2012-06-04 16:58:40 +02:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
FusionPBX
|
|
|
|
|
Version: MPL 1.1
|
|
|
|
|
|
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
the License. You may obtain a copy of the License at
|
|
|
|
|
http://www.mozilla.org/MPL/
|
|
|
|
|
|
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
for the specific language governing rights and limitations under the
|
|
|
|
|
License.
|
|
|
|
|
|
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
|
|
|
|
|
|
The Initial Developer of the Original Code is
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
2017-03-17 05:20:11 +01:00
|
|
|
Copyright (C) 2010 - 2017
|
2012-06-04 16:58:40 +02:00
|
|
|
All Rights Reserved.
|
|
|
|
|
|
|
|
|
|
Contributor(s):
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
2014-06-21 06:59:25 +02:00
|
|
|
Luis Daniel Lucio Quiroz <dlucio@okay.com.mx>
|
2012-06-04 16:58:40 +02:00
|
|
|
*/
|
|
|
|
|
include "root.php";
|
|
|
|
|
|
|
|
|
|
//define the database class
|
|
|
|
|
if (!class_exists('database')) {
|
|
|
|
|
class database {
|
|
|
|
|
public $db;
|
2012-07-24 07:56:30 +02:00
|
|
|
public $driver;
|
|
|
|
|
public $type;
|
|
|
|
|
public $host;
|
|
|
|
|
public $port;
|
2014-01-19 14:06:27 +01:00
|
|
|
public $db_name;
|
2012-07-24 01:31:02 +02:00
|
|
|
public $username;
|
|
|
|
|
public $password;
|
2012-07-24 07:56:30 +02:00
|
|
|
public $path;
|
2012-06-04 16:58:40 +02:00
|
|
|
public $table;
|
|
|
|
|
public $where; //array
|
|
|
|
|
public $order_by; //array
|
|
|
|
|
public $order_type;
|
|
|
|
|
public $limit;
|
|
|
|
|
public $offset;
|
|
|
|
|
public $fields;
|
|
|
|
|
public $count;
|
|
|
|
|
public $sql;
|
2012-07-24 07:56:30 +02:00
|
|
|
public $result;
|
2017-06-09 21:31:50 +02:00
|
|
|
public $app_name;
|
|
|
|
|
public $app_uuid;
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
public function connect() {
|
|
|
|
|
|
2017-07-16 01:09:01 +02:00
|
|
|
if (strlen($this->db_name) == 0) {
|
2012-07-24 01:31:02 +02:00
|
|
|
//include config.php
|
|
|
|
|
include "root.php";
|
2016-01-17 08:01:13 +01:00
|
|
|
if (file_exists($_SERVER["PROJECT_ROOT"]."/resources/config.php")) {
|
|
|
|
|
include $_SERVER["PROJECT_ROOT"]."/resources/config.php";
|
|
|
|
|
} elseif (file_exists($_SERVER["PROJECT_ROOT"]."/resources/config.php")) {
|
|
|
|
|
include $_SERVER["PROJECT_ROOT"]."/resources/config.php";
|
2013-07-06 10:06:03 +02:00
|
|
|
} elseif (file_exists("/etc/fusionpbx/config.php")){
|
|
|
|
|
//linux
|
|
|
|
|
include "/etc/fusionpbx/config.php";
|
2017-07-16 01:09:01 +02:00
|
|
|
} elseif (file_exists("/usr/local/etc/fusionpbx/config.php")) {
|
2013-07-06 10:06:03 +02:00
|
|
|
//bsd
|
|
|
|
|
include "/usr/local/etc/fusionpbx/config.php";
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2012-07-24 01:31:02 +02:00
|
|
|
//backwards compatibility
|
2012-11-24 22:03:51 +01:00
|
|
|
if (isset($dbtype)) { $db_type = $dbtype; }
|
|
|
|
|
if (isset($dbhost)) { $db_host = $dbhost; }
|
|
|
|
|
if (isset($dbport)) { $db_port = $dbport; }
|
|
|
|
|
if (isset($dbname)) { $db_name = $dbname; }
|
|
|
|
|
if (isset($dbusername)) { $db_username = $dbusername; }
|
|
|
|
|
if (isset($dbpassword)) { $db_password = $dbpassword; }
|
|
|
|
|
if (isset($dbfilepath)) { $db_path = $db_file_path; }
|
|
|
|
|
if (isset($dbfilename)) { $db_name = $dbfilename; }
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2012-07-24 01:31:02 +02:00
|
|
|
//set defaults
|
2013-07-13 20:33:30 +02:00
|
|
|
if (!isset($this->driver) && isset($db_type)) { $this->driver = $db_type; }
|
|
|
|
|
if (!isset($this->type) && isset($db_type)) { $this->type = $db_type; }
|
|
|
|
|
if (!isset($this->host) && isset($db_host)) { $this->host = $db_host; }
|
|
|
|
|
if (!isset($this->port) && isset($db_port)) { $this->port = $db_port; }
|
2014-01-19 14:06:27 +01:00
|
|
|
if (!isset($this->db_name) && isset($db_name)) { $this->db_name = $db_name; }
|
2013-07-13 20:33:30 +02:00
|
|
|
if (!isset($this->username) && isset($db_username)) { $this->username = $db_username; }
|
|
|
|
|
if (!isset($this->password) && isset($db_password)) { $this->password = $db_password; }
|
|
|
|
|
if (!isset($this->path) && isset($db_path)) { $this->path = $db_path; }
|
2012-07-24 01:31:02 +02:00
|
|
|
}
|
|
|
|
|
if (strlen($this->driver) == 0) {
|
|
|
|
|
$this->driver = $this->type;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the database name
|
|
|
|
|
$this->db_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->db_name);
|
|
|
|
|
|
2012-07-24 01:31:02 +02:00
|
|
|
if ($this->driver == "sqlite") {
|
2014-01-19 14:06:27 +01:00
|
|
|
if (strlen($this->db_name) == 0) {
|
2012-06-04 16:58:40 +02:00
|
|
|
$server_name = $_SERVER["SERVER_NAME"];
|
|
|
|
|
$server_name = str_replace ("www.", "", $server_name);
|
|
|
|
|
$db_name_short = $server_name;
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db_name = $server_name.'.db';
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2014-01-19 14:06:27 +01:00
|
|
|
$db_name_short = $this->db_name;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2012-07-24 01:31:02 +02:00
|
|
|
$this->path = realpath($this->path);
|
2014-01-19 14:06:27 +01:00
|
|
|
if (file_exists($this->path.'/'.$this->db_name)) {
|
2016-10-20 23:03:52 +02:00
|
|
|
//connect to the database
|
|
|
|
|
$this->db = new PDO('sqlite:'.$this->path.'/'.$this->db_name); //sqlite 3
|
|
|
|
|
//enable foreign key constraints
|
|
|
|
|
$this->db->query('PRAGMA foreign_keys = ON;');
|
|
|
|
|
//add additional functions to SQLite so that they are accessible inside SQL
|
|
|
|
|
//bool PDO::sqliteCreateFunction ( string function_name, callback callback [, int num_args] )
|
|
|
|
|
$this->db->sqliteCreateFunction('md5', 'php_md5', 1);
|
|
|
|
|
$this->db->sqliteCreateFunction('unix_timestamp', 'php_unix_timestamp', 1);
|
|
|
|
|
$this->db->sqliteCreateFunction('now', 'php_now', 0);
|
|
|
|
|
$this->db->sqliteCreateFunction('sqlitedatatype', 'php_sqlite_data_type', 2);
|
|
|
|
|
$this->db->sqliteCreateFunction('strleft', 'php_left', 2);
|
|
|
|
|
$this->db->sqliteCreateFunction('strright', 'php_right', 2);
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2013-06-08 07:58:07 +02:00
|
|
|
else {
|
|
|
|
|
echo "not found";
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-07-24 01:31:02 +02:00
|
|
|
if ($this->driver == "mysql") {
|
2012-06-04 16:58:40 +02:00
|
|
|
try {
|
|
|
|
|
//mysql pdo connection
|
2012-07-24 01:31:02 +02:00
|
|
|
if (strlen($this->host) == 0 && strlen($this->port) == 0) {
|
2012-06-04 16:58:40 +02:00
|
|
|
//if both host and port are empty use the unix socket
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db = new PDO("mysql:host=$this->host;unix_socket=/var/run/mysqld/mysqld.sock;dbname=$this->db_name", $this->username, $this->password);
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2012-07-24 01:31:02 +02:00
|
|
|
if (strlen($this->port) == 0) {
|
2012-06-04 16:58:40 +02:00
|
|
|
//leave out port if it is empty
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db = new PDO("mysql:host=$this->host;dbname=$this->db_name;", $this->username, $this->password, array(
|
2012-06-04 16:58:40 +02:00
|
|
|
PDO::ATTR_ERRMODE,
|
|
|
|
|
PDO::ERRMODE_EXCEPTION
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
else {
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db = new PDO("mysql:host=$this->host;port=$this->port;dbname=$this->db_name;", $this->username, $this->password, array(
|
2012-06-04 16:58:40 +02:00
|
|
|
PDO::ATTR_ERRMODE,
|
|
|
|
|
PDO::ERRMODE_EXCEPTION
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (PDOException $error) {
|
|
|
|
|
print "error: " . $error->getMessage() . "<br/>";
|
|
|
|
|
die();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-07-24 01:31:02 +02:00
|
|
|
if ($this->driver == "pgsql") {
|
2012-06-04 16:58:40 +02:00
|
|
|
//database connection
|
|
|
|
|
try {
|
2012-07-24 01:31:02 +02:00
|
|
|
if (strlen($this->host) > 0) {
|
|
|
|
|
if (strlen($this->port) == 0) { $this->port = "5432"; }
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db = new PDO("pgsql:host=$this->host port=$this->port dbname=$this->db_name user=$this->username password=$this->password");
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db = new PDO("pgsql:dbname=$this->db_name user=$this->username password=$this->password");
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (PDOException $error) {
|
|
|
|
|
print "error: " . $error->getMessage() . "<br/>";
|
|
|
|
|
die();
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-07-24 01:31:02 +02:00
|
|
|
|
|
|
|
|
if ($this->driver == "odbc") {
|
|
|
|
|
//database connection
|
|
|
|
|
try {
|
2014-01-19 14:06:27 +01:00
|
|
|
$this->db = new PDO("odbc:".$this->db_name, $this->username, $this->password);
|
2012-07-24 01:31:02 +02:00
|
|
|
}
|
|
|
|
|
catch (PDOException $e) {
|
|
|
|
|
echo 'Connection failed: ' . $e->getMessage();
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
|
2012-07-22 07:37:30 +02:00
|
|
|
public function tables() {
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "sqlite") {
|
|
|
|
|
$sql = "SELECT name FROM sqlite_master ";
|
|
|
|
|
$sql .= "WHERE type='table' ";
|
|
|
|
|
$sql .= "order by name;";
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "pgsql") {
|
|
|
|
|
$sql = "select table_name as name ";
|
|
|
|
|
$sql .= "from information_schema.tables ";
|
|
|
|
|
$sql .= "where table_schema='public' ";
