From 22aca86d39a8c6399d24d51c9c45b9ac3140fc84 Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Sat, 23 Mar 2019 17:27:58 -0600 Subject: [PATCH] Update database.php --- resources/classes/database.php | 182 +++++++++++++++++++-------------- 1 file changed, 107 insertions(+), 75 deletions(-) diff --git a/resources/classes/database.php b/resources/classes/database.php index 90a154302e..ae15bd701f 100644 --- a/resources/classes/database.php +++ b/resources/classes/database.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Copyright (C) 2010 - 2017 + Copyright (C) 2010 - 2019 All Rights Reserved. Contributor(s): @@ -743,7 +743,6 @@ include "root.php"; //loop through the array if (is_array($new_array)) { foreach ($new_array as $schema_name => $schema_array) { - $this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $schema_name); if (is_array($schema_array)) { foreach ($schema_array as $schema_id => $array) { @@ -1033,17 +1032,7 @@ include "root.php"; //$this->db->commit(); //set the action if not set - if (strlen($action) == 0) { - if (is_array($old_array)) { - $transaction_type = 'update'; - } - else { - $transaction_type = 'add'; - } - } - else { - $transaction_type = $action; - } + $transaction_type = 'delete'; //get the UUIDs $user_uuid = $_SESSION['user_uuid']; @@ -1060,7 +1049,9 @@ include "root.php"; if (strlen($this->app_uuid) > 0) { $sql .= "app_uuid, "; } - $sql .= "app_name, "; + if (strlen($this->app_name) > 0) { + $sql .= "app_name, "; + } $sql .= "transaction_code, "; $sql .= "transaction_address, "; $sql .= "transaction_type, "; @@ -1074,31 +1065,47 @@ include "root.php"; $sql .= "'".uuid()."', "; $sql .= "'".$this->domain_uuid."', "; if (strlen($user_uuid) > 0) { - $sql .= "'".$user_uuid."', "; + $sql .= ":user_uuid, "; } if (strlen($this->app_uuid) > 0) { - $sql .= "'".$this->app_uuid."', "; + $sql .= ":app_uuid, "; + } + if (strlen($this->app_name) > 0) { + $sql .= "':app_name, "; } - $sql .= "'".$this->app_name."', "; $sql .= "'".$message["code"]."', "; - $sql .= "'".$_SERVER['REMOTE_ADDR']."', "; + $sql .= ":remote_address, "; $sql .= "'".$transaction_type."', "; $sql .= "now(), "; if (is_array($old_array)) { - $sql .= "'".check_str(json_encode($old_array, JSON_PRETTY_PRINT))."', "; + $sql .= ":transaction_old, "; } else { $sql .= "null, "; } if (is_array($new_array)) { - $sql .= "'".check_str(json_encode($new_array, JSON_PRETTY_PRINT))."', "; + $sql .= ":transaction_new, "; } else { $sql .= "null, "; } - $sql .= "'".check_str(json_encode($this->message, JSON_PRETTY_PRINT))."' "; + $sql .= ":transaction_result "; $sql .= ")"; - $this->db->exec(check_sql($sql)); + $statement = $this->db->prepare($sql); + if (strlen($user_uuid) > 0) { + $statement->bindParam(':user_uuid', $user_uuid); + } + if (strlen($this->app_uuid) > 0) { + $statement->bindParam(':app_uuid', $this->app_uuid); + } + if (strlen($this->app_name) > 0) { + $statement->bindParam(':app_name', $this->app_name); + } + $statement->bindParam(':remote_address', $_SERVER['REMOTE_ADDR']); + $statement->bindParam(':transaction_old', json_encode($old_array, JSON_PRETTY_PRINT)); + $statement->bindParam(':transaction_new', json_encode($new_array, JSON_PRETTY_PRINT)); + $statement->bindParam(':transaction_result', json_encode($this->message, JSON_PRETTY_PRINT)); + $statement->execute(); unset($sql); } } //delete @@ -1946,62 +1953,87 @@ include "root.php"; //log the transaction results if (file_exists($_SERVER["PROJECT_ROOT"]."/app/database_transactions/app_config.php")) { - $sql = "insert into v_database_transactions "; - $sql .