Update database.php
This commit is contained in:
FusionPBX
GitHub
parent
c0f129d5de
commit
54396d3fe9
|
|
@ -1192,9 +1192,11 @@ include "root.php";
|
|||
|
||||
//get the parent field names
|
||||
$parent_field_names = array();
|
||||
if (is_array($array)) foreach ($array as $key => $value) {
|
||||
if (!is_array($value)) {
|
||||
$parent_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $key);
|
||||
if (is_array($array)) {
|
||||
foreach ($array as $key => $value) {
|
||||
if (!is_array($value)) {
|
||||
$parent_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $key);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1245,10 +1247,12 @@ include "root.php";
|
|||
//foreach ($parent_field_names as $field_name) {
|
||||
// $sql .= check_str($field_name).", ";
|
||||
//}
|
||||
if (is_array($array)) foreach ($array as $array_key => $array_value) {
|
||||
if (!is_array($array_value)) {
|
||||
$array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
|
||||
$sql .= $array_key.", ";
|
||||
if (is_array($array)) {
|
||||
foreach ($array as $array_key => $array_value) {
|
||||
if (!is_array($array_value)) {
|
||||
$array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
|
||||
$sql .= $array_key.", ";
|
||||
}
|
||||
}
|
||||
}
|
||||
$sql .= ") ";
|
||||
|
|
@ -1257,18 +1261,20 @@ include "root.php";
|
|||
if (!$parent_key_exists) {
|
||||
$sql .= "'".$parent_key_value."', ";
|
||||
}
|
||||
if (is_array($array)) foreach ($array as $array_key => $array_value) {
|
||||
if (!is_array($array_value)) {
|
||||
if (strlen($array_value) == 0) {
|
||||
$sql .= "null, ";
|
||||
}
|
||||
elseif ($array_value === "now()") {
|
||||
$sql .= "now(), ";
|
||||
}
|
||||
else {
|
||||
//$sql .= "'".check_str($array_value)."', ";
|
||||
$sql .= ':'.$array_key.", ";
|
||||
$params[$array_key] = $array_value;
|
||||
if (is_array($array)) {
|
||||
foreach ($array as $array_key => $array_value) {
|
||||
if (!is_array($array_value)) {
|
||||
if (strlen($array_value) == 0) {
|
||||
$sql .= "null, ";
|
||||
}
|
||||
elseif ($array_value === "now()") {
|
||||
$sql .= "now(), ";
|
||||
}
|
||||
else {
|
||||
//$sql .= "'".check_str($array_value)."', ";
|
||||
$sql .= ':'.$array_key.", ";
|
||||
$params[$array_key] = $array_value;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1409,105 +1415,224 @@ include "root.php";
|
|||
unset($sql, $action);
|
||||
|
||||
//child data
|
||||
if (is_array($array)) foreach ($array as $key => $value) {
|
||||
if (is_array($array)) {
|
||||
foreach ($array as $key => $value) {
|
||||
|
||||
if (is_array($value)) {
|
||||
$table_name = "v_".$key;
|
||||
$table_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $table_name);
|
||||
foreach ($value as $id => $row) {
|
||||
//prepare the variables
|
||||
$child_name = $this->singular($key);
|
||||
$child_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_name);
|
||||
$child_key_name = $child_name."_uuid";
|
||||
if (is_array($value)) {
|
||||
$table_name = "v_".$key;
|
||||
$table_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $table_name);
|
||||
foreach ($value as $id => $row) {
|
||||
//prepare the variables
|
||||
$child_name = $this->singular($key);
|
||||
$child_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_name);
|
||||
$child_key_name = $child_name."_uuid";
|
||||
|
||||
//determine if the parent key exists in the child array
|
||||
$parent_key_exists = false;
|
||||
if (!isset($array[$parent_key_name])) {
|
||||
$parent_key_exists = true;
|
||||
}
|
||||
//determine if the parent key exists in the child array
|
||||
$parent_key_exists = false;
|
||||
if (!isset($array[$parent_key_name])) {
|
||||
$parent_key_exists = true;
|
||||
}
|
||||
|
||||
//determine if the uuid exists
|
||||
$uuid_exists = false;
|
||||
if (is_array($row)) foreach ($row as $k => $v) {
|
||||
if ($child_key_name == $k) {
|
||||
if (strlen($v) > 0) {
|
||||
$child_key_value = $v;
|
||||
$uuid_exists = true;
|
||||
break;
|
||||
//determine if the uuid exists
|
||||
$uuid_exists = false;
|
||||
if (is_array($row)) foreach ($row as $k => $v) {
|
||||
if ($child_key_name == $k) {
|
||||
if (strlen($v) > 0) {
|
||||
$child_key_value = $v;
|
||||
$uuid_exists = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$uuid_exists = false;
|
||||
}
|
||||
}
|
||||
|
||||
//allow characters found in the uuid only.
