            return redirect()->back()->with('success', trans('admin/licenses/message.deletefile.success'));
+
+            return redirect()->back()->with('error', 'Could not locate that file.');
+
         }
-        // Prepare the error message
-        $error = trans('admin/licenses/message.does_not_exist', compact('id'));
 
         // Redirect to the licence management page
-        return redirect()->route('licenses.index')->with('error', $error);
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', compact('id')));
     }
 
 
@@ -593,29 +585,31 @@ class LicensesController extends Controller
         if (isset($license->id)) {
             $this->authorize('view', $license);
             $log = Actionlog::find($fileId);
-            $file = $log->get_src('licenses');
 
+            if ($log) {
 
-            if ($file =='') {
-                return response('File not found on server', 404)
-                    ->header('Content-Type', 'text/plain');
-            }
-
-            $mimetype = \File::mimeType($file);
-
-
-            if (!file_exists($file)) {
-                return response('File '.$file.' not found on server', 404)
-                    ->header('Content-Type', 'text/plain');
-            }
-
-            if ($download != 'true') {
-                if ($contents = file_get_contents($file)) {
-                    return Response::make($contents)->header('Content-Type', $mimetype);
+                $file = $log->get_src('licenses');
+                if ($file =='') {
+                    return response('File not found on server', 404)
+                        ->header('Content-Type', 'text/plain');
                 }
-                return JsonResponse::create(["error" => "Failed validation: "], 500);
+
+                $mimetype = \File::mimeType($file);
+
+                if (!file_exists($file)) {
+                    return response('File '.$file.' not found on server', 404)
+                        ->header('Content-Type', 'text/plain');
+                }
+
+                if ($download != 'true') {
+                    if ($contents = file_get_contents($file)) {
+                        return Response::make($contents)->header('Content-Type', $mimetype);
+                    }
+                    return JsonResponse::create(["error" => "Failed validation: "], 500);
+                }
+                return Response::download($file);
             }
-            return Response::download($file);
+
         }
 
 

app/Http/Controllers/LocationsController.php

@@ -101,7 +101,7 @@ class LocationsController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/locations/'.$file_name);
-            Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -185,7 +185,7 @@ class LocationsController extends Controller
             $file_name = $location->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('locations_upload_path').$file_name);

app/Http/Controllers/ManufacturersController.php

@@ -81,7 +81,7 @@ class ManufacturersController extends Controller
             $image = $request->file('image');
             $file_name = str_slug($image->getClientOriginalName()).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/manufacturers/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -155,7 +155,7 @@ class ManufacturersController extends Controller
             $file_name = $manufacturer->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('manufacturers_upload_path').$file_name);

app/Http/Controllers/ProfileController.php

@@ -49,6 +49,9 @@ class ProfileController extends Controller
         $user->last_name  = $request->input('last_name');
         $user->website    = $request->input('website');
         $user->gravatar   = $request->input('gravatar');
+        $user->phone   = $request->input('phone');
+
+
 
         if (!config('app.lock_passwords')) {
             $user->locale = $request->input('locale', 'en');

app/Http/Controllers/ReportsController.php

@@ -314,65 +314,65 @@ class ReportsController extends Controller
             // Open output stream
             $handle = fopen('php://output', 'w');
             
-            if ($request->has('use_bom')) {
+            if ($request->filled('use_bom')) {
                 fprintf($handle, chr(0xEF) . chr(0xBB) . chr(0xBF));
             }
 
             $header = [];
 
 
-            if ($request->has('company')) {
+            if ($request->filled('company')) {
                 $header[] = trans('general.company');
             }
 
-            if ($request->has('asset_name')) {
+            if ($request->filled('asset_name')) {
                 $header[] = trans('admin/hardware/form.name');
             }
 
-            if ($request->has('asset_tag')) {
+            if ($request->filled('asset_tag')) {
                 $header[] = trans('admin/hardware/table.asset_tag');
             }
 
-            if ($request->has('model')) {
+            if ($request->filled('model')) {
                 $header[] = trans('admin/hardware/form.model');
                 $header[] = trans('general.model_no');
             }
 
-            if ($request->has('category')) {
+            if ($request->filled('category')) {
                 $header[] = trans('general.category');
             }
 
-            if ($request->has('manufacturer')) {
+            if ($request->filled('manufacturer')) {
                 $header[] = trans('admin/hardware/form.manufacturer');
             }
 
-            if ($request->has('serial')) {
+            if ($request->filled('serial')) {
                 $header[] = trans('admin/hardware/table.serial');
             }
-            if ($request->has('purchase_date')) {
+            if ($request->filled('purchase_date')) {
                 $header[] = trans('admin/hardware/table.purchase_date');
             }
 
-            if (($request->has('purchase_cost'))  || ($request->has('depreciation'))) {
+            if (($request->filled('purchase_cost'))  || ($request->filled('depreciation'))) {
                 $header[] = trans('admin/hardware/table.purchase_cost');
             }
 
-            if ($request->has('eol')) {
+            if ($request->filled('eol')) {
                 $header[] = trans('admin/hardware/table.eol');
             }
 
-            if ($request->has('order')) {
+            if ($request->filled('order')) {
                 $header[] = trans('admin/hardware/form.order');
             }
 
-            if ($request->has('supplier')) {
+            if ($request->filled('supplier')) {
                 $header[] = trans('general.supplier');
             }
 
-            if ($request->has('location')) {
+            if ($request->filled('location')) {
                 $header[] = trans('admin/hardware/table.location');
             }
-            if ($request->has('location_address')) {
+            if ($request->filled('location_address')) {
                 $header[] = trans('general.address');
                 $header[] = trans('general.address');
                 $header[] = trans('general.city');
@@ -381,11 +381,11 @@ class ReportsController extends Controller
                 $header[] = trans('general.zip');
             }
 
-            if ($request->has('rtd_location')) {
+            if ($request->filled('rtd_location')) {
                 $header[] = trans('admin/hardware/form.default_location');
             }
             
-            if ($request->has('rtd_location_address')) {
+            if ($request->filled('rtd_location_address')) {
                 $header[] = trans('general.address');
                 $header[] = trans('general.address');
                 $header[] = trans('general.city');
@@ -395,65 +395,65 @@ class ReportsController extends Controller
             }
 
 
-            if ($request->has('assigned_to')) {
+            if ($request->filled('assigned_to')) {
                 $header[] = trans('admin/hardware/table.checkoutto');
                 $header[] = trans('general.type');
             }
 
-            if ($request->has('username')) {
+            if ($request->filled('username')) {
                 $header[] = 'Username';
             }
 
-            if ($request->has('employee_num')) {
+            if ($request->filled('employee_num')) {
                 $header[] = 'Employee No.';
             }
 
-            if ($request->has('manager')) {
+            if ($request->filled('manager')) {
                 $header[] = trans('admin/users/table.manager');
             }
 
-            if ($request->has('department')) {
+            if ($request->filled('department')) {
                 $header[] = trans('general.department');
             }
 
-            if ($request->has('status')) {
+            if ($request->filled('status')) {
                 $header[] = trans('general.status');
             }
 
-            if ($request->has('warranty')) {
+            if ($request->filled('warranty')) {
                 $header[] = 'Warranty';
                 $header[] = 'Warranty Expires';
             }
-            if ($request->has('depreciation')) {
+            if ($request->filled('depreciation')) {
                 $header[] = 'Value';
                 $header[] = 'Diff';
             }
 
-            if ($request->has('checkout_date')) {
+            if ($request->filled('checkout_date')) {
                 $header[] = trans('admin/hardware/table.checkout_date');
             }
 
-            if ($request->has('expected_checkin')) {
+            if ($request->filled('expected_checkin')) {
                 $header[] = trans('admin/hardware/form.expected_checkin');
             }
 
-            if ($request->has('created_at')) {
+            if ($request->filled('created_at')) {
                 $header[] = trans('general.created_at');
             }
 
-            if ($request->has('updated_at')) {
+            if ($request->filled('updated_at')) {
                 $header[] = trans('general.updated_at');
             }
 
-            if ($request->has('last_audit_date')) {
+            if ($request->filled('last_audit_date')) {
                 $header[] = trans('general.last_audit');
             }
 
-            if ($request->has('next_audit_date')) {
+            if ($request->filled('next_audit_date')) {
                 $header[] = trans('general.next_audit_date');
             }
 
-            if ($request->has('notes')) {
+            if ($request->filled('notes')) {
                 $header[] = trans('general.notes');
             }
 
@@ -471,52 +471,52 @@ class ReportsController extends Controller
                 'location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
                 'model.category', 'model.manufacturer','supplier');
             
-            if ($request->has('by_location_id')) {
+            if ($request->filled('by_location_id')) {
                 $assets->where('assets.location_id', $request->input('by_location_id'));
             }
 
-            if ($request->has('by_rtd_location_id')) {
+            if ($request->filled('by_rtd_location_id')) {
                 \Log::debug('RTD location should match: '.$request->input('by_rtd_location_id'));
                 $assets->where('assets.rtd_location_id', $request->input('by_rtd_location_id'));
             }
 
-            if ($request->has('by_supplier_id')) {
+            if ($request->filled('by_supplier_id')) {
                 $assets->where('assets.supplier_id', $request->input('by_supplier_id'));
             }
 
-            if ($request->has('by_company_id')) {
+            if ($request->filled('by_company_id')) {
                 $assets->where('assets.company_id', $request->input('by_company_id'));
             }
 
-            if ($request->has('by_model_id')) {
+            if ($request->filled('by_model_id')) {
                 $assets->where('assets.model_id', $request->input('by_model_id'));
             }
 
-            if ($request->has('by_category_id')) {
+            if ($request->filled('by_category_id')) {
                 $assets->InCategory($request->input('by_category_id'));
             }
 
-            if ($request->has('by_manufacturer_id')) {
+            if ($request->filled('by_manufacturer_id')) {
                 $assets->ByManufacturer($request->input('by_manufacturer_id'));
             }
 
-            if ($request->has('by_order_number')) {
+            if ($request->filled('by_order_number')) {
                 $assets->where('assets.order_number', $request->input('by_order_number'));
             }
 
-            if ($request->has('by_status_id')) {
+            if ($request->filled('by_status_id')) {
                 $assets->where('assets.status_id', $request->input('by_status_id'));
             }
 
-            if (($request->has('purchase_start')) && ($request->has('purchase_end'))) {
+            if (($request->filled('purchase_start')) && ($request->filled('purchase_end'))) {
                 $assets->whereBetween('assets.purchase_date', [$request->input('purchase_start'), $request->input('purchase_end')]);
             }
 
