diff --git a/resources/install/scripts/app/voicemail/index.lua b/resources/install/scripts/app/voicemail/index.lua index ad0c478dbc..10849275b0 100644 --- a/resources/install/scripts/app/voicemail/index.lua +++ b/resources/install/scripts/app/voicemail/index.lua @@ -50,8 +50,13 @@ password_tries = 0; --connect to the database - require "resources.functions.database_handle"; - dbh = database_handle('system'); + Database = require "resources.functions.database"; + dbh = Database.new('system'); + +--include json library (as global object) + if (debug["sql"]) then + json = require "resources.functions.lunajson" + end --set the api api = freeswitch.API(); @@ -102,12 +107,13 @@ if (domain_uuid == nil) then --get the domain_uuid using the domain name required for multi-tenant if (domain_name ~= nil) then - sql = "SELECT domain_uuid FROM v_domains "; - sql = sql .. "WHERE domain_name = '" .. domain_name .. "' "; + local sql = "SELECT domain_uuid FROM v_domains "; + sql = sql .. "WHERE domain_name = :domain_name "; + local params = {domain_name = domain_name}; if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); end - status = dbh:query(sql, function(rows) + dbh:query(sql, params, function(rows) domain_uuid = rows["domain_uuid"]; end); end @@ -164,14 +170,15 @@ if (voicemail_id ~= nil) then if (session:ready()) then --get the information from the database - sql = [[SELECT * FROM v_voicemails - WHERE domain_uuid = ']] .. domain_uuid ..[[' - AND voicemail_id = ']] .. voicemail_id ..[[' + local sql = [[SELECT * FROM v_voicemails + WHERE domain_uuid = :domain_uuid + AND voicemail_id = :voicemail_id AND voicemail_enabled = 'true' ]]; + local params = {domain_uuid = domain_uuid, voicemail_id = voicemail_id}; if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); end - status = dbh:query(sql, function(row) + dbh:query(sql, params, function(row) voicemail_uuid = string.lower(row["voicemail_uuid"]); voicemail_password = row["voicemail_password"]; greeting_id = row["greeting_id"]; @@ -255,11 +262,12 @@ debug["info"] = "true"; --get voicemail message details - sql = [[SELECT * FROM v_domains WHERE domain_name = ']] .. domain_name ..[[']] + local sql = [[SELECT * FROM v_domains WHERE domain_name = :domain_name]]; + local params = {domain_name = domain_name}; if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); end - status = dbh:query(sql, function(row) + dbh:query(sql, params, function(row) domain_uuid = string.lower(row["domain_uuid"]); end); @@ -301,13 +309,14 @@ --check the voicemail quota if (vm_disk_quota) then --get voicemail message seconds - sql = [[SELECT coalesce(sum(message_length), 0) as message_sum FROM v_voicemail_messages - WHERE domain_uuid = ']] .. domain_uuid ..[[' - AND voicemail_uuid = ']] .. voicemail_uuid ..[[']] - if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); - end - status = dbh:query(sql, function(row) + local sql = [[SELECT coalesce(sum(message_length), 0) as message_sum FROM v_voicemail_messages + WHERE domain_uuid = :domain_uuid + AND voicemail_uuid = :voicemail_uuid]] + local params = {domain_uuid = domain_uuid, voicemail_uuid = voicemail_uuid}; + if (debug["sql"]) then + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); + end + dbh:query(sql, params, function(row) message_sum = row["message_sum"]; end); if (tonumber(vm_disk_quota) <= tonumber(message_sum)) then @@ -351,13 +360,14 @@ --get the voicemail destinations sql = [[select * from v_voicemail_destinations - where voicemail_uuid = ']]..voicemail_uuid..