|
|
|
|
|
$sql .= "and table_type='BASE TABLE' ";
|
|
|
|
|
$sql .= "order by table_name ";
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "mysql") {
|
|
|
|
|
$sql = "show tables";
|
|
|
|
|
}
|
2012-07-24 01:31:02 +02:00
|
|
|
if ($this->type == "mssql") {
|
2012-07-28 23:32:44 +02:00
|
|
|
$sql = "SELECT * FROM sys.Tables order by name asc";
|
2012-07-24 01:31:02 +02:00
|
|
|
}
|
2012-07-22 07:37:30 +02:00
|
|
|
$prep_statement = $this->db->prepare(check_sql($sql));
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$tmp = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
2012-07-24 01:31:02 +02:00
|
|
|
if ($this->type == "pgsql" || $this->type == "sqlite" || $this->type == "mssql") {
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($tmp)) {
|
|
|
|
|
foreach ($tmp as &$row) {
|
|
|
|
|
$result[]['name'] = $row['name'];
|
|
|
|
|
}
|
2012-07-22 08:35:00 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "mysql") {
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($tmp)) {
|
|
|
|
|
foreach ($tmp as &$row) {
|
|
|
|
|
$table_array = array_values($row);
|
|
|
|
|
$result[]['name'] = $table_array[0];
|
|
|
|
|
}
|
2012-07-22 08:35:00 +02:00
|
|
|
}
|
2012-07-22 07:37:30 +02:00
|
|
|
}
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function table_info() {
|
|
|
|
|
//public $db;
|
|
|
|
|
//public $type;
|
|
|
|
|
//public $table;
|
|
|
|
|
//public $name;
|
|
|
|
|
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the names
|
|
|
|
|
$this->table = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->table);
|
|
|
|
|
$this->db_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->db_name);
|
2012-07-22 07:37:30 +02:00
|
|
|
//get the table info
|
|
|
|
|
if (strlen($this->table) == 0) { return false; }
|
|
|
|
|
if ($this->type == "sqlite") {
|
|
|
|
|
$sql = "PRAGMA table_info(".$this->table.");";
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "pgsql") {
|
|
|
|
|
$sql = "SELECT ordinal_position, ";
|
|
|
|
|
$sql .= "column_name, ";
|
|
|
|
|
$sql .= "data_type, ";
|
|
|
|
|
$sql .= "column_default, ";
|
|
|
|
|
$sql .= "is_nullable, ";
|
|
|
|
|
$sql .= "character_maximum_length, ";
|
|
|
|
|
$sql .= "numeric_precision ";
|
|
|
|
|
$sql .= "FROM information_schema.columns ";
|
|
|
|
|
$sql .= "WHERE table_name = '".$this->table."' ";
|
2014-01-19 14:06:27 +01:00
|
|
|
$sql .= "and table_catalog = '".$this->db_name."' ";
|
2012-07-22 07:37:30 +02:00
|
|
|
$sql .= "ORDER BY ordinal_position; ";
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "mysql") {
|
2012-07-24 01:31:02 +02:00
|
|
|
$sql = "DESCRIBE ".$this->table.";";
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "mssql") {
|
|
|
|
|
$sql = "SELECT * FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = '".$this->table."'";
|
2012-07-22 07:37:30 +02:00
|
|
|
}
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
//set the result array
|
|
|
|
|
return $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function fields() {
|
|
|
|
|
//public $db;
|
|
|
|
|
//public $type;
|
|
|
|
|
//public $table;
|
|
|
|
|
//public $name;
|
|
|
|
|
|
|
|
|
|
//get the table info
|
|
|
|
|
$table_info = $this->table_info();
|
2012-07-22 08:35:00 +02:00
|
|
|
|
2012-07-22 07:37:30 +02:00
|
|
|
//set the list of fields
|
|
|
|
|
if ($this->type == "sqlite") {
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($table_info)) {
|
|
|
|
|
foreach($table_info as $row) {
|
|
|
|
|
$result[]['name'] = $row['name'];
|
|
|
|
|
}
|
2012-07-22 07:37:30 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "pgsql") {
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($table_info)) {
|
|
|
|
|
foreach($table_info as $row) {
|
|
|
|
|
$result[]['name'] = $row['column_name'];
|
|
|
|
|
}
|
2012-07-22 07:37:30 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($this->type == "mysql") {
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($table_info)) {
|
|
|
|
|
foreach($table_info as $row) {
|
|
|
|
|
$result[]['name'] = $row['Field'];
|
|
|
|
|
}
|
2012-07-22 07:37:30 +02:00
|
|
|
}
|
|
|
|
|
}
|
2012-07-24 01:31:02 +02:00
|
|
|
if ($this->type == "mssql") {
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($table_info)) {
|
|
|
|
|
foreach($table_info as $row) {
|
|
|
|
|
$result[]['name'] = $row['COLUMN_NAME'];
|
|
|
|
|
}
|
2012-07-24 01:31:02 +02:00
|
|
|
}
|
|
|
|
|
}
|
2012-07-22 08:35:00 +02:00
|
|
|
|
2012-07-22 07:37:30 +02:00
|
|
|
//return the result array
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
//public function disconnect() {
|
|
|
|
|
// return null;
|
|
|
|
|
//}
|
|
|
|
|
|
|
|
|
|
public function find() {
|
|
|
|
|
//connect;
|
|
|
|
|
//table;
|
|
|
|
|
//where;
|
|
|
|
|
//order_by;
|
|
|
|
|
//limit;
|
|
|
|
|
//offset;
|
|
|
|
|
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the name
|
|
|
|
|
$this->table = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->table);
|
2012-06-04 16:58:40 +02:00
|
|
|
//get data from the database
|
2012-06-14 19:32:41 +02:00
|
|
|
$sql = "select * from ".$this->table." ";
|
2012-06-04 16:58:40 +02:00
|
|
|
if ($this->where) {
|
|
|
|
|
$i = 0;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($this->where)) {
|
|
|
|
|
foreach($this->where as $row) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the name
|
|
|
|
|
$array['name'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array['name']);
|
|
|
|
|
|
|
|
|
|
//validate the operator
|
|
|
|
|
switch ($row['operator']) {
|
|
|
|
|
case "<": break;
|
|
|
|
|
case ">": break;
|
|
|
|
|
case "<=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "<>": break;
|
|
|
|
|
case "!=": break;
|
|
|
|
|
default:
|
|
|
|
|
//invalid operator
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//build the sql
|
2016-11-27 08:16:18 +01:00
|
|
|
if ($i == 0) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= 'where '.$row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= 'where '.$row['name']." ".$row['operator']." :".$row['name']." ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
|
|
|
|
else {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= "and ".$row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "and ".$row['name']." ".$row['operator']." :".$row['name']." ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
|
|
|
|
//add the name and value to the params array
|
|
|
|
|
$params[$row['name']] = $row['value'];
|
|
|
|
|
|
|
|
|
|
//increment $i
|
2016-11-27 08:16:18 +01:00
|
|
|
$i++;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
if (is_array($this->order_by)) {
|
2012-06-04 16:58:40 +02:00
|
|
|
$sql .= "order by ";
|
|
|
|
|
$i = 1;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($this->order_by)) {
|
|
|
|
|
foreach($this->order_by as $row) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the name
|
|
|
|
|
$row['name'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $row['name']);
|
|
|
|
|
|
|
|
|
|
//sanitize the order
|
|
|
|
|
switch ($row['order']) {
|
|
|
|
|
case "asc":
|
|
|
|
|
break;
|
|
|
|
|
case "desc":
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
$row['order'] = '';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//build the sql
|
2016-11-27 08:16:18 +01:00
|
|
|
if (count($this->order_by) == $i) {
|
|
|
|
|
$sql .= $row['name']." ".$row['order']." ";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= $row['name']." ".$row['order'].", ";
|
|
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
|
|
|
|
//increment $i
|
2016-11-27 08:16:18 +01:00
|
|
|
$i++;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
|
|
|
|
//limit
|
|
|
|
|
if (isset($this->limit) && is_numeric($this->limit)) {
|
|
|
|
|
$sql .= "limit ".$this->limit." ";
|
|
|
|
|
}
|
|
|
|
|
//offset
|
|
|
|
|
if (isset($this->offset) && is_numeric($this->offset)) {
|
|
|
|
|
$sql .= "offset ".$this->offset." ";
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
if ($prep_statement) {
|
2017-07-16 01:09:01 +02:00
|
|
|
$prep_statement->execute($params);
|
|
|
|
|
$array = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
unset($prep_statement);
|
|
|
|
|
return $array;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-21 06:59:25 +02:00
|
|
|
// Use this function to execute complex queries
|
2016-11-23 21:39:20 +01:00
|
|
|
public function execute() {
|
2016-11-19 19:57:36 +01:00
|
|
|
|
2014-06-21 07:22:45 +02:00
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
2016-11-19 19:57:36 +01:00
|
|
|
|
2014-06-21 07:22:45 +02:00
|
|
|
//get data from the database
|
2016-11-19 19:57:36 +01:00
|
|
|
$prep_statement = $this->db->prepare($this->sql);
|
2014-06-21 06:59:25 +02:00
|
|
|
if ($prep_statement) {
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
return $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-16 04:20:51 +02:00
|
|
|
|
|
|
|
|
public function add() {
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
|
|
|
|
//add data to the database
|
|
|
|
|
$sql = "insert into ".$this->table;
|
|
|
|
|
$sql .= " (";
|
|
|
|
|
$i = 1;
|
|
|
|
|
if (is_array($this->fields)) {
|
|
|
|
|
foreach($this->fields as $name => $value) {
|
|
|
|
|
if (count($this->fields) == $i) {
|
|
|
|
|
$sql .= $name." ";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= $name.", ";
|
|
|
|
|
}
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= ") ";
|
|
|
|
|
$sql .= "values ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
$i = 1;
|
|
|
|
|