-            if (($request->has('created_start')) && ($request->has('created_end'))) {
+            if (($request->filled('created_start')) && ($request->filled('created_end'))) {
                 $assets->whereBetween('assets.created_at', [$request->input('created_start'), $request->input('created_end')]);
             }
 
-            if (($request->has('expected_checkin_start')) && ($request->has('expected_checkin_end'))) {
+            if (($request->filled('expected_checkin_start')) && ($request->filled('expected_checkin_end'))) {
                 $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
             }
             
@@ -525,61 +525,61 @@ class ReportsController extends Controller
                 foreach ($assets as $asset) {
                     $row = [];
                     
-                    if ($request->has('company')) {
+                    if ($request->filled('company')) {
                         $row[] = ($asset->company) ? $asset->company->name : '';
                     }
 
-                    if ($request->has('asset_name')) {
+                    if ($request->filled('asset_name')) {
                         $row[] = ($asset->name) ? $asset->name : '';
                     }
 
-                    if ($request->has('asset_tag')) {
+                    if ($request->filled('asset_tag')) {
                         $row[] = ($asset->asset_tag) ? $asset->asset_tag : '';
                     }
 
-                    if ($request->has('model')) {
+                    if ($request->filled('model')) {
                         $row[] = ($asset->model) ? $asset->model->name : '';
                         $row[] = ($asset->model) ? $asset->model->model_number : '';
                     }
 
-                    if ($request->has('category')) {
+                    if ($request->filled('category')) {
                         $row[] = (($asset->model) && ($asset->model->category)) ? $asset->model->category->name : '';
                     }
 
-                    if ($request->has('manufacturer')) {
+                    if ($request->filled('manufacturer')) {
                         $row[] = ($asset->model && $asset->model->manufacturer) ? $asset->model->manufacturer->name : '';
                     }
 
-                    if ($request->has('serial')) {
+                    if ($request->filled('serial')) {
                         $row[] = ($asset->serial) ? $asset->serial : '';
                     }
 
-                    if ($request->has('purchase_date')) {
+                    if ($request->filled('purchase_date')) {
                         $row[] = ($asset->purchase_date) ? $asset->purchase_date : '';
                     }
 
-                    if ($request->has('purchase_cost')) {
+                    if ($request->filled('purchase_cost')) {
                         $row[] = ($asset->purchase_cost) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '';
                     }
 
-                    if ($request->has('eol')) {
+                    if ($request->filled('eol')) {
                         $row[] = ($asset->purchase_date!='') ? $asset->present()->eol_date() : '';
                     }
 
-                    if ($request->has('order')) {
+                    if ($request->filled('order')) {
                         $row[] = ($asset->order_number) ? $asset->order_number : '';
                     }
 
-                    if ($request->has('supplier')) {
+                    if ($request->filled('supplier')) {
                         $row[] = ($asset->supplier) ? $asset->supplier->name : '';
                     }
                     
 
-                    if ($request->has('location')) {
+                    if ($request->filled('location')) {
                         $row[] = ($asset->location) ? $asset->location->present()->name() : '';
                     }
 
-                    if ($request->has('location_address')) {
+                    if ($request->filled('location_address')) {
                         $row[] = ($asset->location) ? $asset->location->address : '';
                         $row[] = ($asset->location) ? $asset->location->address2 : '';
                         $row[] = ($asset->location) ? $asset->location->city : '';
@@ -588,11 +588,11 @@ class ReportsController extends Controller
                         $row[] = ($asset->location) ? $asset->location->zip : '';
                     }
 
-                    if ($request->has('rtd_location')) {
+                    if ($request->filled('rtd_location')) {
                         $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->present()->name() : '';
                     }
 
-                    if ($request->has('rtd_location_address')) {
+                    if ($request->filled('rtd_location_address')) {
                         $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->address : '';
                         $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->address2 : '';
                         $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->city : '';
@@ -602,12 +602,12 @@ class ReportsController extends Controller
                     }
 
 
-                    if ($request->has('assigned_to')) {
+                    if ($request->filled('assigned_to')) {
                         $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? $asset->assigned->getFullNameAttribute() : ($asset->assigned ? $asset->assigned->display_name : '');
                         $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? 'user' : $asset->assignedType();
                     }
 
-                    if ($request->has('username')) {
+                    if ($request->filled('username')) {
                         // Only works if we're checked out to a user, not anything else.
                         if ($asset->checkedOutToUser()) {
                             $row[] = ($asset->assignedto) ? $asset->assignedto->username : '';
@@ -616,7 +616,7 @@ class ReportsController extends Controller
                         }
                     }
 
-                    if ($request->has('employee_num')) {
+                    if ($request->filled('employee_num')) {
                         // Only works if we're checked out to a user, not anything else.
                         if ($asset->checkedOutToUser()) {
                             $row[] = ($asset->assignedto) ? $asset->assignedto->employee_num : '';
@@ -625,7 +625,7 @@ class ReportsController extends Controller
                         }
                     }
 
-                    if ($request->has('manager')) {
+                    if ($request->filled('manager')) {
                         if ($asset->checkedOutToUser()) {
                             $row[] = (($asset->assignedto) && ($asset->assignedto->manager)) ? $asset->assignedto->manager->present()->fullName : '';
                         } else {
@@ -634,7 +634,7 @@ class ReportsController extends Controller
                     }
 
 
-                    if ($request->has('department')) {
+                    if ($request->filled('department')) {
                         if ($asset->checkedOutToUser()) {
                             $row[] = (($asset->assignedto) && ($asset->assignedto->department)) ? $asset->assignedto->department->name : '';
                         } else {
@@ -642,55 +642,55 @@ class ReportsController extends Controller
                         }
                     }
 
-                    if ($request->has('status')) {
+                    if ($request->filled('status')) {
                         $row[] = ($asset->assetstatus) ? $asset->assetstatus->name.' ('.$asset->present()->statusMeta.')' : '';
                     }
 
 
-                    if ($request->has('warranty')) {
+                    if ($request->filled('warranty')) {
                         $row[] = ($asset->warranty_months) ? $asset->warranty_months : '';
                         $row[] = $asset->present()->warrantee_expires();
                     }
 
 
-                    if ($request->has('depreciation')) {
+                    if ($request->filled('depreciation')) {
                             $depreciation = $asset->getDepreciatedValue();
                             $diff = ($asset->purchase_cost - $depreciation);
                             $row[]        = Helper::formatCurrencyOutput($depreciation);
                             $row[]        = Helper::formatCurrencyOutput($diff);
                     }
 
-                    if ($request->has('checkout_date')) {
+                    if ($request->filled('checkout_date')) {
                         $row[] = ($asset->last_checkout) ? $asset->last_checkout : '';
                     }
 
-                    if ($request->has('expected_checkin')) {
+                    if ($request->filled('expected_checkin')) {
                         $row[] = ($asset->expected_checkin) ? $asset->expected_checkin : '';
                     }
 
-                    if ($request->has('created_at')) {
+                    if ($request->filled('created_at')) {
                         $row[] = ($asset->created_at) ? $asset->created_at : '';
                     }
 
-                    if ($request->has('updated_at')) {
+                    if ($request->filled('updated_at')) {
                         $row[] = ($asset->updated_at) ? $asset->updated_at : '';
                     }
 
-                    if ($request->has('last_audit_date')) {
+                    if ($request->filled('last_audit_date')) {
                         $row[] = ($asset->last_audit_date) ? $asset->last_audit_date : '';
                     }
 
-                    if ($request->has('next_audit_date')) {
+                    if ($request->filled('next_audit_date')) {
                         $row[] = ($asset->next_audit_date) ? $asset->next_audit_date : '';
                     }
 
-                    if ($request->has('notes')) {
+                    if ($request->filled('notes')) {
                         $row[] = ($asset->notes) ? $asset->notes : '';
                     }
 
                     foreach ($customfields as $customfield) {
                         $column_name = $customfield->db_column_name();
-                        if ($request->has($customfield->db_column_name())) {
+                        if ($request->filled($customfield->db_column_name())) {
                             $row[] = $asset->$column_name;
                         }
                     }

app/Http/Controllers/SettingsController.php

@@ -326,7 +326,7 @@ class SettingsController extends Controller
 
         $setting->modellist_displays = '';
 
-        if (($request->has('show_in_model_list')) && (count($request->input('show_in_model_list')) > 0))
+        if (($request->filled('show_in_model_list')) && (count($request->input('show_in_model_list')) > 0))
         {
             $setting->modellist_displays = implode(',', $request->input('show_in_model_list'));
         }
@@ -495,7 +495,7 @@ class SettingsController extends Controller
         $setting->pwd_secure_complexity = '';
 
 
-        if ($request->has('pwd_secure_complexity')) {
+        if ($request->filled('pwd_secure_complexity')) {
             $setting->pwd_secure_complexity =  implode('|', $request->input('pwd_secure_complexity'));
         }
 
@@ -794,31 +794,31 @@ class SettingsController extends Controller
 
 
 
-        if ($request->has('labels_display_name')) {
+        if ($request->filled('labels_display_name')) {
             $setting->labels_display_name = 1;
         } else {
             $setting->labels_display_name = 0;
         }
 
-        if ($request->has('labels_display_serial')) {
+        if ($request->filled('labels_display_serial')) {
             $setting->labels_display_serial = 1;
         } else {
             $setting->labels_display_serial = 0;
         }
 
-        if ($request->has('labels_display_tag')) {
+        if ($request->filled('labels_display_tag')) {
             $setting->labels_display_tag = 1;
         } else {
             $setting->labels_display_tag = 0;
 	    }
 
-	    if ($request->has('labels_display_tag')) {
+	    if ($request->filled('labels_display_tag')) {
              $setting->labels_display_tag = 1;
          } else {
              $setting->labels_display_tag = 0;
          }
 
-        if ($request->has('labels_display_model')) {
+        if ($request->filled('labels_display_model')) {
             $setting->labels_display_model = 1;
         } else {
             $setting->labels_display_model = 0;
@@ -865,7 +865,7 @@ class SettingsController extends Controller
         $setting->ldap_server = $request->input('ldap_server');
         $setting->ldap_server_cert_ignore = $request->input('ldap_server_cert_ignore', false);
         $setting->ldap_uname = $request->input('ldap_uname');
-        if (Input::has('ldap_pword')) {
+        if (Input::filled('ldap_pword')) {
             $setting->ldap_pword = Crypt::encrypt($request->input('ldap_pword'));
         }
         $setting->ldap_basedn = $request->input('ldap_basedn');
@@ -907,7 +907,7 @@ class SettingsController extends Controller
     public function getBackups()
     {
 
