diff --git a/app/time_conditions/time_conditions.php b/app/time_conditions/time_conditions.php index 7866d7a42a..58843907ab 100644 --- a/app/time_conditions/time_conditions.php +++ b/app/time_conditions/time_conditions.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2012 + Portions created by the Initial Developer are Copyright (C) 2008-2023 the Initial Developer. All Rights Reserved. Contributor(s): @@ -47,14 +47,14 @@ $text = $language->get(); //get the http post data - if (is_array($_POST['time_conditions'])) { + if (!empty($_POST['time_conditions']) && is_array($_POST['time_conditions'])) { $action = $_POST['action']; $search = $_POST['search']; $time_conditions = $_POST['time_conditions']; } //process the http post data by action - if ($action != '' && is_array($time_conditions) && @sizeof($time_conditions) != 0) { + if (!empty($action) && !empty($time_conditions) && is_array($time_conditions) && @sizeof($time_conditions) != 0) { switch ($action) { case 'copy': if (permission_exists('time_condition_add')) { @@ -81,11 +81,11 @@ } //get order and order by - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; + $order_by = $_GET["order_by"] ?? null; + $order = $_GET["order"] ?? null; //add the search string - $search = strtolower($_GET["search"]); + $search = !empty($_GET["search"]) ? strtolower($_GET["search"]) : null; if (!empty($search)) { $sql_search = "and ("; $sql_search .= " lower(dialplan_context) like :search "; @@ -104,22 +104,22 @@ //get the number of rows in the dialplan $sql = "select count(dialplan_uuid) from v_dialplans "; $sql .= "where true "; - if ($_GET['show'] != "all" || !permission_exists('time_condition_all')) { + if ((!empty($_GET['show']) && $_GET['show'] != "all") || !permission_exists('time_condition_all')) { $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; } $sql .= "and app_uuid = '4b821450-926b-175a-af93-a03c441818b1' "; - $sql .= $sql_search; + $sql .= $sql_search ?? null; $database = new database; - $num_rows = $database->select($sql, $parameters, 'column'); + $num_rows = $database->select($sql, $parameters ?? null, 'column'); //prepare to page data $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $param = $search ? "&search=".urlencode($search) : null; - if ($_GET['show'] == "all" && permission_exists('time_condition_all')) { + if (!empty($_GET['show']) && $_GET['show'] == "all" && permission_exists('time_condition_all')) { $param .= "&show=all"; } - $page = is_numeric($_GET['page']) ? $_GET['page'] : 0; + $page = !empty($_GET['page']) && is_numeric($_GET['page']) ? $_GET['page'] : 0; list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); $offset = $rows_per_page * $page; @@ -129,7 +129,7 @@ $sql .= $order_by != '' ? order_by($order_by, $order) : " order by dialplan_order asc, dialplan_name asc "; $sql .= limit_offset($rows_per_page, $offset); $database = new database; - $dialplans = $database->select($sql, $parameters, 'all'); + $dialplans = $database->select($sql, $parameters ?? null, 'all'); unset($sql, $parameters); //create token @@ -158,7 +158,7 @@ } echo "