dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update access_controls.php

This commit is contained in:
FusionPBX 2018-06-03 17:59:16 -06:00 committed by GitHub
parent 4e24a8bf6e
commit 51fb6c4a43
1 changed files with 35 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
app/access_controls/access_controls.php
View File

@ -1,4 +1,28 @@
<?php <?php
/*
FusionPBX
Version: MPL 1.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is FusionPBX
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2018
the Initial Developer. All Rights Reserved.
Contributor(s):
Mark J Crane <markjcrane@fusionpbx.com>
*/
//includes //includes
require_once "root.php"; require_once "root.php";
@ -55,7 +79,7 @@
$sql .= "limit $rows_per_page offset $offset "; $sql .= "limit $rows_per_page offset $offset ";
$prep_statement = $db->prepare(check_sql($sql)); $prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute(); $prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $access_controls = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset ($prep_statement, $sql); unset ($prep_statement, $sql);
//alternate the row style //alternate the row style
@ -91,27 +115,27 @@
echo "</td>\n"; echo "</td>\n";
echo "<tr>\n"; echo "<tr>\n";
if (is_array($result)) { if (is_array($access_controls)) {
foreach($result as $row) { foreach($access_controls as $row) {
if (permission_exists('access_control_edit')) { if (permission_exists('access_control_edit')) {
$tr_link = "href='access_control_edit.php?id=".$row['access_control_uuid']."'"; $tr_link = "href='access_control_edit.php?id=".escape($row['access_control_uuid'])."'";
} }
echo "<tr ".$tr_link.">\n"; echo "<tr ".$tr_link.">\n";
echo " <td valign='top' class='".$row_style[$c]."'>".$row['access_control_name']."&nbsp;</td>\n"; echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_name'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".$row['access_control_default']."&nbsp;</td>\n"; echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_default'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".$row['access_control_description']."&nbsp;</td>\n"; echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_description'])."&nbsp;</td>\n";
echo " <td class='list_control_icons'>"; echo " <td class='list_control_icons'>";
if (permission_exists('access_control_edit')) { if (permission_exists('access_control_edit')) {
echo "<a href='access_control_edit.php?id=".$row['access_control_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>"; echo "<a href='access_control_edit.php?id=".escape($row['access_control_uuid'])."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
} }
if (permission_exists('access_control_delete')) { if (permission_exists('access_control_delete')) {
echo "<a href='access_control_delete.php?id=".$row['access_control_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>"; echo "<a href='access_control_delete.php?id=".escape($row['access_control_uuid'])."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
} }
echo " </td>\n"; echo " </td>\n";
echo "</tr>\n"; echo "</tr>\n";
if ($c==0) { $c=1; } else { $c=0; } if ($c==0) { $c=1; } else { $c=0; }
} //end foreach } //end foreach
unset($sql, $result, $row_count); unset($sql, $access_controls);
} //end if results } //end if results
echo "<tr>\n"; echo "<tr>\n";
@ -138,4 +162,4 @@
//include the footer //include the footer
require_once "resources/footer.php"; require_once "resources/footer.php";
?> ?>