dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update database.php

This commit is contained in:
FusionPBX 2019-05-05 19:30:05 -06:00 committed by GitHub
parent 41e8567043
commit 9796cabe28
1 changed files with 67 additions and 369 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

436
resources/classes/database.php
View File

@ -663,60 +663,6 @@ include "root.php";
$this->connect(); $this->connect();
} }
//sanitize the table name
$this->table = preg_replace('#[^a-zA-Z0-9_\-]#', '', $this->table);
//delete from the database
if (isset($this->table) && isset($this->where)) {
$i = 0;
$sql = "delete from ".$this->table." ";
if (is_array($this->where)) {
foreach($this->where as $row) {
//sanitize the name
$row['name'] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $row['name']);
//validate the operator
switch ($row['operator']) {
case "<": break;
case ">": break;
case "<=": break;
case ">=": break;
case "=": break;
case ">=": break;
case "<>": break;
case "!=": break;
default:
//invalid operator
return false;
}
//build the sql
if ($i == 0) {
//$sql .= $row['name']." ".$row['operator']." '".$row['value']."' ";
$sql .= "where ".$row['name']." ".$row['operator']." :".$row['name']." ";
}
else {
//$sql .= $row['name']." ".$row['operator']." '".$row['value']."' ";
$sql .= "and ".$row['name']." ".$row['operator']." :".$row['name']." ";
}
//add the name and value to the params array
$params[$row['name']] = $row['value'];
//increment $i
$i++;
}
}
//echo $sql."<br>\n";
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute($params);
unset($sql, $this->where);
return;
}
//return the array
if (!is_array($array)) { echo "not an array"; return false; }
//set the message id //set the message id
$m = 0; $m = 0;
@ -724,11 +670,9 @@ include "root.php";
if (!isset($this->app_name)) { if (!isset($this->app_name)) {
$this->app_name = $this->name; $this->app_name = $this->name;
} }
//normalize the array structure //set the table prefix
//$new_array = $this->normalize_array($array, $this->name); $table_prefix = 'v_';
//unset($array);
$new_array = $array;
//debug sql //debug sql
$this->debug["sql"] = true; $this->debug["sql"] = true;
@ -738,325 +682,79 @@ include "root.php";
//debug info //debug info
//echo "<pre>\n"; //echo "<pre>\n";
//print_r($new_array); //print_r($array);
//echo "</pre>\n"; //echo "</pre>\n";
//exit; //exit;
//get the $apps array from the installed apps from the core and mod directories //get the current data
//$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/$schema_name/app_config.php"); foreach($array as $table_name => $rows) {
/* foreach($rows as $row) {
$x = 0; $i = 0;
if (is_array($config_list)) { $sql = "select * from ".$table_prefix.$table_name." ";
foreach ($config_list as &$config_path) { foreach($row as $field_name => $field_value) {
include($config_path); if ($i == 0) { $sql .= "where "; } else { $sql .= "and "; }
$x++; $sql .= $field_name." = :".$field_name." ";
} $parameters[$field_name] = $field_value;
} $i++;
$tables = $apps[0]['db'];
if (is_array($tables)) {
foreach ($tables as &$row) {
//print_r($row);
$table = $row['table'];
echo $table."\n";
foreach ($row['fields'] as &$field) {
if (isset($field['key']['type'])) {
print_r($field);
}
} }
$old_array[$table_name] = $this->execute($sql, $parameters);
unset($parameters);
} }
} }
*/
//loop through the array //start the atomic transaction
if (is_array($new_array)) { $this->db->beginTransaction();
foreach ($new_array as $schema_name => $schema_array) {
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $schema_name);
if (is_array($schema_array)) {
foreach ($schema_array as $schema_id => $array) {
//set the variables //delete the current data
$table_name = "v_".$this->name; foreach($array as $table_name => $rows) {
$parent_key_name = $this->singular($this->name)."_uuid"; //echo "table: ".$table_name."\n";
foreach($rows as $row) {
//if the uuid is set then set parent key exists and value if (permission_exists($this->singular($table_name).'_delete')) {
//determine if the parent_key_exists $sql = "delete from ".$table_prefix.$table_name." ";
$parent_key_exists = false; $i = 0;
