diff --git a/app/database_transactions/database_transaction_edit.php b/app/database_transactions/database_transaction_edit.php index b067193bc3..d8c71216dd 100644 --- a/app/database_transactions/database_transaction_edit.php +++ b/app/database_transactions/database_transaction_edit.php @@ -45,15 +45,21 @@ $language = new text; $text = $language->get(); +//set default values + $search = ''; + $action = ''; + $page = 0; + //set the variables - if (is_uuid($_GET["id"])) { + if (!empty($_GET["id"]) && is_uuid($_GET["id"])) { $database_transaction_uuid = $_GET["id"]; - $search = $_GET['search']; - $page = $_GET['page']; + $search = $_GET['search'] ?? ''; + $page = $_GET['page'] ?? 0; + $action = $_GET['action'] ?? ''; } //pre-populate the form - if (count($_GET) > 0 && is_uuid($_GET["id"]) && $_POST["persistformvar"] != "true") { + if (!empty($_GET["id"]) && empty($_POST["persistformvar"])) { $sql = "select "; $sql .= "t.database_transaction_uuid, d.domain_name, u.username, t.user_uuid, t.app_name, t.app_uuid, "; @@ -86,7 +92,7 @@ } //undo the transaction - if ($_GET['action'] == 'undo' && ($transaction_type == 'delete' || $transaction_type == 'update')) { + if ($action == 'undo' && ($transaction_type == 'delete' || $transaction_type == 'update')) { //get the array $array = json_decode($transaction_old, true); @@ -99,7 +105,7 @@ //redirect the user $_SESSION["message"] = $text['message-update']; - header("Location: database_transactions.php?".($search != '' ? "&search=".urlencode($search) : null).($page != '' ? "&page=".urlencode($page) : null)); + header("Location: database_transactions.php?".(!empty($search) ? "&search=".urlencode($search) : null).(!empty($page) ? "&page=".urlencode($page) : null)); } //get the type if not provided @@ -120,9 +126,9 @@ echo "
\n"; echo "
".$text['title-database_transaction']."
\n"; echo "
\n"; - echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','link'=>'database_transactions.php?'.($search != '' ? "&search=".urlencode($search) : null).(is_numeric($page) ? "&page=".urlencode($page) : null)]); + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','link'=>'database_transactions.php?'.(!empty($search) ? "&search=".urlencode($search) : null).(is_numeric($page) ? "&page=".urlencode($page) : null)]); if ($transaction_type == 'delete' || $transaction_type == 'update') { - echo button::create(['type'=>'button','label'=>$text['button-undo'],'icon'=>'undo-alt','id'=>'btn_save','style'=>'margin-left: 15px;','link'=>'database_transaction_edit.php?id='.urlencode($database_transaction_uuid).'&action=undo'.($search != '' ? "&search=".urlencode($search) : null).(is_numeric($page) ? "&page=".urlencode($page) : null)]); + echo button::create(['type'=>'button','label'=>$text['button-undo'],'icon'=>'undo-alt','id'=>'btn_save','style'=>'margin-left: 15px;','link'=>'database_transaction_edit.php?id='.urlencode($database_transaction_uuid).'&action=undo'.(!empty($search) ? "&search=".urlencode($search) : null).(is_numeric($page) ? "&page=".urlencode($page) : null)]); } echo "
\n"; echo "
\n"; @@ -196,7 +202,7 @@ echo "\n"; echo "\n"; - if ($_REQUEST["debug"] == "true") { + if (!empty($_REQUEST["debug"]) && $_REQUEST["debug"] == "true") { echo "\n"; echo "\n"; echo "","",$_SESSION['table_header']); //echo $_SESSION['table_header']; } diff --git a/app/database_transactions/database_transactions.php b/app/database_transactions/database_transactions.php index fc57388038..0f4595c782 100644 --- a/app/database_transactions/database_transactions.php +++ b/app/database_transactions/database_transactions.php @@ -46,13 +46,22 @@ $language = new text; $text = $language->get(); +//set default values + $search = ''; + //get variables used to control the order - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; + +//set from session variables + $list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false'; + $button_icon_view = !empty($_SESSION['theme']['button_icon_view']) ? $_SESSION['theme']['button_icon_view'] : ''; //add the user filter and search term - $user_uuid = $_GET['user_uuid']; - if (isset($_GET["search"]) && $_GET["search"] != '') { + if (!empty($_GET["user_uuid"])) { + $user_uuid = $_GET['user_uuid']; + } + if (!empty($_GET["search"])) { $search = strtolower($_GET["search"]); } @@ -62,11 +71,11 @@ $sql .