Update conference_controls.php (#4245)
This commit is contained in:
AlexanderDCrane
FusionPBX
parent
c3e6cb606d
commit
1a257f1e1a
|
|
@ -22,12 +22,27 @@
|
||||||
$order_by = check_str($_GET["order_by"]);
|
$order_by = check_str($_GET["order_by"]);
|
||||||
$order = check_str($_GET["order"]);
|
$order = check_str($_GET["order"]);
|
||||||
|
|
||||||
|
//validate order by
|
||||||
|
if (strlen($order_by) > 0) {
|
||||||
|
$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', $order_by);
|
||||||
|
}
|
||||||
|
|
||||||
|
//validate the order
|
||||||
|
switch ($order) {
|
||||||
|
case 'asc':
|
||||||
|
break;
|
||||||
|
case 'desc':
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
$order = '';
|
||||||
|
}
|
||||||
|
|
||||||
//add the search term
|
//add the search term
|
||||||
$search = strtolower(check_str($_GET["search"]));
|
$search = strtolower(check_str($_GET["search"]));
|
||||||
if (strlen($search) > 0) {
|
if (strlen($search) > 0) {
|
||||||
$sql_search = "where (";
|
$sql_search = "where (";
|
||||||
$sql_search .= "lower(control_name) like '%".$search."%' ";
|
$sql_search .= "lower(control_name) like :search ";
|
||||||
$sql_search .= "or lower(control_description) like '%".$search."%' ";
|
$sql_search .= "or lower(control_description) like :search ";
|
||||||
$sql_search .= ") ";
|
$sql_search .= ") ";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -39,18 +54,11 @@
|
||||||
$sql = "select count(conference_control_uuid) as num_rows ";
|
$sql = "select count(conference_control_uuid) as num_rows ";
|
||||||
$sql .= "from v_conference_controls";
|
$sql .= "from v_conference_controls";
|
||||||
$sql .= $sql_search;
|
$sql .= $sql_search;
|
||||||
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
|
if (strlen($search) > 0) {
|
||||||
$prep_statement = $db->prepare($sql);
|
$parameters['search'] = '%'.$search.'%';
|
||||||
if ($prep_statement) {
|
|
||||||
$prep_statement->execute();
|
|
||||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
|
||||||
if ($row['num_rows'] > 0) {
|
|
||||||
$num_rows = $row['num_rows'];
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$num_rows = '0';
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
$database = new database;
|
||||||
|
$row = $database->select($sql, $parameters, 'all');
|
||||||
|
|
||||||
//prepare to page the results
|
//prepare to page the results
|
||||||
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
|
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
|
||||||
|
|
@ -62,14 +70,15 @@
|
||||||
|
|
||||||
//get the list
|
//get the list
|
||||||
$sql = "select * from v_conference_controls ";
|
$sql = "select * from v_conference_controls ";
|
||||||
//$sql .= "where domain_uuid = '".$_SESSION["domain_uuid"]."' ";
|
//$sql .= "where domain_uuid = :domain_uuid ";
|
||||||
$sql .= $sql_search;
|
$sql .= $sql_search;
|
||||||
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
|
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
|
||||||
$sql .= "limit $rows_per_page offset $offset ";
|
$sql .= "limit :rows_per_page offset :offset ";
|
||||||
$prep_statement = $db->prepare(check_sql($sql));
|
//$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||||
$prep_statement->execute();
|
$parameters['rows_per_page'] = $rows_per_page;
|
||||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
$parameters['offset'] = $offset;
|
||||||
unset ($prep_statement, $sql);
|
$database = new database;
|
||||||
|
$result = $database->select($sql, $parameters, 'all');
|
||||||
|
|
||||||
//alternate the row style
|
//alternate the row style
|
||||||
$c = 0;
|
$c = 0;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue