dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Database class integration. Create order_by() and limit_offset() functions.

This commit is contained in:
Nate 2019-07-01 17:30:03 -06:00
parent 32b04431f7
commit d075a083cf
11 changed files with 232 additions and 387 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
app/access_controls/access_control_delete.php
View File

@ -30,38 +30,26 @@
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('access_control_delete')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('access_control_delete')) {
echo "access denied"; exit;
}
//add multi-lingual support
$language = new text;
$text = $language->get();
//get the id
if (count($_GET)>0) {
$id = check_str($_GET["id"]);
}
//delete the data
if (strlen($id)>0) {
//delete access_control
$sql = "delete from v_access_controls ";
$sql .= "where access_control_uuid = '$id' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
if (is_uuid($_GET["id"])) {
$access_control_uuid = $_GET["id"];
//delete access_control_node
$sql = "delete from v_access_control_nodes ";
$sql .= "where access_control_uuid = '$id' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
$array['access_controls'][]['access_control_uuid'] = $access_control_uuid;
$array['access_control_nodes'][]['access_control_uuid'] = $access_control_uuid;
$database = new database;
$database->app_name = 'access_control';
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
$database->delete($array);
unset($array);
//clear the cache
$cache = new cache;
@ -70,11 +58,11 @@
//create the event socket connection
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
if ($fp) { event_socket_request($fp, "api reloadacl"); }
message::add($text['message-delete']);
}
//redirect the user
message::add($text['message-delete']);
header('Location: access_controls.php');
?>

103
app/access_controls/access_control_edit.php
View File

@ -22,15 +22,11 @@
//includes
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('access_control_add') || permission_exists('access_control_edit')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('access_control_add') && !permission_exists('access_control_edit')) {
echo "access denied"; exit;
}
//add multi-lingual support
@ -38,9 +34,9 @@
$text = $language->get();
//action add or update
if (isset($_REQUEST["id"])) {
if (is_uuid($_REQUEST["id"])) {
$action = "update";
$access_control_uuid = check_str($_REQUEST["id"]);
$access_control_uuid = $_REQUEST["id"];
}
else {
$action = "add";
@ -80,51 +76,34 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
//add or update the database
if ($_POST["persistformvar"] != "true") {
$execute = false;
if ($action == "add" && permission_exists('access_control_add')) {
//update the database
$sql = "insert into v_access_controls ";
$sql .= "(";
$sql .= "access_control_uuid, ";
$sql .= "access_control_name, ";
$sql .= "access_control_default, ";
$sql .= "access_control_description ";
$sql .= ")";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'$access_control_name', ";
$sql .= "'$access_control_default', ";
$sql .= "'$access_control_description' ";
$sql .= ")";
$db->exec(check_sql($sql));
unset($sql);
//clear the cache
$cache = new cache;
$cache->delete("configuration:acl.conf");
//create the event socket connection
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
if ($fp) { event_socket_request($fp, "api reloadacl"); }
$execute = true;
$access_control_uuid = uuid();
//add the message
message::add($text['message-add']);
//redirect the user
header("Location: access_controls.php");
return;
} //if ($action == "add")
}
if ($action == "update" && permission_exists('access_control_edit')) {
//update the database
$sql = "update v_access_controls set ";
$sql .= "access_control_name = '$access_control_name', ";
$sql .= "access_control_default = '$access_control_default', ";
$sql .= "access_control_description = '$access_control_description' ";
$sql .= "where access_control_uuid = '$access_control_uuid'";
$db->exec(check_sql($sql));
unset($sql);
$execute = true;
//$access_control_uuid //already set
//add the message
message::add($text['message-update']);
}
if ($execute) {
$array['access_controls'][0]['access_control_uuid'] = $access_control_uuid;
$array['access_controls'][0]['access_control_name'] = $access_control_name;
$array['access_controls'][0]['access_control_default'] = $access_control_default;
$array['access_controls'][0]['access_control_description'] = $access_control_description;
$database = new database;
$database->app_name = 'access_control';
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
$database->save($array);
unset($array);
//clear the cache
$cache = new cache;
@ -133,33 +112,29 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
//create the event socket connection
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
if ($fp) { event_socket_request($fp, "api reloadacl"); }
}
//add the message
message::add($text['message-update']);
//redirect the user
header("Location: access_controls.php");
return;
//redirect the user
header("Location: access_controls.php");
return;
} //if ($action == "update")
} //if ($_POST["persistformvar"] != "true")
} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
//pre-populate the form
if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
$access_control_uuid = check_str($_GET["id"]);
if (count($_GET) > 0 && $_POST["persistformvar"] != "true" && is_uuid($_GET["id"])) {
$access_control_uuid = $_GET["id"];
$sql = "select * from v_access_controls ";
$sql .= "where access_control_uuid = '$access_control_uuid' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$sql .= "where access_control_uuid = :access_control_uuid ";
$parameters['access_control_uuid'] = $access_control_uuid;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && sizeof($row)) {
$access_control_name = $row["access_control_name"];
$access_control_default = $row["access_control_default"];
$access_control_description = $row["access_control_description"];
break; //limit to 1 row
}
unset ($prep_statement);
unset ($sql, $parameters, $row);
}
//show the header