-        $path = storage_path().'/app/'.config('laravel-backup.backup.name');
+        $path = storage_path().'/app/'.config('backup.backup.name');
 
         $files = array();
 
@@ -983,7 +983,7 @@ class SettingsController extends Controller
     public function downloadFile($filename = null)
     {
         if (!config('app.lock_passwords')) {
-            $path = storage_path().'/app/'.config('laravel-backup.backup.name');
+            $path = storage_path().'/app/'.config('backup.backup.name');
             $file = $path.'/'.$filename;
             if (file_exists($file)) {
                 return Response::download($file);
@@ -1012,7 +1012,7 @@ class SettingsController extends Controller
 
         if (!config('app.lock_passwords')) {
 
-            $path = storage_path().'/app/'.config('laravel-backup.backup.name');
+            $path = storage_path().'/app/'.config('backup.backup.name');
             $file = $path.'/'.$filename;
             if (file_exists($file)) {
                 unlink($file);

app/Http/Controllers/StatuslabelsController.php

@@ -78,7 +78,7 @@ class StatuslabelsController extends Controller
         // create a new model instance
         $statusLabel = new Statuslabel();
 
-        if (!$request->has('statuslabel_types')) {
+        if (!$request->filled('statuslabel_types')) {
             return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
         }
 
@@ -141,7 +141,7 @@ class StatuslabelsController extends Controller
             return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist'));
         }
 
-        if (!$request->has('statuslabel_types')) {
+        if (!$request->filled('statuslabel_types')) {
             return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
         }
 

app/Http/Controllers/SuppliersController.php

@@ -83,7 +83,7 @@ class SuppliersController extends Controller
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/suppliers/'.$file_name);
-            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
@@ -159,7 +159,7 @@ class SuppliersController extends Controller
             $file_name = $supplier->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
             if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                Image::make($image->getRealPath())->resize(800, null, function ($constraint) {
                     $constraint->aspectRatio();
                     $constraint->upsize();
                 })->save(app('suppliers_upload_path').$file_name);
@@ -196,7 +196,7 @@ class SuppliersController extends Controller
     public function destroy($supplierId)
     {
         $this->authorize('delete', Supplier::class);
-        if (is_null($supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets','licenses')->find($supplierId))) {
+        if (is_null($supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count','assets as assets_count','licenses as licenses_count')->find($supplierId))) {
             return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.not_found'));
         }
 

app/Http/Controllers/UsersController.php

@@ -107,7 +107,7 @@ class UsersController extends Controller
         //Username, email, and password need to be handled specially because the need to respect config values on an edit.
         $user->email = $data['email'] = e($request->input('email'));
         $user->username = $data['username'] = e($request->input('username'));
-        if ($request->has('password')) {
+        if ($request->filled('password')) {
             $user->password = bcrypt($request->input('password'));
             $data['password'] =  $request->input('password');
         }
@@ -139,13 +139,13 @@ class UsersController extends Controller
 
         if ($user->save()) {
 
-            if ($request->has('groups')) {
+            if ($request->filled('groups')) {
                 $user->groups()->sync($request->input('groups'));
             } else {
                 $user->groups()->sync(array());
             }
 
-            if (($request->input('email_user') == 1) && ($request->has('email'))) {
+            if (($request->input('email_user') == 1) && ($request->filled('email'))) {
               // Send the credentials through email
                 $data = array();
                 $data['email'] = e($request->input('email'));
@@ -263,7 +263,7 @@ class UsersController extends Controller
         }
 
 
-        if ($request->has('username')) {
+        if ($request->filled('username')) {
             $user->username = $request->input('username');
         }
         $user->email = $request->input('email');
@@ -278,6 +278,7 @@ class UsersController extends Controller
         $user->activated = $request->input('activated', 0);
         $user->jobtitle = $request->input('jobtitle', null);
         $user->phone = $request->input('phone');
+        $user->website = $request->input('website', null);
         $user->location_id = $request->input('location_id', null);
         $user->company_id = Company::getIdForUser($request->input('company_id', null));
         $user->manager_id = $request->input('manager_id', null);
@@ -296,7 +297,7 @@ class UsersController extends Controller
             ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
 
         // Do we want to update the user password?
-        if ($request->has('password')) {
+        if ($request->filled('password')) {
             $user->password = bcrypt($request->input('password'));
         }
 
@@ -339,25 +340,25 @@ class UsersController extends Controller
             // Check if we are not trying to delete ourselves
             if ($user->id === Auth::user()->id) {
                 // Redirect to the user management page
-                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets()->count() . ' assets associated with them.');
+                return redirect()->route('users.index')->with('error', 'You cannot delete yourself.');
             }
 
-            if ($user->assets->count() > 0) {
+            if (($user->assets) && ($user->assets->count() > 0)) {
                 // Redirect to the user management page
-                return redirect()->route('users.index')->with('error', 'This user still has ' . count($user->assets->count()) . ' assets associated with them.');
+                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets->count() . ' assets associated with them. Use the Checkin and Delete button on the user profile to check these items back in and delete this user.');
             }
 
-            if ($user->licenses()->count() > 0) {
+            if (($user->licenses) && ($user->licenses->count() > 0)) {
                 // Redirect to the user management page
-                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets()->count() . ' assets associated with them.');
+                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->licenses->count() . ' license(s associated with them. Use the Checkin and Delete button on the user profile to check these items back in and delete this user.');
             }
 
-            if ($user->accessories()->count() > 0) {
+            if (($user->accessories) && ($user->accessories->count() > 0)) {
                 // Redirect to the user management page
-                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->accessories()->count() . ' accessories associated with them.');
+                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->accessories->count() . ' accessories associated with them. Use the Checkin and Delete button on the user profile to check these items back in and delete this user.');
             }
 
-            if ($user->managedLocations()->count() > 0) {
+            if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
                 // Redirect to the user management page
                 return redirect()->route('users.index')->with('error', 'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.');
             }
@@ -389,7 +390,7 @@ class UsersController extends Controller
     {
         $this->authorize('update', User::class);
 
-        if (($request->has('ids')) && (count($request->input('ids')) > 0)) {
+        if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
             $statuslabel_list = Helper::statusLabelList();
             $user_raw_array = array_keys(Input::get('ids'));
             $users = User::whereIn('id', $user_raw_array)->with('groups', 'assets', 'licenses', 'accessories')->get();
@@ -415,28 +416,28 @@ class UsersController extends Controller
     {
         $this->authorize('update', User::class);
 
-        if (($request->has('ids')) && (count($request->input('ids')) > 0)) {
+        if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
 
             $user_raw_array = $request->input('ids');
             $update_array = array();
             $manager_conflict = false;
             $users = User::whereIn('id', $user_raw_array)->where('id', '!=', Auth::user()->id)->get();
 
-            if ($request->has('location_id')) {
+            if ($request->filled('location_id')) {
                 $update_array['location_id'] = $request->input('location_id');
             }
-            if ($request->has('department_id')) {
+            if ($request->filled('department_id')) {
                 $update_array['department_id'] = $request->input('department_id');
             }
-            if ($request->has('company_id')) {
+            if ($request->filled('company_id')) {
                 $update_array['company_id'] = $request->input('company_id');
             }
-            if ($request->has('locale')) {
+            if ($request->filled('locale')) {
                 $update_array['locale'] = $request->input('locale');
             }
 
 
-            if ($request->has('manager_id')) {
+            if ($request->filled('manager_id')) {
 
                 // Do not allow a manager update if the selected manager is one of the users being
                 // edited.
@@ -447,7 +448,7 @@ class UsersController extends Controller
                 }
 
             }
-            if ($request->has('activated')) {
+            if ($request->filled('activated')) {
                 $update_array['activated'] = $request->input('activated');
             }
 
@@ -457,7 +458,7 @@ class UsersController extends Controller
             }
 
             // Only sync groups if groups were selected
-            if ($request->has('groups')) {
+            if ($request->filled('groups')) {
                 foreach ($users as $user) {
                     $user->groups()->sync($request->input('groups'));
                 }
@@ -489,9 +490,9 @@ class UsersController extends Controller
     {
         $this->authorize('update', User::class);
 
-        if ((!$request->has('ids')) || (count($request->input('ids')) == 0)) {
+        if ((!$request->filled('ids')) || (count($request->input('ids')) == 0)) {
             return redirect()->back()->with('error', 'No users selected');
-        } elseif ((!$request->has('status_id')) || ($request->input('status_id')=='')) {
+        } elseif ((!$request->filled('status_id')) || ($request->input('status_id')=='')) {
             return redirect()->route('users.index')->with('error', 'No status selected');
         } else {
 

app/Http/Controllers/ViewAssetsController.php

@@ -269,7 +269,7 @@ class ViewAssetsController extends Controller
             return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
-        if ($request->has('signature_output')) {
+        if ($request->filled('signature_output')) {
             $path = config('app.private_uploads').'/signatures';
             $sig_filename = "siglog-".$findlog->id.'-'.date('Y-m-d-his').".png";
             $data_uri = e($request->get('signature_output'));

app/Http/Kernel.php

@@ -44,7 +44,8 @@ class Kernel extends HttpKernel
         ],
 
         'api' => [
-            'throttle:60,1',
+            \Barryvdh\Cors\HandleCors::class,
+            'throttle:120,1',
             'auth:api',
         ],
     ];

app/Http/Middleware/EncryptCookies.php

@@ -6,6 +6,8 @@ use Illuminate\Cookie\Middleware\EncryptCookies as BaseEncrypter;
 
 class EncryptCookies extends BaseEncrypter
 {
+
+
     /**
      * The names of the cookies that should not be encrypted.
      *
@@ -14,4 +16,13 @@ class EncryptCookies extends BaseEncrypter
     protected $except = [
         //
     ];
+
+    /**
+     * Indicates if cookies should be serialized.
+     *
+     * @var bool
+     */
+    protected static $serialize = true;
+
+
 }

app/Http/Requests/AssetRequest.php

@@ -2,9 +2,11 @@
 
 namespace App\Http\Requests;
 
