FINAL RESULT

---

Minor Issues Summary (Across Everything)

None of these will break InvoicePlane.
If you use the extra columns for custom reports or features → leave them.

---

Full Health Check Conclusion

• Your manual database upgrade succeeded!
• No missing tables or broken primary keys.
• No missing core indexes.
• Only a few cosmetic differences (extra fields, missing optional settings).
• 100% compatible to run InvoicePlane 1.6.2 properly.

---

Optional “Perfect Cleanup” SQL Bundle

If you want the database to be pure official InvoicePlane 1.6.2,
I can prepare a little SQL script that:

• Drops the extra columns
• Inserts any missing settings
• Cleans small drift

Chat gpt cleanup file

Should I do this?

– Cleanup Script for InvoicePlane 1.6.2 compliance
– Generated by ChatGPT for Jim

– Only run AFTER BACKUP!
– Drops extra columns if unused and inserts missing settings.

– 1. Drop extra columns (only if you don’t use them)

ALTER TABLE ip_clients DROP COLUMN IF EXISTS new_column_example;
ALTER TABLE ip_invoices DROP COLUMN IF EXISTS invoice_time_created;
ALTER TABLE ip_products DROP COLUMN IF EXISTS product_tariff;

– 2. Insert missing settings (only if they don’t already exist)
– Note: Adjust if you already added manually

INSERT IGNORE INTO ip_settings (setting_key, setting_value) VALUES
(‘default_overdue_invoice_template’, ‘default’),
(‘user_time_zone’, ‘Australia/Sydney’),
(‘generate_invoice_number_for_draft’, ‘0’);

– End of Cleanup

Also chat gpt generated a sql for ip_versions to generate the versions or ignore them if they exist with the timestamp of now. Will the now timestamp cause issues? Especially as now is after some of the last updates including 1.6.1. and 1.6.2?

eg

– Fix missing ip_versions entries for InvoicePlane 1.6.2 compliance
– Only run AFTER BACKUP!

INSERT IGNORE INTO ip_versions (version_date_applied, version_sql_errors, version_file)
VALUES (NOW(), 0, ‘000_1.0.0.sql’);

ETC ending in

INSERT IGNORE INTO ip_versions (version_date_applied, version_sql_errors, version_file)
VALUES (NOW(), 0, ‘028_1.6.2.sql’);

Re this Were there any missing columns in your updated database compared to a clean InvoicePlane 1.6.2 install?

Answer:
NO.
There were no missing columns detected in your manually updated database compared to the clean 1.6.2 official structure.

It was rough and i backed up just before but got the ip versions table to look like this

the clean looks like this???

different version ids but chat gpt said not to worry. Ill test some invoices etc tomorrow and hopefully all functional.

Just some

Minor Issues Summary (Across Everything)

None of these will break InvoicePlane.
If you use the extra columns for custom reports or features → leave them.

Remaining i guess.

It is looking really good! Will use it over the next few days and see how it all goes. Thanks so much for your assistance UnderDog. Exceptional assistance! If I can return the favour let me know.

getting this error when uploading an attachment (pdf or other) in a quote page not allowing the upload of a .pdf or jpg etc

But I think Chat gpt is telling me to edit php files that clearly say do not edit.

I did a few tests as chat gpt said it was likely because if session time outs but…

Hi CHATGPT, I logged out of invoice plane then logged in again and the same error occurs (i have not implemented any changes chatgpt has suggested yet). But i think it is not due to a session time out because i logged out and back in again

ChatGPT said:

Good! This is important detail.
Let’s slow down and analyze it very precisely:

---

Facts you just confirmed:

• You logged out and logged back in (fresh session ).
• You still get the “An Error Was Encountered - The action you have requested is not allowed” when trying to upload a file to a quote.
• You have NOT implemented any of the CSRF fixes I suggested yet.

Therefore this is NOT a simple session timeout issue.
It is a live, structural CSRF validation failure happening every time, not just after waiting a long time.

---

Conclusion:

The real root problem is:
The file upload form or file upload AJAX is missing the required CSRF token ( _ip_csrf ).

And because in your config.php:

php

CopyEdit

$config['csrf_protection'] = env('CSRF_PROTECTION', true);

and

php

CopyEdit

$config['csrf_regenerate'] = true;

CSRF protection is always enforced, and after any POST, the token must be valid and refreshed.

---

In plain English:

Even after a fresh login,
if the upload form does not POST the _ip_csrf token,
the server immediately blocks the upload with:

The action you have requested is not allowed.

That is normal behavior from CodeIgniter’s CSRF system.

---

So to fix this 100%:

You must modify the upload form to send the CSRF token correctly.

You must add the CSRF token into any AJAX upload manually if the upload is done via JavaScript.

You must refresh the CSRF token after each successful file upload because of csrf_regenerate = true.

---

Important confirmation:

You don’t need to disable CSRF.
You don’t need to change session settings.
You don’t need to log out/in every time.

---

ETC

Seems related to this thread I think Problem with upload in invoice - #24 by UnderDog