diff --git a/app/vars/app_defaults.php b/app/vars/app_defaults.php
index adfb61f903..94ecec79ab 100644
--- a/app/vars/app_defaults.php
+++ b/app/vars/app_defaults.php
@@ -27,207 +27,166 @@
if ($domains_processed == 1) {
//add the variables to the database
- $sql = "select count(*) as num_rows from v_vars ";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
- if ($row['num_rows'] == 0) {
- //get the xml
- if (file_exists('/usr/share/examples/fusionpbx/resources/templates/conf/vars.xml')) {
- $xml_file = '/usr/share/examples/fusionpbx/resources/templates/conf/vars.xml';
- }
- elseif (file_exists('/usr/local/share/fusionpbx/resources/templates/conf/vars.xml')) {
- $xml_file = '/usr/local/share/fusionpbx/resources/templates/conf/vars.xml';
- }
- else {
- $xml_file = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/templates/conf/vars.xml';
- }
+ $sql = "select count(*) from v_vars ";
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
- //load the xml and save it into an array
- $xml_string = file_get_contents($xml_file);
- $xml = simplexml_load_string($xml_string);
- $json = json_encode($xml);
- $variables = json_decode($json, true);
- //
- $x = 0;
- foreach ($variables['X-PRE-PROCESS'] as $variable) {
- $var_category = $variable['@attributes']['category'];
- $data = explode('=', $variable['@attributes']['data']);
- $var_name = $data[0];
- $var_value = $data[1];
- $var_command = $variable['@attributes']['cmd'];
- $var_enabled = $variable['@attributes']['enabled'];
- $var_order = '';
- $var_description = '';
+ if ($num_rows == 0) {
+ //get the xml
+ if (file_exists('/usr/share/examples/fusionpbx/resources/templates/conf/vars.xml')) {
+ $xml_file = '/usr/share/examples/fusionpbx/resources/templates/conf/vars.xml';
+ }
+ elseif (file_exists('/usr/local/share/fusionpbx/resources/templates/conf/vars.xml')) {
+ $xml_file = '/usr/local/share/fusionpbx/resources/templates/conf/vars.xml';
+ }
+ else {
+ $xml_file = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/templates/conf/vars.xml';
+ }
- $array['vars'][$x]['var_category'] = $var_category;
- $array['vars'][$x]['var_uuid'] = uuid();
- $array['vars'][$x]['var_name'] = $var_name;
- $array['vars'][$x]['var_value'] = $var_value;
- $array['vars'][$x]['var_command'] = $var_command;
- $array['vars'][$x]['var_enabled'] = $var_enabled;
- $array['vars'][$x]['var_order'] = $var_order;
- $array['vars'][$x]['var_description'] = $var_description;
- $x++;
- }
+ //load the xml and save it into an array
+ $xml_string = file_get_contents($xml_file);
+ $xml = simplexml_load_string($xml_string);
+ $json = json_encode($xml);
+ $variables = json_decode($json, true);
+ //
+ $x = 0;
+ foreach ($variables['X-PRE-PROCESS'] as $variable) {
+ $var_category = $variable['@attributes']['category'];
+ $data = explode('=', $variable['@attributes']['data']);
+ $var_name = $data[0];
+ $var_value = $data[1];
+ $var_command = $variable['@attributes']['cmd'];
+ $var_enabled = $variable['@attributes']['enabled'];
+ $var_order = '';
+ $var_description = '';
- //add the dialplan permission
- $p = new permissions;
- $p->add("var_add", "temp");
- $p->add("var_edit", "temp");
+ $array['vars'][$x]['var_category'] = $var_category;
+ $array['vars'][$x]['var_uuid'] = uuid();
+ $array['vars'][$x]['var_name'] = $var_name;
+ $array['vars'][$x]['var_value'] = $var_value;
+ $array['vars'][$x]['var_command'] = $var_command;
+ $array['vars'][$x]['var_enabled'] = $var_enabled;
+ $array['vars'][$x]['var_order'] = $var_order;
+ $array['vars'][$x]['var_description'] = $var_description;
+ $x++;
+ }
- //save to the data
- $database = new database;
- $database->app_name = 'vars';
- $database->app_uuid = '54e08402-c1b8-0a9d-a30a-f569fc174dd8';
- $database->save($array);
- $message = $database->message;
