diff --git a/resources/classes/menu.php b/resources/classes/menu.php
index 9d7353e9cc..8ce4920b07 100644
--- a/resources/classes/menu.php
+++ b/resources/classes/menu.php
@@ -33,48 +33,52 @@ if (!class_exists('menu')) {
//delete items in the menu that are not protected
public function delete() {
- //set the variable
- $db = $this->db;
//remove existing menu languages
$sql = "delete from v_menu_languages ";
- $sql .= "where menu_uuid = '".$this->menu_uuid."' ";
+ $sql .= "where menu_uuid = :menu_uuid ";
$sql .= "and menu_item_uuid in ( ";
$sql .= " select menu_item_uuid ";
$sql .= " from v_menu_items ";
- $sql .= " where menu_uuid = '".$this->menu_uuid."' ";
+ $sql .= " where menu_uuid = :menu_uuid ";
$sql .= " and ( ";
$sql .= " menu_item_protected <> 'true' ";
$sql .= " or menu_item_protected is null ";
$sql .= " ) ";
- $sql .= ");";
- $db->exec(check_sql($sql));
+ $sql .= ") ";
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $database = new database;
+ $database->execute($sql, $parameters);
+ unset($sql, $parameters);
//remove existing unprotected menu item groups
$sql = "delete from v_menu_item_groups ";
- $sql .= "where menu_uuid = '".$this->menu_uuid."' ";
+ $sql .= "where menu_uuid = :menu_uuid ";
$sql .= "and menu_item_uuid in ( ";
$sql .= " select menu_item_uuid ";
$sql .= " from v_menu_items ";
- $sql .= " where menu_uuid = '".$this->menu_uuid."' ";
+ $sql .= " where menu_uuid = :menu_uuid ";
$sql .= " and ( ";
$sql .= " menu_item_protected <> 'true' ";
$sql .= " or menu_item_protected is null ";
$sql .= " ) ";
- $sql .= ");";
- $db->exec(check_sql($sql));
+ $sql .= ") ";
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $database = new database;
+ $database->execute($sql, $parameters);
+ unset($sql, $parameters);
//remove existing unprotected menu items
$sql = "delete from v_menu_items ";
- $sql .= "where menu_uuid = '".$this->menu_uuid."' ";
+ $sql .= "where menu_uuid = :menu_uuid ";
$sql .= "and (menu_item_protected <> 'true' ";
- $sql .= "or menu_item_protected is null);";
- $db->exec(check_sql($sql));
+ $sql .= "or menu_item_protected is null) ";
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $database = new database;
+ $database->execute($sql, $parameters);
+ unset($sql, $parameters);
}
//restore the menu
public function restore() {
- //set the variables
- $db = $this->db;
-
//get the $apps array from the installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/*/*/app_menu.php");
$x = 0;
@@ -95,16 +99,12 @@ if (!class_exists('menu')) {
}
}
- //begin the transaction
- if ($db_type == "sqlite") {
- $db->beginTransaction();
- }
-
//get the list of languages
$language = new text;
//use the app array to restore the default menu
if (is_array($apps)) {
+ $x = 0;
foreach ($apps as $row) {
if (is_array($row['menu'])) {
foreach ($row['menu'] as $menu) {
@@ -127,93 +127,74 @@ if (!class_exists('menu')) {
$menu_item_exists = true;
//if the item uuid is not currently in the db then add it
- $sql = "select * from v_menu_items ";
- $sql .= "where menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and menu_item_uuid = '".$menu_item_uuid."' ";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
- if (count($result) == 0) {
+ $sql = "select count(*) from v_menu_items ";
+ $sql .= "where menu_uuid = :menu_uuid ";
+ $sql .= "and menu_item_uuid = :menu_item_uuid ";
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $parameters['menu_item_uuid'] = $menu_item_uuid;
+ $database = new database;
+ $num_rows = $database->select($sql, $parameters, 'column');
+ if ($num_rows == 0) {
+ //menu found the menu
+ $menu_item_exists = false;
- //menu found the menu
- $menu_item_exists = false;
-
- //insert the default menu into the database
- $sql = "insert into v_menu_items ";
- $sql .= "(";
- $sql .= "menu_item_uuid, ";
- $sql .= "menu_uuid, ";
- $sql .= "menu_item_title, ";
- $sql .= "menu_item_link, ";
- $sql .= "menu_item_category, ";
- $sql .= "menu_item_icon, ";
+ if ($menu_item_uuid != $menu_item_parent_uuid) {
+ //build insert array
+ $array['menu_items'][$x]['menu_item_uuid'] = $menu_item_uuid;
+ $array['menu_items'][$x]['menu_uuid'] = $this->menu_uuid;
+ $array['menu_items'][$x]['menu_item_title'] = $menu_item_title;
