Update services.php

2018-06-07 11:03:13 -06:00 · 2018-06-07 11:03:13 -06:00 · f407bb0e20
parent 7ec287246f
commit f407bb0e20
1 changed files with 165 additions and 156 deletions
--- a/app/services/services.php
+++ b/app/services/services.php
@ -17,15 +17,19 @@

 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2014
+	Portions created by the Initial Developer are Copyright (C) 2008-2018
 	the Initial Developer. All Rights Reserved.

 	Contributor(s):
 	Mark J Crane <markjcrane@fusionpbx.com>
 */
+
+//includes
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
+
+//check permissions
 if (permission_exists('service_view')) {
 	//access granted
 }
@ -102,8 +106,40 @@ if (strlen($_GET["a"]) > 0) {
 	return;
 }

+//get the service count
+$sql = "select * from v_services ";
+if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
+$prep_statement = $db->prepare(check_sql($sql));
+$prep_statement->execute();
+$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+$num_rows = count($result);
+unset ($prep_statement, $result, $sql);
+
+//paging
+$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
+$param = "";
+$page = $_GET['page'];
+if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
+list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
+$offset = $rows_per_page * $page;
+
+//get the service data
+$sql = "select * from v_services ";
+if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
+$sql .= " limit $rows_per_page offset $offset ";
+$prep_statement = $db->prepare(check_sql($sql));
+$prep_statement->execute();
+$services = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+unset ($prep_statement, $sql);
+
+//set the row style
+$c = 0;
+$row_style["0"] = "row_style0";
+$row_style["1"] = "row_style1";
+
+
 //check if a process is running
-	function is_process_running($pid) {
+function is_process_running($pid) {
 	$status = shell_exec( 'ps -p ' . $pid );
 	$status_array = explode ("\n", $status);
 	if (strlen(trim($status_array[1])) > 0) {
@ -112,70 +148,44 @@ if (strlen($_GET["a"]) > 0) {
 	else {
 		return false;
 	}
-	}
+}

-	echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
-	echo "<tr>\n";
-	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['header-services']."</b></td>\n";
-	echo "<td width='50%' align='right'>&nbsp;</td>\n";
-	echo "</tr>\n";
-	echo "<tr>\n";
-	echo "<td align='left' colspan='2'>\n";
-	echo $text['description-services']."<br /><br />\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-	echo "</tr></table>\n";
+//show the table content
+echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
+echo "<tr>\n";
+echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['header-services']."</b></td>\n";
+echo "<td width='50%' align='right'>&nbsp;</td>\n";
+echo "</tr>\n";
+echo "<tr>\n";
+echo "<td align='left' colspan='2'>\n";
+echo $text['description-services']."<br /><br />\n";
+echo "</td>\n";
+echo "</tr>\n";
+echo "</tr></table>\n";

-	$sql = "select * from v_services ";
-	if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-	$num_rows = count($result);
-	unset ($prep_statement, $result, $sql);
-	$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
-	$param = "";
-	$page = $_GET['page'];
-	if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-	list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
-	$offset = $rows_per_page * $page;
-
-	$sql = "select * from v_services ";
-	if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-	$sql .= " limit $rows_per_page offset $offset ";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-	$result_count = count($result);
-	unset ($prep_statement, $sql);
-
-	$c = 0;
-	$row_style["0"] = "row_style0";
-	$row_style["1"] = "row_style1";
-
-	echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
-	echo "<tr>\n";
-	echo th_order_by('service_name', $text['label-name'], $order_by, $order);
-	echo "<th>".$text['label-status']."</th>\n";
-	echo "<th>".$text['label-action']."</th>\n";
-	echo th_order_by('service_description', $text['label-description'], $order_by, $order);
-	echo "<td class='list_control_icons'>";
-	if (permission_exists('service_add')) {
+echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+echo "<tr>\n";
+echo th_order_by('service_name', $text['label-name'], $order_by, $order);
+echo "<th>".$text['label-status']."</th>\n";
+echo "<th>".$text['label-action']."</th>\n";
+echo th_order_by('service_description', $text['label-description'], $order_by, $order);
+echo "<td class='list_control_icons'>";
+if (permission_exists('service_add')) {
 	echo "<a href='service_edit.php' alt='add'>$v_link_label_add</a>";
-	}
-	echo "</td>\n";
-	echo "</tr>\n";
+}
+echo "</td>\n";
+echo "</tr>\n";