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add("var_add", "temp");
+ $p->add("var_edit", "temp");
- //remove the temporary permission
- $p->delete("var_add", "temp");
- $p->delete("var_edit", "temp");
-
- }
+ //execute insert
+ $database = new database;
+ $database->app_name = 'vars';
+ $database->app_uuid = '54e08402-c1b8-0a9d-a30a-f569fc174dd8';
+ $database->save($array);
+ $message = $database->message;
+
+ //revoke temporary permissions
+ $p->delete("var_add", "temp");
+ $p->delete("var_edit", "temp");
}
- // Set country depend variables as country code and international direct dialing code (exit code)
+
+ //set country depend variables as country code and international direct dialing code (exit code)
if (!function_exists('set_country_vars')) {
function set_country_vars($db, $x) {
require "resources/countries.php";
//$country_iso=$_SESSION['domain']['country']['iso_code'];
- $sql = "select default_setting_value as value from v_default_settings ";
+ $sql = "select default_setting_value ";
+ $sql .= "from v_default_settings ";
$sql .= "where default_setting_name = 'iso_code' ";
$sql .= "and default_setting_category = 'domain' ";
$sql .= "and default_setting_subcategory = 'country' ";
$sql .= "and default_setting_enabled = 'true';";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
- if ( count($result)> 0) {
- $country_iso = $result[0]["value"];
- }
- }
- unset($prep_statement, $sql, $result);
+ $database = new database;
+ $country_iso = $database->select($sql, null, 'column');
+ unset($sql);
- if ( $country_iso===NULL ) {
+ if ($country_iso === null ) {
return;
}
- if(isset($countries[$country_iso])){
+ if (isset($countries[$country_iso])) {
$country = $countries[$country_iso];
- // Set default Country ISO code
- $sql = "select count(*) as num_rows from v_vars ";
+ //set default country iso code
+ $sql = "select count(*) from v_vars ";
$sql .= "where var_name = 'default_country' ";
$sql .= "and var_category = 'Defaults' ";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-
- if ($row['num_rows'] == 0) {
- $sql = "insert into v_vars ";
- $sql .= "(";
- $sql .= "var_uuid, ";
- $sql .= "var_name, ";
- $sql .= "var_value, ";
- $sql .= "var_category, ";
- $sql .= "var_enabled, ";
- $sql .= "var_order, ";
- $sql .= "var_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."', ";
- $sql .= "'default_country', ";
- $sql .= "'".$country["isocode"]."', ";
- $sql .= "'Defaults', ";
- $sql .= "'true', ";
- $sql .= "'".$x."', ";
- $sql .= "'' ";
- $sql .= ");";
- $db->exec(check_sql($sql));
- unset($sql, $row);
- $x++;
- }
- }
- unset($prep_statement, $sql);
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
- //Set default Country code
- $sql = "select count(*) as num_rows from v_vars ";
+ if ($num_rows == 0) {
+ $array['vars'][$x]['var_uuid'] = uuid();
+ $array['vars'][$x]['var_name'] = 'default_country';
+ $array['vars'][$x]['var_value'] = $country["isocode"];
+ $array['vars'][$x]['var_category'] = 'Defaults';
+ $array['vars'][$x]['var_enabled'] = 'true';
+ $array['vars'][$x]['var_order'] = $x;
+ $array['vars'][$x]['var_description'] = null;
+ $x++;
+ }
+ unset($num_rows);
+
+ //set default country code
+ $sql = "select count(*) from v_vars ";
$sql .= "where var_name = 'default_countrycode' ";
$sql .= "and var_category = 'Defaults' ";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
- if ($row['num_rows'] == 0) {
- $sql = "insert into v_vars ";
- $sql .= "(";
- $sql .= "var_uuid, ";
- $sql .= "var_name, ";
- $sql .= "var_value, ";
- $sql .= "var_category, ";
- $sql .= "var_enabled, ";
- $sql .= "var_order, ";
- $sql .= "var_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."', ";
- $sql .= "'default_countrycode', ";
- $sql .= "'".$country["countrycode"]."', ";