36
app/access_controls/access_control_node_delete.php
View File

@ -25,32 +25,26 @@
require_once "resources/check_auth.php";
//check permissions
if (permission_exists('access_control_node_delete')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('access_control_node_delete')) {
echo "access denied"; exit;
}
//add multi-lingual support
$language = new text;
$text = $language->get();
//get the id
if (count($_GET) > 0) {
$id = check_str($_GET["id"]);
$access_control_uuid = check_str($_GET["access_control_uuid"]);
}
//delete access control node
if (is_uuid($_GET['id']) && is_uuid($_GET['access_control_uuid'])) {
$access_control_node_uuid = $_GET["id"];
$access_control_uuid = $_GET["access_control_uuid"];
//delete access_control_node
if (strlen($id) > 0) {
//update the database
$sql = "delete from v_access_control_nodes ";
$sql .= "where access_control_node_uuid = '$id' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
$array['access_control_nodes'][0]['access_control_node_uuid'] = $access_control_node_uuid;
$array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid;
$database = new database;
$database->app_name = 'access_control';
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
$database->delete($array);
unset($array);
//clear the cache
$cache = new cache;
@ -59,10 +53,12 @@
//create the event socket connection
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
if ($fp) { event_socket_request($fp, "api reloadacl"); }
//set message
message::add($text['message-delete']);
}
//redirect the browser
message::add($text['message-delete']);
header('Location: access_control_edit.php?id='.$access_control_uuid);
?>