[[']] - --freeswitch.consoleLog("notice", "[voicemail][destinations] SQL:" .. sql .. "\n"); + where voicemail_uuid = :voicemail_uuid]] + params = {voicemail_uuid=voicemail_uuid}; + --freeswitch.consoleLog("notice", "[voicemail][destinations] SQL:" .. sql .. "; params:" .. json.encode(params) .. "\n"); destinations = {}; x = 1; table.insert(destinations, {domain_uuid=domain_uuid,voicemail_destination_uuid=voicemail_uuid,voicemail_uuid=voicemail_uuid,voicemail_uuid_copy=voicemail_uuid}); x = x + 1; - assert(dbh:query(sql, function(row) + assert(dbh:query(sql, params, function(row) destinations[x] = row; x = x + 1; end)); @@ -399,65 +409,81 @@ table.insert(sql, ") "); table.insert(sql, "VALUES "); table.insert(sql, "( "); - table.insert(sql, "'"..voicemail_message_uuid.."', "); - table.insert(sql, "'"..domain_uuid.."', "); - table.insert(sql, "'"..row.voicemail_uuid_copy.."', "); - table.insert(sql, "'"..start_epoch.."', "); - table.insert(sql, "'"..caller_id_name.."', "); - table.insert(sql, "'"..caller_id_number.."', "); + table.insert(sql, ":voicemail_message_uuid, "); + table.insert(sql, ":domain_uuid, "); + table.insert(sql, ":voicemail_uuid, "); + table.insert(sql, ":start_epoch, "); + table.insert(sql, ":caller_id_name, "); + table.insert(sql, ":caller_id_number, "); if (storage_type == "base64") then - table.insert(sql, "'"..message_base64.."', "); + table.insert(sql, ":message_base64, "); end if (transcribe_enabled == "true") then - table.insert(sql, "'"..transcription.."', "); + table.insert(sql, ":transcription, "); end - table.insert(sql, "'"..message_length.."' "); - --table.insert(sql, "'"..message_status.."', "); - --table.insert(sql, "'"..message_priority.."' "); + table.insert(sql, ":message_length "); + --table.insert(sql, ":message_status, "); + --table.insert(sql, ":message_priority "); table.insert(sql, ") "); sql = table.concat(sql, "\n"); + local params = { + voicemail_message_uuid = voicemail_message_uuid; + domain_uuid = domain_uuid; + voicemail_uuid = row.voicemail_uuid_copy; + start_epoch = start_epoch; + caller_id_name = caller_id_name; + caller_id_number = caller_id_number; + message_base64 = message_base64; + transcription = transcription; + message_length = message_length; + --message_status = message_status; + --message_priority = message_priority; + }; if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); end if (storage_type == "base64") then local Database = require "resources.functions.database" local dbh = Database.new('system', 'base64'); - dbh:query(sql); + dbh:query(sql, params); dbh:release(); else - dbh:query(sql); + dbh:query(sql, params); end end - --get saved and new message counts + local params = {domain_uuid = domain_uuid, voicemail_uuid = row.voicemail_uuid_copy}; + + --get new message count sql = [[SELECT count(*) as new_messages FROM v_voicemail_messages - WHERE domain_uuid = ']] .. domain_uuid ..[[' - AND voicemail_uuid = ']] .. row.voicemail_uuid_copy ..[[' + WHERE domain_uuid = :domain_uuid + AND voicemail_uuid = :voicemail_uuid AND (message_status is null or message_status = '') ]]; - if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); - end - status = dbh:query(sql, function(result) + if (debug["sql"]) then + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); + end + dbh:query(sql, params, function(result) new_messages = result["new_messages"]; end); + + --get saved message count sql = [[SELECT count(*) as saved_messages FROM v_voicemail_messages - WHERE domain_uuid = ']] .. domain_uuid ..[[' - AND voicemail_uuid = ']] .. row.voicemail_uuid_copy ..[[' + WHERE domain_uuid = :domain_uuid + AND voicemail_uuid = :voicemail_uuid AND message_status = 'saved' ]]; - if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); - end - status = dbh:query(sql, function(result) + if (debug["sql"]) then + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); + end + dbh:query(sql, params, function(result) saved_messages = result["saved_messages"]; end); --get the voicemail_id - sql = [[SELECT voicemail_id FROM v_voicemails - WHERE voicemail_uuid = ']] .. row.voicemail_uuid_copy ..[[']]; - if (debug["sql"]) then - freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "\n"); - end - status = dbh:query(sql, function(result) + sql = [[SELECT voicemail_id FROM v_voicemails WHERE voicemail_uuid = :voicemail_uuid]]; + if (debug["sql"]) then + freeswitch.consoleLog("notice", "[voicemail] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n"); + end + dbh:query(sql, params, function(result) voicemail_id_copy = result["voicemail_id"]; end);