-	if ($result_count > 0) {
-		foreach($result as $row) {
-			$tr_link = (permission_exists('service_edit')) ? "href='service_edit.php?id=".$row[service_uuid]."'" : null;
+if (is_array($services)) {
+	foreach($services as $row) {
+		$tr_link = (permission_exists('service_edit')) ? "href='service_edit.php?id=".escape($row[service_uuid])."'" : null;
 		echo "<tr ".$tr_link.">\n";
 		echo "	<td valign='top' class='".$row_style[$c]."'>";
 		if (permission_exists('service_edit')) {
-				echo "<a href='service_edit.php?id=".$row[service_uuid]."'>".$row[service_name]."</a>";
+			echo "<a href='service_edit.php?id=".escape($row[service_uuid])."'>".escape($row[service_name])."</a>";
 		}
 		else {
-				echo $row[service_name];
+			echo escape($row[service_name]);
 		}
 		echo "	</td>\n";
 		echo "	<td valign='top' class='".$row_style[$c]."'>\n";
@ -200,10 +210,10 @@ if (strlen($_GET["a"]) > 0) {
 				}
 				else {
 					if ($service_running) {
-							echo "		<a href='services.php?id=".$row[service_uuid]."&a=stop' alt='stop'>".$text['label-stop']."</a>";
+						echo "		<a href='services.php?id=".escape($row[service_uuid])."&a=stop' alt='stop'>".$text['label-stop']."</a>";
 					}
 					else {
-							echo "		<a href='services.php?id=".$row[service_uuid]."&a=start' alt='start'>".$text['label-start']."</a>";
+						echo "		<a href='services.php?id=".escape($row[service_uuid])."&a=start' alt='start'>".$text['label-start']."</a>";
 					}
 				}
 			}
@ -234,50 +244,49 @@ if (strlen($_GET["a"]) > 0) {
 			echo "</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>\n";
 			if ($service_running) {
-					echo "		<a href='services.php?id=".$row[service_uuid]."&a=stop' alt='stop'>".$text['label-stop']."</a>";
+				echo "		<a href='services.php?id=".escape($row[service_uuid])."&a=stop' alt='stop'>".$text['label-stop']."</a>";
 			}
 			else {
-					echo "		<a href='services.php?id=".$row[service_uuid]."&a=start' alt='start'>".$text['label-start']."</a>";
+				echo "		<a href='services.php?id=".escape($row[service_uuid])."&a=start' alt='start'>".$text['label-start']."</a>";
 			}
 		}

-
 		echo "</td>\n";
-			echo "	<td valign='top' class='row_stylebg'>".$row[service_description]."&nbsp;</td>\n";
+		echo "	<td valign='top' class='row_stylebg'>".escape($row[service_description])."&nbsp;</td>\n";
 		echo "	<td class='list_control_icons'>";
 		if (permission_exists('service_edit')) {
-				echo "<a href='service_edit.php?id=".$row[service_uuid]."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			echo "<a href='service_edit.php?id=".escape($row[service_uuid])."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
 		}
 		if (permission_exists('service_delete')) {
-				echo "<a href='service_delete.php?id=".$row[service_uuid]."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			echo "<a href='service_delete.php?id=".escape($row[service_uuid])."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
 		}
 		echo "	</td>\n";
 		echo "</tr>\n";
 		if ($c==0) { $c=1; } else { $c=0; }
 	} //end foreach
-		unset($sql, $result, $row_count);
-	} //end if results
+	unset($sql, $services);
+} //end if results

-	echo "<tr>\n";
-	echo "<td colspan='5' align='left'>\n";
-	echo "	<table width='100%' cellpadding='0' cellspacing='0'>\n";
-	echo "	<tr>\n";
-	echo "		<td width='33.3%' nowrap>&nbsp;</td>\n";
-	echo "		<td width='33.3%' align='center' nowrap>$paging_controls</td>\n";
-	echo "		<td class='list_control_icons'>";
-	if (permission_exists('service_add')) {
+echo "<tr>\n";
+echo "<td colspan='5' align='left'>\n";
+echo "	<table width='100%' cellpadding='0' cellspacing='0'>\n";
+echo "	<tr>\n";
+echo "		<td width='33.3%' nowrap>&nbsp;</td>\n";
+echo "		<td width='33.3%' align='center' nowrap>$paging_controls</td>\n";
+echo "		<td class='list_control_icons'>";
+if (permission_exists('service_add')) {
 	echo 		"<a href='service_edit.php' alt='add'>$v_link_label_add</a>";
-	}
-	echo "		</td>\n";
-	echo "	</tr>\n";
- 	echo "	</table>\n";
-	echo "</td>\n";
-	echo "</tr>\n";
+}
+echo "		</td>\n";
+echo "	</tr>\n";
+echo "	</table>\n";
+echo "</td>\n";
+echo "</tr>\n";

-	echo "</table>";
-	echo "<br><br>";
+echo "</table>";
+echo "<br><br>";

 //include the footer
-	require_once "resources/footer.php";
+require_once "resources/footer.php";

 ?>