From 9c650a29b1851878e4fd502781cc28cf3c2dab26 Mon Sep 17 00:00:00 2001 From: Anthony <96078404+AntoniusDC@users.noreply.github.com> Date: Thu, 1 Jun 2023 15:21:29 -0600 Subject: [PATCH] Fixed Errors for Phrases, Recordings, Operator Panel and Music on Hold. (#6735) --- .../classes/basic_operator_panel.php | 2 +- .../resources/content.php | 24 +++---- app/music_on_hold/music_on_hold.php | 63 +++++++++++-------- app/phrases/phrase_edit.php | 17 +++-- app/phrases/phrases.php | 32 ++++++---- app/recordings/recording_edit.php | 2 +- app/recordings/recordings.php | 62 ++++++++++-------- .../resources/classes/registrations.php | 7 +-- 8 files changed, 116 insertions(+), 93 deletions(-) diff --git a/app/basic_operator_panel/resources/classes/basic_operator_panel.php b/app/basic_operator_panel/resources/classes/basic_operator_panel.php index c8dcb0019e..eec11fc750 100644 --- a/app/basic_operator_panel/resources/classes/basic_operator_panel.php +++ b/app/basic_operator_panel/resources/classes/basic_operator_panel.php @@ -98,7 +98,7 @@ if (!class_exists('basic_operator_panel')) { if (isset($extensions)) { foreach($extensions as &$row) { $user = $row['extension']; - if (strlen($row['number_alias']) >0 ) { + if (!empty($row['number_alias'])) { $user = $row['number_alias']; } diff --git a/app/basic_operator_panel/resources/content.php b/app/basic_operator_panel/resources/content.php index 7e759e190c..5c48c8f263 100644 --- a/app/basic_operator_panel/resources/content.php +++ b/app/basic_operator_panel/resources/content.php @@ -51,7 +51,7 @@ $operator_panel = new basic_operator_panel; $activity = $operator_panel->call_activity(); if (is_array($activity)) { foreach ($activity as $extension => $fields) { - if (substr_count($fields['call_group'], ',')) { + if (!empty($fields['call_group']) && substr_count($fields['call_group'], ',')) { $tmp = explode(',', $fields['call_group']); if (is_array($tmp)) foreach ($tmp as $tmp_index => $tmp_value) { if (trim($tmp_value) == '') { unset($tmp[$tmp_index]); } @@ -63,7 +63,7 @@ if (is_array($activity)) { } } } -if (is_array($groups)) { +if (!empty($groups)) { $groups = array_unique($groups); sort($groups); } @@ -181,7 +181,7 @@ if (permission_exists('operator_panel_eavesdrop')) { echo " \n"; } -if (is_array($groups) && @sizeof($groups) > 0) { +if (!empty($groups)) { echo " \n"; echo " \n"; if (sizeof($groups) > 5) { @@ -237,7 +237,7 @@ if (is_array($activity)) { if ($_REQUEST['name_filter'] != '' && substr_count($ext['filter_name'], $_REQUEST['name_filter']) == 0 && !in_array($extension, $_SESSION['user']['extensions'])) { continue; } //check if feature code being called - $format_number = (substr($ext['dest'], 0, 1) == '*') ? false : true; + $format_number = (!empty($ext['dest']) && substr($ext['dest'], 0, 1) == '*') ? false : true; //determine extension state, direction icon, and displayed name/number for caller/callee if ($ext['state'] == 'CS_EXECUTE') { @@ -339,8 +339,8 @@ if (is_array($activity)) { unset($extension_number, $found_count, $array); //determine the call identifier passed on drop - if ($ext['uuid'] == $ext['call_uuid'] && $ext['variable_bridge_uuid'] == '') { // transfer an outbound internal call - $call_identifier = $activity[$call_number]['uuid']; + if ($ext['uuid'] == $ext['call_uuid'] && empty($ext['variable_bridge_uuid'])) { // transfer an outbound internal call + $call_identifier = $activity[$call_number ?? null]['uuid'] ?? null; } else if (($ext['variable_call_direction'] == 'outbound' || $ext['variable_call_direction'] == 'local') && $ext['variable_bridge_uuid'] != '') { // transfer