100
app/access_controls/access_control_node_edit.php
View File

@ -25,12 +25,8 @@
require_once "resources/check_auth.php";
//check permissions
if (permission_exists('access_control_node_add') || permission_exists('access_control_node_edit')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('access_control_node_add') && !permission_exists('access_control_node_edit')) {
echo "access denied"; exit;
}
//add multi-lingual support
@ -38,32 +34,32 @@
$text = $language->get();
//action add or update
if (isset($_REQUEST["id"])) {
if (is_uuid($_REQUEST["id"])) {
$action = "update";
$access_control_node_uuid = check_str($_REQUEST["id"]);
$access_control_node_uuid = $_REQUEST["id"];
}
else {
$action = "add";
}
//set the parent uuid
if (strlen($_GET["access_control_uuid"]) > 0) {
$access_control_uuid = check_str($_GET["access_control_uuid"]);
if (is_uuid($_GET["access_control_uuid"])) {
$access_control_uuid = $_GET["access_control_uuid"];
}
//get http post variables and set them to php variables
if (count($_POST)>0) {
$node_type = check_str($_POST["node_type"]);
$node_cidr = check_str($_POST["node_cidr"]);
$node_domain = check_str($_POST["node_domain"]);
$node_description = check_str($_POST["node_description"]);
$node_type = $_POST["node_type"];
$node_cidr = $_POST["node_cidr"];
$node_domain = $_POST["node_domain"];
$node_description = $_POST["node_description"];
}
if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
//get the uuid
if ($action == "update") {
$access_control_node_uuid = check_str($_POST["access_control_node_uuid"]);
if ($action == "update" && is_uuid($_POST["access_control_node_uuid"])) {
$access_control_node_uuid = $_POST["access_control_node_uuid"];
}
//check for all required data
@ -97,27 +93,19 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
//add or update the database
if ($_POST["persistformvar"] != "true") {
if ($action == "add" && permission_exists('access_control_node_add')) {
//update the database
$sql = "insert into v_access_control_nodes ";
$sql .= "(";
$sql .= "access_control_node_uuid, ";
$sql .= "access_control_uuid, ";
$sql .= "node_type, ";
$sql .= "node_cidr, ";
$sql .= "node_domain, ";
$sql .= "node_description ";
$sql .= ")";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'$access_control_uuid', ";
$sql .= "'$node_type', ";
$sql .= "'$node_cidr', ";
$sql .= "'$node_domain', ";
$sql .= "'$node_description' ";
$sql .= ")";
$db->exec(check_sql($sql));
unset($sql);
//insert
$array['access_control_nodes'][0]['access_control_node_uuid'] = uuid();
$array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid;
$array['access_control_nodes'][0]['node_type'] = $node_type;
$array['access_control_nodes'][0]['node_cidr'] = $node_cidr;
$array['access_control_nodes'][0]['node_domain'] = $node_domain;
$array['access_control_nodes'][0]['node_description'] = $node_description;
$database = new database;
$database->app_name = 'access_controls';
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
$database->save($array);
unset($array);
//clear the cache
$cache = new cache;
@ -138,16 +126,18 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
if ($action == "update" && permission_exists('access_control_node_edit')) {
//update the database
$sql = "update v_access_control_nodes set ";
$sql .= "access_control_uuid = '$access_control_uuid', ";
$sql .= "node_type = '$node_type', ";
$sql .= "node_cidr = '$node_cidr', ";
$sql .= "node_domain = '$node_domain', ";
$sql .= "node_description = '$node_description' ";
$sql .= "where access_control_node_uuid = '$access_control_node_uuid'";
$db->exec(check_sql($sql));
unset($sql);
//update
$array['access_control_nodes'][0]['access_control_node_uuid'] = $access_control_node_uuid;
$array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid;
$array['access_control_nodes'][0]['node_type'] = $node_type;
$array['access_control_nodes'][0]['node_cidr'] = $node_cidr;
$array['access_control_nodes'][0]['node_domain'] = $node_domain;
$array['access_control_nodes'][0]['node_description'] = $node_description;
$database = new database;
$database->app_name = 'access_controls';
$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
$database->save($array);
unset($array);
//clear the cache
$cache = new cache;
@ -169,20 +159,20 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
//pre-populate the form
if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
$access_control_node_uuid = check_str($_GET["id"]);
if (count($_GET) > 0 && $_POST["persistformvar"] != "true" && is_uuid($_GET["id"])) {
$access_control_node_uuid = $_GET["id"];
$sql = "select * from v_access_control_nodes ";
$sql .= "where access_control_node_uuid = '".$access_control_node_uuid."' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$sql .= "where access_control_node_uuid = :access_control_node_uuid ";
$parameters['access_control_node_uuid'] = $access_control_node_uuid;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && sizeof($row) != 0) {
$node_type = $row["node_type"];
$node_cidr = $row["node_cidr"];
$node_domain = $row["node_domain"];
$node_description = $row["node_description"];
}
unset ($prep_statement);
unset($sql, $parameters, $row);
}
//show the header