if (is_array($this->fields)) {
|
|
|
|
|
foreach($this->fields as $name => $value) {
|
|
|
|
|
if (count($this->fields) == $i) {
|
|
|
|
|
if (strlen($value) > 0) {
|
|
|
|
|
//$sql .= "'".$value."' ";
|
|
|
|
|
$sql .= ":".$value." ";
|
|
|
|
|
$params[$name] = $value;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= "null ";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (strlen($value) > 0) {
|
|
|
|
|
//$sql .= "'".$value."', ";
|
|
|
|
|
$sql .= ":".$value.", ";
|
|
|
|
|
$params[$name] = $value;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= "null, ";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= ")";
|
|
|
|
|
|
|
|
|
|
//execute the query, show exceptions
|
|
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
|
|
try {
|
|
|
|
|
//$this->sql = $sql;
|
|
|
|
|
//$this->db->exec($sql);
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute($params);
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
echo "<b>Error:</b><br />\n";
|
|
|
|
|
echo "<table>\n";
|
|
|
|
|
echo "<tr>\n";
|
|
|
|
|
echo "<td>\n";
|
|
|
|
|
echo $e->getMessage();
|
|
|
|
|
echo "</td>\n";
|
|
|
|
|
echo "</tr>\n";
|
|
|
|
|
echo "</table>\n";
|
|
|
|
|
}
|
|
|
|
|
unset($sql, $prep_statement, $this->fields);
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-19 22:10:06 +01:00
|
|
|
public function delete($array) {
|
2012-06-04 16:58:40 +02:00
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
2016-11-19 19:49:38 +01:00
|
|
|
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the table name
|
|
|
|
|
$this->table = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->table);
|
|
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
//delete from the database
|
2016-11-19 19:49:38 +01:00
|
|
|
if (isset($this->table) && isset($this->where)) {
|
2016-11-27 08:16:18 +01:00
|
|
|
$i = 0;
|
2017-07-16 01:09:01 +02:00
|
|
|
$sql = "delete from ".$this->table." ";
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($this->where)) {
|
2016-11-19 19:49:38 +01:00
|
|
|
foreach($this->where as $row) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the name
|
|
|
|
|
$row['name'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $row['name']);
|
|
|
|
|
|
|
|
|
|
//validate the operator
|
|
|
|
|
switch ($row['operator']) {
|
|
|
|
|
case "<": break;
|
|
|
|
|
case ">": break;
|
|
|
|
|
case "<=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "<>": break;
|
|
|
|
|
case "!=": break;
|
|
|
|
|
default:
|
|
|
|
|
//invalid operator
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//build the sql
|
2016-11-19 19:49:38 +01:00
|
|
|
if ($i == 0) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= $row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "where ".$row['name']." ".$row['operator']." :".$row['name']." ";
|
2016-11-19 19:49:38 +01:00
|
|
|
}
|
|
|
|
|
else {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= $row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "and ".$row['name']." ".$row['operator']." :".$row['name']." ";
|
2016-11-19 19:49:38 +01:00
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
|
|
|
|
//add the name and value to the params array
|
|
|
|
|
$params[$row['name']] = $row['value'];
|
|
|
|
|
|
|
|
|
|
//increment $i
|
2016-11-19 19:49:38 +01:00
|
|
|
$i++;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
2016-11-19 19:49:38 +01:00
|
|
|
//echo $sql."<br>\n";
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
2017-07-16 01:09:01 +02:00
|
|
|
$prep_statement->execute($params);
|
|
|
|
|
unset($sql, $this->where);
|
2016-11-19 19:49:38 +01:00
|
|
|
return;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2016-11-19 22:10:06 +01:00
|
|
|
|
|
|
|
|
//return the array
|
|
|
|
|
if (!is_array($array)) { echo "not an array"; return false; }
|
|
|
|
|
|
|
|
|
|
//set the message id
|
|
|
|
|
$m = 0;
|
|
|
|
|
|
|
|
|
|
//set the app name
|
|
|
|
|
if (!isset($this->app_name)) {
|
|
|
|
|
$this->app_name = $this->name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//normalize the array structure
|
|
|
|
|
//$new_array = $this->normalize_array($array, $this->name);
|
|
|
|
|
//unset($array);
|
|
|
|
|
$new_array = $array;
|
|
|
|
|
|
|
|
|
|
//debug sql
|
|
|
|
|
$this->debug["sql"] = true;
|
|
|
|
|
|
|
|
|
|
//start the atomic transaction
|
2017-03-17 05:20:11 +01:00
|
|
|
//$this->db->beginTransaction();
|
2016-11-19 22:10:06 +01:00
|
|
|
|
|
|
|
|
//debug info
|
|
|
|
|
//echo "<pre>\n";
|
|
|
|
|
//print_r($new_array);
|
|
|
|
|
//echo "</pre>\n";
|
|
|
|
|
//exit;
|
|
|
|
|
|
2016-11-23 21:39:20 +01:00
|
|
|
//get the $apps array from the installed apps from the core and mod directories
|
|
|
|
|
//$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/$schema_name/app_config.php");
|
|
|
|
|
/*
|
|
|
|
|
$x = 0;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($config_list)) {
|
|
|
|
|
foreach ($config_list as &$config_path) {
|
|
|
|
|
include($config_path);
|
|
|
|
|
$x++;
|
|
|
|
|
}
|
2016-11-23 21:39:20 +01:00
|
|
|
}
|
|
|
|
|
$tables = $apps[0]['db'];
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($tables)) {
|
|
|
|
|
foreach ($tables as &$row) {
|
|
|
|
|
//print_r($row);
|
|
|
|
|
$table = $row['table'];
|
|
|
|
|
echo $table."\n";
|
|
|
|
|
foreach ($row['fields'] as &$field) {
|
|
|
|
|
if (isset($field['key']['type'])) {
|
|
|
|
|
print_r($field);
|
|
|
|
|
}
|
2016-11-23 21:39:20 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
*/
|
|
|
|
|
|
2016-11-19 22:10:06 +01:00
|
|
|
//loop through the array
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($new_array)) {
|
|
|
|
|
foreach ($new_array as $schema_name => $schema_array) {
|
|
|
|
|
|
2017-07-14 18:52:30 +02:00
|
|
|
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $schema_name);
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($schema_array)) {
|
|
|
|
|
foreach ($schema_array as $schema_id => $array) {
|
|
|
|
|
|
|
|
|
|
//set the variables
|
|
|
|
|
$table_name = "v_".$this->name;
|
|
|
|
|
$parent_key_name = $this->singular($this->name)."_uuid";
|
|
|
|
|
|
|
|
|
|
//if the uuid is set then set parent key exists and value
|
|
|
|
|
//determine if the parent_key_exists
|
|
|
|
|
$parent_key_exists = false;
|
|
|
|
|
if (isset($array[$parent_key_name])) {
|
2017-05-28 18:18:07 +02:00
|
|
|
$parent_key_value = $array[$parent_key_name];
|
2016-11-27 08:16:18 +01:00
|
|
|
$parent_key_exists = true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (isset($this->uuid)) {
|
|
|
|
|
$parent_key_exists = true;
|
|
|
|
|
$parent_key_value = $this->uuid;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
|
|
|
|
else {
|
2016-11-27 08:16:18 +01:00
|
|
|
$parent_key_value = uuid();
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the parent field names
|
|
|
|
|
$parent_field_names = array();
|
|
|
|
|
if (is_array($array)) {
|
|
|
|
|
foreach ($array as $key => $value) {
|
|
|
|
|
if (!is_array($value)) {
|
|
|
|
|
$parent_field_names[] = $key;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
|
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the data before the delete
|
|
|
|
|
if ($parent_key_exists) {
|
|
|
|
|
$sql = "SELECT * FROM ".$table_name." ";
|
2017-05-28 18:18:07 +02:00
|
|
|
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
2016-11-27 08:16:18 +01:00
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
if ($prep_statement) {
|
|
|
|
|
//get the data
|
|
|
|
|
try {
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
echo 'Caught exception: ', $e->getMessage(), "<br/><br/>\n";
|
|
|
|
|
echo $sql;
|
|
|
|
|
exit;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
|
|
|
|
|
2016-11-27 08:16:18 +01:00
|
|
|
//set the action
|
|
|
|
|
if (count($result) > 0) {
|
|
|
|
|
$action = "delete";
|
|
|
|
|
$old_array[$schema_name] = $result;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset($prep_statement);
|
|
|
|
|
unset($result);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//delete a specific uuid
|
|
|
|
|
if ($action == "delete") {
|
|
|
|
|
if (permission_exists($this->singular($this->name).'_delete') && strlen($parent_key_value) > 0
|
|
|
|
|
&& ($parent_key_exists) && is_uuid($parent_key_value)) {
|
|
|
|
|
//set the table name
|
|
|
|
|
$table_name = 'v_'.$this->name;
|
|
|
|
|
|
|
|
|
|
//parent data
|
|
|
|
|
$sql = "DELETE FROM $table_name ";
|
|
|
|
|
$sql .= "WHERE $parent_key_name = '$parent_key_value' ;";
|
|
|
|
|
//echo $sql;
|
|
|
|
|
//$sql = "DELETE FROM :table_name ";
|
|
|
|
|
//$sql .= "WHERE :parent_key_name = ':parent_key_value'; ";
|
|
|
|
|
//$statement = $this->db->prepare($sql);
|
|
|
|
|
//$statement->bindParam(':table_name', $table_name);
|
|
|
|
|
//$statement->bindParam(':parent_key_name', $parent_key_name);
|
|
|
|
|
//$statement->bindParam(':parent_key_value', $parent_key_value);
|
|
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
|
|
try {
|
|
|
|
|
$this->db->query(check_sql($sql));
|
|
|
|
|
//$statement->execute();
|
|
|
|
|
$message["message"] = "OK";
|
|
|
|
|
$message["code"] = "200";
|
|
|
|
|
$message["uuid"] = $parent_key_value;
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
$message["details"][$m]["uuid"] = $parent_key_value;
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
unset($sql);
|
|
|
|
|
unset($statement);
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
catch(PDOException $e) {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$message["name"] = $this->name;