an outbound external call $call_identifier = $ext['variable_bridge_uuid']; @@ -358,7 +358,7 @@ if (is_array($activity)) { if (permission_exists('operator_panel_manage')) { if (!in_array($extension, $_SESSION['user']['extensions'])) { //other extension - if ($ext_state == "ringing") { + if (!empty($ext_state) && $ext_state == "ringing") { if ($_GET['vd_ext_from'] == '' && $dir_icon == 'inbound') { $draggable = true; // selectable - is ringing and not outbound so can transfer away the call (can set as vd_ext_from) } @@ -366,7 +366,7 @@ if (is_array($activity)) { $draggable = false; // unselectable - is ringing so can't send a call to the ext (can't set as vd_ext_to) } } - else if ($ext_state == 'active') { + else if (!empty($ext_state) && $ext_state == 'active') { $draggable = false; // unselectable - on a call already so can't transfer or send a call to the ext (can't set as vd_ext_from or vd_ext_to) } else { // idle @@ -399,7 +399,7 @@ if (is_array($activity)) { } //determine extension (user) status - $ext_status = (in_array($extension, $_SESSION['user']['extensions'])) ? $ext_user_status[$_SESSION['user_uuid']] : $ext_user_status[$ext['user_uuid']]; + $ext_status = (in_array($extension, $_SESSION['user']['extensions'])) ? $ext_user_status[$_SESSION['user_uuid']] : $ext_user_status[$ext['user_uuid']] ?? ''; switch ($ext_status) { case "Available" : $status_icon = "available"; @@ -423,7 +423,7 @@ if (is_array($activity)) { } //build the list of extensions - $block .= "
"; // DRAG TO + $block = "
"; // DRAG TO $block .= "\n"; $block .= " \n"; $block .= " \n"; $block .= "
\n"; @@ -432,7 +432,7 @@ if (is_array($activity)) { $block .= "\n"; $block .= " \n"; - if ($dir_icon != '') { + if ($dir_icon ?? '') { $block .= " \"".$text['label-call_direction']."\"\n"; } $block .= "
\n"; - if ($ext_state != '') { + if ($ext_state ?? '') { $block .= " \n"; $block .= " \n"; echo " \n"; @@ -545,7 +554,7 @@ unset($stream_icons, $icons); //list the stream files - if (is_array($stream_files) && @sizeof($stream_files) != 0) { + if (!empty($stream_files)) { foreach ($stream_files as $stream_file_path) { $row_uuid = uuid(); $stream_file = pathinfo($stream_file_path, PATHINFO_BASENAME); @@ -568,7 +577,7 @@ echo " \n"; echo " \n"; } - if ($_GET['show'] == "all" && permission_exists('music_on_hold_all')) { + if ($show == "all" && permission_exists('music_on_hold_all')) { if (!empty($_SESSION['domains'][$row['domain_uuid']]['domain_name'])) { $domain = $_SESSION['domains'][$row['domain_uuid']]['domain_name']; } diff --git a/app/phrases/phrase_edit.php b/app/phrases/phrase_edit.php index cc398dd911..297b8fa412 100644 --- a/app/phrases/phrase_edit.php +++ b/app/phrases/phrase_edit.php @@ -45,8 +45,13 @@ $language = new text; $text = $language->get(); +//add the defaults + $phrase_name = ''; + $phrase_language = ''; + $phrase_description = ''; + //set the action as an add or an update - if (is_uuid($_REQUEST["id"])) { + if (!empty($_REQUEST["id"])) { $action = "update"; $phrase_uuid = $_REQUEST["id"]; } @@ -58,7 +63,7 @@ if (count($_POST) > 0) { //process the http post data by submitted action - if ($_POST['action'] != '' && is_uuid($_POST['phrase_uuid'])) { + if (!empty($_POST['action']) != '' && is_uuid($_POST['phrase_uuid'])) { $array[0]['checked'] = 'true'; $array[0]['uuid'] = $_POST['phrase_uuid']; @@ -82,7 +87,7 @@ $phrase_language = $_POST["phrase_language"]; $phrase_enabled = $_POST["phrase_enabled"] ?: 'false'; $phrase_description = $_POST["phrase_description"]; - $phrase_details_delete = $_POST["phrase_details_delete"]; + $phrase_details_delete = $_POST["phrase_details_delete"] ?? ''; //clean the name $phrase_name = str_replace(" ", "_", $phrase_name); @@ -290,7 +295,7 @@ if (empty($phrase_enabled)) { $phrase_enabled = 'true'; } //get the phrase details - if (is_uuid($phrase_uuid)) { + if (!empty($phrase_uuid)) { $sql = "select * from v_phrase_details "; $sql .