- $sql .= "'Defaults', ";
- $sql .= "'true', ";
- $sql .= "'".$x."', ";
- $sql .= "'' ";
- $sql .= ");";
- $db->exec(check_sql($sql));
- unset($sql, $row);
- $x++;
- }
- }
- unset($prep_statement, $sql);
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
- // Set default International Direct Dialing code
- $sql = "select count(*) as num_rows from v_vars ";
+ if ($num_rows == 0) {
+ $array['vars'][$x]['var_uuid'] = uuid();
+ $array['vars'][$x]['var_name'] = 'default_countrycode';
+ $array['vars'][$x]['var_value'] = $country["countrycode"];
+ $array['vars'][$x]['var_category'] = 'Defaults';
+ $array['vars'][$x]['var_enabled'] = 'true';
+ $array['vars'][$x]['var_order'] = $x;
+ $array['vars'][$x]['var_description'] = null;
+ $x++;
+ }
+ unset($num_rows);
+
+ //set default international direct dialing code
+ $sql = "select count(*) from v_vars ";
$sql .= "where var_name = 'default_exitcode' ";
$sql .= "and var_category = 'Defaults' ";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
- if ($row['num_rows'] == 0) {
- $sql = "insert into v_vars ";
- $sql .= "(";
- $sql .= "var_uuid, ";
- $sql .= "var_name, ";
- $sql .= "var_value, ";
- $sql .= "var_category, ";
- $sql .= "var_enabled, ";
- $sql .= "var_order, ";
- $sql .= "var_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."', ";
- $sql .= "'default_exitcode', ";
- $sql .= "'".$country["exitcode"]."', ";
- $sql .= "'Defaults', ";
- $sql .= "'true', ";
- $sql .= "'".$x."', ";
- $sql .= "'' ";
- $sql .= ");";
- $db->exec(check_sql($sql));
- unset($sql, $row);
- $x++;
- }
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
+
+ if ($num_rows == 0) {
+ $array['vars'][$x]['var_uuid'] = uuid();
+ $array['vars'][$x]['var_name'] = 'default_exitcode';
+ $array['vars'][$x]['var_value'] = $country["exitcode"];
+ $array['vars'][$x]['var_category'] = 'Defaults';
+ $array['vars'][$x]['var_enabled'] = 'true';
+ $array['vars'][$x]['var_order'] = $x;
+ $array['vars'][$x]['var_description'] = null;
+ $x++;
}
- unset($prep_statement, $sql, $countries);
+ unset($num_rows, $countries);
+ }
+
+ if (is_array($array) && @sizeof($array) != 0) {
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add("var_add", "temp");
+ //execute inserts
+ $database = new database;
+ $database->app_name = 'vars';
+ $database->app_uuid = '54e08402-c1b8-0a9d-a30a-f569fc174dd8';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete("var_add", "temp");
}
}
}
@@ -239,43 +198,40 @@ if ($domains_processed == 1) {
$sql = "update v_vars set ";
$sql .= "var_enabled = 'false' ";
$sql .= "where (var_name = 'domain' or var_name = 'domain_uuid') ";
- $db->exec(check_sql($sql));
+ $database = new database;
+ $database->execute($sql);
unset($sql);
}
else {
//set the domain_uuid
- $sql = "select count(*) as num_rows from v_vars ";
+ $sql = "select count(*) from v_vars ";
$sql .= "where var_name = 'domain_uuid' ";
- $prep_statement = $db->prepare($sql);
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
- if ($row['num_rows'] == 0) {
- $sql = "insert into v_vars ";
- $sql .= "(";
- $sql .= "var_uuid, ";
- $sql .= "var_name, ";
- $sql .= "var_value, ";
- $sql .= "var_category, ";
- $sql .= "var_enabled, ";
- $sql .= "var_order, ";
- $sql .= "var_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."', ";
- $sql .= "'domain_uuid', ";
- $sql .= "'".$domain_uuid."', ";
- $sql .= "'Defaults', ";
- $sql .= "'true', ";
- $sql .= "'999', ";
- $sql .= "'' ";
- $sql .= ");";
- $db->exec(check_sql($sql));
- unset($sql);
- }
- unset($prep_statement, $row);
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
+
+ if ($num_rows == 0) {
+ //build insert array
+ $array['vars'][0]['var_uuid'] = uuid();
+ $array['vars'][0]['var_name'] = 'domain_uuid';
+ $array['vars'][0]['var_value'] = $domain_uuid;