|
2017-05-26 07:54:10 +02:00
|
|
|
$message["message"] = "Forbidden, does not have '".$this->singular($this->name)."_delete'";
|
2016-11-27 08:16:18 +01:00
|
|
|
$message["code"] = "403";
|
|
|
|
|
$message["line"] = __line__;
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//unset the variables
|
|
|
|
|
unset($sql, $action);
|
|
|
|
|
|
|
|
|
|
//child data
|
|
|
|
|
if (is_array($array)) {
|
|
|
|
|
foreach ($array as $key => $value) {
|
|
|
|
|
|
|
|
|
|
if (is_array($value)) {
|
|
|
|
|
$table_name = "v_".$key;
|
|
|
|
|
foreach ($value as $id => $row) {
|
|
|
|
|
//prepare the variables
|
|
|
|
|
$child_name = $this->singular($key);
|
|
|
|
|
$child_key_name = $child_name."_uuid";
|
|
|
|
|
|
|
|
|
|
//determine if the parent key exists in the child array
|
|
|
|
|
$parent_key_exists = false;
|
|
|
|
|
if (!isset($array[$parent_key_name])) {
|
|
|
|
|
$parent_key_exists = true;
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
|
|
|
|
|
//determine if the uuid exists
|
|
|
|
|
$uuid_exists = false;
|
|
|
|
|
if (is_array($row)) {
|
|
|
|
|
foreach ($row as $k => $v) {
|
|
|
|
|
if ($child_key_name == $k) {
|
|
|
|
|
if (strlen($v) > 0) {
|
|
|
|
|
$child_key_value = $v;
|
|
|
|
|
$uuid_exists = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$uuid_exists = false;
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
|
|
|
|
|
2016-11-27 08:16:18 +01:00
|
|
|
//get the child field names
|
|
|
|
|
$child_field_names = array();
|
|
|
|
|
if (is_array($row)) {
|
|
|
|
|
foreach ($row as $k => $v) {
|
|
|
|
|
if (!is_array($v)) {
|
|
|
|
|
$child_field_names[] = $k;
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
|
|
|
|
|
//get the child data
|
|
|
|
|
if ($uuid_exists) {
|
|
|
|
|
$sql = "SELECT * FROM ".$table_name." ";
|
|
|
|
|
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
if ($prep_statement) {
|
|
|
|
|
//get the data
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
|
|
|
|
//set the action
|
|
|
|
|
if (is_array($child_array)) {
|
|
|
|
|
$action = "delete";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "";
|
|
|
|
|
}
|
|
|
|
|
//add to the parent array
|
|
|
|
|
if (is_array($child_array)) {
|
|
|
|
|
$old_array[$schema_name][$schema_id][$key][] = $child_array;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset($prep_statement);
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
else {
|
|
|
|
|
$action = "";
|
2016-11-19 22:10:06 +01:00
|
|
|
}
|
|
|
|
|
|
2016-11-27 08:16:18 +01:00
|
|
|
//delete the child data
|
|
|
|
|
if ($action == "delete") {
|
|
|
|
|
if (permission_exists($child_name.'_delete')) {
|
|
|
|
|
$sql = "DELETE FROM ".$table_name." ";
|
|
|
|
|
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
2017-05-28 18:18:07 +02:00
|
|
|
if (strlen($parent_key_value) > 0) { $sql .= "AND ".$parent_key_name." = '".$parent_key_value."' "; }
|
2016-11-27 08:16:18 +01:00
|
|
|
//$sql = "DELETE FROM :table_name ";
|
|
|
|
|
//$sql .= "WHERE :child_key_name = ':child_key_value' ";
|
2017-05-28 18:18:07 +02:00
|
|
|
//if (strlen($parent_key_value) > 0) { $sql .= "AND :parent_key_name = ':parent_key_value' }";
|
2016-11-27 08:16:18 +01:00
|
|
|
//$statement = $this->db->prepare($sql);
|
|
|
|
|
//$statement->bindParam(':table_name', $table_name);
|
|
|
|
|
//$statement->bindParam(':parent_key_name', $parent_key_name);
|
2017-05-28 18:18:07 +02:00
|
|
|
//$statement->bindParam(':parent_key_value', $parent_key_value);
|
2016-11-27 08:16:18 +01:00
|
|
|
//$statement->bindParam(':child_key_name', $child_key_name);
|
|
|
|
|
//$statement->bindParam(':child_key_value', $child_key_value);
|
|
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
|
|
try {
|
|
|
|
|
$this->db->query(check_sql($sql));
|
|
|
|
|
//$statement->execute();
|
|
|
|
|
$message["details"][$m]["name"] = $key;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
$message["details"][$m]["uuid"] = $child_key_value;
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
|
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
if ($message["code"] = "200") {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
}
|
|
|
|
|
$message["details"][$m]["name"] = $key;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
|
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$message["name"] = $child_name;
|
2017-05-26 07:54:10 +02:00
|
|
|
$message["message"] = "Forbidden, does not have '${child_name}_delete'";
|
2016-11-27 08:16:18 +01:00
|
|
|
$message["code"] = "403";
|
|
|
|
|
$message["line"] = __line__;
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
} //action update
|
2016-11-19 22:10:06 +01:00
|
|
|
|
2016-11-27 08:16:18 +01:00
|
|
|
//unset the variables
|
|
|
|
|
unset($sql, $action, $child_key_name, $child_key_value);
|
|
|
|
|
} // foreach value
|
2016-11-19 22:10:06 +01:00
|
|
|
|
2016-11-27 08:16:18 +01:00
|
|
|
} //is array
|
|
|
|
|
} //foreach array
|
|
|
|
|
|
|
|
|
|
} //is_array array
|
|
|
|
|
} // foreach schema_array
|
|
|
|
|
|
|
|
|
|
} //is_array $schema_array
|
|
|
|
|
} // foreach main array
|
|
|
|
|
}
|
2016-11-19 22:10:06 +01:00
|
|
|
|
|
|
|
|
//return the before and after data
|
|
|
|
|
//log this in the future
|
2016-11-27 08:16:18 +01:00
|
|
|
//if (is_array($old_array)) {
|
2016-11-19 22:10:06 +01:00
|
|
|
//normalize the array structure
|
|
|
|
|
//$old_array = $this->normalize_array($old_array, $this->name);
|
|
|
|
|
|
|
|
|
|
//debug info
|
|
|
|
|
//echo "<pre>\n";
|
|
|
|
|
//print_r($old_array);
|
|
|
|
|
//echo "</pre>\n";
|
|
|
|
|
//exit;
|
2016-11-27 08:16:18 +01:00
|
|
|
//}
|
2016-11-19 22:10:06 +01:00
|
|
|
//$message["new"] = $new_array;
|
|
|
|
|
//$message["new"]["md5"] = md5(json_encode($new_array));
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
|
|
|
|
|
//commit the atomic transaction
|
2017-03-17 05:20:11 +01:00
|
|
|
//$this->db->commit();
|
2016-11-19 22:10:06 +01:00
|
|
|
|
2017-06-11 16:48:18 +02:00
|
|
|
//get the UUIDs
|
|
|
|
|
$user_uuid = $_SESSION['user_uuid'];
|
2016-11-19 22:10:06 +01:00
|
|
|
$domain_uuid = $_SESSION['domain_uuid'];
|
|
|
|
|
|
|
|
|
|
//log the transaction results
|
|
|
|
|
if (file_exists($_SERVER["PROJECT_ROOT"]."/app/database_transactions/app_config.php")) {
|
|
|
|
|
$sql = "insert into v_database_transactions ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
$sql .= "database_transaction_uuid, ";
|
|
|
|
|
$sql .= "domain_uuid, ";
|
2017-06-11 16:48:18 +02:00
|
|
|
if (strlen($user_uuid) > 0) {
|
|
|
|
|
$sql .= "user_uuid, ";
|
|
|
|
|
}
|
2017-06-09 21:31:50 +02:00
|
|
|
if (strlen($this->app_uuid) > 0) {
|
2016-11-19 22:10:06 +01:00
|
|
|
$sql .= "app_uuid, ";
|
|
|
|
|
}
|
|
|
|
|
$sql .= "app_name, ";
|
|
|
|
|
$sql .= "transaction_code, ";
|
|
|
|
|
$sql .= "transaction_address, ";
|
|
|
|
|
//$sql .= "transaction_type, ";
|
|
|
|
|
$sql .= "transaction_date, ";
|
|
|
|
|
$sql .= "transaction_old, ";
|
|
|
|
|
$sql .= "transaction_new, ";
|
|
|
|
|
$sql .= "transaction_result ";
|
|
|
|
|
$sql .= ")";
|
|
|
|
|
$sql .= "values ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
$sql .= "'".uuid()."', ";
|
|
|
|
|
$sql .= "'".$domain_uuid."', ";
|
2017-06-11 16:48:18 +02:00
|
|
|
if (strlen($user_uuid) > 0) {
|
|
|
|
|
$sql .= "'".$user_uuid."', ";
|
|
|
|
|
}
|
2017-06-09 21:31:50 +02:00
|
|
|
if (strlen($this->app_uuid) > 0) {
|
2016-11-19 22:10:06 +01:00
|
|
|
$sql .= "'".$this->app_uuid."', ";
|
|
|
|
|
}
|
|
|
|
|
$sql .= "'".$this->app_name."', ";
|
|
|
|
|
$sql .= "'".$message["code"]."', ";
|
|
|
|
|
$sql .= "'".$_SERVER['REMOTE_ADDR']."', ";
|
|
|
|
|
//$sql .= "'$transaction_type', ";
|
|
|
|
|
$sql .= "now(), ";
|
|
|
|
|
$sql .= "'".check_str(json_encode($old_array, JSON_PRETTY_PRINT))."', ";
|
|
|
|
|
$sql .= "'".check_str(json_encode($new_array, JSON_PRETTY_PRINT))."', ";
|
|
|
|
|
$sql .= "'".check_str(json_encode($this->message, JSON_PRETTY_PRINT))."' ";
|
|
|
|
|
$sql .= ")";
|
|
|
|
|
$this->db->exec(check_sql($sql));
|
|
|
|
|
unset($sql);
|
|
|
|
|
}
|
2016-11-23 21:39:20 +01:00
|
|
|
} //delete
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
public function count() {
|
2017-07-16 01:09:01 +02:00
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the table name
|
|
|
|
|
$this->table = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->table);
|
|
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
//get the number of rows
|
2012-06-14 19:32:41 +02:00
|
|
|
$sql = "select count(*) as num_rows from ".$this->table." ";
|
2012-06-04 16:58:40 +02:00
|
|
|
if ($this->where) {
|
|
|
|
|
$i = 0;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($this->where)) {
|
|
|
|
|
foreach($this->where as $row) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the name
|
|
|
|
|
$row['name'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $row['name']);
|
|
|
|
|
|
|
|
|
|
//validate the operator
|
|
|
|
|
switch ($row['operator']) {
|
|
|
|
|
case "<": break;
|
|
|
|
|
case ">": break;
|
|
|
|
|
case "<=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "<>": break;
|
|
|
|
|
case "!=": break;
|
|
|
|
|
default:
|
|
|
|
|
//invalid operator
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//build the sql
|
2016-11-27 08:16:18 +01:00
|
|
|
if ($i == 0) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= $row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "where ".$row['name']." ".$row['operator']." :".$row['name']." ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
|
|
|
|
else {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= $row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "and ".$row['name']." ".$row['operator']." :".$row['name']." ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
|
|
|
|
//add the name and value to the params array
|
|
|
|
|
$params[$row['name']] = $row['value'];
|
|
|
|
|
|
|
|
|
|
//increment $i
|
2016-11-27 08:16:18 +01:00
|
|
|
$i++;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset($this->where);
|
2017-07-16 01:09:01 +02:00
|
|
|
$prep_statement = $this->db->prepare($sql);
|
2012-06-04 16:58:40 +02:00
|
|
|
if ($prep_statement) {
|
2017-07-16 01:09:01 +02:00
|
|
|
$prep_statement->execute($params);
|
2012-06-04 16:58:40 +02:00
|
|
|
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
|
|
|
|
if ($row['num_rows'] > 0) {
|
2015-03-22 08:54:35 +01:00
|
|
|
return $row['num_rows'];
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2015-03-22 08:54:35 +01:00
|
|
|
return 0;
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset($prep_statement);
|
2017-07-16 01:09:01 +02:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
} //count
|
|
|
|
|
|
2016-11-02 19:31:59 +01:00
|
|
|
public function select($sql) {
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
|
|
|
|
//execute the query, and return the results
|
|
|
|
|
try {
|
|
|
|
|
$prep_statement = $this->db->prepare(check_sql($sql));
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$message["message"] = "OK";
|
|
|
|
|
$message["code"] = "200";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
|
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$this->result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
|
|
|
unset($prep_statement);
|
|
|
|
|
$m++;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
|
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$this->result = '';
|
|
|
|
|
$m++;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
} //select
|
|
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
public function find_new() {
|
|
|
|
|
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
|
|
|
|
//set the name
|
|
|
|
|
if (isset($array['name'])) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array['name']);
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
//set the uuid
|
2017-07-16 01:09:01 +02:00
|
|
|
if (isset($array['uuid']) and $this->is_uuid($array['uuid'])) {
|
2016-10-16 18:45:04 +02:00
|
|
|
$this->uuid = $array['uuid'];
|
|
|
|
|
}
|
|
|
|
|
//build the query
|
|
|
|
|
$sql = "SELECT * FROM v_".$this->name." ";
|
|
|
|
|
if (isset($this->uuid)) {
|
|
|
|
|
//get the specific uuid
|
|
|
|
|
$sql .= "WHERE ".$this->singular($this->name)."_uuid = '".$this->uuid."' ";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
//where
|
2016-11-27 08:16:18 +01:00
|
|
|
$i = 0;
|
|
|
|
|
if (is_array($array)) {
|
2016-10-16 18:45:04 +02:00
|
|
|
foreach($array['where'] as $row) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//sanitize the name
|
|
|
|
|
$array['name'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array['name']);
|
|
|
|
|
|
|
|
|
|
//validate the operator
|
|
|
|
|
switch ($row['operator']) {
|
|
|
|
|
case "<": break;
|
|
|
|
|
case ">": break;
|
|
|
|
|
case "<=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "=": break;
|
|
|
|
|
case ">=": break;
|
|
|
|
|
case "<>": break;
|
|
|
|
|
case "!=": break;
|
|
|
|
|
default:
|
|
|
|
|
//invalid operator
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//build the sql
|
2016-10-16 18:45:04 +02:00
|
|
|
if ($i == 0) {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= "WHERE ".$row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "WHERE ".$row['name']." ".$row['operator']." :".$row['value']." ";
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2017-07-16 01:09:01 +02:00
|
|
|
//$sql .= "AND ".$row['name']." ".$row['operator']." '".$row['value']."' ";
|
|
|
|
|
$sql .= "AND ".$row['name']." ".$row['operator']." :".$row['value']." ";
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
2017-07-16 01:09:01 +02:00
|
|
|
|
|
|
|
|
//add the name and value to the params array
|
|
|
|
|
$params[$row['name']] = $row['value'];
|
|
|
|
|
|
|
|
|
|
//increment $i
|
2016-10-16 18:45:04 +02:00
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
//order by
|
2017-07-16 01:09:01 +02:00
|
|
|
if (isset($array['order_by'])) {
|
|
|
|
|
$array['order_by'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array['order_by']);
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql .= "ORDER BY ".$array['order_by']." ";
|
|
|
|
|
}
|
|
|
|
|
//limit
|
2017-07-16 01:09:01 +02:00
|
|
|
if (isset($array['limit']) && is_numeric($array['limit'])) {
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql .= "LIMIT ".$array['limit']." ";
|
|
|
|
|
}
|
|
|
|
|
//offset
|
2017-07-16 01:09:01 +02:00
|
|
|
if (isset($array['offset']) && is_numeric($array['offset'])) {
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql .= "OFFSET ".$array['offset']." ";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
//execute the query, and return the results
|
|
|
|
|
try {
|
2017-07-16 01:09:01 +02:00
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute($params);
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["message"] = "OK";
|
|
|
|
|
$message["code"] = "200";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
|
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$this->result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
|
|
|
unset($prep_statement);
|
|
|
|
|
$m++;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
|
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$this->result = '';
|
|
|
|
|
$m++;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
|
|
|
|
|
private function normalize_array($array, $name) {
|
|
|
|
|
//get the depth of the array
|
|
|
|
|
$depth = $this->array_depth($array);
|
|
|
|
|
//before normalizing the array
|
|
|
|
|
//echo "before: ".$depth."<br />\n";
|
|
|
|
|
//echo "<pre>\n";
|
|
|
|
|
//print_r($array);
|
|
|
|
|
//echo "</pre>\n";
|
|
|
|
|
//normalize the array
|
|
|
|
|
if ($depth == 1) {
|
|
|
|
|
$return_array[$name][] = $array;
|
|
|
|
|
} else if ($depth == 2) {
|
|
|
|
|
$return_array[$name] = $array;
|
|
|
|
|
//} else if ($depth == 3) {
|
|
|
|
|
// $return_array[$name][] = $array;
|
|
|
|
|
} else {
|
|
|
|
|
$return_array = $array;
|
|
|
|
|
}
|
|
|
|
|
unset($array);
|
|
|
|
|
//after normalizing the array
|
|
|
|
|
$depth = $this->array_depth($new_array);
|
|
|
|
|
//echo "after: ".$depth."<br />\n";
|
|
|
|
|
//echo "<pre>\n";
|
|
|
|
|
//print_r($new_array);
|
|
|
|
|
//echo "</pre>\n";
|
|
|
|
|
//return the array
|
|
|
|
|
return $return_array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function uuid($uuid) {
|
|
|
|
|
$this->uuid = $uuid;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function save($array) {
|
|
|
|
|
|
|
|
|
|
//return the array
|
|
|
|
|
if (!is_array($array)) { echo "not an array"; return false; }
|
|
|
|
|
|
|
|
|
|
//set the message id
|
|
|
|
|
$m = 0;
|
|
|
|
|
|
|
|
|
|
//set the app name
|
|
|
|
|
if (!isset($this->app_name)) {
|
|
|
|
|
$this->app_name = $this->name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//normalize the array structure
|
|
|
|
|
//$new_array = $this->normalize_array($array, $this->name);
|
|
|
|
|
//unset($array);
|
|
|
|
|
$new_array = $array;
|
|
|
|
|
|
|
|
|
|
//connect to the database if needed
|
|
|
|
|
if (!$this->db) {
|
|
|
|
|
$this->connect();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//debug sql
|
|
|
|
|
$this->debug["sql"] = true;
|
|
|
|
|
|
|
|
|
|
//start the atomic transaction
|
2017-07-15 04:44:45 +02:00
|
|
|
$this->db->beginTransaction();
|
2016-10-16 18:45:04 +02:00
|
|
|
|
|
|
|
|
//debug info
|
|
|
|
|
//echo "<pre>\n";
|
|
|
|
|
//print_r($new_array);
|
|
|
|
|
//echo "</pre>\n";
|
|
|
|
|
//exit;
|
2017-03-17 05:20:11 +01:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
//loop through the array
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($new_array)) foreach ($new_array as $schema_name => $schema_array) {
|
2016-10-16 18:45:04 +02:00
|
|
|
|
2017-07-14 18:52:30 +02:00
|
|
|
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $schema_name);
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($schema_array)) foreach ($schema_array as $schema_id => $array) {
|
2016-10-16 18:45:04 +02:00
|
|
|
|
|
|
|
|
//set the variables
|
|
|
|
|
$table_name = "v_".$this->name;
|
|
|
|
|
$parent_key_name = $this->singular($this->name)."_uuid";
|
2017-07-14 18:52:30 +02:00
|
|
|
$parent_key_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $parent_key_name);
|
2016-10-16 18:45:04 +02:00
|
|
|
|
|
|
|
|
//if the uuid is set then set parent key exists and value
|
|
|
|
|
//determine if the parent_key_exists
|
|
|
|
|
$parent_key_exists = false;
|
|
|
|
|
if (isset($array[$parent_key_name])) {
|
2017-05-28 18:18:07 +02:00
|
|
|
$parent_key_value = $array[$parent_key_name];
|
2016-10-16 18:45:04 +02:00
|
|
|
$parent_key_exists = true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (isset($this->uuid)) {
|
|
|
|
|
$parent_key_exists = true;
|
|
|
|
|
$parent_key_value = $this->uuid;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$parent_key_value = uuid();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-11 08:13:54 +02:00
|
|
|
//allow characters found in the uuid only.