77
app/access_controls/access_control_nodes.php
View File

@ -25,12 +25,8 @@
require_once "resources/check_auth.php";
//check permissions
if (permission_exists('access_control_node_view')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('access_control_node_view')) {
echo "access denied"; exit;
}
//add multi-lingual support
@ -38,32 +34,8 @@
$text = $language->get();
//get variables used to control the order
$order_by = check_str($_GET["order_by"]);
$order = check_str($_GET["order"]);
//validate the order
switch ($order) {
case 'asc':
break;
case 'desc':
break;
default:
$order = '';
}
//validate the order by
switch ($order_by) {
case 'node_type':
break;
case 'node_cidr':
break;
case 'node_domain':
break;
case 'node_description':
break;
default:
$order_by = '';
}
$order_by = $_GET["order_by"];
$order = $_GET["order"];
//additional includes
require_once "resources/header.php";
@ -78,9 +50,8 @@
echo "</table>\n";
//prepare to page the results
$sql = "select count(*) as num_rows from v_access_control_nodes ";
$sql = "select count(*) from v_access_control_nodes ";
$sql .= "where access_control_uuid = :access_control_uuid ";
if (strlen($order_by) > 0) { $sql .= "order by $order_by $order "; }
$parameters['access_control_uuid'] = $access_control_uuid;
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
@ -96,13 +67,11 @@
//get the list
$sql = "select * from v_access_control_nodes ";
$sql .= "where access_control_uuid = :access_control_uuid ";
if (strlen($order_by) > 0) { $sql .= "order by $order_by $order "; }
$sql .= "limit :rows_per_page offset :offset ";
$database = new database;
$parameters['rows_per_page'] = $rows_per_page;
$parameters['offset'] = $offset;
$sql .= order_by($order_by, $order);
$sql .= limit_offset($rows_per_page, $offset);
$parameters['access_control_uuid'] = $access_control_uuid;
$access_control_nodes = $database->execute($sql, $parameters);
$database = new database;
$access_control_nodes = $database->select($sql, $parameters);
//set the row styles
$c = 0;
@ -133,7 +102,7 @@
}
echo "<tr ".$tr_link.">\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['node_type'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['node_cidr'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'><a ".$tr_link.">".escape($row['node_cidr'])."</a></td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['node_domain'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['node_description'])."&nbsp;</td>\n";
echo " <td class='list_control_icons'>";
@ -145,32 +114,20 @@
}
echo " </td>\n";
echo "</tr>\n";
if ($c==0) { $c=1; } else { $c=0; }
$c = $c == 1 ? 0 : 1;
} //end foreach
unset($sql, $result, $row_count);
} //end if results
echo "<tr>\n";
echo "<td colspan='5' align='left'>\n";
echo " <table width='100%' cellpadding='0' cellspacing='0'>\n";
echo " <tr>\n";
echo " <td width='33.3%' nowrap='nowrap'>&nbsp;</td>\n";
echo " <td width='33.3%' align='center' nowrap='nowrap'>$paging_controls</td>\n";
echo " <td class='list_control_icons'>";
echo "</table>\n";
if (permission_exists('access_control_node_add')) {
echo "<a href='access_control_node_edit.php?access_control_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
echo "<div style='float: right;'>\n";
echo " <a href='access_control_node_edit.php?access_control_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
echo "</div>\n";
}
else {
echo "&nbsp;";
}
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>";
echo "<br /><br />";
echo "<br />\n";
echo "<div align='center'>".$paging_controls."</div>\n";
//include the footer
require_once "resources/footer.php";