-use App\Http\Requests\Request;
 use App\Models\AssetModel;
 use Session;
+use Illuminate\Http\Exceptions\HttpResponseException;
+
+use Illuminate\Contracts\Validation\Validator;
 
 class AssetRequest extends Request
 {
@@ -30,7 +32,7 @@ class AssetRequest extends Request
             'model_id'        => 'required|integer|exists:models,id',
             'status_id'       => 'required|integer|exists:status_labels,id',
             'company_id'      => 'integer|nullable',
-            'warranty_months' => 'numeric|nullable',
+            'warranty_months' => 'numeric|nullable|digits_between:0,240',
             'physical'        => 'integer|nullable',
             'checkout_date'   => 'date',
             'checkin_date'    => 'date',
@@ -46,7 +48,7 @@ class AssetRequest extends Request
 
         $rules['asset_tag'] = ($settings->auto_increment_assets == '1') ? 'max:255' : 'required';
 
-        if($this->request->get('model_id') != '') {
+        if ($this->request->get('model_id') != '') {
             $model = AssetModel::find($this->request->get('model_id'));
 
             if (($model) && ($model->fieldset)) {
@@ -58,11 +60,26 @@ class AssetRequest extends Request
 
     }
 
-    public function response(array $errors)
+
+    /**
+     * Handle a failed validation attempt.
+     *
+     * public function json($data = [], $status = 200, array $headers = [], $options = 0)
+     *
+     * @param  \Illuminate\Contracts\Validation\Validator  $validator
+     * @return void
+     *
+     * @throws \Illuminate\Http\Exceptions\HttpResponseException
+     */
+    protected function failedValidation(Validator $validator)
     {
         $this->session()->flash('errors', Session::get('errors', new \Illuminate\Support\ViewErrorBag)
-            ->put('default', new \Illuminate\Support\MessageBag($errors)));
+            ->put('default', new \Illuminate\Support\MessageBag($validator->errors()->toArray())));
         \Input::flash();
-        return parent::response($errors);
+        throw new HttpResponseException(response()->json([
+            'status' => 'error',
+            'messages' => $validator->errors(),
+            'payload' => null
+        ], 422));
     }
 }

app/Http/Requests/SaveUserRequest.php

@@ -2,10 +2,12 @@
 
 namespace App\Http\Requests;
 
-use App\Http\Requests\Request;
 use App\Models\Setting;
+use Illuminate\Http\Exceptions\HttpResponseException;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Contracts\Validation\Validator;
 
-class SaveUserRequest extends Request
+class SaveUserRequest extends FormRequest
 {
     /**
      * Determine if the user is authorized to make this request.
@@ -62,4 +64,5 @@ class SaveUserRequest extends Request
         return $rules;
 
     }
+
 }

app/Http/Transformers/UsersTransformer.php

@@ -35,6 +35,7 @@ class UsersTransformer
                 ]  : null,
                 'jobtitle' => ($user->jobtitle) ? e($user->jobtitle) : null,
                 'phone' => ($user->phone) ? e($user->phone) : null,
+                'website' => ($user->website) ? e($user->website) : null,
                 'address' => ($user->address) ? e($user->address) : null,
                 'city' => ($user->city) ? e($user->city) : null,
                 'state' => ($user->state) ? e($user->state) : null,

app/Importer/Importer.php

@@ -120,7 +120,8 @@ abstract class Importer
     public function import()
     {
         $headerRow = $this->csv->fetchOne();
-        $results = $this->normalizeInputArray($this->csv->fetchAssoc());
+        $this->csv->setHeaderOffset(0); //explicitly sets the CSV document header record
+        $results = $this->normalizeInputArray($this->csv->getRecords($headerRow));
 
         $this->populateCustomFields($headerRow);
 

app/Models/Asset.php

@@ -75,7 +75,7 @@ class Asset extends Depreciable
         'model_id'        => 'required|integer|exists:models,id',
         'status_id'       => 'required|integer|exists:status_labels,id',
         'company_id'      => 'integer|nullable',
-        'warranty_months' => 'numeric|nullable',
+        'warranty_months' => 'numeric|nullable|digits_between:0,240',
         'physical'        => 'numeric|max:1|nullable',
         'checkout_date'   => 'date|max:10|min:10|nullable',
         'checkin_date'    => 'date|max:10|min:10|nullable',
@@ -796,6 +796,85 @@ class Asset extends Depreciable
         });
     }
 
+    /**
+     * Query builder scope for Assets that are due for auditing, based on the assets.next_audit_date
+     * and settings.audit_warning_days.
+     *
+     * This is/will be used in the artisan command snipeit:upcoming-audits and also
+     * for an upcoming API call for retrieving a report on assets that will need to be audited.
+     *
+     * Due for audit soon:
+     * next_audit_date greater than or equal to now (must be in the future)
+     * and (next_audit_date - threshold days) <= now ()
+     *
+     * Example:
+     * next_audit_date = May 4, 2025
+     * threshold for alerts = 30 days
+     * now = May 4, 2019
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since v4.6.16
+     * @param Setting $settings
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeDueForAudit($query, $settings)
+    {
+        return $query->whereNotNull('assets.next_audit_date')
+            ->where('assets.next_audit_date', '>=', Carbon::now())
+            ->whereRaw("DATE_SUB(assets.next_audit_date, INTERVAL $settings->audit_warning_days DAY) <= '".Carbon::now()."'")
+            ->where('assets.archived', '=', 0)
+            ->NotArchived();
+    }
+
+    /**
+     * Query builder scope for Assets that are OVERDUE for auditing, based on the assets.next_audit_date
+     * and settings.audit_warning_days. It checks to see if assets.next audit_date is before now
+     *
+     * This is/will be used in the artisan command snipeit:upcoming-audits and also
+     * for an upcoming API call for retrieving a report on overdue assets.
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since v4.6.16
+     * @param Setting $settings
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeOverdueForAudit($query)
+    {
+        return $query->whereNotNull('assets.next_audit_date')
+            ->where('assets.next_audit_date', '<', Carbon::now())
+            ->where('assets.archived', '=', 0)
+            ->NotArchived();
+    }
+
+    /**
+     * Query builder scope for Assets that are due for auditing OR overdue, based on the assets.next_audit_date
+     * and settings.audit_warning_days.
+     *
+     * This is/will be used in the artisan command snipeit:upcoming-audits and also
+     * for an upcoming API call for retrieving a report on assets that will need to be audited.
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since v4.6.16
+     * @param Setting $settings
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeDueOrOverdueForAudit($query, $settings)
+    {
+        $interval = $settings->audit_warning_days ?? 0;
+
+        return $query->whereNotNull('assets.next_audit_date')
+            ->whereRaw("DATE_SUB(assets.next_audit_date, INTERVAL $interval DAY) <= '".Carbon::now()."'")
+            ->where('assets.archived', '=', 0)
+            ->NotArchived();
+    }
+
+
   /**
    * Query builder scope for Archived assets
    *
@@ -961,9 +1040,7 @@ class Asset extends Depreciable
                     ->orWhere('assets.order_number', 'LIKE', '%'.$search.'%')
                     ->orWhere('assets.notes', 'LIKE', '%'.$search.'%');
             }
-            foreach (CustomField::all() as $field) {
-                $query->orWhere('assets.'.$field->db_column_name(), 'LIKE', "%$search%");
-            }
+
         })->withTrashed()->whereNull("assets.deleted_at"); //workaround for laravel bug
     }
 

app/Models/Company.php

@@ -80,7 +80,13 @@ final class Company extends SnipeModel
         }
 
         $table = ($table_name) ? DB::getTablePrefix().$table_name."." : '';
-        return $query->where($table.$column, '=', $company_id); 
+
+        if(\Schema::hasColumn($query->getModel()->getTable(), $column)){
+             return $query->where($table.$column, '=', $company_id); 
+        } else {
+            return $query->join('users as users_comp', 'users_comp.id', 'user_id')->where('users_comp.company_id', '=', $company_id); 
+        }
+            
     }
 
     public static function getIdFromInput($unescaped_input)

app/Models/Department.php

@@ -26,7 +26,6 @@ class Department extends SnipeModel
 
     protected $rules = [
         'name'                  => 'required|max:255',
-        'user_id'               => 'nullable|exists:users,id',
         'location_id'           => 'numeric|nullable',
         'company_id'            => 'numeric|nullable',
         'manager_id'            => 'numeric|nullable',

app/Models/Group.php

@@ -7,10 +7,10 @@ use Watson\Validating\ValidatingTrait;
 
 class Group extends SnipeModel
 {
-    protected $table = 'groups';
+    protected $table = 'permission_groups';
 
     public $rules = array(
-      'name' => 'required|min:3|max:255',
+      'name' => 'required|min:2|max:255',
     );
 
     /**

app/Models/User.php

@@ -69,6 +69,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
         'email'                   => 'email|nullable',
         'password'                => 'required|min:6',
         'locale'                  => 'max:10|nullable',
+        'website'           => 'url|nullable',
     ];
 
     use Searchable;
@@ -490,7 +491,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
 
     public function scopeByGroup($query, $id) {
         return $query->whereHas('groups', function ($query) use ($id) {
-            $query->where('groups.id', '=', $id);
+            $query->where('permission_groups.id', '=', $id);
         });
     }
 
@@ -548,4 +549,17 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
     {
         return $query->leftJoin('departments as departments_users', 'users.department_id', '=', 'departments_users.id')->orderBy('departments_users.name', $order);
     }
+
+    /**
+     * Query builder scope to order on company
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderCompany($query, $order)
+    {
+        return $query->leftJoin('companies as companies_user', 'users.company_id', '=', 'companies_user.id')->orderBy('companies_user.name', $order);
+    }
 }

app/Notifications/SendUpcomingAuditNotification.php

@@ -0,0 +1,67 @@
+<?php
+
+namespace App\Notifications;
+
+use App\Models\Setting;
+use Illuminate\Bus\Queueable;
+use Illuminate\Notifications\Notification;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Notifications\Messages\MailMessage;
+
+class SendUpcomingAuditNotification extends Notification
+{
+    use Queueable;
+
+    /**
+     * Create a new notification instance.
+     *
+     * @return void
+     */
+    public function __construct($params, $threshold)
+    {
+        $this->assets = $params;
+        $this->threshold = $threshold;
+    }
+
+    /**
+     * Get the notification's delivery channels.
+     *
+     * @param  mixed  $notifiable
+     * @return array
+     */
+    public function via($notifiable)
+    {
+        return $notifyBy = ['mail'];
+    }
+
+    /**
+     * Get the mail representation of the notification.
+     *
+     * @param  mixed  $notifiable
+     * @return \Illuminate\Notifications\Messages\MailMessage
+     */
+    public function toMail($notifiable)
+    {
+        $message = (new MailMessage)->markdown('notifications.markdown.upcoming-audits',
+            [
+                'assets'  => $this->assets,
+                'threshold'  => $this->threshold,
+            ])
+            ->subject(trans_choice('mail.upcoming-audits', $this->assets->count(), ['count' => $this->assets->count(), 'threshold' => $this->threshold]));
+
+        return $message;
+    }
+
+    /**
+     * Get the array representation of the notification.
+     *
+     * @param  mixed  $notifiable
+     * @return array
+     */
+    public function toArray($notifiable)
+    {
+        return [
+            //
+        ];
+    }
+}

app/Policies/LicensePolicy.php

@@ -13,16 +13,27 @@ class LicensePolicy extends CheckoutablePermissionsPolicy
         return 'licenses';
     }
 