|
||||
$child_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_key_value);
|
||||
|
||||
//get the child field names
|
||||
$child_field_names = array();
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v)) {
|
||||
$child_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//determine sql update or delete and get the original data
|
||||
if ($uuid_exists) {
|
||||
$sql = "SELECT ". implode(", ", $child_field_names)." FROM ".$table_name." ";
|
||||
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
||||
$prep_statement = $this->db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
//get the data
|
||||
$prep_statement->execute();
|
||||
$child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
//set the action
|
||||
if (is_array($child_array)) {
|
||||
$action = "update";
|
||||
}
|
||||
else {
|
||||
$action = "add";
|
||||
}
|
||||
//add to the parent array
|
||||
if (is_array($child_array)) {
|
||||
$old_array[$schema_name][$schema_id][$key][] = $child_array;
|
||||
}
|
||||
}
|
||||
unset($prep_statement);
|
||||
}
|
||||
else {
|
||||
$uuid_exists = false;
|
||||
$action = "add";
|
||||
}
|
||||
}
|
||||
|
||||
//allow characters found in the uuid only.
|
||||
$child_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_key_value);
|
||||
|
||||
//get the child field names
|
||||
$child_field_names = array();
|
||||
if (is_array($row)) foreach ($row as $k => $v) {
|
||||
if (!is_array($v)) {
|
||||
$child_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
}
|
||||
}
|
||||
|
||||
//determine sql update or delete and get the original data
|
||||
if ($uuid_exists) {
|
||||
$sql = "SELECT ". implode(", ", $child_field_names)." FROM ".$table_name." ";
|
||||
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
||||
$prep_statement = $this->db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
//get the data
|
||||
$prep_statement->execute();
|
||||
$child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
//set the action
|
||||
if (is_array($child_array)) {
|
||||
$action = "update";
|
||||
//update the child data
|
||||
if ($action == "update") {
|
||||
if (permission_exists($child_name.'_edit')) {
|
||||
$sql = "UPDATE ".$table_name." SET ";
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v) && ($k != $parent_key_name || $k != $child_key_name)) {
|
||||
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
if (strlen($v) == 0) {
|
||||
$sql .= $k." = null, ";
|
||||
}
|
||||
elseif ($v === "now()") {
|
||||
$sql .= $k." = now(), ";
|
||||
}
|
||||
else {
|
||||
//$sql .= "$k = '".check_str($v)."', ";
|
||||
$sql .= $k." = :".$k.", ";
|
||||
$params[$k] = $v;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
$action = "add";
|
||||
}
|
||||
//add to the parent array
|
||||
if (is_array($child_array)) {
|
||||
$old_array[$schema_name][$schema_id][$key][] = $child_array;
|
||||
}
|
||||
}
|
||||
unset($prep_statement);
|
||||
}
|
||||
else {
|
||||
$action = "add";
|
||||
}
|
||||
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
||||
$sql .= "AND ".$child_key_name." = '".$child_key_value."' ";
|
||||
$sql = str_replace(", WHERE", " WHERE", $sql);
|
||||
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
|
||||
//update the data
|
||||
if ($action == "update") {
|
||||
if (permission_exists($child_name.'_edit')) {
|
||||
$sql = "UPDATE ".$table_name." SET ";
|
||||
//$prep_statement->bindParam(':domain_uuid', $this->domain_uuid );
|
||||
|
||||
try {
|
||||
//$this->db->query(check_sql($sql));
|
||||
$prep_statement = $this->db->prepare($sql);
|
||||
$prep_statement->execute($params);
|
||||
unset($prep_statement);
|
||||
$message["details"][$m]["name"] = $key;
|
||||
$message["details"][$m]["message"] = "OK";
|
||||
$message["details"][$m]["code"] = "200";
|
||||
$message["details"][$m]["uuid"] = $child_key_value;