+ $array['menu_items'][$x]['menu_item_link'] = $menu_item_path;
+ $array['menu_items'][$x]['menu_item_category'] = $menu_item_category;
+ $array['menu_items'][$x]['menu_item_icon'] = $menu_item_icon;
if (strlen($menu_item_order) > 0) {
- $sql .= "menu_item_order, ";
+ $array['menu_items'][$x]['menu_item_order'] = $menu_item_order;
}
- if (strlen($menu_item_parent_uuid) > 0) {
- $sql .= "menu_item_parent_uuid, ";
+ if (is_uuid($menu_item_parent_uuid)) {
+ $array['menu_items'][$x]['menu_item_parent_uuid'] = $menu_item_parent_uuid;
}
- $sql .= "menu_item_description ";
- $sql .= ") ";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".$menu_item_uuid."', ";
- $sql .= "'".$this->menu_uuid."', ";
- $sql .= "'".check_str($menu_item_title)."', ";
- $sql .= "'$menu_item_path', ";
- $sql .= "'$menu_item_category', ";
- $sql .= "'$menu_item_icon', ";
- if (strlen($menu_item_order) > 0) {
- $sql .= "'$menu_item_order', ";
- }
- if (strlen($menu_item_parent_uuid) > 0) {
- $sql .= "'$menu_item_parent_uuid', ";
- }
- $sql .= "'$menu_item_description' ";
- $sql .= ")";
- if ($menu_item_uuid == $menu_item_parent_uuid) {
- //echo $sql."
\n";
- }
- else {
- $db->exec(check_sql($sql));
- }
- unset($sql);
+ $array['menu_items'][$x]['menu_item_description'] = $menu_item_description;
+ $x++;
}
+
}
+ unset($sql, $parameters, $num_rows);
//set the menu languages
- if (!$menu_item_exists and is_array($language->languages)) {
+ if (!$menu_item_exists && is_array($language->languages)) {
foreach ($language->languages as $menu_language) {
$menu_item_title = $menu["title"][$menu_language];
- if(strlen($menu_item_title) == 0) {
+ if (strlen($menu_item_title) == 0) {
$menu_item_title = $menu["title"]['en-us'];
}
$menu_language_uuid = uuid();
- $sql = "insert into v_menu_languages ";
- $sql .= "(";
- $sql .= "menu_language_uuid, ";
- $sql .= "menu_item_uuid, ";
- $sql .= "menu_uuid, ";
- $sql .= "menu_language, ";
- $sql .= "menu_item_title ";
- $sql .= ") ";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".$menu_language_uuid."', ";
- $sql .= "'".$menu_item_uuid."', ";
- $sql .= "'".$this->menu_uuid."', ";
- $sql .= "'".$menu_language."', ";
- $sql .= "'".check_str($menu_item_title)."' ";
- $sql .= ")";
- $db->exec(check_sql($sql));
- unset($sql);
+ //build insert array
+ $array['menu_languages'][$x]['menu_language_uuid'] = $menu_language_uuid;
+ $array['menu_languages'][$x]['menu_item_uuid'] = $menu_item_uuid;
+ $array['menu_languages'][$x]['menu_uuid'] = $this->menu_uuid;
+ $array['menu_languages'][$x]['menu_language'] = $menu_language;
+ $array['menu_languages'][$x]['menu_item_title'] = $menu_item_title;
+ $x++;
}
}
}
}
}
+ if (is_array($array) && @sizeof($array) != 0) {
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('menu_item_add', 'temp');
+ $p->add('menu_language_add', 'temp');
+ //execute insert
+ $database = new database;
+ $database->app_name = 'menu';
+ $database->app_uuid = 'f4b3b3d2-6287-489c-2a00-64529e46f2d7';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete('menu_item_add', 'temp');
+ $p->delete('menu_language_add', 'temp');
+ }
}
//make sure the default user groups exist
@@ -223,71 +204,69 @@ if (!class_exists('menu')) {
//get default global group_uuids
$sql = "select group_uuid, group_name from v_groups ";
$sql .= "where domain_uuid is null ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
- if (is_array($result)) {
+ $database = new database;
+ $result = $database->select($sql, null, 'all');
+ if (is_array($result) && @sizeof($result) != 0) {
foreach ($result as $row) {
$group_uuids[$row['group_name']] = $row['group_uuid'];
}
}
- unset($sql, $prep_statement, $result);
+ unset($sql, $result, $row);
//if there are no groups listed in v_menu_item_groups under menu_item_uuid then add the default groups
if (is_array($apps)) {
+ $x = 0;
foreach($apps as $app) {
if (is_array($apps)) {
foreach ($app['menu'] as $sub_row) {
- if (isset($sub_row['groups'])) foreach ($sub_row['groups'] as $group) {
- $sql = "select count(*) as count from v_menu_item_groups ";
- $sql .= "where menu_item_uuid = '".$sub_row['uuid']."' ";
- $sql .= "and menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and group_name = '".$group."' ";
- $sql .= "and group_uuid = '".$group_uuids[$group]."' ";
- //echo $sql."