-   /**
-     * Determine whether the user can view license keys
-     *
-     * @param  \App\Models\User  $user
-     * @param  \App\Models\License  $license
-     * @return mixed
-     */
+    /**
+    * Determine whether the user can view license keys.
+    * This gets a little tricky, UX/logic-wise. If a user has the ability
+    * to create a license (which requires a product key), shouldn't they
+    * have the ability to see the product key as well?
+    *
+    * Example: I create the license, realize I need to change
+    * something (maybe I got the product key wrong), and now I can never
+    * see/edit that product key.
+    *
+    * @see https://github.com/snipe/snipe-it/issues/6956
+    * @param  \App\Models\User  $user
+    * @param  \App\Models\License  $license
+    * @return mixed
+    */
     public function viewKeys(User $user, License $license = null)
     {
-        return $user->hasAccess('licenses.keys');
+        if ($user->hasAccess('licenses.keys') || $user->hasAccess('licenses.create') || $user->hasAccess('licenses.edit')) {
+            return true;
+        }
+        return false;
     }
 
 }

app/Presenters/AssetAuditPresenter.php

@@ -0,0 +1,273 @@
+<?php
+namespace App\Presenters;
+
+use App\Models\CustomField;
+use DateTime;
+
+/**
+ * Class AssetPresenter
+ * @package App\Presenters
+ */
+class AssetAuditPresenter extends Presenter
+{
+
+    /**
+     * Json Column Layout for bootstrap table
+     * @return string
+     */
+    public static function dataTableLayout()
+    {
+        $layout = [
+             [
+                "field" => "id",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.id'),
+                "visible" => false
+            ], [
+                "field" => "company",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.company'),
+                "visible" => false,
+                "formatter" => 'assetCompanyObjFilterFormatter'
+            ], [
+                "field" => "name",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.name'),
+                "visible" => true,
+                "formatter" => "hardwareLinkFormatter"
+            ], [
+                "field" => "image",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/hardware/table.image'),
+                "visible" => false,
+                "formatter" => "imageFormatter"
+            ], [
+                "field" => "asset_tag",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/table.asset_tag'),
+                "visible" => true,
+                "formatter" => "hardwareLinkFormatter"
+            ], [
+                "field" => "serial",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.serial'),
+                "visible" => true,
+                "formatter" => "hardwareLinkFormatter"
+            ],  [
+                "field" => "model",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.model'),
+                "visible" => true,
+                "formatter" => "modelsLinkObjFormatter"
+            ], [
+                "field" => "model_number",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/models/table.modelnumber'),
+                "visible" => false
+            ], [
+                "field" => "category",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.category'),
+                "visible" => false,
+                "formatter" => "categoriesLinkObjFormatter"
+            ], [
+                "field" => "status_label",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/table.status'),
+                "visible" => true,
+                "formatter" => "statuslabelsLinkObjFormatter"
+            ], [
+                "field" => "assigned_to",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.checkedout_to'),
+                "visible" => true,
+                "formatter" => "polymorphicItemFormatter"
+            ], [
+                "field" => "location",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/table.location'),
+                "visible" => true,
+                "formatter" => "deployedLocationFormatter"
+            ], [
+                "field" => "rtd_location",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.default_location'),
+                "visible" => false,
+                "formatter" => "deployedLocationFormatter"
+            ], [
+                "field" => "manufacturer",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.manufacturer'),
+                "visible" => false,
+                "formatter" => "manufacturersLinkObjFormatter"
+            ], [
+                "field" => "purchase_date",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.purchase_date'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "purchase_cost",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.purchase_cost'),
+                "footerFormatter" => 'sumFormatter',
+            ], [
+                "field" => "order_number",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.order_number'),
+                'formatter' => "orderNumberObjFilterFormatter"
+            ], [
+                "field" => "eol",
+                "searchable" => false,
+                "sortable" => false,
+                "visible" => false,
+                "title" => trans('general.eol'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "warranty_months",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('admin/hardware/form.warranty')
+            ],[
+                "field" => "warranty_expires",
+                "searchable" => false,
+                "sortable" => false,
+                "visible" => false,
+                "title" => trans('admin/hardware/form.warranty_expires'),
+                "formatter" => "dateDisplayFormatter"
+            ],[
+                "field" => "notes",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.notes'),
+
+            ], [
+                "field" => "checkout_counter",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.checkouts_count')
+
+            ],[
+                "field" => "checkin_counter",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.checkins_count')
+
+            ], [
+                "field" => "requests_counter",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.user_requests_count')
+
+            ], [
+                "field" => "created_at",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.created_at'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "updated_at",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.updated_at'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "last_checkout",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('admin/hardware/table.checkout_date'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "expected_checkin",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('admin/hardware/form.expected_checkin'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "last_audit_date",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('general.last_audit'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "next_audit_date",
+                "searchable" => false,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('general.next_audit_date'),
+                "formatter" => "dateDisplayFormatter"
+            ],
+        ];
+
+        // This looks complicated, but we have to confirm that the custom fields exist in custom fieldsets
+        // *and* those fieldsets are associated with models, otherwise we'll trigger
+        // javascript errors on the bootstrap tables side of things, since we're asking for properties
+        // on fields that will never be passed through the REST API since they're not associated with
+        // models. We only pass the fieldsets that pertain to each asset (via their model) so that we
+        // don't junk up the REST API with tons of custom fields that don't apply
+
+        $fields =  CustomField::whereHas('fieldset', function ($query) {
+            $query->whereHas('models');
+        })->get();
+
+        foreach ($fields as $field) {
+            $layout[] = [
+                "field" => 'custom_fields.'.$field->convertUnicodeDbSlug(),
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "switchable" => true,
+                "title" => ($field->field_encrypted=='1') ?'<i class="fa fa-lock"></i> '.e($field->name) : e($field->name),
+                "formatter" => "customFieldsFormatter"
+            ];
+
+        }
+
+
+        $layout[] = [
+            "field" => "actions",
+            "searchable" => false,
+            "sortable" => false,
+            "switchable" => false,
+            "title" => trans('table.actions'),
+            "formatter" => "hardwareAuditFormatter",
+        ];
+
+        return json_encode($layout);
+    }
+
+
+
+}

app/Presenters/AssetPresenter.php

@@ -391,7 +391,7 @@ class AssetPresenter extends Presenter
     public function eol_date()
     {
 
-        if (( $this->purchase_date ) && ( $this->model )) {
+        if (( $this->purchase_date ) && ( $this->model ) && ($this->model->model->eol) ) {
             $date = date_create($this->purchase_date);
             date_add($date, date_interval_create_from_date_string($this->model->model->eol . ' months'));
             return date_format($date, 'Y-m-d');
@@ -492,9 +492,13 @@ class AssetPresenter extends Presenter
      */
     public function warrantee_expires()
     {
-        $date = date_create($this->purchase_date);
-        date_add($date, date_interval_create_from_date_string($this->warranty_months . ' months'));
-        return date_format($date, 'Y-m-d');
+        if (($this->purchase_date) && ($this->warranty_months)) {
+            $date = date_create($this->purchase_date);
+            date_add($date, date_interval_create_from_date_string($this->warranty_months . ' months'));
+            return date_format($date, 'Y-m-d');
+        }
+
+        return false;
     }
 
     /**

app/Providers/SettingsServiceProvider.php

@@ -111,6 +111,34 @@ class SettingsServiceProvider extends ServiceProvider
             return url('/').'/uploads/companies/';
         });
 
+        // Accessories paths and URLs
+        \App::singleton('accessories_upload_path', function(){
+            return public_path('/uploads/accessories/');
+        });
+
+        \App::singleton('accessories_upload_url', function(){
+            return url('/').'/uploads/accessories/';
+        });
+
+        // Consumables paths and URLs
+        \App::singleton('consumables_upload_path', function(){
+            return public_path('/uploads/consumables/');
+        });
+
+        \App::singleton('consumables_upload_url', function(){
+            return url('/').'/uploads/consumables/';
+        });
+
+
+        // Components paths and URLs
+        \App::singleton('components_upload_path', function(){
+            return public_path('/uploads/components/');
+        });
+
+        \App::singleton('components_upload_url', function(){
+            return url('/').'/uploads/components/';
+        });
+
 
 
         // Set the monetary locale to the configured locale to make helper::parseFloat work.