|
||||
if ($this->debug["sql"]) {
|
||||
$message["details"][$m]["sql"] = $sql;
|
||||
if (is_array($params)) {
|
||||
$message["details"][$m]["params"] = $params;
|
||||
unset($params);
|
||||
}
|
||||
}
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
if ($message["code"] = "200") {
|
||||
$message["message"] = "Bad Request";
|
||||
$message["code"] = "400";
|
||||
}
|
||||
$message["details"][$m]["name"] = $key;
|
||||
$message["details"][$m]["message"] = $e->getMessage();
|
||||
$message["details"][$m]["code"] = "400";
|
||||
if ($this->debug["sql"]) {
|
||||
$message["details"][$m]["sql"] = $sql;
|
||||
if (is_array($params)) {
|
||||
$message["details"][$m]["params"] = $params;
|
||||
unset($params);
|
||||
}
|
||||
}
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$message["name"] = $child_name;
|
||||
$message["message"] = "Forbidden, does not have '${child_name}_edit'";
|
||||
$message["code"] = "403";
|
||||
$message["line"] = __line__;
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
} //action update
|
||||
|
||||
//add the child data
|
||||
if ($action == "add") {
|
||||
if (permission_exists($child_name.'_add')) {
|
||||
//determine if child or parent key exists
|
||||
$child_key_name = $child_name.'_uuid';
|
||||
$parent_key_exists = false;
|
||||
$child_key_exists = false;
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v) && ($k != $parent_key_name || $k != $child_key_name)) {
|
||||
if ($k == $parent_key_name) {
|
||||
$parent_key_exists = true;
|
||||
}
|
||||
if ($k == $child_key_name) {
|
||||
$child_key_exists = true;
|
||||
$child_key_value = $v;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$child_key_value) {
|
||||
$child_key_value = uuid();
|
||||
}
|
||||
//build the insert
|
||||
$sql = "INSERT INTO ".$table_name." ";
|
||||
$sql .= "(";
|
||||
if (!$parent_key_exists) {
|
||||
$sql .= $this->singular($parent_key_name).", ";
|
||||
}
|
||||
if (!$child_key_exists) {
|
||||
$sql .= $this->singular($child_key_name).", ";
|
||||
}
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v)) {
|
||||
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
$sql .= $k.", ";
|
||||
}
|
||||
}
|
||||
}
|
||||
$sql .= ") ";
|
||||
$sql .= "VALUES ";
|
||||
$sql .= "(";
|
||||
if (!$parent_key_exists) {
|
||||
$sql .= "'".$parent_key_value."', ";
|
||||
}
|
||||
if (!$child_key_exists) {
|
||||
$sql .= "'".$child_key_value."', ";
|
||||
}
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v)) {
|
||||
if (strlen($v) == 0) {
|
||||
$sql .= $k." = null, ";
|
||||
$sql .= "null, ";
|
||||
}
|
||||
elseif ($v === "now()") {
|
||||
$sql .= $k." = now(), ";
|
||||
$sql .= "now(), ";
|
||||
}
|
||||
else {
|
||||
//$sql .= "$k = '".check_str($v)."', ";
|
||||
$sql .= $k." = :".$k.", ";
|
||||
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
//$sql .= "'".check_str($v)."', ";
|
||||
$sql .= ':'.$k.", ";
|
||||
$params[$k] = $v;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
||||
$sql .= "AND ".$child_key_name." = '".$child_key_value."' ";
|
||||
$sql = str_replace(", WHERE", " WHERE", $sql);
|
||||
$sql .= ");";
|
||||
$sql = str_replace(", )", ")", $sql);
|
||||
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
|
||||
//$prep_statement->bindParam(':domain_uuid', $this->domain_uuid );
|
||||
|
||||
try {
|
||||
//$this->db->query(check_sql($sql));
|
||||
$prep_statement = $this->db->prepare($sql);
|
||||
|
|
@ -1548,136 +1673,21 @@ include "root.php";
|
|||
}
|
||||
else {
|
||||
$message["name"] = $child_name;
|
||||
$message["message"] = "Forbidden, does not have '${child_name}_edit'";
|
||||
$message["message"] = "Forbidden, does not have '${child_name}_add'";
|
||||
$message["code"] = "403";
|
||||
$message["line"] = __line__;
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
} //action update
|
||||
} //action add
|
||||
|
||||
//add the data
|
||||
if ($action == "add") {
|
||||
if (permission_exists($child_name.'_add')) {
|
||||
//determine if child or parent key exists
|
||||
$child_key_name = $child_name.'_uuid';
|
||||
$parent_key_exists = false;
|
||||
$child_key_exists = false;
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if ($k == $parent_key_name) {
|
||||
$parent_key_exists = true;
|
||||
}
|
||||
if ($k == $child_key_name) {
|
||||
$child_key_exists = true;
|
||||
$child_key_value = $v;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$child_key_value) {
|
||||
$child_key_value = uuid();
|
||||
}
|
||||
//build the insert
|
||||
$sql = "INSERT INTO ".$table_name." ";
|
||||
$sql .= "(";
|
||||
if (!$parent_key_exists) {
|
||||
$sql .= $this->singular($parent_key_name).", ";
|
||||
}
|
||||
if (!$child_key_exists) {
|
||||
$sql .= $this->singular($child_key_name).", ";
|
||||
}
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v)) {
|
||||
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
$sql .= $k.", ";
|
||||
}
|
||||
}
|
||||
}
|
||||
$sql .= ") ";
|
||||
$sql .= "VALUES ";
|
||||
$sql .= "(";
|
||||
if (!$parent_key_exists) {
|
||||
$sql .= "'".$parent_key_value."', ";
|
||||
}
|
||||
if (!$child_key_exists) {
|
||||
$sql .= "'".$child_key_value."', ";
|
||||
}
|
||||
if (is_array($row)) {
|
||||
foreach ($row as $k => $v) {
|
||||
if (!is_array($v)) {
|
||||
if (strlen($v) == 0) {
|
||||
$sql .= "null, ";
|
||||
}
|
||||
elseif ($v === "now()") {
|
||||
$sql .= "now(), ";
|
||||
}
|
||||
else {
|
||||
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
||||
//$sql .= "'".check_str($v)."', ";
|
||||
$sql .= ':'.$k.", ";
|
||||
$params[$k] = $v;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$sql .= ");";
|
||||
$sql = str_replace(", )", ")", $sql);
|
||||
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
try {
|
||||
//$this->db->query(check_sql($sql));
|
||||
$prep_statement = $this->db->prepare($sql);
|
||||
$prep_statement->execute($params);
|
||||
unset($prep_statement);
|
||||
$message["details"][$m]["name"] = $key;
|
||||
$message["details"][$m]["message"] = "OK";
|
||||
$message["details"][$m]["code"] = "200";
|
||||
$message["details"][$m]["uuid"] = $child_key_value;
|
||||
if ($this->debug["sql"]) {
|
||||
$message["details"][$m]["sql"] = $sql;
|
||||
if (is_array($params)) {
|
||||
$message["details"][$m]["params"] = $params;
|
||||
unset($params);
|
||||
}
|
||||
}
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
if ($message["code"] = "200") {
|
||||
$message["message"] = "Bad Request";
|
||||
$message["code"] = "400";
|
||||
}
|
||||
$message["details"][$m]["name"] = $key;
|
||||
$message["details"][$m]["message"] = $e->getMessage();
|
||||
$message["details"][$m]["code"] = "400";
|
||||
if ($this->debug["sql"]) {
|
||||
$message["details"][$m]["sql"] = $sql;
|
||||
if (is_array($params)) {
|
||||
$message["details"][$m]["params"] = $params;
|
||||
unset($params);
|
||||
}
|
||||
}
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$message["name"] = $child_name;
|
||||
$message["message"] = "Forbidden, does not have '${child_name}_add'";
|
||||
$message["code"] = "403";
|
||||
$message["line"] = __line__;
|
||||
$this->message = $message;
|
||||
$m++;
|
||||
}
|
||||
} //action add
|
||||
//unset the variables
|
||||
unset($sql, $action, $child_key_name, $child_key_value);
|
||||
} // foreach value
|
||||
|
||||
//unset the variables
|
||||
unset($sql, $action, $child_key_name, $child_key_value);
|
||||
} // foreach value
|
||||
|
||||
} //is array
|
||||
} //foreach array
|
||||
} //is array
|
||||
} //foreach array
|
||||
}
|
||||
|
||||
} // foreach schema_array
|
||||
} // foreach main array
|
||||
|
|
|
|||
Loading…
Reference in New Issue