88
app/access_controls/access_controls.php
View File

@ -27,15 +27,11 @@
//includes
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('access_control_view')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('access_control_view')) {
echo "access denied"; exit;
}
//add multi-lingual support
@ -46,38 +42,14 @@
$order_by = $_GET["order_by"];
$order = $_GET["order"];
//validate the order
switch ($order) {
case 'asc':
break;
case 'desc':
break;
default:
$order = '';
}
//validate the order by
switch ($order_by) {
case 'access_control_name':
break;
case 'access_control_default':
break;
case 'access_control_description':
break;
default:
$order_by = '';
}
//additional includes
require_once "resources/header.php";
require_once "resources/paging.php";
//prepare to page the results
$sql = "select count(*) as num_rows from v_access_controls ";
if (strlen($order_by) > 0) { $sql .= "order by $order_by $order "; }
$parameters = null;
$sql = "select count(*) from v_access_controls ";
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
$num_rows = $database->select($sql, null, 'column');
//prepare to page the results
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
@ -89,12 +61,10 @@
//get the list
$sql = "select * from v_access_controls ";
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
$sql .= "limit :rows_per_page offset :offset ";
$parameters['rows_per_page'] = $rows_per_page;
$parameters['offset'] = $offset;
$sql .= order_by($order_by, $order);
$sql .= limit_offset($rows_per_page, $offset);
$database = new database;
$access_controls = $database->select($sql, $parameters, 'all');
$access_controls = $database->select($sql, null, 'all');
//alternate the row style
$c = 0;
@ -102,17 +72,10 @@
$row_style["1"] = "row_style1";
//show the content
echo "<table width='100%' border='0'>\n";
echo " <tr>\n";
echo " <td width='50%' align='left' nowrap='nowrap'><b>".$text['title-access_controls']."</b></td>\n";
echo " <td width='50%' align='right'>&nbsp;</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align='left' colspan='2'>\n";
echo " ".$text['description-access_control']."<br /><br />\n";
echo " </td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "<b>".$text['title-access_controls']."</b>\n";
echo "<br /><br />\n";
echo $text['description-access_control']."\n";
echo "<br /><br />\n";
echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
echo "<tr>\n";
@ -135,7 +98,7 @@
$tr_link = "href='access_control_edit.php?id=".escape($row['access_control_uuid'])."'";
}
echo "<tr ".$tr_link.">\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_name'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'><a ".$tr_link.">".escape($row['access_control_name'])."</a></td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_default'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['access_control_description'])."&nbsp;</td>\n";
echo " <td class='list_control_icons'>";
@ -147,31 +110,20 @@
}
echo " </td>\n";
echo "</tr>\n";
if ($c==0) { $c=1; } else { $c=0; }
$c = $c == 1 ? 0 : 1;
} //end foreach
unset($sql, $access_controls);
} //end if results
echo "<tr>\n";
echo "<td colspan='4' align='left'>\n";
echo " <table width='100%' cellpadding='0' cellspacing='0'>\n";
echo " <tr>\n";
echo " <td width='33.3%' nowrap='nowrap'>&nbsp;</td>\n";
echo " <td width='33.3%' align='center' nowrap='nowrap'>$paging_controls</td>\n";
echo " <td class='list_control_icons'>";
echo "</table>\n";
if (permission_exists('access_control_add')) {
echo "<a href='access_control_edit.php' alt='".$text['button-add']."'>$v_link_label_add</a>";
echo "<div style='float: right;'>\n";
echo " <a href='access_control_edit.php' alt=\"".$text['button-add']."\">".$v_link_label_add."</a>";
echo "</div>\n";
}
else {
echo "&nbsp;";
}
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>";
echo "<br /><br />";
echo "<br />\n";
echo "<div align='center'>".$paging_controls."</div>\n";
//include the footer
require_once "resources/footer.php";

22
app/basic_operator_panel/index.php
View File

@ -46,9 +46,6 @@
//set user status
if (isset($_REQUEST['status']) && $_REQUEST['status'] != '') {
//create the database object
$database = new database;
//validate the user status
$user_status = $_REQUEST['status'];
switch ($user_status) {
@ -68,15 +65,14 @@
//update the status
if (permission_exists("user_account_setting_edit")) {
$sql = "update v_users set ";
$sql .= "user_status = :user_status ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and user_uuid = :user_uuid ";
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['user_uuid'] = $_SESSION['user']['user_uuid'];
$parameters['user_status'] = $user_status;
$database->execute($sql, $parameters);
unset($parameters);
$array['users'][0]['user_uuid'] = $_SESSION['user']['user_uuid'];
$array['users'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$array['users'][0]['user_status'] = $user_status;
$database = new database;
$database->app_name = 'operator_panel';
$database->app_uuid = 'dd3d173a-5d51-4231-ab22-b18c5b712bb2';
$database->save($array);
unset($array);
}
//if call center app is installed then update the user_status
@ -87,7 +83,9 @@
$sql .= "and user_uuid = :user_uuid ";
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['user_uuid'] = $_SESSION['user']['user_uuid'];
$database = new database;
$call_center_agent_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
//update the user_status
if (isset($call_center_agent_uuid)) {

30
app/bridges/bridge_delete.php
View File

@ -32,26 +32,28 @@
$language = new text;
$text = $language->get();
//delete the message
message::add($text['message-delete']);
//delete the data
if (isset($_GET["id"]) && is_uuid($_GET["id"]) && permission_exists('bridge_delete')) {
if (is_uuid($_GET["id"]) && permission_exists('bridge_delete')) {
//get the id
$id = check_str($_GET["id"]);
$bridge_uuid = $_GET["id"];
//delete bridge
$sql = "delete from v_bridges ";
$sql .= "where bridge_uuid = '$id' ";
$sql .= "and domain_uuid = '$domain_uuid' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
$array['bridges'][0]['bridge_uuid'] = $bridge_uuid;
$array['bridges'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$database = new database;
$database->app_name = 'bridges';
$database->app_uuid = 'a6a7c4c5-340a-43ce-bcbc-2ed9bab8659d';
$database->delete($array);
unset($array);
//add the message
message::add($text['message-delete']);
//redirect the user
header('Location: bridges.php');
}
//redirect the user
header('Location: bridges.php');
?>

50
app/bridges/bridge_edit.php
View File

@ -24,15 +24,11 @@
//includes
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
//check permissions
require_once "resources/check_auth.php";
if (permission_exists('bridge_add') || permission_exists('bridge_edit')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('bridge_add') && !permission_exists('bridge_edit')) {
echo "access denied"; exit;
}
//add multi-lingual support
@ -40,10 +36,10 @@
$text = $language->get();
//action add or update
if (isset($_REQUEST["id"])) {
if (is_uuid($_REQUEST["id"])) {
$action = "update";
$bridge_uuid = check_str($_REQUEST["id"]);
$id = check_str($_REQUEST["id"]);
$bridge_uuid = $_REQUEST["id"];
$id = $_REQUEST["id"];
}
else {
$action = "add";
@ -51,10 +47,10 @@
//get http post variables and set them to php variables
if (is_array($_POST)) {
$bridge_uuid = check_str($_POST["bridge_uuid"]);
$bridge_name = check_str($_POST["bridge_name"]);
$bridge_destination = check_str($_POST["bridge_destination"]);
$bridge_enabled = check_str($_POST["bridge_enabled"]);
$bridge_uuid = $_POST["bridge_uuid"];
$bridge_name = $_POST["bridge_name"];
$bridge_destination = $_POST["bridge_destination"];
$bridge_enabled = $_POST["bridge_enabled"];
}
//process the user data and save it to the database
@ -62,7 +58,7 @@
//get the uuid from the POST
if ($action == "update") {
$bridge_uuid = check_str($_POST["bridge_uuid"]);
$bridge_uuid = $_POST["bridge_uuid"];
}
//check for all required data
@ -98,19 +94,10 @@
//save to the data
$database = new database;
$database->app_name = 'bridges';
$database->app_uuid = null;
if (strlen($bridge_uuid) > 0) {
$database->uuid($bridge_uuid);
}
$database->app_uuid = 'a6a7c4c5-340a-43ce-bcbc-2ed9bab8659d';
$database->save($array);
$message = $database->message;
//debug info
//echo "<pre>";
//print_r($message);
//echo "</pre>";
//exit;
//redirect the user
if (isset($action)) {
if ($action == "add") {
@ -126,21 +113,18 @@
//pre-populate the form
if (is_array($_GET) && $_POST["persistformvar"] != "true") {
$bridge_uuid = check_str($_GET["id"]);
$parameters['bridge_uuid'] = $bridge_uuid;
$bridge_uuid = $_GET["id"];
$sql = "select * from v_bridges ";
$sql .= "where bridge_uuid = :bridge_uuid ";
//$sql .= "and domain_uuid = :domain_uuid ";
$parameters['bridge_uuid'] = $bridge_uuid;
$database = new database;
//$database = $database->app_name = 'bridges';
$result = $database->execute($sql, $parameters);
//$message = $database->message;
foreach ($result as $row) {
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && sizeof($row) != 0) {
$bridge_name = $row["bridge_name"];
$bridge_destination = $row["bridge_destination"];
$bridge_enabled = $row["bridge_enabled"];
}
unset ($prep_statement);
unset($sql, $parameters, $row);
}
//show the header