= "where domain_uuid = :domain_uuid "; $sql .= "and phrase_uuid = :phrase_uuid "; @@ -498,14 +503,14 @@ echo " \n"; echo " \n"; echo " \n"; - if ($phrase_details) { + if (!empty($phrase_details)) { echo " \n"; } echo " \n"; - if (is_array($phrase_details) && @sizeof($phrase_details) != 0) { + if (!empty($phrase_details)) { foreach($phrase_details as $x => $field) { //clean up output for display if ($field['phrase_detail_function'] == 'play-file' && substr($field['phrase_detail_data'], 0, 21) == '${lua streamfile.lua ') { diff --git a/app/phrases/phrases.php b/app/phrases/phrases.php index e3e8195ff9..69965e4f39 100644 --- a/app/phrases/phrases.php +++ b/app/phrases/phrases.php @@ -43,15 +43,21 @@ $language = new text; $text = $language->get(); +//set the defaults + $sql_search = ''; + +//add additional variables + $show = $_GET['show'] ?? ''; + //get posted data - if (is_array($_POST['phrases'])) { + if (!empty($_POST['phrases'])) { $action = $_POST['action']; $search = $_POST['search']; $phrases = $_POST['phrases']; } //process the http post data by action - if ($action != '' && is_array($phrases) && @sizeof($phrases) != 0) { + if (!empty($action) != '' && is_array($phrases)) { switch ($action) { case 'copy': if (permission_exists('phrase_add')) { @@ -81,11 +87,11 @@ } //get order and order by - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; //add the search term - $search = strtolower($_GET["search"]); + $search = strtolower($_GET["search"] ?? ''); if (!empty($search)) { $sql_search = "and ("; $sql_search .= "lower(phrase_name) like :search "; @@ -98,21 +104,21 @@ //get phrases record count $sql = "select count(*) from v_phrases "; $sql .= "where true "; - if ($_GET['show'] != "all" || !permission_exists('phrase_all')) { + if ($show != "all" || !permission_exists('phrase_all')) { $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; } $sql .= $sql_search; $database = new database; - $num_rows = $database->select($sql, $parameters, 'column'); + $num_rows = $database->select($sql, $parameters ?? null, 'column'); //prepare to page the results $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $param = "&search=".urlencode($search); - if ($_GET['show'] == "all" && permission_exists('phrase_all')) { + if ($show == "all" && permission_exists('phrase_all')) { $param .= "&show=all"; } - $page = is_numeric($_GET['page']) ? $_GET['page'] : 0; + $page = isset($_GET['page']) ? $_GET['page'] : 0; list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); $offset = $rows_per_page * $page; @@ -122,7 +128,7 @@ $sql .= order_by($order_by, $order, 'phrase_name', 'asc'); $sql .= limit_offset($rows_per_page, $offset); $database = new database; - $phrases = $database->select($sql, $parameters, 'all'); + $phrases = $database->select($sql, $parameters ?? null, 'all'); unset($sql, $parameters); //create token @@ -151,7 +157,7 @@ } echo "\n"; if (permission_exists('phrase_all')) { - if ($_GET['show'] == 'all') { + if ($show == 'all') { echo " "; } else { @@ -193,14 +199,14 @@ echo " \n"; echo " \n"; } - if ($_GET['show'] == "all" && permission_exists('phrase_all')) { + if ($show == "all" && permission_exists('phrase_all')) { echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, $param, "class='shrink'"); } echo th_order_by('phrase_name', $text['label-name'], $order_by, $order); echo th_order_by('phrase_language', $text['label-language'], $order_by, $order); echo th_order_by('phrase_enabled', $text['label-enabled'], $order_by, $order, null, "class='center'"); echo th_order_by('phrase_description', $text['label-description'], $order_by, $order, null, "class='hide-sm-dn' style='min-width: 40%;'"); - if (permission_exists('phrase_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + if (permission_exists('phrase_edit') && !empty($_SESSION['theme']['list_row_edit_button']['boolean']) && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { echo " \n"; } echo "\n"; diff --git a/app/recordings/recording_edit.php b/app/recordings/recording_edit.php index b3408ccdc1..7a7b1f7f6e 100644 --- a/app/recordings/recording_edit.php +++ b/app/recordings/recording_edit.php @@ -215,7 +215,7 @@ if (count($_POST) > 0 && empty($_POST["persistformvar"])) { echo " \n"; echo " \n"; echo "
\n"; - echo $text['message-file']."\n"; + //echo $text['message-file']."\n"; echo "\n"; echo "\n"; diff --git a/app/recordings/recordings.php b/app/recordings/recordings.php index 634e114b8e..8cd79b5ad8 100644 --- a/app/recordings/recordings.php +++ b/app/recordings/recordings.php @@ -41,8 +41,16 @@ $language = new text; $text = $language->get(); +//set the defaults + $sql_search = ''; + +//set additional variables + $a = $_GET["a"] ?? ''; + $search = $_GET["search"] ?? ''; + $show = $_GET['show'] ?? ''; + //download the recording - if ($_GET['a'] == "download" && (permission_exists('recording_play') || permission_exists('recording_download'))) { + if ($a == "download" && (permission_exists('recording_play') || permission_exists('recording_download'))) { if ($_GET['type'] = "rec") { //set the path for the directory $path = $_SESSION['switch']['recordings']['dir']."/".$_SESSION['domain_name']; @@ -113,7 +121,7 @@ //upload the recording if ( - $_POST['a'] == "upload" + $a == "upload" && permission_exists('recording_upload') && $_POST['type'] == 'rec' && is_uploaded_file($_FILES['file']['tmp_name']) @@ -166,7 +174,7 @@ $array_recordings[$row['recording_uuid']] = $row['recording_filename']; $array_base64_exists[$row['recording_uuid']] = ($row['recording_base64'] != '') ? true : false; //if not base64, convert back to local files and remove base64 from db - if ($_SESSION['recordings']['storage_type']['text'] != 'base64' && $row['recording_base64'] != '') { + if (!empty($_SESSION['recordings']['storage_type']['text']) != 'base64' && $row['recording_base64'] != '') { if (!file_exists($_SESSION['switch']['recordings']['dir'].'/'.$_SESSION['domain_name'].'/'.$row['recording_filename'])) { $recording_decoded = base64_decode($row['recording_base64']); file_put_contents($_SESSION['switch']['recordings']['dir'].'/'.$_SESSION['domain_name'].'/'.$row['recording_filename'], $recording_decoded); @@ -226,7 +234,7 @@ } else { //file found in db, check if base64 present - if ($_SESSION['recordings']['storage_type']['text'] == 'base64') { + if (!empty($_SESSION['recordings']['storage_type']['text']) == 'base64') { $found_recording_uuid = array_search($recording_filename, $array_recordings); if (!$array_base64_exists[$found_recording_uuid]) { $recording_base64 = base64_encode(file_get_contents($_SESSION['switch']['recordings']['dir'].'/'.$_SESSION['domain_name'].'/'.