From a5718bc435ee33cd62a5c69af7dd45ed528567c3 Mon Sep 17 00:00:00 2001
From: Nate <github@najo.com>
Date: Fri, 9 Aug 2019 10:23:44 -0600
Subject: [PATCH] Modules: Database class integration.

---
 app/modules/app_defaults.php  |  24 ++++----
 app/modules/module_delete.php |  30 ++++++----
 app/modules/module_edit.php   | 109 ++++++++++++++--------------------
 app/modules/modules.php       |   8 ++-
 4 files changed, 82 insertions(+), 89 deletions(-)

diff --git a/app/modules/app_defaults.php b/app/modules/app_defaults.php
index 84c4bd61e7..7c4f6ce271 100644
--- a/app/modules/app_defaults.php
+++ b/app/modules/app_defaults.php
@@ -39,21 +39,25 @@
 		//add the access control list to the database
 			$sql = "select * from v_modules ";
 			$sql .= "where module_order is null ";
-			$prep_statement = $db->prepare($sql);
-			if ($prep_statement) {
-				$prep_statement->execute();
-				$modules = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
-				foreach ($modules as &$row) {
+			$database = new database;
+			$modules = $database->select($sql, null, 'all');
+			if (is_array($modules) && @sizeof($modules) != 0) {
+				foreach ($modules as $index => &$row) {
 					//get the module details
 						$mod = $module->info($row['module_name']);
 					//update the module order
-						$sql = "update v_modules set ";
-						$sql .= "module_order = '".$mod['module_order']."' ";
-						$sql .= "where module_uuid = '".$row['module_uuid']."' ";
-						$db->exec(check_sql($sql));
-						unset($sql);
+						$array['modules'][$index]['module_uuid'] = $row['module_uuid'];
+						$array['modules'][$index]['module_order'] = $mod['module_order'];
+				}
+				if (is_array($array) && @sizeof($array) != 0) {
+					$database = new database;
+					$database->app_name = 'modules';
+					$database->app_uuid = '5eb9cba1-8cb6-5d21-e36a-775475f16b5e';
+					$database->save($array);
+					unset($array);
 				}
 			}
+			unset($sql, $modules, $index, $row);
 
 		//use the module class to get the list of modules from the db and add any missing modules
 			if (isset($_SESSION['switch']['mod']['dir'])) {
diff --git a/app/modules/module_delete.php b/app/modules/module_delete.php
index 678412a36f..f1d1d3d408 100644
--- a/app/modules/module_delete.php
+++ b/app/modules/module_delete.php
@@ -39,20 +39,26 @@ else {
 	$text = $language->get();
 
 //get the id
-	if (count($_GET)>0) {
-		$id = $_GET["id"];
-	}
+	$module_uuid = $_GET["id"];
+
+if (is_uuid($module_uuid)) {
+
+	//delete module
+		$array['modules'][0]['module_uuid'] = $module_uuid;
+
+		$database = new database;
+		$database->app_name = 'modules';
+		$database->app_uuid = '5eb9cba1-8cb6-5d21-e36a-775475f16b5e';
+		$database->delete($array);
+		unset($array);
+
+	//set message
+		message::add($text['message-delete']);
 
-if (strlen($id)>0) {
-	$sql = "delete from v_modules ";
-	$sql .= "where module_uuid = '$id' ";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	unset($sql);
 }
 
-message::add($text['message-delete']);
-header("Location: modules.php");
-return;
+//redirect
+	header("Location: modules.php");
+	exit;
 
 ?>
\ No newline at end of file
diff --git a/app/modules/module_edit.php b/app/modules/module_edit.php
index 004648f102..a9aac9abf8 100644
--- a/app/modules/module_edit.php
+++ b/app/modules/module_edit.php
@@ -43,9 +43,9 @@
 	$text = $language->get();
 
 //determin the action add or update
-	if (isset($_REQUEST["id"])) {
+	if (is_uuid($_REQUEST["id"])) {
 		$action = "update";
-		$module_uuid = check_str($_REQUEST["id"]);
+		$module_uuid = $_REQUEST["id"];
 	}
 	else {
 		$action = "add";
@@ -53,13 +53,13 @@
 
 //set the http post variables to php variables
 	if (count($_POST)>0) {
-		$module_label = check_str($_POST["module_label"]);
-		$module_name = check_str($_POST["module_name"]);
-		$module_description = check_str($_POST["module_description"]);
-		$module_category = check_str($_POST["module_category"]);
-		$module_order = check_str($_POST["module_order"]);
-		$module_enabled = check_str($_POST["module_enabled"]);
-		$module_default_enabled = check_str($_POST["module_default_enabled"]);
+		$module_label = $_POST["module_label"];
+		$module_name = $_POST["module_name"];
+		$module_description = $_POST["module_description"];
+		$module_category = $_POST["module_category"];
+		$module_order = $_POST["module_order"];
+		$module_enabled = $_POST["module_enabled"];
+		$module_default_enabled = $_POST["module_default_enabled"];
 	}
 
 //process the data
@@ -67,7 +67,7 @@
 
 		//get the uuid
 			if ($action == "update") {
-				$module_uuid = check_str($_POST["module_uuid"]);
+				$module_uuid = $_POST["module_uuid"];
 			}
 