|
2017-07-14 18:52:30 +02:00
|
|
|
$parent_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $parent_key_value);
|
2017-07-11 08:13:54 +02:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
//get the parent field names
|
|
|
|
|
$parent_field_names = array();
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($array)) foreach ($array as $key => $value) {
|
2016-10-16 18:45:04 +02:00
|
|
|
if (!is_array($value)) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$parent_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $key);
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//determine action update or delete and get the original data
|
|
|
|
|
if ($parent_key_exists) {
|
|
|
|
|
$sql = "SELECT ".implode(", ", $parent_field_names)." FROM ".$table_name." ";
|
2017-05-28 18:18:07 +02:00
|
|
|
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
2016-10-16 18:45:04 +02:00
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
if ($prep_statement) {
|
|
|
|
|
//get the data
|
|
|
|
|
try {
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
echo 'Caught exception: ', $e->getMessage(), "<br/><br/>\n";
|
|
|
|
|
echo $sql;
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//set the action
|
|
|
|
|
if (count($result) > 0) {
|
|
|
|
|
$action = "update";
|
|
|
|
|
$old_array[$schema_name] = $result;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "add";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset($prep_statement);
|
|
|
|
|
unset($result);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "add";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//add a record
|
|
|
|
|
if ($action == "add") {
|
|
|
|
|
|
|
|
|
|
if (permission_exists($this->singular($this->name).'_add')) {
|
|
|
|
|
|
2017-07-15 04:41:23 +02:00
|
|
|
$params = array();
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql = "INSERT INTO v_".$this->name." ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
if (!$parent_key_exists) {
|
|
|
|
|
$sql .= $parent_key_name.", ";
|
|
|
|
|
}
|
|
|
|
|
//foreach ($parent_field_names as $field_name) {
|
|
|
|
|
// $sql .= check_str($field_name).", ";
|
|
|
|
|
//}
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($array)) foreach ($array as $array_key => $array_value) {
|
2016-10-16 18:45:04 +02:00
|
|
|
if (!is_array($array_value)) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
|
2017-07-11 19:30:22 +02:00
|
|
|
$sql .= $array_key.", ";
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= ") ";
|
|
|
|
|
$sql .= "VALUES ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
if (!$parent_key_exists) {
|
|
|
|
|
$sql .= "'".$parent_key_value."', ";
|
|
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($array)) foreach ($array as $array_key => $array_value) {
|
2016-10-16 18:45:04 +02:00
|
|
|
if (!is_array($array_value)) {
|
|
|
|
|
if (strlen($array_value) == 0) {
|
|
|
|
|
$sql .= "null, ";
|
|
|
|
|
}
|
2017-07-08 09:10:28 +02:00
|
|
|
elseif ($array_value === "now()") {
|
2017-07-04 17:48:52 +02:00
|
|
|
$sql .= "now(), ";
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
else {
|
2017-07-14 18:52:30 +02:00
|
|
|
//$sql .= "'".check_str($array_value)."', ";
|
|
|
|
|
$sql .= ':'.$array_key.", ";
|
|
|
|
|
$params[$array_key] = $array_value;
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= ");";
|
|
|
|
|
$sql = str_replace(", )", ")", $sql);
|
2017-07-11 20:48:20 +02:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
2017-07-11 20:48:20 +02:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
try {
|
2017-07-14 18:52:30 +02:00
|
|
|
//$this->db->query(check_sql($sql));
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute($params);
|
|
|
|
|
unset($prep_statement);
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["message"] = "OK";
|
|
|
|
|
$message["code"] = "200";
|
|
|
|
|
$message["uuid"] = $parent_key_value;
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
$message["details"][$m]["uuid"] = $parent_key_value;
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
2017-07-15 04:41:23 +02:00
|
|
|
unset($params);
|
2016-10-16 18:45:04 +02:00
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
2017-07-14 18:52:30 +02:00
|
|
|
$message["details"][$m]["array"] = $array;
|
2016-10-16 18:45:04 +02:00
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
2017-07-15 04:41:23 +02:00
|
|
|
unset($params);
|
2016-10-16 18:45:04 +02:00
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
unset($sql);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$message["name"] = $this->name;
|
2017-05-26 07:54:10 +02:00
|
|
|
$message["message"] = "Forbidden, does not have '".$this->singular($this->name)."_add'";
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["code"] = "403";
|
|
|
|
|
$message["line"] = __line__;
|
|
|
|
|
$this->message[] = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//edit a specific uuid
|
|
|
|
|
if ($action == "update") {
|
|
|
|
|
if (permission_exists($this->singular($this->name).'_edit')) {
|
|
|
|
|
|
|
|
|
|
//parent data
|
2017-07-15 04:41:23 +02:00
|
|
|
$params = array();
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql = "UPDATE v_".$this->name." SET ";
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($array)) {
|
|
|
|
|
foreach ($array as $array_key => $array_value) {
|
|
|
|
|
if (!is_array($array_value) && $array_key != $parent_key_name) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
|
2016-11-27 08:16:18 +01:00
|
|
|
if (strlen($array_value) == 0) {
|
2017-07-11 19:30:22 +02:00
|
|
|
$sql .= $array_key." = null, ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2017-07-08 09:10:28 +02:00
|
|
|
elseif ($array_value === "now()") {
|
2017-07-11 19:30:22 +02:00
|
|
|
$sql .= $array_key." = now(), ";
|
2017-07-04 17:48:52 +02:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
else {
|
2017-07-14 18:52:30 +02:00
|
|
|
//$sql .= $array_key." = '".check_str($array_value)."', ";
|
|
|
|
|
$sql .= $array_key." = :".$array_key.", ";
|
|
|
|
|
$params[$array_key] = $array_value;
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
|
|
|
|
$sql = str_replace(", WHERE", " WHERE", $sql);
|
|
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
|
|
try {
|
2017-07-14 18:52:30 +02:00
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute($params);
|
|
|
|
|
//$this->db->query(check_sql($sql));
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["message"] = "OK";
|
|
|
|
|
$message["code"] = "200";
|
|
|
|
|
$message["uuid"] = $parent_key_value;
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
$message["details"][$m]["uuid"] = $parent_key_value;
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
2017-07-15 04:41:23 +02:00
|
|
|
unset($params);
|
2016-10-16 18:45:04 +02:00
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
unset($sql);
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
$message["details"][$m]["name"] = $this->name;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
2017-07-15 04:41:23 +02:00
|
|
|
unset($params);
|
2016-10-16 18:45:04 +02:00
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$message["name"] = $this->name;
|
2017-05-26 07:54:10 +02:00
|
|
|
$message["message"] = "Forbidden, does not have '".$this->singular($this->name)."_edit'";
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["code"] = "403";
|
|
|
|
|
$message["line"] = __line__;
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//unset the variables
|
|
|
|
|
unset($sql, $action);
|
|
|
|
|
|
|
|
|
|
//child data
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($array)) foreach ($array as $key => $value) {
|
2016-10-16 18:45:04 +02:00
|
|
|
|
|
|
|
|
if (is_array($value)) {
|
|
|
|
|
$table_name = "v_".$key;
|
2017-07-14 18:52:30 +02:00
|
|
|
$table_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $table_name);
|
2016-10-16 18:45:04 +02:00
|
|
|
foreach ($value as $id => $row) {
|
|
|
|
|
//prepare the variables
|
|
|
|
|
$child_name = $this->singular($key);
|
2017-07-14 18:52:30 +02:00
|
|
|
$child_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_name);
|
2016-10-16 18:45:04 +02:00
|
|
|
$child_key_name = $child_name."_uuid";
|
2017-03-17 05:20:11 +01:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
//determine if the parent key exists in the child array
|
|
|
|
|
$parent_key_exists = false;
|
|
|
|
|
if (!isset($array[$parent_key_name])) {
|
|
|
|
|
$parent_key_exists = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//determine if the uuid exists
|
|
|
|
|
$uuid_exists = false;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($row)) foreach ($row as $k => $v) {
|
2016-10-16 18:45:04 +02:00
|
|
|
if ($child_key_name == $k) {
|
|
|
|
|
if (strlen($v) > 0) {
|
|
|
|
|
$child_key_value = $v;
|
|
|
|
|
$uuid_exists = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$uuid_exists = false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-11 08:13:54 +02:00
|
|
|
//allow characters found in the uuid only.