";
- $prep_statement = $db->prepare($sql);
- $prep_statement->execute();
- $sub_result = $prep_statement->fetch(PDO::FETCH_ASSOC);
- unset ($prep_statement);
- if ($sub_result['count'] == 0) {
- //no menu item groups found add the defaults
- $sql = "insert into v_menu_item_groups ";
- $sql .= "( ";
- $sql .= "menu_item_group_uuid, ";
- $sql .= "menu_uuid, ";
- $sql .= "menu_item_uuid, ";
- $sql .= "group_name, ";
- $sql .= "group_uuid ";
- $sql .= ") ";
- $sql .= "values ";
- $sql .= "( ";
- $sql .= "'".uuid()."', ";
- $sql .= "'".$this->menu_uuid."', ";
- $sql .= "'".$sub_row['uuid']."', ";
- $sql .= "'".$group."', ";
- $sql .= "'".$group_uuids[$group]."' ";
- $sql .= ") ";
- //echo $sql."
";
- $db->exec(check_sql($sql));
- unset($sql);
+ if (isset($sub_row['groups'])) {
+ foreach ($sub_row['groups'] as $group) {
+ $sql = "select count(*) from v_menu_item_groups ";
+ $sql .= "where menu_item_uuid = :menu_item_uuid ";
+ $sql .= "and menu_uuid = :menu_uuid ";
+ $sql .= "and group_name = :group_name ";
+ $sql .= "and group_uuid = :group_uuid ";
+ $parameters['menu_item_uuid'] = $sub_row['uuid'];
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $parameters['group_name'] = $group;
+ $parameters['group_uuid'] = $group_uuids[$group];
+ $database = new database;
+ $num_rows = $database->select($sql, $parameters, 'column');
+ if ($num_rows == 0) {
+ //no menu item groups found, build insert array for defaults
+ $array['menu_item_groups'][$x]['menu_item_group_uuid'] = uuid();
+ $array['menu_item_groups'][$x]['menu_uuid'] = $this->menu_uuid;
+ $array['menu_item_groups'][$x]['menu_item_uuid'] = $sub_row['uuid'];
+ $array['menu_item_groups'][$x]['group_name'] = $group;
+ $array['menu_item_groups'][$x]['group_uuid'] = $group_uuids[$group];
+ $x++;
+ }
+ unset($sql, $parameters, $num_rows);
}
}
}
}
}
+ if (is_array($array) && @sizeof($array) != 0) {
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('menu_item_group_add', 'temp');
+ //execute insert
+ $database = new database;
+ $database->app_name = 'menu';
+ $database->app_uuid = 'f4b3b3d2-6287-489c-2a00-64529e46f2d7';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete('menu_item_group_add', 'temp');
+ }
}
- //commit the transaction
- if ($db_type == "sqlite") {
- $db->commit();
- }
- } //end function
-
+ }
//create the menu
public function build_html($menu_item_level = 0) {
- $db = $this->db;
$menu_html_full = '';
$menu_array = $this->menu_array();
@@ -361,7 +340,7 @@ if (!class_exists('menu')) {
}
return $menu_html_full;
- } //end function
+ }
//create the sub menus
private function build_child_html($menu_item_level, $submenu_array) {
@@ -425,16 +404,10 @@ if (!class_exists('menu')) {
return $submenu_html;
}
- } //end function
+ }
//create the menu array
- public function menu_array($sql = '', $menu_item_level = 0) {
-
- //get the database connnection
- $db = $this->db;
-
- //database object does not exist return immediately
- if (!$db) { return Array(); }
+ public function menu_array($menu_item_level = 0) {
//if there are no groups then set the public group
if (!isset($_SESSION['groups'][0]['group_name'])) {
@@ -442,42 +415,44 @@ if (!class_exists('menu')) {
}
//get the menu from the database
- if (strlen($sql) == 0) {
- $sql = "select i.menu_item_link, l.menu_item_title as menu_language_title, ".