$recording_filename)); @@ -255,21 +263,21 @@ } //redirect - if ($_GET['rd'] != '') { + if ($_GET['rd'] ?? '') { header("Location: recordings.php"); exit; } } //get posted data - if (is_array($_POST['recordings'])) { + if (!empty($_POST['recordings'])) { $action = $_POST['action']; $search = $_POST['search']; $recordings = $_POST['recordings']; } //process the http post data by action - if ($action != '' && is_array($recordings) && @sizeof($recordings) != 0) { + if ($action ?? '' && is_array($recordings)) { switch ($action) { case 'delete': if (permission_exists('recording_delete')) { @@ -284,11 +292,11 @@ } //get order and order by - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; //add the search term - $search = strtolower($_GET["search"]); + $search = strtolower($search); if (!empty($search)) { $sql_search = "and ("; $sql_search .= "lower(recording_name) like :search "; @@ -301,7 +309,7 @@ //get total recordings from the database $sql = "select count(*) from v_recordings "; $sql .= "where true "; - if ($_GET['show'] != "all" || !permission_exists('conference_center_all')) { + if ($show != "all" || !permission_exists('conference_center_all')) { $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; } @@ -312,23 +320,23 @@ //prepare to page the results $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $param = "&search=".urlencode($search); - if ($_GET['show'] == "all" && permission_exists('recording_all')) { + if ($show == "all" && permission_exists('recording_all')) { $param .= "&show=all"; } $param .= "&order_by=".$order_by."&order=".$order; - $page = is_numeric($_GET['page']) ? $_GET['page'] : 0; + $page = isset($_GET['page']) ? $_GET['page'] : 0; list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); $offset = $rows_per_page * $page; //get the recordings from the database - if ($_SESSION['recordings']['storage_type']['text'] == 'base64') { + if (!empty($_SESSION['recordings']['storage_type']['text']) && $_SESSION['recordings']['storage_type']['text'] == 'base64') { switch ($db_type) { case 'pgsql': $sql_file_size = "length(decode(recording_base64,'base64')) as recording_size, "; break; case 'mysql': $sql_file_size = "length(from_base64(recording_base64)) as recording_size, "; break; } } - $sql = str_replace('count(*)', 'recording_uuid, domain_uuid, recording_filename, '.$sql_file_size.' recording_name, recording_description', $sql); + $sql = str_replace('count(*)', 'recording_uuid, domain_uuid, recording_filename, '.!empty($sql_file_size).' recording_name, recording_description', $sql); $sql .= order_by($order_by, $order, 'recording_name', 'asc'); $sql .= limit_offset($rows_per_page, $offset); $database = new database; @@ -337,7 +345,7 @@ //get current recordings password if (permission_exists('recording_password')) { - if (is_numeric($_SESSION['recordings']['recording_password']['numeric'])) { + if (isset($_SESSION['recordings']['recording_password']['numeric'])) { $recording_password = $_SESSION['recordings']['recording_password']['numeric']; } else { @@ -405,7 +413,7 @@ } echo "\n"; if (permission_exists('recording_all')) { - if ($_GET['show'] == 'all') { + if ($show == 'all') { echo " "; } else { @@ -444,16 +452,16 @@ $col_count = 0; if (permission_exists('recording_delete')) { echo " \n"; $col_count++; } - if ($_GET['show'] == "all" && permission_exists('recording_all')) { + if ($show == "all" && permission_exists('recording_all')) { echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, $param, "class='shrink'"); } echo th_order_by('recording_name', $text['label-recording_name'], $order_by, $order); $col_count++; - if ($_SESSION['recordings']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['recordings']['storage_type']['text']) != 