+ $array['vars'][0]['var_category'] = 'Defaults';
+ $array['vars'][0]['var_enabled'] = 'true';
+ $array['vars'][0]['var_order'] = 999;
+ $array['vars'][0]['var_description'] = null;
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add("var_add", "temp");
+ //execute inserts
+ $database = new database;
+ $database->app_name = 'vars';
+ $database->app_uuid = '54e08402-c1b8-0a9d-a30a-f569fc174dd8';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete("var_add", "temp");
}
+ unset($num_rows);
}
//set country code variables
@@ -285,4 +241,4 @@ if ($domains_processed == 1) {
save_var_xml();
}
-?>
+?>
\ No newline at end of file
diff --git a/app/vars/var_delete.php b/app/vars/var_delete.php
index 3949e76920..69019f40d1 100644
--- a/app/vars/var_delete.php
+++ b/app/vars/var_delete.php
@@ -42,26 +42,26 @@
$text = $language->get();
//get the id
- if (count($_GET) > 0) {
- $id = $_GET["id"];
- }
+ $var_uuid = $_GET["id"];
//delete the data
- if (strlen($id) > 0 && is_uuid($id)) {
- //delete the variable
- $sql = "delete from v_vars ";
- $sql .= "where var_uuid = '$id' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- unset($sql);
-
+ if (is_uuid($var_uuid)) {
+ //build array
+ $array['vars'][0]['var_uuid'] = $var_uuid;
+ //execute delete
+ $database = new database;
+ $database->app_name = 'vars';
+ $database->app_uuid = '54e08402-c1b8-0a9d-a30a-f569fc174dd8';
+ $database->delete($array);
+ unset($array);
//rewrite the xml
- save_var_xml();
+ save_var_xml();
+ //set message
+ message::add($text['message-delete']);
}
-//redirect the browser
- message::add($text['message-delete']);
+//redirect
header("Location: vars.php");
- return;
+ exit;
-?>
+?>
\ No newline at end of file
diff --git a/app/vars/var_edit.php b/app/vars/var_edit.php
index ccf429d220..bdf5a247e9 100644
--- a/app/vars/var_edit.php
+++ b/app/vars/var_edit.php
@@ -43,9 +43,9 @@
$text = $language->get();
//set the action as an add or an update
- if (isset($_REQUEST["id"])) {
+ if (is_uuid($_REQUEST["id"]) {
$action = "update";
- $var_uuid = check_str($_REQUEST["id"]);
+ $var_uuid = $_REQUEST["id"];
}
else {
$action = "add";
@@ -53,18 +53,18 @@
//set http values as php variables
if (count($_POST) > 0) {
- $var_category = check_str(trim($_POST["var_category"]));
- $var_name = check_str(trim($_POST["var_name"]));
- $var_value = check_str(trim($_POST["var_value"]));
- $var_command = check_str(trim($_POST["var_command"]));
- $var_hostname = check_str(trim($_POST["var_hostname"]));
- $var_enabled = check_str(trim($_POST["var_enabled"]));
- $var_order = check_str(trim($_POST["var_order"]));
- $var_description = check_str(trim($_POST["var_description"]));
+ $var_category = trim($_POST["var_category"]);
+ $var_name = trim($_POST["var_name"]);
+ $var_value = trim($_POST["var_value"]);
+ $var_command = trim($_POST["var_command"]);
+ $var_hostname = trim($_POST["var_hostname"]);
+ $var_enabled = trim($_POST["var_enabled"]);
+ $var_order = trim($_POST["var_order"]);
+ $var_description = trim($_POST["var_description"]);
$var_description = str_replace("''", "'", $var_description);
if (strlen($_POST["var_category_other"]) > 0) {
- $var_category = check_str(trim($_POST["var_category_other"]));
+ $var_category = trim($_POST["var_category_other"]);
}
}
@@ -73,7 +73,7 @@
//get the uuid
if ($action == "update") {
- $var_uuid = check_str($_POST["var_uuid"]);
+ $var_uuid = $_POST["var_uuid"];
}
//check for all required data
@@ -100,71 +100,37 @@
//add or update the database
if ($_POST["persistformvar"] != "true") {
if ($action == "add" && permission_exists('var_add')) {
- //insert the variable
+ //begin insert array
$var_uuid = uuid();
- $sql = "insert into v_vars ";
- $sql .= "(";
- $sql .= "var_uuid, ";
- $sql .= "var_category, ";
- $sql .= "var_name, ";