- $sql .= "i.menu_item_title, i.menu_item_protected, i.menu_item_category, ";
- $sql .= "i.menu_item_icon, i.menu_item_uuid, i.menu_item_parent_uuid ";
- $sql .= "from v_menu_items as i, v_menu_languages as l ";
- $sql .= "where i.menu_item_uuid = l.menu_item_uuid ";
- $sql .= "and l.menu_language = '".$_SESSION['domain']['language']['code']."' ";
- $sql .= "and l.menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and i.menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and i.menu_item_parent_uuid is null ";
- $sql .= "and i.menu_item_uuid in ";
- $sql .= "(select menu_item_uuid from v_menu_item_groups where menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and ( ";
- $x = 0;
- foreach($_SESSION['groups'] as $row) {
- if ($x == 0) {
- $sql .= "group_name = '".$row['group_name']."' ";
- }
- else {
- $sql .= "or group_name = '".$row['group_name']."' ";
- }
- $x++;
- }
- $sql .= ") ";
- $sql .= "and menu_item_uuid is not null ";
- $sql .= ") ";
- $sql .= "order by i.menu_item_order asc ";
+ $sql = "select i.menu_item_link, l.menu_item_title as menu_language_title, ".
+ $sql .= "i.menu_item_title, i.menu_item_protected, i.menu_item_category, ";
+ $sql .= "i.menu_item_icon, i.menu_item_uuid, i.menu_item_parent_uuid ";
+ $sql .= "from v_menu_items as i, v_menu_languages as l ";
+ $sql .= "where i.menu_item_uuid = l.menu_item_uuid ";
+ $sql .= "and l.menu_language = :menu_language ";
+ $sql .= "and l.menu_uuid = :menu_uuid ";
+ $sql .= "and i.menu_uuid = :menu_uuid ";
+ $sql .= "and i.menu_item_parent_uuid is null ";
+ $sql .= "and i.menu_item_uuid in ";
+ $sql .= "( ";
+ $sql .= "select menu_item_uuid ";
+ $sql .= "from v_menu_item_groups ";
+ $sql .= "where menu_uuid = :menu_uuid ";
+ $x = 0;
+ foreach($_SESSION['groups'] as $row) {
+ $sql_where_or[] = "group_name = :group_name_".$x;
+ $parameters['group_name_'.$x] = $row['group_name'];
+ $x++;
}
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+ if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) {
+ $sql .= "and ( ";
+ $sql .= implode(' or ', $sql_where_or);
+ $sql .= ") ";
+ }
+ $sql .= "and menu_item_uuid is not null ";
+ $sql .= ") ";
+ $sql .= "order by i.menu_item_order asc ";
+ $parameters['menu_language'] = $_SESSION['domain']['language']['code'];
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $database = new database;
+ $result = $database->select($sql, $parameters, 'all');
+ unset($sql, $parameters);
//save the menu into an array
$x = 0;
$a = Array();
- if (is_array($result)) {
+ if (is_array($result) && @sizeof($result) != 0) {
foreach($result as $row) {
//add the row to the array
$a[$x] = $row;
@@ -490,27 +465,19 @@ if (!class_exists('menu')) {
//increment the row number
$x++;
- } //end for each
+ }
}
-
- //unset the variables
- unset($prep_statement, $sql, $result);
+ unset($result, $row);
//return the array
return $a;
- } //end function
+ }
//create the sub menus
private function menu_child_array($menu_item_level, $menu_item_uuid) {
- //get the database connnection
- $db = $this->db;
-
- //database ojbect does not exist return immediately
- if (!$db) { return; }
-
//set the level
- $menu_item_level = $menu_item_level+1;
+ $menu_item_level = $menu_item_level + 1;
//if there are no groups then set the public group
if (!isset($_SESSION['groups'][0]['group_name'])) {
@@ -521,32 +488,39 @@ if (!class_exists('menu')) {
$sql = "select i.menu_item_link, l.menu_item_title as menu_language_title, i.menu_item_title, i.menu_item_protected, i.menu_item_category, i.menu_item_icon, i.menu_item_uuid, i.menu_item_parent_uuid ";
$sql .= "from v_menu_items as i, v_menu_languages as l ";
$sql .= "where i.menu_item_uuid = l.menu_item_uuid ";
- $sql .= "and l.menu_language = '".$_SESSION['domain']['language']['code']."' ";
- $sql .= "and l.menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and i.menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and i.menu_item_parent_uuid = '$menu_item_uuid' ";
+ $sql .= "and l.menu_language = :menu_language ";