 		//check for all required data
@@ -95,71 +95,52 @@
 			if ($_POST["persistformvar"] != "true") {
 				if ($action == "add" && permission_exists('module_add')) {
 					$module_uuid = uuid();
-					$sql = "insert into v_modules ";
-					$sql .= "(";
-					$sql .= "module_uuid, ";
-					$sql .= "module_label, ";
-					$sql .= "module_name, ";
-					$sql .= "module_description, ";
-					$sql .= "module_category, ";
-					$sql .= "module_order, ";
-					$sql .= "module_enabled, ";
-					$sql .= "module_default_enabled ";
-					$sql .= ")";
-					$sql .= "values ";
-					$sql .= "(";
-					$sql .= "'$module_uuid', ";
-					$sql .= "'$module_label', ";
-					$sql .= "'$module_name', ";
-					$sql .= "'$module_description', ";
-					$sql .= "'$module_category', ";
-					$sql .= "'$module_order', ";
-					$sql .= "'$module_enabled', ";
-					$sql .= "'$module_default_enabled' ";
-					$sql .= ")";
-					$db->exec(check_sql($sql));
-					unset($sql);
-
-					$module = new modules;;
-					$module->xml();
+					$array['modules'][0]['module_uuid'] = $module_uuid;
 
 					message::add($text['message-add']);
-					header("Location: modules.php");
-					return;
-				} //if ($action == "add")
+				}
 
 				if ($action == "update" && permission_exists('module_edit')) {
-					$sql = "update v_modules set ";
-					$sql .= "module_label = '$module_label', ";
-					$sql .= "module_name = '$module_name', ";
-					$sql .= "module_description = '$module_description', ";
-					$sql .= "module_category = '$module_category', ";
-					$sql .= "module_order = '$module_order', ";
-					$sql .= "module_enabled = '$module_enabled', ";
-					$sql .= "module_default_enabled = '$module_default_enabled' ";
-					$sql .= "where module_uuid = '$module_uuid' ";
-					$db->exec(check_sql($sql));
-					unset($sql);
-
-					$module = new modules;;
-					$module->xml();
+					$array['modules'][0]['module_uuid'] = $module_uuid;
 
 					message::add($text['message-update']);
+				}
+
+				//add common array elements and execute
+				if (is_array($array) && @sizeof($array) != 0) {
+					$array['modules'][0]['module_label'] = $module_label;
+					$array['modules'][0]['module_name'] = $module_name;
+					$array['modules'][0]['module_description'] = $module_description;
+					$array['modules'][0]['module_category'] = $module_category;
+					$array['modules'][0]['module_order'] = $module_order;
+					$array['modules'][0]['module_enabled'] = $module_enabled;
+					$array['modules'][0]['module_default_enabled'] = $module_default_enabled;
+
+					$database = new database;
+					$database->app_name = 'modules';
+					$database->app_uuid = '5eb9cba1-8cb6-5d21-e36a-775475f16b5e';
+					$database->save($array);
+					unset($array);
+
+					$module = new modules;
+					$module->xml();
+
 					header("Location: modules.php");
-					return;
-				} //if ($action == "update")
-			} //if ($_POST["persistformvar"] != "true")
-	} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
+					exit;
+				}
+			}
+
+	}
 
 //pre-populate the form
 	if (count($_GET)>0 && $_POST["persistformvar"] != "true") {
 		$module_uuid = $_GET["id"];
 		$sql = "select * from v_modules ";
-		$sql .= "where module_uuid = '$module_uuid' ";
-		$prep_statement = $db->prepare(check_sql($sql));
-		$prep_statement->execute();
-		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-		foreach ($result as &$row) {
+		$sql .= "where module_uuid = :module_uuid ";
+		$parameters['module_uuid'] = $module_uuid;
+		$database = new database;
+		$row = $database->select($sql, $parameters, 'row');
+		if (is_array($row) && @sizeof($row) != 0) {
 			$module_label = $row["module_label"];
 			$module_name = $row["module_name"];
 			$module_description = $row["module_description"];
@@ -168,7 +149,7 @@
 			$module_enabled = $row["module_enabled"];
 			$module_default_enabled = $row["module_default_enabled"];
 		}
-		unset ($prep_statement);
+		unset($sql, $parameters, $row);
 	}
 
 //show the header
diff --git a/app/modules/modules.php b/app/modules/modules.php
index 4160bc8121..fab42325a5 100644
--- a/app/modules/modules.php
+++ b/app/modules/modules.php
@@ -70,6 +70,8 @@
 				$msg = "<strong>".$text['label-load_module'].":</strong> <pre>".$response."</pre>";
 			}
 		}
+		header('Location: modules.php');
+		exit;
 	}
 
 //check connection status
@@ -223,10 +225,10 @@
 			echo "</tr>\n";
 
 			$prev_module_category = $row["module_category"];
-			if ($c==0) { $c=1; } else { $c=0; }
-		} //end foreach
+			$c = $c ? 0 : 1;
+		}
 		unset($sql, $modules, $row_count);
-	} //end if results
+	}
 
 	echo "<tr>\n";
 	echo "<td colspan='6'>\n";