|
2017-07-14 18:52:30 +02:00
|
|
|
$child_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_key_value);
|
2017-07-11 08:13:54 +02:00
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
//get the child field names
|
|
|
|
|
$child_field_names = array();
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($row)) foreach ($row as $k => $v) {
|
2016-10-16 18:45:04 +02:00
|
|
|
if (!is_array($v)) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$child_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//determine sql update or delete and get the original data
|
|
|
|
|
if ($uuid_exists) {
|
|
|
|
|
$sql = "SELECT ". implode(", ", $child_field_names)." FROM ".$table_name." ";
|
|
|
|
|
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
if ($prep_statement) {
|
|
|
|
|
//get the data
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
|
|
|
|
//set the action
|
|
|
|
|
if (is_array($child_array)) {
|
|
|
|
|
$action = "update";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "add";
|
|
|
|
|
}
|
|
|
|
|
//add to the parent array
|
|
|
|
|
if (is_array($child_array)) {
|
|
|
|
|
$old_array[$schema_name][$schema_id][$key][] = $child_array;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
unset($prep_statement);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$action = "add";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//update the data
|
|
|
|
|
if ($action == "update") {
|
|
|
|
|
if (permission_exists($child_name.'_edit')) {
|
|
|
|
|
$sql = "UPDATE ".$table_name." SET ";
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($row)) {
|
|
|
|
|
foreach ($row as $k => $v) {
|
|
|
|
|
if (!is_array($v) && ($k != $parent_key_name || $k != $child_key_name)) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
2016-11-27 08:16:18 +01:00
|
|
|
if (strlen($v) == 0) {
|
2017-07-11 19:30:22 +02:00
|
|
|
$sql .= $k." = null, ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2017-07-08 09:10:28 +02:00
|
|
|
elseif ($v === "now()") {
|
2017-07-11 19:30:22 +02:00
|
|
|
$sql .= $k." = now(), ";
|
2017-07-04 17:48:52 +02:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
else {
|
2017-07-14 18:52:30 +02:00
|
|
|
//$sql .= "$k = '".check_str($v)."', ";
|
2017-07-15 04:41:23 +02:00
|
|
|
$sql .= $k." = :".$k.", ";
|
|
|
|
|
$params[$k] = $v;
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-05-28 18:18:07 +02:00
|
|
|
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql .= "AND ".$child_key_name." = '".$child_key_value."' ";
|
|
|
|
|
$sql = str_replace(", WHERE", " WHERE", $sql);
|
|
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
2017-07-11 19:30:22 +02:00
|
|
|
|
|
|
|
|
//$prep_statement->bindParam(':domain_uuid', $_SESSION["domain_uuid"] );
|
|
|
|
|
|
2016-10-16 18:45:04 +02:00
|
|
|
try {
|
2017-07-14 18:52:30 +02:00
|
|
|
//$this->db->query(check_sql($sql));
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute($params);
|
2017-07-15 04:41:23 +02:00
|
|
|
unset($prep_statement);
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["details"][$m]["name"] = $key;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
$message["details"][$m]["uuid"] = $child_key_value;
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
unset($params);
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
if ($message["code"] = "200") {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
}
|
|
|
|
|
$message["details"][$m]["name"] = $key;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
unset($params);
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$message["name"] = $child_name;
|
2017-05-26 07:54:10 +02:00
|
|
|
$message["message"] = "Forbidden, does not have '${child_name}_edit'";
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["code"] = "403";
|
|
|
|
|
$message["line"] = __line__;
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
} //action update
|
|
|
|
|
|
|
|
|
|
//add the data
|
|
|
|
|
if ($action == "add") {
|
|
|
|
|
if (permission_exists($child_name.'_add')) {
|
|
|
|
|
//determine if child or parent key exists
|
2017-03-17 05:20:11 +01:00
|
|
|
$child_key_name = $child_name.'_uuid';
|
2016-10-16 18:45:04 +02:00
|
|
|
$parent_key_exists = false;
|
|
|
|
|
$child_key_exists = false;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($row)) {
|
|
|
|
|
foreach ($row as $k => $v) {
|
|
|
|
|
if ($k == $parent_key_name) {
|
|
|
|
|
$parent_key_exists = true;
|
|
|
|
|
}
|
|
|
|
|
if ($k == $child_key_name) {
|
|
|
|
|
$child_key_exists = true;
|
|
|
|
|
$child_key_value = $v;
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!$child_key_value) {
|
|
|
|
|
$child_key_value = uuid();
|
|
|
|
|
}
|
|
|
|
|
//build the insert
|
|
|
|
|
$sql = "INSERT INTO ".$table_name." ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
if (!$parent_key_exists) {
|
|
|
|
|
$sql .= $this->singular($parent_key_name).", ";
|
|
|
|
|
}
|
|
|
|
|
if (!$child_key_exists) {
|
|
|
|
|
$sql .= $this->singular($child_key_name).", ";
|
|
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($row)) {
|
|
|
|
|
foreach ($row as $k => $v) {
|
|
|
|
|
if (!is_array($v)) {
|
2017-07-14 18:52:30 +02:00
|
|
|
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
2017-07-11 19:30:22 +02:00
|
|
|
$sql .= $k.", ";
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= ") ";
|
|
|
|
|
$sql .= "VALUES ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
if (!$parent_key_exists) {
|
|
|
|
|
$sql .= "'".$parent_key_value."', ";
|
|
|
|
|
}
|
|
|
|
|
if (!$child_key_exists) {
|
|
|
|
|
$sql .= "'".$child_key_value."', ";
|
|
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($row)) {
|
|
|
|
|
foreach ($row as $k => $v) {
|
|
|
|
|
if (!is_array($v)) {
|
|
|
|
|
if (strlen($v) == 0) {
|
|
|
|
|
$sql .= "null, ";
|
|
|
|
|
}
|
2017-07-08 09:10:28 +02:00
|
|
|
elseif ($v === "now()") {
|
2017-07-04 17:48:52 +02:00
|
|
|
$sql .= "now(), ";
|
|
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
else {
|
2017-07-14 18:52:30 +02:00
|
|
|
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
|
|
//$sql .= "'".check_str($v)."', ";
|
|
|
|
|
$sql .= ':'.$k.", ";
|
|
|
|
|
$params[$k] = $v;
|
2016-11-27 08:16:18 +01:00
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$sql .= ");";
|
|
|
|
|
$sql = str_replace(", )", ")", $sql);
|
|
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
|
|
try {
|
2017-07-14 18:52:30 +02:00
|
|
|
//$this->db->query(check_sql($sql));
|
|
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
|
|
$prep_statement->execute($params);
|
|
|
|
|
unset($prep_statement);
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["details"][$m]["name"] = $key;
|
|
|
|
|
$message["details"][$m]["message"] = "OK";
|
|
|
|
|
$message["details"][$m]["code"] = "200";
|
|
|
|
|
$message["details"][$m]["uuid"] = $child_key_value;
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
unset($params);
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
catch(PDOException $e) {
|
|
|
|
|
if ($message["code"] = "200") {
|
|
|
|
|
$message["message"] = "Bad Request";
|
|
|
|
|
$message["code"] = "400";
|
|
|
|
|
}
|
|
|
|
|
$message["details"][$m]["name"] = $key;
|
|
|
|
|
$message["details"][$m]["message"] = $e->getMessage();
|
|
|
|
|
$message["details"][$m]["code"] = "400";
|
|
|
|
|
if ($this->debug["sql"]) {
|
|
|
|
|
$message["details"][$m]["sql"] = $sql;
|
2017-07-14 18:52:30 +02:00
|
|
|
if (is_array($params)) {
|
|
|
|
|
$message["details"][$m]["params"] = $params;
|
|
|
|
|
unset($params);
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$message["name"] = $child_name;
|
2017-05-26 07:54:10 +02:00
|
|
|
$message["message"] = "Forbidden, does not have '${child_name}_add'";
|
2016-10-16 18:45:04 +02:00
|
|
|
$message["code"] = "403";
|
|
|
|
|
$message["line"] = __line__;
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
$m++;
|
|
|
|
|
}
|
|
|
|
|
} //action add
|
|
|
|
|
|
|
|
|
|
//unset the variables
|
|
|
|
|
unset($sql, $action, $child_key_name, $child_key_value);
|
|
|
|
|
} // foreach value
|
|
|
|
|
|
|
|
|
|
} //is array
|
|
|
|
|
} //foreach array
|
|
|
|
|
|
|
|
|
|
} // foreach schema_array
|
|
|
|
|
} // foreach main array
|
|
|
|
|
|
|
|
|
|