+ $sql .= "and l.menu_uuid = :menu_uuid ";
+ $sql .= "and i.menu_uuid = :menu_uuid ";
+ $sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid ";
$sql .= "and i.menu_item_uuid in ";
- $sql .= "(select menu_item_uuid from v_menu_item_groups where menu_uuid = '".$this->menu_uuid."' ";
- $sql .= "and ( ";
+ $sql .= "( ";
+ $sql .= "select menu_item_uuid ";
+ $sql .= "from v_menu_item_groups ";
+ $sql .= "where menu_uuid = :menu_uuid ";
$x = 0;
foreach($_SESSION['groups'] as $row) {
- if ($x == 0) {
- $sql .= "group_name = '".$row['group_name']."' ";
- }
- else {
- $sql .= "or group_name = '".$row['group_name']."' ";
- }
+ $sql_where_or[] = "group_name = :group_name_".$x;
+ $parameters['group_name_'.$x] = $row['group_name'];
$x++;
}
- $sql .= ") ";
+ if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) {
+ $sql .= "and ( ";
+ $sql .= implode(' or ', $sql_where_or);
+ $sql .= ") ";
+ }
$sql .= ") ";
$sql .= "order by l.menu_item_title, i.menu_item_order asc ";
- $sub_prep_statement = $db->prepare($sql);
- $sub_prep_statement->execute();
- $sub_result = $sub_prep_statement->fetchAll(PDO::FETCH_NAMED);
+ $parameters['menu_language'] = $_SESSION['domain']['language']['code'];
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $parameters['menu_item_parent_uuid'] = $menu_item_uuid;
+ $database = new database;
+ $sub_result = $database->select($sql, $parameters, 'all');
+ unset($sql, $parameters);
//save the child menu into an array
- if (is_array($sub_result)) {
+ $x = 0;
+ $a = Array();
+ if (is_array($sub_result) && @sizeof($sub_result) != 0) {
foreach($sub_result as $row) {
//set the variables
$menu_item_link = $row['menu_item_link'];
@@ -569,17 +543,17 @@ if (!class_exists('menu')) {
//get sub menu for children
if (strlen($menu_item_uuid) > 0) {
$a[$x]['menu_items'] = $this->menu_child_array($menu_item_level, $menu_item_uuid);
- //$str_child_menu =
}
//increment the row
$x++;
}
- unset($sql, $sub_result);
- return $a;
}
- unset($sub_prep_statement, $sql);
- } //end function
+ unset($sub_result, $row);
+
+ //return the array
+ return $a;
+ }
//add the default menu when no menu exists
public function menu_default() {
@@ -587,38 +561,36 @@ if (!class_exists('menu')) {
$this->menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
//check to see if any menu exists
$sql = "select count(*) as count from v_menus ";
- $sql .= "where menu_uuid = '".$this->menu_uuid."' ";
- $prep_statement = $this->db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetch(PDO::FETCH_NAMED);
- unset($sql, $prep_statement);
- if ($result['count'] == 0) {
- //set the menu variables
- $menu_name = 'default';
- $menu_language = 'en-us';
- $menu_description = 'Default Menu';
+ $sql .= "where menu_uuid = :menu_uuid ";
+ $parameters['menu_uuid'] = $this->menu_uuid;
+ $database = new database;
+ $num_rows = $database->select($sql, $parameters, 'column');
+ if ($num_rows == 0) {
+ //built insert array
+ $array['menus'][0]['menu_uuid'] = $this->menu_uuid;
+ $array['menus'][0]['menu_name'] = 'default';
+ $array['menus'][0]['menu_language'] = 'en-us';
+ $array['menus'][0]['menu_description'] = 'Default Menu';
- //add the menu
- $sql = "insert into v_menus ";
- $sql .= "(";
- $sql .= "menu_uuid, ";
- $sql .= "menu_name, ";
- $sql .= "menu_language, ";
- $sql .= "menu_description ";
- $sql .= ") ";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".$this->menu_uuid."', ";
- $sql .= "'$menu_name', ";
- $sql .= "'$menu_language', ";
- $sql .= "'$menu_description' ";
- $sql .= ");";
- $this->db->exec($sql);
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('menu_add', 'temp');
+
+ //execute insert
+ $database = new database;
+ $database->app_name = 'menu';
+ $database->app_uuid = 'f4b3b3d2-6287-489c-2a00-64529e46f2d7';
+ $database->save($array);
+ unset($array);
+
+ //revoke temporary permissions
+ $p->delete('menu_add', 'temp');
//add the menu items
$this->restore();
}
- } //end function
+ unset($sql, $parameters, $result, $row);
+ }
}
}