Update database_transactions.php (#4264)
* Update database_transactions.php * Update database_transactions.php
This commit is contained in:
AlexanderDCrane
FusionPBX
parent
51fcd89756
commit
a3e0f5e94f
|
|
@ -46,14 +46,29 @@
|
|||
$order_by = check_str($_GET["order_by"]);
|
||||
$order = check_str($_GET["order"]);
|
||||
|
||||
//validate order by
|
||||
if (strlen($order_by) > 0) {
|
||||
$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', $order_by);
|
||||
}
|
||||
|
||||
//validate the order
|
||||
switch ($order) {
|
||||
case 'asc':
|
||||
break;
|
||||
case 'desc':
|
||||
break;
|
||||
default:
|
||||
$order = '';
|
||||
}
|
||||
|
||||
//add the search term
|
||||
$search = strtolower(check_str($_GET["search"]));
|
||||
if (strlen($search) > 0) {
|
||||
$sql_search = "and (";
|
||||
$sql_search .= " lower(transaction_code) like '%".$search."%' ";
|
||||
$sql_search .= " or lower(transaction_address) like '%".$search."%' ";
|
||||
$sql_search .= " or lower(transaction_type) like '%".$search."%' ";
|
||||
$sql_search .= " or lower(app_name) like '%".$search."%' ";
|
||||
$sql_search .= " lower(transaction_code) like :search ";
|
||||
$sql_search .= " or lower(transaction_address) like :search ";
|
||||
$sql_search .= " or lower(transaction_type) like :search ";
|
||||
$sql_search .= " or lower(app_name) like :search ";
|
||||
$sql_search .= ") ";
|
||||
}
|
||||
|
||||
|
|
@ -63,20 +78,14 @@
|
|||
|
||||
//prepare to page the results
|
||||
$sql = "select count(database_transaction_uuid) as num_rows from v_database_transactions ";
|
||||
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$sql .= $sql_search;
|
||||
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
|
||||
$prep_statement = $db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
if ($row['num_rows'] > 0) {
|
||||
$num_rows = $row['num_rows'];
|
||||
}
|
||||
else {
|
||||
$num_rows = '0';
|
||||
}
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
if (strlen($search) > 0) {
|
||||
$parameters['search'] = '%'.$search.'%';
|
||||
}
|
||||
$database = new database;
|
||||
$num_rows = $database->select($sql, $parameters, 'column');
|
||||
|
||||
//prepare to page the results
|
||||
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
|
||||
|
|
@ -93,7 +102,7 @@
|
|||
$sql .= "from v_database_transactions as t ";
|
||||
$sql .= "LEFT OUTER JOIN v_domains as d USING (domain_uuid) ";
|
||||
$sql .= "LEFT OUTER JOIN v_users as u USING (user_uuid) ";
|
||||
$sql .= "where t.domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
||||
$sql .= "where t.domain_uuid = :domain_uuid ";
|
||||
$sql .= $sql_search;
|
||||
if (strlen($order_by) == 0) {
|
||||
$sql .= "order by transaction_date desc ";
|
||||
|
|
@ -101,11 +110,11 @@
|
|||
else {
|
||||
$sql .= "order by $order_by $order ";
|
||||
}
|
||||
$sql .= "limit $rows_per_page offset $offset ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
unset ($prep_statement, $sql);
|
||||
$sql .= "limit :rows_per_page offset :offset ";
|
||||
$parameters['rows_per_page'] = $rows_per_page;
|
||||
$parameters['offset'] = $offset;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
|
||||
//alternate the row style
|
||||
$c = 0;
|
||||
|
|
|
|||
Loading…
Reference in New Issue