composer.json

@@ -5,44 +5,48 @@
   "license": "AGPL-3.0-or-later",
   "type": "project",
     "require": {
-    "php": ">=5.6.4",
-    "barryvdh/laravel-debugbar": "^2.4",
-    "doctrine/cache": "^1.6",
-    "doctrine/common": "^2.7",
-    "doctrine/dbal": "^2.5.13",
-    "doctrine/inflector": "1.1.*",
-    "doctrine/instantiator": "1.0.*",
+    "php": ">=7.1.2",
+    "barryvdh/laravel-cors": "^0.11.3",
+    "barryvdh/laravel-debugbar": "^3.2",
+    "doctrine/cache": "^1.8",
+    "doctrine/common": "^2.10",
+    "doctrine/dbal": "2.9.0",
+    "doctrine/inflector": "^1.3",
+    "doctrine/instantiator": "^1.2",
     "eduardokum/laravel-mail-auto-embed": "^1.0",
-    "erusev/parsedown": "^1.6",
-    "fideloper/proxy": "^3.3",
-    "intervention/image": "^2.3",
+    "erusev/parsedown": "^1.7",
+    "fideloper/proxy": "^4.1",
+    "guzzlehttp/guzzle": "^6.3",
+    "intervention/image": "^2.4",
     "javiereguiluz/easyslugger": "^1.0",
-    "laravel/framework": "5.4.35",
-    "laravel/passport": "^3.0",
+    "laravel/framework": "5.5.*",
+    "laravel/passport": "4.*",
     "laravel/tinker": "^1.0",
-    "laravelcollective/html": "^5.3",
-    "league/csv": "^8.1",
+    "laravelcollective/html": "^5.5",
+    "league/csv": "^9.2",
     "maknz/slack": "^1.7",
     "neitanod/forceutf8": "^2.0",
-    "patchwork/utf8": "~1.2",
+    "patchwork/utf8": "^1.3",
     "phpdocumentor/reflection-docblock": "3.2.2",
-    "phpspec/prophecy": "1.6.2",
+    "phpspec/prophecy": "^1.8",
     "pragmarx/google2fa": "^5.0",
-    "pragmarx/google2fa-laravel": "^0.3.0",
+    "pragmarx/google2fa-laravel": "^1.0",
     "predis/predis": "^1.1",
-    "rollbar/rollbar-laravel": "2.4.1",
+    "rollbar/rollbar-laravel": "2.*",
     "schuppo/password-strength": "~1.5",
-    "spatie/laravel-backup": "3.11.0",
+    "spatie/laravel-backup": "^5.12",
     "tecnickcom/tc-lib-barcode": "^1.15",
-    "tightenco/ziggy": "^0.4.1",
+    "tightenco/ziggy": "^0.7.1",
     "unicodeveloper/laravel-password": "^1.0",
     "watson/validating": "^3.0"
   },
     "require-dev": {
     "codeception/codeception": "2.3.6",
+    "filp/whoops": "~2.0",
     "fzaninotto/faker": "~1.4",
     "phpunit/php-token-stream": "1.4.11",
-    "phpunit/phpunit": "~5.7",
+    "phpunit/phpunit": "~6.0",
+    "roave/security-advisories": "dev-master",
     "squizlabs/php_codesniffer": "*",
     "symfony/css-selector": "3.1.*",
     "symfony/dom-crawler": "3.1.*"
@@ -67,6 +71,10 @@
         ],
         "post-create-project-cmd": [
             "php artisan key:generate"
+        ],
+        "post-autoload-dump": [
+          "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
+          "@php artisan package:discover"
         ]
     },
     "config": {
@@ -75,7 +83,7 @@
         "optimize-autoloader": true,
         "process-timeout":3000,
         "platform": {
-          "php": "5.6.4"
+          "php": "7.1.2"
         }
     }
 

config/app.php

@@ -286,7 +286,6 @@ return [
          * Package Service Providers...
          */
 
-        Barryvdh\Debugbar\ServiceProvider::class,
         Intervention\Image\ImageServiceProvider::class,
         Collective\Html\HtmlServiceProvider::class,
         Spatie\Backup\BackupServiceProvider::class,

config/backup.php

@@ -0,0 +1,222 @@
+<?php
+
+// This is janky, but necessary to figure out whether to include the .env in the backup
+$included_dirs = [
+    base_path('public/uploads'),
+    base_path('config'),
+    base_path('storage/private_uploads'),
+    base_path('storage/oauth-private.key'),
+    base_path('storage/oauth-public.key'),
+
+];
+
+if (env('BACKUP_ENV')=='true') {
+    $included_dirs[] = base_path('.env');
+}
+
+return [
+
+    'backup' => [
+
+        /*
+         * The name of this application. You can use this name to monitor
+         * the backups.
+         */
+        'name' => 'backups',
+
+        'source' => [
+
+            'files' => [
+
+                /*
+                 * The list of directories and files that will be included in the backup.
+                 */
+                'include' => $included_dirs,
+
+                /*
+                 * These directories and files will be excluded from the backup.
+                 *
+                 * Directories used by the backup process will automatically be excluded.
+                 */
+                'exclude' => [
+                    base_path('vendor'),
+                    base_path('node_modules'),
+                ],
+
+                /*
+                 * Determines if symlinks should be followed.
+                 */
+                'followLinks' => false,
+            ],
+
+            /*
+             * The names of the connections to the databases that should be backed up
+             * MySQL, PostgreSQL, SQLite and Mongo databases are supported.
+             *
+             * The content of the database dump may be customized for each connection
+             * by adding a 'dump' key to the connection settings in config/database.php.
+             * E.g.
+             * 'mysql' => [
+             *       ...
+             *      'dump' => [
+             *           'excludeTables' => [
+             *                'table_to_exclude_from_backup',
+             *                'another_table_to_exclude'
+             *            ]
+             *       ]
+             * ],
+             *
+             * For a complete list of available customization options, see https://github.com/spatie/db-dumper
+             */
+            'databases' => [
+                'mysql',
+            ],
+        ],
+
+        /*
+         * The database dump can be compressed to decrease diskspace usage.
+         *
+         * Out of the box Laravel-backup supplies
+         * Spatie\DbDumper\Compressors\GzipCompressor::class.
+         *
+         * You can also create custom compressor. More info on that here:
+         * https://github.com/spatie/db-dumper#using-compression
+         *
+         * If you do not want any compressor at all, set it to null.
+         */
+        'database_dump_compressor' => null,
+
+        'destination' => [
+
+            /*
+             * The filename prefix used for the backup zip file.
+             */
+            'filename_prefix' => 'snipe-it-',
+
+            /*
+             * The disk names on which the backups will be stored.
+             */
+            'disks' => [
+                'local',
+            ],
+        ],
+
+        /*
+         * The directory where the temporary files will be stored.
+         */
+        'temporary_directory' => storage_path('app/backup-temp'),
+    ],
+
+    /*
+     * You can get notified when specific events occur. Out of the box you can use 'mail' and 'slack'.
+     * For Slack you need to install guzzlehttp/guzzle.
+     *
+     * You can also use your own notification classes, just make sure the class is named after one of
+     * the `Spatie\Backup\Events` classes.
+     */
+    'notifications' => [
+
+        'notifications' => [
+            \Spatie\Backup\Notifications\Notifications\BackupHasFailed::class         => ['mail'],
+            \Spatie\Backup\Notifications\Notifications\UnhealthyBackupWasFound::class => ['mail'],
+            \Spatie\Backup\Notifications\Notifications\CleanupHasFailed::class        => ['mail'],
+            \Spatie\Backup\Notifications\Notifications\BackupWasSuccessful::class     => ['mail'],
+            \Spatie\Backup\Notifications\Notifications\HealthyBackupWasFound::class   => ['mail'],
+            \Spatie\Backup\Notifications\Notifications\CleanupWasSuccessful::class    => ['mail'],
+        ],
+
+        /*
+         * Here you can specify the notifiable to which the notifications should be sent. The default
+         * notifiable will use the variables specified in this config file.
+         */
+        'notifiable' => \Spatie\Backup\Notifications\Notifiable::class,
+
+        'mail' => [
+            'to' => env('MAIL_BACKUP_NOTIFICATION_ADDRESS', null),
+        ],
+
+        'slack' => [
+            'webhook_url' => '',
+
+            /*
+             * If this is set to null the default channel of the webhook will be used.
+             */
+            'channel' => null,
+
+            'username' => null,
+
+            'icon' => null,
+
+        ],
+    ],
+
+    /*
+     * Here you can specify which backups should be monitored.
+     * If a backup does not meet the specified requirements the
+     * UnHealthyBackupWasFound event will be fired.
+     */
+    'monitorBackups' => [
+        [
+            'name' => config('app.name'),
+            'disks' => ['local'],
+            'newestBackupsShouldNotBeOlderThanDays' => 1,
+            'storageUsedMayNotBeHigherThanMegabytes' => 5000,
+        ],
+
+        /*
+        [
+            'name' => 'name of the second app',
+            'disks' => ['local', 's3'],
+            'newestBackupsShouldNotBeOlderThanDays' => 1,
+            'storageUsedMayNotBeHigherThanMegabytes' => 5000,
+        ],
+        */
+    ],
+
+    'cleanup' => [
+        /*
+         * The strategy that will be used to cleanup old backups. The default strategy
+         * will keep all backups for a certain amount of days. After that period only
+         * a daily backup will be kept. After that period only weekly backups will
+         * be kept and so on.
+         *
+         * No matter how you configure it the default strategy will never
+         * delete the newest backup.
+         */
+        'strategy' => \Spatie\Backup\Tasks\Cleanup\Strategies\DefaultStrategy::class,
+
+        'defaultStrategy' => [
+
+            /*
+             * The number of days for which backups must be kept.
+             */
+            'keepAllBackupsForDays' => 7,
+
+            /*
+             * The number of days for which daily backups must be kept.
+             */
+            'keepDailyBackupsForDays' => 16,
+
+            /*
+             * The number of weeks for which one weekly backup must be kept.
+             */
+            'keepWeeklyBackupsForWeeks' => 8,
+
+            /*
+             * The number of months for which one monthly backup must be kept.
+             */
+            'keepMonthlyBackupsForMonths' => 4,
+
+            /*
+             * The number of years for which one yearly backup must be kept.
+             */
+            'keepYearlyBackupsForYears' => 2,
+
+            /*
+             * After cleaning up the backups remove the oldest backup until
+             * this amount of megabytes has been reached.
+             */
+            'deleteOldestBackupsWhenUsingMoreMegabytesThan' => 5000,
+        ],
+    ],
+];

config/cors.php

@@ -0,0 +1,48 @@
+<?php
+
+/**
+ * ---------------------------------------------------------------------
+ * THIS IS $allowed_origins code IS NOT PART OF THE ORIGINAL CORS PACKAGE.
+ * IT IS A MODIFICATION BY SNIPE-IT TO ALLOW ADDING ALLOWED ORIGINS VIA THE ENV.
+ * ---------------------------------------------------------------------
+ *
+ * Since we don't really want people editing config files (lest they get
+ * overwritten later), this enables the person managing the Snipe-IT
+ * installation to modify these values without modifying the code.
+ *
+ * If APP_CORS_ALLOWED_ORIGINS is not set in the .env (for example if no one added it
+ * after an upgrade from a previous version that didn't include it in the .env.example) or is null,
+ * set it to * to allow all. If there is a value, either a single url or a comma-delimited
+ * list of urls, explode that out into an array to whitelist just those urls.
+ */
+
+$allowed_origins = env('CORS_ALLOWED_ORIGINS') !== null ?
+    explode(',', env('CORS_ALLOWED_ORIGINS')) : [];
+
+/**
+ * Original Laravel CORS package config file modifications end here
+ *
+ */
+
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Laravel CORS
+    |--------------------------------------------------------------------------
+    |
+    | allowedOrigins, allowedHeaders and allowedMethods can be set to array('*')
+    | to accept any value.
+    |
+    */
+   
+    'supportsCredentials' => false,
+    'allowedOrigins' => $allowed_origins,
+    'allowedOriginsPatterns' => [],
+    'allowedHeaders' => ['*'],
+    'allowedMethods' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE'],
+    'exposedHeaders' => [],
+    'maxAge' => 0,
+
+];