if (isset($array[$parent_key_name])) { foreach($row as $field_name => $field_value) {
$parent_key_value = $array[$parent_key_name]; //echo "field: ".$field_name." = ".$field_value."\n";
$parent_key_exists = true; if ($i == 0) { $sql .= "where "; } else { $sql .= "and "; }
} $sql .= $field_name." = :".$field_name." ";
else { $parameters[$field_name] = $field_value;
if (isset($this->uuid)) { $i++;
$parent_key_exists = true; }
$parent_key_value = $this->uuid; try {
} $this->execute($sql, $parameters);
else { $message["message"] = "OK";
$parent_key_value = uuid(); $message["code"] = "200";
} $message["uuid"] = $id;
} $message["details"][$m]["name"] = $this->name;
$message["details"][$m]["message"] = "OK";
//get the parent field names $message["details"][$m]["code"] = "200";
$parent_field_names = array(); //$message["details"][$m]["uuid"] = $parent_key_value;
if (is_array($array)) { if ($this->debug["sql"]) {
foreach ($array as $key => $value) { $message["details"][$m]["sql"] = $sql;
if (!is_array($value)) { }
$parent_field_names[] = $key; $this->message = $message;
} $m++;
} unset($sql);
} unset($statement);
}
//get the data before the delete catch(PDOException $e) {
if ($parent_key_exists) { $message["message"] = "Bad Request";
$sql = "SELECT * FROM ".$table_name." "; $message["code"] = "400";
$sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' "; $message["details"][$m]["name"] = $this->name;
$prep_statement = $this->db->prepare($sql); $message["details"][$m]["message"] = $e->getMessage();
if ($prep_statement) { $message["details"][$m]["code"] = "400";
//get the data if ($this->debug["sql"]) {
try { $message["details"][$m]["sql"] = $sql;
$prep_statement->execute(); }
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC); $this->message = $message;
} $m++;
catch(PDOException $e) { }
echo 'Caught exception: ', $e->getMessage(), "<br/><br/>\n"; unset($parameters);
echo $sql; } //if permission
exit; } //foreach rows
} } //foreach $array
//set the action
if (count($result) > 0) {
$action = "delete";
$old_array[$schema_name] = $result;
}
else {
$action = "";
}
}
unset($prep_statement);
unset($result);
}
else {
$action = "";
}
//delete a specific uuid
if ($action == "delete") {
if (permission_exists($this->singular($this->name).'_delete') && strlen($parent_key_value) > 0
&& ($parent_key_exists) && is_uuid($parent_key_value)) {
//set the table name
$table_name = 'v_'.$this->name;
//parent data
$sql = "DELETE FROM $table_name ";
$sql .= "WHERE $parent_key_name = '$parent_key_value' ;";
//echo $sql;
//$sql = "DELETE FROM :table_name ";
//$sql .= "WHERE :parent_key_name = ':parent_key_value'; ";
//$statement = $this->db->prepare($sql);
//$statement->bindParam(':table_name', $table_name);
//$statement->bindParam(':parent_key_name', $parent_key_name);
//$statement->bindParam(':parent_key_value', $parent_key_value);
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$this->db->query(check_sql($sql));
//$statement->execute();
$message["message"] = "OK";
$message["code"] = "200";
$message["uuid"] = $parent_key_value;
$message["details"][$m]["name"] = $this->name;
$message["details"][$m]["message"] = "OK";
$message["details"][$m]["code"] = "200";
$message["details"][$m]["uuid"] = $parent_key_value;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
}
$this->message = $message;
$m++;
unset($sql);
unset($statement);
}
catch(PDOException $e) {
$message["message"] = "Bad Request";
$message["code"] = "400";
$message["details"][$m]["name"] = $this->name;
$message["details"][$m]["message"] = $e->getMessage();
$message["details"][$m]["code"] = "400";
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
}
$this->message = $message;
$m++;
}
}
else {
$message["name"] = $this->name;
$message["message"] = "Forbidden, does not have '".$this->singular($this->name)."_delete'";
$message["code"] = "403";
$message["line"] = __line__;
$this->message = $message;
$m++;
}
}
//unset the variables
unset($sql, $action);
//child data
if (is_array($array)) {
foreach ($array as $key => $value) {
if (is_array($value)) {
$table_name = "v_".$key;
foreach ($value as $id => $row) {
//prepare the variables
$child_name = $this->singular($key);
$child_key_name = $child_name."_uuid";
//determine if the parent key exists in the child array
$parent_key_exists = false;
if (!isset($array[$parent_key_name])) {
$parent_key_exists = true;
}
//determine if the uuid exists
$uuid_exists = false;
if (is_array($row)) {
foreach ($row as $k => $v) {
if ($child_key_name == $k) {
if (strlen($v) > 0) {
$child_key_value = $v;
$uuid_exists = true;
break;
}
}
else {
$uuid_exists = false;
}
}
}
//get the child field names
$child_field_names = array();
if (is_array($row)) {
foreach ($row as $k => $v) {
if (!is_array($v)) {
$child_field_names[] = $k;
}
}
}
//get the child data
if ($uuid_exists) {
$sql = "SELECT * FROM ".$table_name." ";
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
$prep_statement = $this->db->prepare($sql);
if ($prep_statement) {
//get the data
$prep_statement->execute();
$child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
//set the action
if (is_array($child_array)) {
$action = "delete";
}
else {
$action = "";
}
//add to the parent array
if (is_array($child_array)) {
$old_array[$schema_name][$schema_id][$key][] = $child_array;
}
}
unset($prep_statement);
}
else {
$action = "";
}
//delete the child data
if ($action == "delete") {
if (permission_exists($child_name.'_delete')) {
$sql = "DELETE FROM ".$table_name." ";
$sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
if (strlen($parent_key_value) > 0) { $sql .= "AND ".$parent_key_name." = '".$parent_key_value."' "; }
//$sql = "DELETE FROM :table_name ";
//$sql .= "WHERE :child_key_name = ':child_key_value' ";
//if (strlen($parent_key_value) > 0) { $sql .= "AND :parent_key_name = ':parent_key_value' }";
//$statement = $this->db->prepare($sql);
//$statement->bindParam(':table_name', $table_name);
//$statement->bindParam(':parent_key_name', $parent_key_name);
//$statement->bindParam(':parent_key_value', $parent_key_value);
//$statement->bindParam(':child_key_name', $child_key_name);
//$statement->bindParam(':child_key_value', $child_key_value);
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$this->db->query(check_sql($sql));
//$statement->execute();
$message["details"][$m]["name"] = $key;
$message["details"][$m]["message"] = "OK";
$message["details"][$m]["code"] = "200";
$message["details"][$m]["uuid"] = $child_key_value;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
}
$this->message = $message;
$m++;
}
catch(PDOException $e) {
if ($message["code"] = "200") {
$message["message"] = "Bad Request";
$message["code"] = "400";
}
$message["details"][$m]["name"] = $key;
$message["details"][$m]["message"] = $e->getMessage();
$message["details"][$m]["code"] = "400";
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
}
$this->message = $message;
$m++;
}
}
else {
$message["name"] = $child_name;
$message["message"] = "Forbidden, does not have '${child_name}_delete'";
$message["code"] = "403";
$message["line"] = __line__;
$this->message = $message;
$m++;
}
} //action update
//unset the variables
unset($sql, $action, $child_key_name, $child_key_value);
} // foreach value
} //is array
} //foreach array
} //is_array array
} // foreach schema_array
} //is_array $schema_array
} // foreach main array
}
//return the before and after data
//log this in the future
//if (is_array($old_array)) {
//normalize the array structure
//$old_array = $this->normalize_array($old_array, $this->name);
//debug info
//echo "<pre>\n";
//print_r($old_array);
//echo "</pre>\n";
//exit;
//}
//$message["new"] = $new_array;
//$message["new"]["md5"] = md5(json_encode($new_array));
$this->message = $message;
//commit the atomic transaction //commit the atomic transaction
//$this->db->commit(); $this->db->commit();
//set the action if not set //set the action if not set
$transaction_type = 'delete'; $transaction_type = 'delete';
@ -1098,7 +796,7 @@ include "root.php";
$sql .= ":app_uuid, "; $sql .= ":app_uuid, ";
} }
if (strlen($this->app_name) > 0) { if (strlen($this->app_name) > 0) {
$sql .= "':app_name, "; $sql .= ":app_name, ";
} }
$sql .= "'".$message["code"]."', "; $sql .= "'".$message["code"]."', ";
$sql .= ":remote_address, "; $sql .= ":remote_address, ";