'base64') { echo th_order_by('recording_filename', $text['label-file_name'], $order_by, $order, null, "class='hide-md-dn'"); $col_count++; } @@ -461,14 +469,14 @@ echo "\n"; $col_count++; } - echo "\n"; + echo "\n"; $col_count++; - if ($_SESSION['recordings']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['recordings']['storage_type']['text']) != 'base64') { echo "\n"; $col_count++; } echo th_order_by('recording_description', $text['label-description'], $order_by, $order, null, "class='hide-sm-dn pct-25'"); - if (permission_exists('recording_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + if (permission_exists('recording_edit') && !empty($_SESSION['theme']['list_row_edit_button']['boolean']) == 'true') { echo " \n"; } echo "\n"; @@ -491,7 +499,7 @@ echo " \n"; echo " \n"; } - if ($_GET['show'] == "all" && permission_exists('recording_all')) { + if ($show == "all" && permission_exists('recording_all')) { if (!empty($_SESSION['domains'][$row['domain_uuid']]['domain_name'])) { $domain = $_SESSION['domains'][$row['domain_uuid']]['domain_name']; } @@ -508,7 +516,7 @@ echo escape($row['recording_name']); } echo " \n"; - if ($_SESSION['recordings']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['recordings']['storage_type']['text']) && $_SESSION['recordings']['storage_type']['text'] != 'base64') { echo " \n"; } if (permission_exists('recording_play') || permission_exists('recording_download')) { @@ -530,7 +538,7 @@ } echo " \n"; } - if ($_SESSION['recordings']['storage_type']['text'] == 'base64') { + if (!empty($_SESSION['recordings']['storage_type']['text']) && $_SESSION['recordings']['storage_type']['text'] == 'base64') { $file_size = byte_convert($row['recording_size']); echo " \n"; } @@ -548,7 +556,7 @@ echo " \n"; } echo " \n"; - if (permission_exists('recording_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + if (permission_exists('recording_edit') && !empty($_SESSION['theme']['list_row_edit_button']['boolean']) && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { echo " \n"; diff --git a/app/registrations/resources/classes/registrations.php b/app/registrations/resources/classes/registrations.php index 249f6431de..10fe6f1c23 100644 --- a/app/registrations/resources/classes/registrations.php +++ b/app/registrations/resources/classes/registrations.php @@ -56,10 +56,6 @@ if (!class_exists('registrations')) { */ public function get($profile = 'all') { - //add multi-lingual support - $language = new text; - $text = $language->get(); - //initialize the id used in the registrations array $id = 0; @@ -84,7 +80,7 @@ if (!class_exists('registrations')) { $xml_response = trim(event_socket_request($fp, $cmd)); if (function_exists('iconv')) { $xml_response = iconv("utf-8", "utf-8//IGNORE", $xml_response); } $xml_response = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/u', '', $xml_response); - if ($xml_response == "Invalid Profile!") { $xml_response = "".$text['label-message'].""; } + if ($xml_response == "Invalid Profile!") { $xml_response = "".!empty($text['label-message']).""; } $xml_response = str_replace("", "", $xml_response); $xml_response = str_replace("", "", $xml_response); $xml_response = str_replace("<", "", $xml_response); @@ -247,7 +243,6 @@ if (!class_exists('registrations')) { if (is_array($records) && @sizeof($records) != 0) { foreach($records as $record) { if ( - !empty($record['checked']) && $record['checked'] == 'true' && $record['user'] != '' && $record['profile'] != ''
\n"; $block .= " ".escape($ext['call_length'])."
\n"; diff --git a/app/music_on_hold/music_on_hold.php b/app/music_on_hold/music_on_hold.php index a7b878de6f..b73335a3a6 100644 --- a/app/music_on_hold/music_on_hold.php +++ b/app/music_on_hold/music_on_hold.php @@ -46,10 +46,14 @@ $language = new text; $text = $language->get(); +//add additional variables + $search = $_GET["search"] ?? ''; + $show = $_GET['show'] ?? ''; + //get the music_on_hold array $sql = "select * from v_music_on_hold "; $sql .= "where true "; - if ($_GET['show'] != "all" || !permission_exists('music_on_hold_all')) { + if ($show != "all" || !permission_exists('music_on_hold_all')) { $sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; } @@ -58,17 +62,17 @@ } $sql .= "order by domain_uuid desc, music_on_hold_name asc, music_on_hold_rate asc"; $database = new database; - $streams = $database->select($sql, $parameters, 'all'); + $streams = $database->select($sql, $parameters ?? null, 'all'); unset($sql, $parameters); //get the http post data - if (is_array($_POST['moh'])) { + if (!empty($_POST['moh'])) { $action = $_POST['action']; $moh = $_POST['moh']; } //process the http post data by action - if ($action != '' && is_array($moh) && @sizeof($moh) != 0) { + if (!empty($action) && !empty($moh)) { switch ($action) { case 'delete': if (permission_exists('music_on_hold_delete')) { @@ -82,11 +86,15 @@ exit; } +//get order and order by and sanitize the values + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; + //download music on hold file - if ($_GET['action'] == "download" + if (!empty($_GET['action']) + && $_GET['action'] == "download" && is_uuid($_GET['id']) - && is_array($streams) - && @sizeof($streams) != 0) { + && !empty($streams)) { //get the uuid $stream_uuid = $_GET['id']; @@ -148,8 +156,8 @@ } //upload music on hold file - if ($_POST['action'] == 'upload' - && is_array($_FILES) + if (!empty($_POST['action']) && $_POST['action'] == 'upload' + && !empty($_FILES) && is_uploaded_file($_FILES['file']['tmp_name']) ) { @@ -162,7 +170,7 @@ } //determine name - if ($_POST['name_new'] != '') { + if (!empty($_POST['name_new'])) { //set the action $action = 'add'; //get the stream_name @@ -174,7 +182,7 @@ //get the stream uuid $stream_uuid = $_POST['name']; //find the matching stream - if (is_array($streams) && @sizeof($streams) != 0) { + if (!empty($streams) && @sizeof($streams) != 0) { foreach ($streams as $row) { if ($stream_uuid == $row['music_on_hold_uuid']) { //set the action @@ -237,7 +245,7 @@ //find whether the path already exists $stream_new_name = true; - if (is_array($streams) && @sizeof($streams) != 0) { + if (!empty($streams) && @sizeof($streams) != 0) { foreach ($streams as $row) { $alternate_path = str_replace('$${sounds_dir}', $_SESSION['switch']['sounds']['dir'], $row['music_on_hold_path']); if ($stream_path == $row['music_on_hold_path'] || $stream_path == $alternate_path) { @@ -364,7 +372,7 @@ echo "
".$text['title-music_on_hold']."