//return the before and after data
|
|
|
|
|
//log this in the future
|
2016-11-27 08:16:18 +01:00
|
|
|
//if (is_array($old_array)) {
|
2016-10-16 18:45:04 +02:00
|
|
|
//normalize the array structure
|
|
|
|
|
//$old_array = $this->normalize_array($old_array, $this->name);
|
|
|
|
|
|
|
|
|
|
//debug info
|
|
|
|
|
//echo "<pre>\n";
|
|
|
|
|
//print_r($old_array);
|
|
|
|
|
//echo "</pre>\n";
|
|
|
|
|
//exit;
|
2016-11-27 08:16:18 +01:00
|
|
|
//}
|
2016-10-16 18:45:04 +02:00
|
|
|
//$message["new"] = $new_array;
|
|
|
|
|
//$message["new"]["md5"] = md5(json_encode($new_array));
|
|
|
|
|
$this->message = $message;
|
|
|
|
|
|
|
|
|
|
//commit the atomic transaction
|
2017-07-15 04:44:45 +02:00
|
|
|
$this->db->commit();
|
2016-10-16 18:45:04 +02:00
|
|
|
|
2017-06-11 16:48:18 +02:00
|
|
|
//get the UUIDs
|
|
|
|
|
$user_uuid = $_SESSION['user_uuid'];
|
2016-10-16 18:45:04 +02:00
|
|
|
$domain_uuid = $_SESSION['domain_uuid'];
|
|
|
|
|
|
|
|
|
|
//log the transaction results
|
|
|
|
|
if (file_exists($_SERVER["PROJECT_ROOT"]."/app/database_transactions/app_config.php")) {
|
|
|
|
|
$sql = "insert into v_database_transactions ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
$sql .= "database_transaction_uuid, ";
|
|
|
|
|
$sql .= "domain_uuid, ";
|
2017-06-11 16:48:18 +02:00
|
|
|
if (strlen($user_uuid) > 0) {
|
|
|
|
|
$sql .= "user_uuid, ";
|
|
|
|
|
}
|
2017-06-09 21:31:50 +02:00
|
|
|
if (strlen($this->app_uuid) > 0) {
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql .= "app_uuid, ";
|
|
|
|
|
}
|
|
|
|
|
$sql .= "app_name, ";
|
|
|
|
|
$sql .= "transaction_code, ";
|
|
|
|
|
$sql .= "transaction_address, ";
|
|
|
|
|
//$sql .= "transaction_type, ";
|
|
|
|
|
$sql .= "transaction_date, ";
|
|
|
|
|
$sql .= "transaction_old, ";
|
|
|
|
|
$sql .= "transaction_new, ";
|
|
|
|
|
$sql .= "transaction_result ";
|
|
|
|
|
$sql .= ")";
|
|
|
|
|
$sql .= "values ";
|
|
|
|
|
$sql .= "(";
|
|
|
|
|
$sql .= "'".uuid()."', ";
|
|
|
|
|
$sql .= "'".$domain_uuid."', ";
|
2017-06-11 16:48:18 +02:00
|
|
|
if (strlen($user_uuid) > 0) {
|
|
|
|
|
$sql .= "'".$user_uuid."', ";
|
|
|
|
|
}
|
2017-06-09 21:31:50 +02:00
|
|
|
if (strlen($this->app_uuid) > 0) {
|
2016-10-16 18:45:04 +02:00
|
|
|
$sql .= "'".$this->app_uuid."', ";
|
|
|
|
|
}
|
|
|
|
|
$sql .= "'".$this->app_name."', ";
|
|
|
|
|
$sql .= "'".$message["code"]."', ";
|
|
|
|
|
$sql .= "'".$_SERVER['REMOTE_ADDR']."', ";
|
|
|
|
|
//$sql .= "'$transaction_type', ";
|
|
|
|
|
$sql .= "now(), ";
|
|
|
|
|
$sql .= "'".check_str(json_encode($old_array, JSON_PRETTY_PRINT))."', ";
|
|
|
|
|
$sql .= "'".check_str(json_encode($new_array, JSON_PRETTY_PRINT))."', ";
|
|
|
|
|
$sql .= "'".check_str(json_encode($this->message, JSON_PRETTY_PRINT))."' ";
|
|
|
|
|
$sql .= ")";
|
|
|
|
|
$this->db->exec(check_sql($sql));
|
|
|
|
|
unset($sql);
|
|
|
|
|
}
|
|
|
|
|
} //save method
|
|
|
|
|
|
|
|
|
|
//define singular function to convert a word in english to singular
|
|
|
|
|
private function singular($word) {
|
|
|
|
|
//"-es" is used for words that end in "-x", "-s", "-z", "-sh", "-ch" in which case you add
|
|
|
|
|
if (substr($word, -2) == "es") {
|
|
|
|
|
if (substr($word, -3, 1) == "x") {
|
|
|
|
|
return substr($word,0,-2);
|
|
|
|
|
}
|
|
|
|
|
if (substr($word, -3, 1) == "s") {
|
|
|
|
|
return substr($word,0,-2);
|
|
|
|
|
}
|
|
|
|
|
elseif (substr($word, -3, 1) == "z") {
|
|
|
|
|
return substr($word,0,-2);
|
|
|
|
|
}
|
|
|
|
|
elseif (substr($word, -4, 2) == "sh") {
|
|
|
|
|
return substr($word,0,-2);
|
|
|
|
|
}
|
|
|
|
|
elseif (substr($word, -4, 2) == "ch") {
|
|
|
|
|
return substr($word,0,-2);
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return rtrim($word, "s");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return rtrim($word, "s");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function get_apps() {
|
|
|
|
|
//get the $apps array from the installed apps from the core and mod directories
|
|
|
|
|
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
|
|
|
|
|
$x = 0;
|
2016-11-27 08:16:18 +01:00
|
|
|
if (is_array($config_list)) {
|
|
|
|
|
foreach ($config_list as &$config_path) {
|
|
|
|
|
include($config_path);
|
|
|
|
|
$x++;
|
|
|
|
|
}
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
|
|
|
|
$_SESSION['apps'] = $apps;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function array_depth($array) {
|
|
|
|
|
if (is_array($array)) {
|
|
|
|
|
foreach ($array as $value) {
|
|
|
|
|
if (!isset($depth)) { $depth = 1; }
|
|
|
|
|
if (is_array($value)) {
|
|
|
|
|
$depth = $this->array_depth($value) + 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$depth = 0;
|
|
|
|
|
}
|
|
|
|
|
return $depth;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function domain_uuid_exists($name) {
|
|
|
|
|
//get the $apps array from the installed apps from the core and mod directories
|
|
|
|
|
if (!is_array($_SESSION['apps'])) {
|
|
|
|
|
$this->get_apps();
|
|
|
|
|
}
|
|
|
|
|
//search through all fields to see if domain_uuid exists
|
2016-11-27 08:16:18 +01:00
|
|
|
$apps = $_SESSION['apps'];
|
|
|
|
|
if (is_array($apps)) {
|
|
|
|
|
foreach ($apps as $x => &$app) {
|
|
|
|
|
if (is_array($app['db'])) {
|
|
|
|
|
foreach ($app['db'] as $y => &$row) {
|
|
|
|
|
if ($row['table'] == $name) {
|
|
|
|
|
if (is_array($row['fields'])) {
|
|
|
|
|
foreach ($row['fields'] as $z => $field) {
|
|
|
|
|
if ($field['name'] == "domain_uuid") {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
} //foreach
|
|
|
|
|
} //is array
|
2016-10-16 18:45:04 +02:00
|
|
|
}
|
2016-11-27 08:16:18 +01:00
|
|
|
} //foreach
|
|
|
|
|
} //is array
|
|
|
|
|
} //foreach
|
|
|
|
|
} //is array
|
2016-10-16 18:45:04 +02:00
|
|
|
//not found
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} //class database
|
|
|
|
|
} //!class_exists
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2016-10-20 23:03:52 +02:00
|
|
|
//addtitional functions for sqlite
|
|
|
|
|
if (!function_exists('php_md5')) {
|
|
|
|
|
function php_md5($string) {
|
|
|
|
|
return md5($string);
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
|
2016-10-20 23:03:52 +02:00
|
|
|
if (!function_exists('php_unix_time_stamp')) {
|
|
|
|
|
function php_unix_time_stamp($string) {
|
|
|
|
|
return strtotime($string);
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
|
2016-10-20 23:03:52 +02:00
|
|
|
if (!function_exists('php_now')) {
|
|
|
|
|
function php_now() {
|
|
|
|
|
return date("Y-m-d H:i:s");
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
|
2016-10-20 23:03:52 +02:00
|
|
|
if (!function_exists('php_left')) {
|
|
|
|
|
function php_left($string, $num) {
|
|
|
|
|
return substr($string, 0, $num);
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
|
2016-10-20 23:03:52 +02:00
|
|
|
if (!function_exists('php_right')) {
|
|
|
|
|
function php_right($string, $num) {
|
|
|
|
|
return substr($string, (strlen($string)-$num), strlen($string));
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2016-10-20 23:03:52 +02:00
|
|
|
//example usage
|
|
|
|
|
//find
|
|
|
|
|
require_once "resources/classes/database.php";
|
|
|
|
|
$database = new database;
|
|
|
|
|
$database->domain_uuid = $_SESSION["domain_uuid"];
|
|
|
|
|
$database->type = $db_type;
|
|
|
|
|
$database->table = "v_extensions";
|
|
|
|
|
$where[0]['name'] = 'domain_uuid';
|
|
|
|
|
$where[0]['value'] = $_SESSION["domain_uuid"];
|
|
|
|
|
$where[0]['operator'] = '=';
|
|
|
|
|
$database->where = $where;
|
|
|
|
|
$order_by[0]['name'] = 'extension';
|
|
|
|
|
$database->order_by = $order_by;
|
|
|
|
|
$database->order_type = 'desc';
|
|
|
|
|
$database->limit = '2';
|
|
|
|
|
$database->offset = '0';
|
|
|
|
|
$database->find();
|
|
|
|
|
print_r($database->result);
|
|
|
|
|
//insert
|
|
|
|
|
require_once "resources/classes/database.php";
|
|
|
|
|
$database = new database;
|
|
|
|
|
$database->domain_uuid = $_SESSION["domain_uuid"];
|
|
|
|
|
$database->table = "v_ivr_menus";
|
|
|
|
|
$fields[0]['name'] = 'domain_uuid';
|
|
|
|
|
$fields[0]['value'] = $_SESSION["domain_uuid"];
|
2017-07-16 01:09:01 +02:00
|
|
|
echo $database->count();
|
2017-07-16 01:20:21 +02:00
|
|
|
*/
|
2016-10-16 18:45:04 +02:00
|
|
|
?>
|