= "("; - $sql .= "database_transaction_uuid, "; - $sql .= "domain_uuid, "; - if (strlen($user_uuid) > 0) { - $sql .= "user_uuid, "; + try { + $sql = "insert into v_database_transactions "; + $sql .= "("; + $sql .= "database_transaction_uuid, "; + $sql .= "domain_uuid, "; + if (strlen($user_uuid) > 0) { + $sql .= "user_uuid, "; + } + if (strlen($this->app_uuid) > 0) { + $sql .= "app_uuid, "; + } + if (strlen($this->app_name) > 0) { + $sql .= "app_name, "; + } + $sql .= "transaction_code, "; + $sql .= "transaction_address, "; + $sql .= "transaction_type, "; + $sql .= "transaction_date, "; + $sql .= "transaction_old, "; + $sql .= "transaction_new, "; + $sql .= "transaction_result "; + $sql .= ")"; + $sql .= "values "; + $sql .= "("; + $sql .= "'".uuid()."', "; + if (is_null($this->domain_uuid)) { + $sql .= "null, "; + } + else { + $sql .= "'".$this->domain_uuid."', "; + } + if (strlen($user_uuid) > 0) { + $sql .= ":user_uuid, "; + } + if (strlen($this->app_uuid) > 0) { + $sql .= ":app_uuid, "; + } + if (strlen($this->app_name) > 0) { + $sql .= ":app_name, "; + } + $sql .= "'".$message["code"]."', "; + $sql .= ":remote_address, "; + $sql .= "'".$transaction_type."', "; + $sql .= "now(), "; + if (is_array($old_array)) { + $sql .= ":transaction_old, "; + } + else { + $sql .= "null, "; + } + if (is_array($new_array)) { + $sql .= ":transaction_new, "; + } + else { + $sql .= "null, "; + } + $sql .= ":transaction_result "; + $sql .= ")"; + $statement = $this->db->prepare($sql); + if (strlen($user_uuid) > 0) { + $statement->bindParam(':user_uuid', $user_uuid); + } + if (strlen($this->app_uuid) > 0) { + $statement->bindParam(':app_uuid', $this->app_uuid); + } + if (strlen($this->app_name) > 0) { + $statement->bindParam(':app_name', $this->app_name); + } + $statement->bindParam(':remote_address', $_SERVER['REMOTE_ADDR']); + $statement->bindParam(':transaction_old', json_encode($old_array, JSON_PRETTY_PRINT)); + $statement->bindParam(':transaction_new', json_encode($new_array, JSON_PRETTY_PRINT)); + $statement->bindParam(':transaction_result', json_encode($this->message, JSON_PRETTY_PRINT)); + $statement->execute(); + unset($sql); } - if (strlen($this->app_uuid) > 0) { - $sql .= "app_uuid, "; + catch(PDOException $e) { + echo $e->getMessage(); + exit; } - $sql .= "app_name, "; - $sql .= "transaction_code, "; - $sql .= "transaction_address, "; - $sql .= "transaction_type, "; - $sql .= "transaction_date, "; - $sql .= "transaction_old, "; - $sql .= "transaction_new, "; - $sql .= "transaction_result "; - $sql .= ")"; - $sql .= "values "; - $sql .= "("; - $sql .= "'".uuid()."', "; - if (is_null($this->domain_uuid)) { - $sql .= "null, "; - } - else { - $sql .= "'".$this->domain_uuid."', "; - } - if (strlen($user_uuid) > 0) { - $sql .= "'".$user_uuid."', "; - } - if (strlen($this->app_uuid) > 0) { - $sql .= "'".$this->app_uuid."', "; - } - $sql .= "'".$this->app_name."', "; - $sql .= "'".$message["code"]."', "; - $sql .= "'".$_SERVER['REMOTE_ADDR']."', "; - $sql .= "'".$transaction_type."', "; - $sql .= "now(), "; - if (is_array($old_array)) { - $sql .= "'".check_str(json_encode($old_array, JSON_PRETTY_PRINT))."', "; - } - else { - $sql .= "null, "; - } - if (is_array($new_array)) { - $sql .= "'".check_str(json_encode($new_array, JSON_PRETTY_PRINT))."', "; - } - else { - $sql .= "null, "; - } - $sql .= "'".check_str(json_encode($this->message, JSON_PRETTY_PRINT))."' "; - $sql .= ")"; - $this->db->exec(check_sql($sql)); - unset($sql); } + } //save method //define singular function to convert a word in english to singular