\n"; echo "
\n"; if (permission_exists('music_on_hold_add')) { - $modify_add_action = !is_array($streams) || @sizeof($streams) == 0 ? "name_mode('new'); $('#btn_select').hide();" : null; //hide categories select box when none exist + $modify_add_action = empty($streams) || @sizeof($streams) == 0 ? "name_mode('new'); $('#btn_select').hide();" : null; //hide categories select box when none exist echo "
\n"; echo "\n"; echo "\n"; @@ -377,7 +385,7 @@ if (permission_exists('music_on_hold_domain')) { echo " \n"; - if (is_array($streams) && @sizeof($streams) != 0) { + if (!empty($streams) && @sizeof($streams) != 0) { foreach ($streams as $row) { if (empty($row['domain_uuid'])) { if (empty($row['music_on_hold_rate'])) { $option_name = $row['music_on_hold_name']; } @@ -389,7 +397,7 @@ echo " \n"; } $local_found = false; - if (is_array($streams) && @sizeof($streams) != 0) { + if (!empty($streams) && @sizeof($streams) != 0) { foreach ($streams as $row) { if (is_uuid($row['domain_uuid'])) { $local_found = true; @@ -401,7 +409,7 @@ if (permission_exists('music_on_hold_domain')) { echo " \n"; } - if (is_array($streams) && @sizeof($streams) != 0) { + if (!empty($streams) && @sizeof($streams) != 0) { foreach ($streams as $row) { if (!empty($row['domain_uuid'])) { if (empty($row['music_on_hold_rate'])) { $option_name = $row['music_on_hold_name']; } @@ -424,7 +432,7 @@ echo " \n"; echo " \n"; echo ""; - echo button::create(['type'=>'button','title'=>$text['label-new'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_new','onclick'=>"name_mode('new');"]); + echo button::create(['type'=>'button','title'=>!empty($text['label-new']),'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_new','onclick'=>"name_mode('new');"]); echo button::create(['type'=>'button','title'=>$text['label-select'],'icon'=>'list','id'=>'btn_select','style'=>'display: none;','onclick'=>"name_mode('select');"]); //file echo ""; @@ -436,11 +444,11 @@ echo "
"; } if (permission_exists('music_on_hold_all')) { - if ($_GET['show'] == 'all') { + if ($show == 'all') { echo " "; } else { - echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?type=&show=all'.($search != '' ? "&search=".urlencode($search) : null)]); + echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?type=&show=all'.(!empty($search) ? "&search=".urlencode($search) : null)]); } } if (permission_exists('music_on_hold_delete') && $streams) { @@ -461,7 +469,7 @@ echo "\n"; //show the array of data - if (is_array($streams) && @sizeof($streams) != 0) { + if (!empty($streams) && @sizeof($streams) != 0) { $previous_name = ''; //loop through the array @@ -493,7 +501,7 @@ $stream_icons[$i]['title'] = $text['label-shuffle']; $i++; } - if ($row['music_on_hold_chime_list'] != '') { + if (!empty($row['music_on_hold_chime_list'])) { $stream_icons[$i]['icon'] = 'fa-bell'; $stream_icons[$i]['title'] = $text['label-chime_list'].': '.$row['music_on_hold_chime_list']; $i++; @@ -504,9 +512,10 @@ $stream_icons[$i]['margin'] = 6; $i++; } - if (is_array($stream_icons) && sizeof($stream_icons) > 0) { + if (!empty($stream_icons)) { + $icons = ''; foreach ($stream_icons as $stream_icon) { - $icons .= ""; + $icons .= ""; } } @@ -534,8 +543,8 @@ echo " \n"; echo " \n"; } - if ($_GET['show'] == "all" && permission_exists('music_on_hold_all')) { - echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, $param, "class='shrink'"); + if ($show == "all" && permission_exists('music_on_hold_all')) { + echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, $param ?? null, "class='shrink'"); } echo "
".$stream_details."".$text['label-tools']."".$text['label-function']."".$text['label-action']."".$text['label-order']."\n"; echo " ".$text['label-delete']."\n"; echo " \n"; echo "
 
\n"; - echo " \n"; + echo " \n"; echo " ".$text['label-tools']."".($_SESSION['recordings']['storage_type']['text'] == 'base64' ? $text['label-size'] : $text['label-file_size'])."".(!empty($_SESSION['recordings']['storage_type']['text']) == 'base64' ? $text['label-size'] : $text['label-file_size'])."".$text['label-uploaded']." 
".str_replace('_', '_​', escape($row['recording_filename']))."".$file_size."".$file_date."".escape($row['recording_description'])." "; echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo "