dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Access controls php 8.1 changes (#6717) 

* Update access_control_edit.php

* Update access_controls.php
This commit is contained in:
Alex 2023-05-24 17:13:53 -06:00 committed by GitHub
parent 843b9b4377
commit 9f84d64981
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
app/access_controls/access_control_edit.php
View File

@ -43,13 +43,14 @@
$text = $language->get(); $text = $language->get();
//action add or update //action add or update
if (is_uuid($_REQUEST["id"])) { if (!empty($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) {
$action = "update"; $action = "update";
$access_control_uuid = $_REQUEST["id"]; $access_control_uuid = $_REQUEST["id"];
$id = $_REQUEST["id"]; $id = $_REQUEST["id"];
} }
else { else {
$action = "add"; $action = "add";
$access_control_uuid = uuid();
} }
//get http post variables and set them to php variables //get http post variables and set them to php variables
@ -151,11 +152,6 @@
return; return;
} }
//add the access_control_uuid
if (!is_uuid($_POST["access_control_uuid"])) {
$access_control_uuid = uuid();
}
//prepare the array //prepare the array
$array['access_controls'][0]['access_control_uuid'] = $access_control_uuid; $array['access_controls'][0]['access_control_uuid'] = $access_control_uuid;
$array['access_controls'][0]['access_control_name'] = $access_control_name; $array['access_controls'][0]['access_control_name'] = $access_control_name;
@ -231,14 +227,19 @@
} }
} }
//set default values
$access_control_name = '';
$access_control_default = '';
$access_control_description = '';
//pre-populate the form //pre-populate the form
if (is_array($_GET) && $_POST["persistformvar"] != "true") { if (!empty($access_control_uuid) && is_uuid($access_control_uuid) && empty($_POST["persistformvar"])) {
$sql = "select * from v_access_controls "; $sql = "select * from v_access_controls ";
$sql .= "where access_control_uuid = :access_control_uuid "; $sql .= "where access_control_uuid = :access_control_uuid ";
$parameters['access_control_uuid'] = $access_control_uuid; $parameters['access_control_uuid'] = $access_control_uuid;
$database = new database; $database = new database;
$row = $database->select($sql, $parameters, 'row'); $row = $database->select($sql, $parameters, 'row');
if (is_array($row) && @sizeof($row) != 0) { if (!empty($row) && count($row) > 0) {
$access_control_name = $row["access_control_name"]; $access_control_name = $row["access_control_name"];
$access_control_default = $row["access_control_default"]; $access_control_default = $row["access_control_default"];
$access_control_description = $row["access_control_description"]; $access_control_description = $row["access_control_description"];
@ -247,7 +248,7 @@
} }
//get the child data //get the child data
if (is_uuid($access_control_uuid)) { if (!empty($access_control_uuid) && is_uuid($access_control_uuid)) {
$sql = "select * from v_access_control_nodes "; $sql = "select * from v_access_control_nodes ";
$sql .= "where access_control_uuid = :access_control_uuid "; $sql .= "where access_control_uuid = :access_control_uuid ";
$sql .= "order by node_cidr asc"; $sql .= "order by node_cidr asc";
@ -258,19 +259,19 @@
} }
//add the $access_control_node_uuid //add the $access_control_node_uuid
if (!is_uuid($access_control_node_uuid)) { if (empty($access_control_node_uuid)) {
$access_control_node_uuid = uuid(); $access_control_node_uuid = uuid();
} }
//add an empty row //add an empty row
if (is_array($access_control_nodes) && @sizeof($access_control_nodes) != 0) { if (!empty($access_control_nodes) && count($access_control_nodes) > 0) {
$x = count($access_control_nodes); $x = count($access_control_nodes);
} }
else { else {
$access_control_nodes = array(); $access_control_nodes = array();
$x = 0; $x = 0;
} }
$access_control_nodes[$x]['access_control_uuid'] = $access_control_uuid; $access_control_nodes[$x]['access_control_uuid'] = $access_control_uuid ?? '';
$access_control_nodes[$x]['access_control_node_uuid'] = uuid(); $access_control_nodes[$x]['access_control_node_uuid'] = uuid();
$access_control_nodes[$x]['node_type'] = ''; $access_control_nodes[$x]['node_type'] = '';
$access_control_nodes[$x]['node_cidr'] = ''; $access_control_nodes[$x]['node_cidr'] = '';

43
app/access_controls/access_controls.php
View File

@ -45,15 +45,21 @@
$language = new text; $language = new text;
$text = $language->get(); $text = $language->get();
//define variable
$search = '';
//set from session variables
$list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false';
//get the http post data //get the http post data
if (is_array($_POST['access_controls'])) { if (!empty($_POST['access_controls'])) {
$action = $_POST['action']; $action = $_POST['action'] ?? '';
$search = $_POST['search']; $search = $_POST['search'] ?? '';
$access_controls = $_POST['access_controls']; $access_controls = $_POST['access_controls'];
} }
//process the http post data by action //process the http post data by action
if ($action != '' && is_array($access_controls) && @sizeof($access_controls) != 0) { if (!empty($action) && !empty($access_controls) && count($access_controls) > 0) {
//validate the token //validate the token
$token = new token; $token = new token;
@ -95,13 +101,13 @@
} }
//redirect the user //redirect the user
header('Location: access_controls.php'.($search != '' ? '?search='.urlencode($search) : null)); header('Location: access_controls.php'.(!empty($search) ? '?search='.urlencode($search) : null));
exit; exit;
} }
//get order and order by //get order and order by
$order_by = $_GET["order_by"]; $order_by = $_GET["order_by"] ?? '';
$order = $_GET["order"]; $order = $_GET["order"] ?? '';
//add the search //add the search
if (isset($_GET["search"])) { if (isset($_GET["search"])) {
@ -112,7 +118,7 @@
//get the count //get the count
$sql = "select count(access_control_uuid) "; $sql = "select count(access_control_uuid) ";
$sql .= "from v_access_controls "; $sql .= "from v_access_controls ";
if (isset($_GET["search"])) { if (!empty($search)) {
$sql .= "where ("; $sql .= "where (";
$sql .= " lower(access_control_name) like :search "; $sql .= " lower(access_control_name) like :search ";
$sql .= " or lower(access_control_default) like :search "; $sql .= " or lower(access_control_default) like :search ";
@ -120,7 +126,7 @@
$sql .= ") "; $sql .= ") ";
} }
$database = new database; $database = new database;
$num_rows = $database->select($sql, $parameters, 'column'); $num_rows = $database->select($sql, $parameters ?? '', 'column');
//get the list //get the list
$sql = "select "; $sql = "select ";
@ -129,7 +135,7 @@
$sql .= "access_control_default, "; $sql .= "access_control_default, ";
$sql .= "access_control_description "; $sql .= "access_control_description ";
$sql .= "from v_access_controls "; $sql .= "from v_access_controls ";
if (isset($_GET["search"])) { if (!empty($search)) {
$sql .= "where ("; $sql .= "where (";
$sql .= " lower(access_control_name) like :search "; $sql .= " lower(access_control_name) like :search ";
$sql .= " or lower(access_control_default) like :search "; $sql .= " or lower(access_control_default) like :search ";
@ -137,9 +143,8 @@
$sql .= ") "; $sql .= ") ";
} }
$sql .= order_by($order_by, $order, 'access_control_name', 'asc'); $sql .= order_by($order_by, $order, 'access_control_name', 'asc');
$sql .= limit_offset($rows_per_page, $offset);
$database = new database; $database = new database;
$access_controls = $database->select($sql, $parameters, 'all'); $access_controls = $database->select($sql, $parameters ?? '', 'all');
unset($sql, $parameters); unset($sql, $parameters);
//create token //create token
@ -154,7 +159,7 @@
echo "<div class='action_bar' id='action_bar'>\n"; echo "<div class='action_bar' id='action_bar'>\n";
echo " <div class='heading'><b>".$text['title-access_controls']." (".$num_rows.")</b></div>\n"; echo " <div class='heading'><b>".$text['title-access_controls']." (".$num_rows.")</b></div>\n";
echo " <div class='actions'>\n"; echo " <div class='actions'>\n";
echo button::create(['label'=>$text['button-reload'],'icon'=>$_SESSION['theme']['button_icon_reload'],'type'=>'button','id'=>'button_reload','link'=>'access_controls_reload.php'.($search != '' ? '?search='.urlencode($search) : null),'style'=>'margin-right: 15px;']); echo button::create(['label'=>$text['button-reload'],'icon'=>$_SESSION['theme']['button_icon_reload'],'type'=>'button','id'=>'button_reload','link'=>'access_controls_reload.php'.(!empty($search) ? '?search='.urlencode($search) : null),'style'=>'margin-right: 15px;']);
if (permission_exists('access_control_add')) { if (permission_exists('access_control_add')) {
echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','name'=>'btn_add','link'=>'access_control_edit.php']); echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','name'=>'btn_add','link'=>'access_control_edit.php']);
} }
@ -168,9 +173,6 @@
echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>"; echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>";
echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search']); echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search']);
//echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'access_controls.php','style'=>($search == '' ? 'display: none;' : null)]); //echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'access_controls.php','style'=>($search == '' ? 'display: none;' : null)]);
if ($paging_controls_mini != '') {
echo "<span style='margin-left: 15px;'>".$paging_controls_mini."</span>\n";
}
echo " </form>\n"; echo " </form>\n";
echo " </div>\n"; echo " </div>\n";
echo " <div style='clear: both;'></div>\n"; echo " <div style='clear: both;'></div>\n";
@ -194,18 +196,18 @@
echo "<tr class='list-header'>\n"; echo "<tr class='list-header'>\n";
if (permission_exists('access_control_add') || permission_exists('access_control_edit') || permission_exists('access_control_delete')) { if (permission_exists('access_control_add') || permission_exists('access_control_edit') || permission_exists('access_control_delete')) {
echo " <th class='checkbox'>\n"; echo " <th class='checkbox'>\n";
echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle(); checkbox_on_change(this);' ".($access_controls ?: "style='visibility: hidden;'").">\n"; echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle(); checkbox_on_change(this);' ".(!empty($access_controls) ?: "style='visibility: hidden;'").">\n";
echo " </th>\n"; echo " </th>\n";
} }
echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order); echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order);
echo th_order_by('access_control_default', $text['label-access_control_default'], $order_by, $order); echo th_order_by('access_control_default', $text['label-access_control_default'], $order_by, $order);
echo " <th class='hide-sm-dn'>".$text['label-access_control_description']."</th>\n"; echo " <th class='hide-sm-dn'>".$text['label-access_control_description']."</th>\n";
if (permission_exists('access_control_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { if (permission_exists('access_control_edit') && $list_row_edit_button == 'true') {
echo " <td class='action-button'>&nbsp;</td>\n"; echo " <td class='action-button'>&nbsp;</td>\n";
} }
echo "</tr>\n"; echo "</tr>\n";
if (is_array($access_controls) && @sizeof($access_controls) != 0) { if (!empty($access_controls) && count($access_controls) > 0) {
$x = 0; $x = 0;
foreach ($access_controls as $row) { foreach ($access_controls as $row) {
if (permission_exists('access_control_edit')) { if (permission_exists('access_control_edit')) {
@ -228,7 +230,7 @@
echo " </td>\n"; echo " </td>\n";
echo " <td>".escape($row['access_control_default'])."</td>\n"; echo " <td>".escape($row['access_control_default'])."</td>\n";
echo " <td class='description overflow hide-sm-dn'>".escape($row['access_control_description'])."</td>\n"; echo " <td class='description overflow hide-sm-dn'>".escape($row['access_control_description'])."</td>\n";
if (permission_exists('access_control_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { if (permission_exists('access_control_edit') && $list_row_edit_button == 'true') {
echo " <td class='action-button'>\n"; echo " <td class='action-button'>\n";
echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
echo " </td>\n"; echo " </td>\n";
@ -241,7 +243,6 @@
echo "</table>\n"; echo "</table>\n";
echo "<br />\n"; echo "<br />\n";
echo "<div align='center'>".$paging_controls."</div>\n";
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n"; echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";