From 041be65ccc5d4a4b3fdba10a8a4509e2e794c9f2 Mon Sep 17 00:00:00 2001 From: Alexey Melnichuk Date: Mon, 21 Nov 2016 23:48:05 +0300 Subject: [PATCH] Add. Use params in agent_status/index.lua (#2125) --- .../scripts/app/agent_status/index.lua | 49 ++++++++++++------- 1 file changed, 31 insertions(+), 18 deletions(-) diff --git a/resources/install/scripts/app/agent_status/index.lua b/resources/install/scripts/app/agent_status/index.lua index 230c59785b..b15da74b2c 100644 --- a/resources/install/scripts/app/agent_status/index.lua +++ b/resources/install/scripts/app/agent_status/index.lua @@ -6,8 +6,14 @@ debug["sql"] = true; --connect to the database - require "resources.functions.database_handle"; - dbh = database_handle('system'); + local Database = require "resources.functions.database"; + dbh = Database.new('system'); + +--include json library + local json + if (debug["sql"]) then + json = require "resources.functions.lunajson" + end --set the api api = freeswitch.API(); @@ -66,14 +72,19 @@ end --get the agent password - sql = "SELECT * FROM v_call_center_agents "; - sql = sql .. "WHERE domain_uuid = '" .. domain_uuid .."' "; - sql = sql .. "AND agent_id = '" .. agent_id .."' "; + local params = {domain_uuid = domain_uuid, agent_id = agent_id} + local sql = "SELECT * FROM v_call_center_agents "; + sql = sql .. "WHERE domain_uuid = :domain_uuid "; + sql = sql .. "AND agent_id = :agent_id "; if (agent_authorized ~= 'true') then - sql = sql .. "AND agent_password = '" .. agent_password .."' "; + sql = sql .. "AND agent_password = :agent_password "; + params.agent_password = agent_password; end - freeswitch.consoleLog("notice", "[user status] sql: " .. sql .. "\n"); - dbh:query(sql, function(row) + if (debug["sql"]) then + freeswitch.consoleLog("notice", "[user status] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); + end + + dbh:query(sql, params, function(row) --set the variables agent_name = row.agent_name; agent_id = row.agent_id; @@ -91,13 +102,14 @@ --get the user_uuid if (agent_authorized == 'true') then - sql = "SELECT user_uuid, user_status FROM v_users "; - sql = sql .. "WHERE username = '".. agent_name .."' "; - sql = sql .. "AND domain_uuid = '" .. domain_uuid .."' "; + local sql = "SELECT user_uuid, user_status FROM v_users "; + sql = sql .. "WHERE username = :agent_name "; + sql = sql .. "AND domain_uuid = :domain_uuid "; + local params = {agent_name = agent_name, domain_uuid = domain_uuid}; if (debug["sql"]) then - freeswitch.consoleLog("NOTICE", "[call_center] sql: ".. sql .. "\n"); + freeswitch.consoleLog("notice", "[call_center] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); end - dbh:query(sql, function(row) + dbh:query(sql, params, function(row) --get the user info user_uuid = row.user_uuid; user_status = row.user_status; @@ -113,13 +125,14 @@ freeswitch.consoleLog("NOTICE", "[call_center] user_status: ".. status .. "\n"); --set the user_status in the users table - sql = "UPDATE v_users SET "; - sql = sql .. "user_status = '"..status.."' "; - sql = sql .. "WHERE user_uuid = '" .. user_uuid .."' "; + local sql = "UPDATE v_users SET "; + sql = sql .. "user_status = :status "; + sql = sql .. "WHERE user_uuid = :user_uuid "; + local params = {status = status, user_uuid = user_uuid}; if (debug["sql"]) then - freeswitch.consoleLog("NOTICE", "[call_center] sql: ".. sql .. "\n"); + freeswitch.consoleLog("notice", "[call_center] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); end - dbh:query(sql); + dbh:query(sql, params); --send a login or logout to mod_callcenter cmd = "callcenter_config agent set status "..agent_name.."@"..domain_name.." '"..status.."'";