- $sql .= "var_value, ";
- $sql .= "var_command, ";
- $sql .= "var_hostname, ";
- $sql .= "var_enabled, ";
- $sql .= "var_order, ";
- $sql .= "var_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'$var_uuid', ";
- $sql .= "'$var_category', ";
- $sql .= "'$var_name', ";
- $sql .= "'$var_value', ";
- $sql .= "'$var_command', ";
- if (strlen($var_hostname) > 0) {
- $sql .= "'$var_hostname', ";
- }
- else {
- $sql .= "null, ";
- }
- $sql .= "'$var_enabled', ";
- $sql .= "'$var_order', ";
- $sql .= "'".base64_encode($var_description)."' ";
- $sql .= ")";
- $db->exec(check_sql($sql));
- unset($sql);
-
- //unset the user defined variables
- $_SESSION["user_defined_variables"] = "";
-
- //synchronize the configuration
- save_var_xml();
-
- //set the message and redirect the user
+ $array['vars'][0]['var_uuid'] = $var_uuid;
+ //set message
message::add($text['message-add']);
- header("Location: vars.php");
- return;
- } //if ($action == "add")
+ }
if ($action == "update" && permission_exists('var_edit')) {
- //update the variables
- $sql = "update v_vars set ";
- $sql .= "var_category = '$var_category', ";
- $sql .= "var_name = '$var_name', ";
- $sql .= "var_value = '$var_value', ";
- $sql .= "var_command = '$var_command', ";
- if (strlen($var_hostname) > 0) {
- $sql .= "var_hostname = '$var_hostname', ";
- }
- else {
- $sql .= "var_hostname = null, ";
- }
- $sql .= "var_enabled = '$var_enabled', ";
- $sql .= "var_order = '$var_order', ";
- $sql .= "var_description = '".base64_encode($var_description)."' ";
- $sql .= "where var_uuid = '$var_uuid' ";
- $db->exec(check_sql($sql));
- unset($sql);
+ //begin update array
+ $array['vars'][0]['var_uuid'] = $var_uuid;
+ //set message
+ message::add($text['message-update']);
+ }
+
+ if (is_array($array) && @sizeof($array) != 0) {
+ //add common fields to array
+ $array['vars'][0]['var_category'] = $var_category;
+ $array['vars'][0]['var_name'] = $var_name;
+ $array['vars'][0]['var_value'] = $var_value;
+ $array['vars'][0]['var_command'] = $var_command;
+ $array['vars'][0]['var_hostname'] = $var_hostname != '' ? $var_hostname : null;
+ $array['vars'][0]['var_enabled'] = $var_enabled;
+ $array['vars'][0]['var_order'] = $var_order;
+ $array['vars'][0]['var_description'] = base64_encode($var_description);
+
+ //execute insert/update
+ $database = new database;
+ $database->app_name = 'vars';
+ $database->app_uuid = '54e08402-c1b8-0a9d-a30a-f569fc174dd8';
+ $database->save($array);
+ unset($array);
//unset the user defined variables
$_SESSION["user_defined_variables"] = "";
@@ -172,23 +138,23 @@
//synchronize the configuration
save_var_xml();
- //set the message and redirect the user
- message::add($text['message-update']);
+ //redirect
header("Location: vars.php");
- return;
- } //if ($action == "update")
- } //if ($_POST["persistformvar"] != "true")
- } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
+ exit;
+ }
+ }
+
+ }
//pre-populate the form
- if (is_array($_GET) && $_POST["persistformvar"] != "true") {
+ if (is_array($_GET) && is_uuid($_GET["id"]) && $_POST["persistformvar"] != "true") {
$var_uuid = $_GET["id"];
$sql = "select * from v_vars ";
- $sql .= "where var_uuid = '$var_uuid' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- foreach ($result as &$row) {
+ $sql .= "where var_uuid = :var_uuid ";
+ $parameters['something'] = $var_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && @sizeof($row) != 0) {
$var_category = $row["var_category"];
$var_name = $row["var_name"];
$var_value = $row["var_value"];
@@ -198,7 +164,7 @@
$var_order = $row["var_order"];
$var_description = base64_decode($row["var_description"]);
}
- unset ($prep_statement);
+ unset($sql, $parameters);
}
//include header
@@ -326,8 +292,8 @@
echo "\n";
echo "| \n";
echo " |