config/database.php

@@ -80,9 +80,13 @@ return [
             'strict'    => false,
             'engine'    => 'InnoDB',
             'unix_socket' => env('DB_SOCKET',''),
-            'dump_command_path' => env('DB_DUMP_PATH', '/usr/local/bin'),  // only the path, so without 'mysqldump'
-            'dump_command_timeout' => 60 * 5, // 5 minute timeout
-            'dump_using_single_transaction' => true, // perform dump using a single transaction
+            'dump' => [
+                'dump_binary_path' => env('DB_DUMP_PATH', '/usr/local/bin'),  // only the path, so without 'mysqldump'
+                'use_single_transaction',
+                'timeout' => 60 * 5, // 5 minute timeout
+                //'exclude_tables' => ['table1', 'table2'],
+                //'add_extra_option' => '--optionname=optionvalue',
+            ],
             'options' => (env('DB_SSL')) ? [
                 PDO::MYSQL_ATTR_SSL_KEY    => env('DB_SSL_KEY_PATH'),  // /path/to/key.pem
                 PDO::MYSQL_ATTR_SSL_CERT   => env('DB_SSL_CERT_PATH'), // /path/to/cert.pem

config/laravel-backup.php

@@ -1,191 +0,0 @@
-<?php
-
-/*
- |--------------------------------------------------------------------------
- | DO NOT EDIT THIS FILE DIRECTLY.
- |--------------------------------------------------------------------------
- | This file reads from your .env configuration file and should not
- | be modified directly.
-*/
-
-
-return [
-
-    'backup' => [
-
-        /*
-         * The name of this application. You can use this name to monitor
-         * the backups.
-         */
-        'name' => 'backups',
-
-        'source' => [
-
-            'files' => [
-
-                /*
-                 * The list of directories that should be part of the backup. You can
-                 * specify individual files as well.
-                 */
-                'include' => [
-                    base_path('public/uploads'),
-                    base_path('config'),
-                    base_path('storage/private_uploads'),
-                    base_path('storage/oauth-private.key'),
-                    base_path('storage/oauth-public.key'),
-                    (env('BACKUP_ENV')=='true') ? base_path('.env') : '',
-                ],
-
-                /*
-                 * These directories will be excluded from the backup.
-                 * You can specify individual files as well.
-                 */
-                'exclude' => [
-//                    base_path('vendor'),
-//                    base_path('node_modules'),
-                ],
-
-                /*
-                 * Determines if symlinks should be followed.
-                 */
-                'followLinks' => false,
-            ],
-
-            /*
-             * The names of the connections to the databases that should be part of the backup.
-             * Currently only MySQL- and PostgreSQL-databases are supported.
-             */
-            'databases' => [
-                'mysql',
-            ],
-        ],
-
-        'destination' => [
-
-            /*
-             * The disk names on which the backups will be stored.
-             */
-            'disks' => [
-                'local',
-            ],
-        ],
-    ],
-
-    'cleanup' => [
-        /*
-         * The strategy that will be used to cleanup old backups.
-         * The youngest backup will never be deleted.
-         */
-        'strategy' => \Spatie\Backup\Tasks\Cleanup\Strategies\DefaultStrategy::class,
-
-        'defaultStrategy' => [
-
-            /*
-             * The amount of days that all daily backups must be kept.
-             */
-            'keepAllBackupsForDays' => 7,
-
-            /*
-             * The amount of days that all daily backups must be kept.
-             */
-            'keepDailyBackupsForDays' => 16,
-
-            /*
-             * The amount of weeks of which one weekly backup must be kept.
-             */
-            'keepWeeklyBackupsForWeeks' => 8,
-
-            /*
-             * The amount of months of which one monthly backup must be kept.
-             */
-            'keepMonthlyBackupsForMonths' => 4,
-
-            /*
-             * The amount of years of which one yearly backup must be kept
-             */
-            'keepYearlyBackupsForYears' => 2,
-
-            /*
-             * After cleaning up the backups remove the oldest backup until
-             * this amount of megabytes has been reached.
-             */
-            'deleteOldestBackupsWhenUsingMoreMegabytesThan' => 5000
-        ]
-    ],
-
-
-    /*
-     *  In this array you can specify which backups should be monitored.
-     *  If a backup does not meet the specified requirements the
-     *  UnHealthyBackupWasFound-event will be fired.
-     */
-    'monitorBackups' => [
-        [
-            'name' => 'backups',
-            'disks' => ['local'],
-            'newestBackupsShouldNotBeOlderThanDays' => 1,
-            'storageUsedMayNotBeHigherThanMegabytes' => 5000,
-        ],
-
-        /*
-        [
-            'name' => 'name of the second app',
-            'disks' => ['local', 's3'],
-            'newestBackupsShouldNotBeOlderThanDays' => 1,
-            'storageUsedMayNotBeHigherThanMegabytes' => 5000,
-        ],
-        */
-    ],
-
-    'notifications' => [
-
-        /*
-         * This class will be used to send all notifications.
-         */
-        'handler' => Spatie\Backup\Notifications\Notifier::class,
-
-        /*
-         * Here you can specify the ways you want to be notified when certain
-         * events take place. Possible values are "log", "mail", "slack" and "pushover".
-         *
-         * Slack requires the installation of the maknz/slack package.
-         */
-        'events' => [
-            'whenBackupWasSuccessful'     => ['log'],
-            'whenCleanupWasSuccessful'    => ['log'],
-            'whenHealthyBackupWasFound'   => ['log'],
-            'whenBackupHasFailed'         => ['log'],
-            'whenCleanupHasFailed'        => ['log'],
-            'whenUnhealthyBackupWasFound' => ['log'],
-        ],
-
-        /*
-         * Here you can specify how emails should be sent.
-         */
-        'mail' => [
-            'from' => env('MAIL_FROM_ADDR', 'your@email.com'),
-            'to'   => env('MAIL_FROM_ADDR', 'your@email.com'),
-        ],
-
-        /*
-         * Here you can specify how messages should be sent to Slack.
-         */
-        'slack' => [
-            'channel'  => '#backups',
-            'username' => 'Backup bot',
-            'icon'     => ':robot:',
-        ],
-
-        /*
-         * Here you can specify how messages should be sent to Pushover.
-         */
-        'pushover' => [
-            'token'  => env('PUSHOVER_APP_TOKEN'),
-            'user'   => env('PUSHOVER_USER_KEY'),
-            'sounds' => [
-                'success' => env('PUSHOVER_SOUND_SUCCESS','pushover'),
-                'error'   => env('PUSHOVER_SOUND_ERROR','siren'),
-            ],
-        ],
-    ]
-];

config/version.php

@@ -1,10 +1,10 @@
 <?php
 return array (
-  'app_version' => 'v4.6.15',
-  'full_app_version' => 'v4.6.15 - build 4011-gd1e9fbfa2',
-  'build_version' => '4011',
+  'app_version' => 'v4.7.5',
+  'full_app_version' => 'v4.7.5 - build 4137-g55ee90b25',
+  'build_version' => '4137',
   'prerelease_version' => '',
-  'hash_version' => 'gd1e9fbfa2',
-  'full_hash' => 'v4.6.15-2-gd1e9fbfa2',
+  'hash_version' => 'g55ee90b25',
+  'full_hash' => 'v4.7.5-18-g55ee90b25',
   'branch' => 'master',
 );

database/migrations/2012_12_06_225929_migration_cartalyst_sentry_install_groups.php

@@ -29,7 +29,7 @@ class MigrationCartalystSentryInstallGroups extends Migration {
 	 */
 	public function up()
 	{
-		Schema::create('groups', function($table)
+		Schema::create('permission_groups', function($table)
 		{
 			$table->increments('id');
 			$table->string('name');
@@ -46,7 +46,7 @@ class MigrationCartalystSentryInstallGroups extends Migration {
 	 */
 	public function down()
 	{
-		Schema::drop('groups');
+		Schema::drop('permission_groups');
 	}
 
 }

database/migrations/2014_11_04_231416_update_group_field_for_reporting.php

@@ -2,39 +2,44 @@
 
 use Illuminate\Database\Schema\Blueprint;
 use Illuminate\Database\Migrations\Migration;
+use App\Models\Group;
 
 class UpdateGroupFieldForReporting extends Migration {
 
-	/**
-	 * Run the migrations.
-	 *
-	 * @return void
-	 */
-	public function up()
-	{
-		//
-		// Schema::table('groups', function(Blueprint $table)
-		// {
-		// 	//
-		// });
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
 
-    DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"admin":1,"users":1,"reports":1}', 1]);
+        // This is janky because we had to do a back in time change to handle a MySQL 8+
+        // compatibility issue.
 
-    DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"users":1,"reports":1}', 2]);
+        // Ideally we'd be using the model here, but since we can't really know whether this is an upgrade
+        // or a fresh install, we have to check which table is being used.
+        
+        if (Schema::hasTable('permission_groups')) {
 
-      // DB::statement('UPDATE '.$prefix.'groups SET permissions="{\"admin\":1,\"users\":1,\"reports\":1}" where id=1');
-      // DB::statement('UPDATE '.$prefix.'groups SET permissions="{\"users\":1,\"reports\":1}" where id=2');
+            Group::where('id', 1)->update(['permissions' => '{"users-poop":1,"reports":1}']);
+            Group::where('id', 2)->update(['permissions' => '{"users-pop":1,"reports":1}']);
 
-	}
+        } elseif (Schema::hasTable('groups')) {
+            DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"admin-farts":1,"users":1,"reports":1}', 1]);
+            DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"users-farts":1,"reports":1}', 2]);
+        }
 
-	/**
-	 * Reverse the migrations.
-	 *
-	 * @return void
-	 */
-	public function down()
-	{
-		//
-	}
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
 
 }

database/migrations/2019_06_12_184327_rename_groups_table.php

@@ -0,0 +1,44 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class RenameGroupsTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        // We check to see if this table exists before attempting the migration since
+        // upgraded installs would have this table, but new installs wouldn't.
+        // We had to change the name of the table in the older migrations
+        // to handle a MySQl 8+ compatibility issue related to reserved words.
+        // Without going back in time in migrations, this would fail since the groups table
+        // would never be allowed to be created in the first place on MySql 8+.
+        //
+        // So... if an upgrade, let's rename that table.
+        // If a new install, the migration was already changed, so the table isn't
+        // called that anymore and we can skip this migration.
+
+        if (Schema::hasTable('groups')) {
+            Schema::rename('groups', 'permission_groups');
+        }
+
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        if (Schema::hasTable('permission_groups')) {
+            Schema::rename('permission_groups', 'groups');
+        }
+    }
+}

database/seeds/DatabaseSeeder.php

@@ -43,5 +43,8 @@ class DatabaseSeeder extends Seeder
         \Log::info($output);
 
         Model::reguard();
+
+        DB::table('imports')->truncate();
+
     }
 }

public/js/build/all.js

@@ -7541,7 +7541,7 @@ var pieOptions = {
 //- END PIE CHART -
 //-----------------
 
-
+var baseUrl = $('meta[name="baseUrl"]').attr('content');
 
 (function($, settings) {
     var Components = {};
@@ -7598,7 +7598,6 @@ $(document).ready(function () {
     * Slideout help menu
     */
      $('.slideout-menu-toggle').on('click', function(event){
-       console.log('clicked');
         event.preventDefault();
         // create menu variables
         var slideoutMenu = $('.slideout-menu');
@@ -8040,5 +8039,8 @@ function formatDatalist (datalist) {
 }
 
 function formatDataSelection (datalist) {
-    return datalist.text;
+    return datalist.text.replace(/>/g, '>')
+        .replace(/</g, '&lt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#039;');
 }

public/mix-manifest.json

@@ -8,7 +8,7 @@
     "/css/app.css.map": "/css/app.css.map?id=96b5c985e860716e6a16",
     "/css/overrides.css.map": "/css/overrides.css.map?id=f7ce9ca49027594ac402",
     "/css/dist/all.css": "/css/dist/all.css?id=98db4e9b7650453c8b00",
-    "/js/dist/all.js": "/js/dist/all.js?id=114f1025a1b3e8975476",
+    "/js/dist/all.js": "/js/dist/all.js?id=bf1b244d8cc9096e4a18",
     "/css/build/all.css": "/css/build/all.css?id=98db4e9b7650453c8b00",
-    "/js/build/all.js": "/js/build/all.js?id=114f1025a1b3e8975476"
+    "/js/build/all.js": "/js/build/all.js?id=bf1b244d8cc9096e4a18"
 }

resources/assets/js/snipeit.js

@@ -73,7 +73,7 @@ var pieOptions = {
 //- END PIE CHART -
 //-----------------
 
-
+var baseUrl = $('meta[name="baseUrl"]').attr('content');
 
 (function($, settings) {
     var Components = {};
@@ -130,7 +130,6 @@ $(document).ready(function () {
     * Slideout help menu
     */
      $('.slideout-menu-toggle').on('click', function(event){
-       console.log('clicked');
         event.preventDefault();
         // create menu variables
         var slideoutMenu = $('.slideout-menu');

resources/assets/js/snipeit_modals.js

@@ -171,5 +171,8 @@ function formatDatalist (datalist) {
 }
 
 function formatDataSelection (datalist) {
-    return datalist.text;
+    return datalist.text.replace(/>/g, '>')
+        .replace(/</g, '&lt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#039;');
 }

resources/lang/ar/admin/settings/general.php

@@ -5,7 +5,7 @@ return array(
     'ad_domain'				    => 'مجال الدليل النشط',
     'ad_domain_help'			=> 'هذا هو أحيانا نفس نطاق البريد الإلكتروني الخاص بك، ولكن ليس دائما.',
     'admin_cc_email'            => 'نسخة اضافية للبريد الإكتروني',
-    'admin_cc_email_help'       => 'If you would like to send a copy of checkin/checkout emails that are sent to users to an additional email account, enter it here. Otherwise leave this field blank.',
+    'admin_cc_email_help'       => 'إذا كنت ترغب في إرسال نسخة من رسائل البريد الإلكتروني لتسجيل الدخول / الخروج التي يتم إرسالها إلى المستخدمين إلى حساب بريد إلكتروني إضافي، فقم بإدخالها هنا. خلاف ذلك، اترك هذه الخانة فارغة.',
     'is_ad'				        => 'هذا هو ملقم أكتيف ديركتوري',
 	'alert_email'				=> 'إرسال تنبيهات إلى',
 	'alerts_enabled'			=> 'التنبيهان ممكنه',
@@ -27,8 +27,8 @@ return array(
 	'custom_css_help'			=> 'أدخل أي تخصيصات CSS ترغب في استخدامها. لا تقم باضافة <style></style>.',
     'custom_forgot_pass_url'	=> 'رابط مخصص لاعادة تعيين كلمة المرور',
     'custom_forgot_pass_url_help'	=> 'يحل هذا محل الرابط الخاص باعادة تعيين كلمة المرور على شاشة تسجيل الدخول، وهو مفيد لتوجيه الأشخاص إلى وظيفة إعادة تعيين كلمة مرور من خلال LDAP الداخلي أو المستضاف. وهذا سوف يعطل وظيفة إعادة تعيين كلمة مرور المحلية.',
-    'dashboard_message'			=> 'Dashboard Message',
-    'dashboard_message_help'	=> 'This text will appear on the dashboard for anyone with permission to view the dashboard.',
+    'dashboard_message'			=> 'رسالة لوحة المعلومات',
+    'dashboard_message_help'	=> 'سيظهر هذا النص على لوحة التحكم لأي شخص لديه صلاحية عرض لوحة التحكم.',
 	'default_currency'  		=> 'العملة الافتراضية',
 	'default_eula_text'			=> 'اتفاقية ترخيص المستخدم النهائي الافتراضية',
   'default_language'			=> 'اللغة الافتراضية',
@@ -80,11 +80,11 @@ return array(
     'load_remote_help_text'		=> 'هذا قنص إيت تثبيت يمكن تحميل البرامج النصية من العالم الخارجي.',
     'login_note'                => 'تسجيل الدخول ملاحظة',
     'login_note_help'           => 'اختيارياً تضمين بعض الجمل على شاشة تسجيل الدخول الخاصة بك، على سبيل المثال لمساعدة الناس الذين وجدوا أحد الأجهزة المفقودة أو المسروقة. يقبل هذا الحقل <a href="https://help.github.com/articles/github-flavored-markdown/">بتطبيق نمط الكتابة من Github</a>',
-    'login_remote_user_text'    => 'Remote User login options',
-    'login_remote_user_enabled_text' => 'Enable Login with Remote User Header',
+    'login_remote_user_text'    => 'خيارات تسجيل دخول المستخدم عن بعد',
+    'login_remote_user_enabled_text' => 'تمكين تسجيل الدخول باستخدام الخانة الرئيسية للمستخدم عن بعد',
     'login_remote_user_enabled_help' => 'This option enables Authentication via the REMOTE_USER header according to the "Common Gateway Interface (rfc3875)"',
     'login_common_disabled_text' => 'تعطيل آليات المصادقة الأخرى',
-    'login_common_disabled_help' => 'This option disables other authentication mechanisms. Just enable this option if you are sure that your REMOTE_USER login is already working',
+    'login_common_disabled_help' => 'يعمل هذا الخيار على تعطيل آليات المصادقة الأخرى. ما عليك سوى تمكين هذا الخيار إذا كنت متأكدًا من أن تسجيل الدخول إلى المستخدم_عن_بعد يعمل بالفعل',
     'login_remote_user_custom_logout_url_text' => 'عنوان صفحة مخصص لتسجيل الخروج',
     'login_remote_user_custom_logout_url_help' => 'If a url is provided here, users will get redirected to this URL after the user logs out of Snipe-IT. This is useful to close the user sessions of your Authentication provider correctly.',
     'logo'                    	=> 'شعار',

resources/lang/bg/admin/settings/general.php

@@ -88,7 +88,7 @@ return array(
     'login_remote_user_custom_logout_url_text' => 'Персонализиран адрес за изход',
     'login_remote_user_custom_logout_url_help' => 'If a url is provided here, users will get redirected to this URL after the user logs out of Snipe-IT. This is useful to close the user sessions of your Authentication provider correctly.',
     'logo'                    	=> 'Лого',
-    'logo_print_assets'         => 'Use in Print',
+    'logo_print_assets'         => 'Използвай при пчат',
     'logo_print_assets_help'    => 'Use branding on printable asset lists ',
     'full_multiple_companies_support_help_text' => 'Ограничаване на потребителите (включително административните) до активите на собствената им компания.',
     'full_multiple_companies_support_text' => 'Поддръжка на множество компании',

resources/lang/de/admin/hardware/form.php

@@ -29,7 +29,7 @@ return array(
     'months'			=> 'Monate',
     'name'				=> 'Asset Name',
     'notes'				=> 'Notizen',
-    'order'				=> 'Artikelnummer',
+    'order'				=> 'Auftragsnummer',
     'qr'				=> 'QR-Code',
     'requestable'		=> 'Benutzer dürfen dieses Asset anfordern',
     'select_statustype'	=> 'Status Typ auswählen',

resources/lang/de/general.php

@@ -145,7 +145,7 @@
     'no_results'			=> 'Keine Treffer.',
     'no'  					=> 'Nein',
     'notes'  				=> 'Notizen',
-    'order_number'          => 'Artikelnummer',
+    'order_number'          => 'Auftragsnummer',
     'page_menu'				=> 'zeige _MENU_ Einträge',
     'pagination_info'		=> 'Zeige _START_ bis _END_ von _TOTAL_ Einträgen',
     'pending'				=> 'Ausstehende',
@@ -215,7 +215,7 @@
     'users'                 => 'Benutzer',
     'viewassets'  			=> 'Zugeordnete Assets anzeigen',
     'website'               => 'Webseite',
-    'welcome'				=> 'Wilkommen, :name',
+    'welcome'				=> 'Willkommen, :name',
     'years'					=> 'Jahre',
     'yes' 					=> 'Ja',
     'zip'  					=> 'Postleitzahl',

resources/lang/de/mail.php

@@ -66,6 +66,6 @@ return array(
     'user' => 'Benutzer',
     'username' => 'Benutzername',
     'welcome' => 'Wilkommen, :name',
-    'welcome_to' => 'Willkommen bei: Web!',
+    'welcome_to' => 'Willkommen bei :web!',
     'your_credentials' => 'Ihre Snipe-IT Anmeldedaten',
 );