= "left outer join v_domains as d using (domain_uuid) "; $sql .= "left outer join v_users as u using (user_uuid) "; $sql .= "where t.domain_uuid = :domain_uuid "; - if (is_uuid($user_uuid)) { + if (!empty($user_uuid)) { $sql .= "and t.user_uuid = :user_uuid "; $parameters['user_uuid'] = $user_uuid; } - if (isset($search)) { + if (!empty($search)) { $sql .= "and ("; $sql .= " lower(t.app_name) like :search "; $sql .= " or lower(t.transaction_code) like :search "; @@ -85,10 +94,9 @@ unset($parameters); //prepare to page the results - $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; + $rows_per_page = (!empty($_SESSION['domain']['paging']['numeric'])) ? $_SESSION['domain']['paging']['numeric'] : 50; $param = "search=".$search; - $page = $_GET['page']; - if (empty($page)) { $page = 0; $_GET['page'] = 0; } + $page = empty($_GET['page']) ? $page = 0 : $page = $_GET['page']; list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); $offset = $rows_per_page * $page; @@ -101,11 +109,11 @@ $sql .= "left outer join v_domains as d using (domain_uuid) "; $sql .= "left outer join v_users as u using (user_uuid) "; $sql .= "where t.domain_uuid = :domain_uuid "; - if (is_uuid($user_uuid)) { + if (!empty($user_uuid)) { $sql .= "and t.user_uuid = :user_uuid "; $parameters['user_uuid'] = $user_uuid; } - if (isset($search)) { + if (!empty($search)) { $sql .= "and ("; $sql .= " lower(t.app_name) like :search "; $sql .= " or lower(t.transaction_code) like :search "; @@ -122,7 +130,7 @@ $sql .= order_by($order_by, $order, 't.transaction_date', 'desc'); $sql .= limit_offset($rows_per_page, $offset); $database = new database; - $result = $database->select($sql, $parameters, 'all'); + $result = $database->select($sql, $parameters ?? null, 'all'); unset($sql, $parameters); //get users @@ -161,7 +169,7 @@ echo ""; echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search']); //echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','onclick'=>"document.getElementById('search').value = ''; document.getElementById('form_search').submit();",'style'=>(!$search ? 'display: none;' : null)]); - if ($paging_controls_mini != '') { + if (!empty($paging_controls_mini)) { echo "".$paging_controls_mini.""; } echo " \n"; @@ -184,7 +192,7 @@ //echo th_order_by('transaction_old', $text['label-transaction_old'], $order_by, $order); //echo th_order_by('transaction_new', $text['label-transaction_new'], $order_by, $order); //echo th_order_by('transaction_result', $text['label-transaction_result'], $order_by, $order); - if (permission_exists('database_transaction_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + if (permission_exists('database_transaction_edit') && $list_row_edit_button == 'true') { echo " \n"; } echo "\n"; @@ -193,7 +201,7 @@ $x = 0; foreach($result as $row) { if (permission_exists('database_transaction_edit')) { - $list_row_url = "database_transaction_edit.php?id=".urlencode($row['database_transaction_uuid']).($page != '' ? "&page=".urlencode($page) : null).($search != '' ? "&search=".urlencode($search) : null); + $list_row_url = "database_transaction_edit.php?id=".urlencode($row['database_transaction_uuid']).(!empty($page) ? "&page=".urlencode($page) : null).(!empty($search) ? "&search=".urlencode($search) : null); } echo "\n"; echo " \n"; @@ -208,7 +216,7 @@ //echo " \n"; if (permission_exists('database_transaction_edit')) { echo " \n"; } echo "\n";
\n"; @@ -284,7 +290,7 @@ $color = "#ff0000"; } //set the table header - if ($_SESSION['previous_name'] !== $_SESSION['name'] || $_SESSION['previous_row'] !== $_SESSION['row']) { + if (!empty($_SESSION['previous_name']) && $_SESSION['previous_name'] !== $_SESSION['name'] || !empty($_SESSION['previous_row']) && $_SESSION['previous_row'] !== $_SESSION['row']) { echo str_replace("name".$_SESSION['name']." 
".escape($row['domain_name'])." ".escape($row['transaction_result']." "; - echo button::create(['type'=>'button','title'=>$text['button-view'],'icon'=>$_SESSION['theme']['button_icon_view'],'link'=>$list_row_url]); + echo button::create(['type'=>'button','title'=>$text['button-view'],'icon'=>$button_icon_view,'link'=>$list_row_url]); echo "