49
app/bridges/bridges.php
View File

@ -31,12 +31,8 @@
require_once "resources/paging.php";
//check permissions
if (permission_exists('bridge_view')) {
//access granted
}
else {
echo "access denied";
exit;
if (!permission_exists('bridge_view')) {
echo "access denied"; exit;
}
//add multi-lingual support
@ -88,7 +84,7 @@
$parameters['domain_uuid'] = $domain_uuid;
//add the search term
$search = strtolower(check_str($_GET["search"]));
$search = strtolower($_GET["search"]);
if (strlen($search) > 0) {
$sql_search = " (";
$sql_search .= " lower(bridge_name) like :search ";
@ -100,7 +96,7 @@
}
//prepare to page the results
$sql = "select count(bridge_uuid) as num_rows from v_bridges ";
$sql = "select count(bridge_uuid) from v_bridges ";
if ($_GET['show'] == "all" && permission_exists('bridge_all')) {
if (isset($sql_search)) {
$sql .= "where ".$sql_search;
@ -112,9 +108,6 @@
$sql .= "and ".$sql_search;
}
}
if (strlen($order_by) > 0) {
$sql .= "order by $order_by $order ";
}
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
@ -142,12 +135,8 @@
$sql .= "and ".$sql_search;
}
}
if (strlen($order_by) > 0) {
$sql .= "order by $order_by $order ";
}
if (is_numeric($rows_per_page) && is_numeric($offset)) {
$sql .= "limit $rows_per_page offset $offset ";
}
$sql .= order_by($order_by, $order);
$sql .= limit_offset($rows_per_page, $offset);
$database = new database;
$bridges = $database->select($sql, $parameters, 'all');
//$message = $database->message;
@ -249,32 +238,22 @@
echo " </td>\n";
echo "</tr>\n";
$x++;
if ($c==0) { $c=1; } else { $c=0; }
$c = $c == 1 ? 0 : 1;
} //end foreach
unset($sql, $bridges);
} //end if results
echo "<tr>\n";
echo "<td colspan='5' align='left'>\n";
echo " <table width='100%' cellpadding='0' cellspacing='0'>\n";
echo " <tr>\n";
echo " <td width='33.3%' nowrap='nowrap'>&nbsp;</td>\n";
echo " <td width='33.3%' align='center' nowrap='nowrap'>$paging_controls</td>\n";
echo " <td class='list_control_icons'>";
echo "</table>\n";
if (permission_exists('bridge_add')) {
echo "<a href='bridge_edit.php' alt='".$text['button-add']."'>$v_link_label_add</a>";
echo "<div style='float: right;'>\n";
echo " <a href='bridge_edit.php' alt=\"".$text['button-add']."\">".$v_link_label_add."</a>";
echo "</div>\n";
}
else {
echo "&nbsp;";
}
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>";
echo "<br />\n";
echo "<div align='center'>".$paging_controls."</div>\n";
echo "</form>\n";
echo "<br /><br />";
//include the footer
require_once "resources/footer.php";

24
resources/functions.php
View File

@ -2122,5 +2122,29 @@ function number_pad($number,$n) {
}
}
//validate and format order by clause of select statement
if (!function_exists('order_by')) {
function order_by($col, $dir) {
$col = preg_replace('#[^a-zA-Z0-9-]#', '', $col);
$dir = strtolower($dir) == 'desc' ? 'desc' : 'asc';
if ($col != '') { return ' order by '.$col.' '.$dir.' '; }
}
}
//validate and format limit and offset clause of select statement
if (!function_exists('limit_offset')) {
function limit_offset($limit, $offset) {
$regex = '#[^0-9]#';
$limit = preg_replace($regex, '', $limit);
$offset = preg_replace($regex, '', $offset);
if (is_numeric($limit) && $limit > 0) {
$clause .= ' limit '.$limit;
if (is_numeric($offset)) {
$clause .= ' offset '.$offset;
}
}
return $clause.' ';
}
}
?>