dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Database class integration.

This commit is contained in:
Nate 2019-07-06 18:04:44 -06:00
parent 093b5b6ec0
commit f758d2a956
3 changed files with 211 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
app/conferences/conference_delete.php
View File

@ -38,45 +38,45 @@ else {
$language = new text; $language = new text;
$text = $language->get(); $text = $language->get();
//get the id //require the id
if (count($_GET) > 0) { if (is_uuid($_GET["id"])) {
$id = check_str($_GET["id"]);
}
//require the id $conference_uuid = $_GET["id"];
if (strlen($id) > 0) {
//get the dialplan uuid //get the dialplan uuid
$sql = "select * from v_conferences "; $sql = "select dialplan_uuid from v_conferences ";
$sql .= "where domain_uuid = '$domain_uuid' "; $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and conference_uuid = '$id' "; $sql .= "and conference_uuid = :conference_uuid ";
$prep_statement = $db->prepare($sql); $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$prep_statement->execute(); $parameters['conference_uuid'] = $conference_uuid;
while($row = $prep_statement->fetch(PDO::FETCH_ASSOC)) { $database = new database;
$dialplan_uuid = $row['dialplan_uuid']; $dialplan_uuid = $database->select($sql, $parameters, 'column');
} unset($sql, $parameters);
//delete conference //delete conference
$sql = "delete from v_conferences "; $array['conferences'][0]['conference_uuid'] = $conference_uuid;
$sql .= "where domain_uuid = '$domain_uuid' "; $array['conferences'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$sql .= "and conference_uuid = '$id' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
//delete the dialplan entry
$sql = "delete from v_dialplans ";
$sql .= "where domain_uuid = '$domain_uuid' ";
$sql .= "and dialplan_uuid = '$dialplan_uuid' ";
$db->query($sql);
unset($sql);
//delete the dialplan details //delete the dialplan details
$sql = "delete from v_dialplan_details "; $array['dialplan_details'][0]['dialplan_uuid'] = $dialplan_uuid;
$sql .= "where domain_uuid = '$domain_uuid' "; $array['dialplan_details'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$sql .= "and dialplan_uuid = '$dialplan_uuid' "; //delete the dialplan entry
$db->query($sql); $array['dialplans'][0]['dialplan_uuid'] = $dialplan_uuid;
unset($sql); $array['dialplans'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
//execute
$p = new permissions;
$p->add('dialplan_detail_delete', 'temp');
$p->add('dialplan_delete', 'temp');
$database = new database;
$database->app_name = 'conferences';
$database->app_uuid = 'b81412e8-7253-91f4-e48e-42fc2c9a38d9';
$database->delete($array);
$response = $database->message;
unset($array);
$p->delete('dialplan_detail_delete', 'temp');
$p->delete('dialplan_delete', 'temp');
//syncrhonize configuration //syncrhonize configuration
save_dialplan_xml(); save_dialplan_xml();
@ -88,11 +88,12 @@ else {
$cache = new cache; $cache = new cache;
$cache->delete("dialplan:".$_SESSION["context"]); $cache->delete("dialplan:".$_SESSION["context"]);
//set message
message::add($text['confirm-delete']);
} }
//redirect the browser //redirect the browser
message::add($text['confirm-delete']);
header("Location: conferences.php"); header("Location: conferences.php");
return; exit;
?> ?>

284
app/conferences/conference_edit.php
View File

@ -43,9 +43,9 @@
$text = $language->get(); $text = $language->get();
//action add or update //action add or update
if (isset($_REQUEST["id"])) { if (is_uuid($_REQUEST["id"])) {
$action = "update"; $action = "update";
$conference_uuid = check_str($_REQUEST["id"]); $conference_uuid = $_REQUEST["id"];
} }
else { else {
$action = "add"; $action = "add";
@ -53,15 +53,15 @@
//get http post variables and set them to php variables //get http post variables and set them to php variables
if (count($_POST)>0) { if (count($_POST)>0) {
$dialplan_uuid = check_str($_POST["dialplan_uuid"]); $dialplan_uuid = $_POST["dialplan_uuid"];
$conference_name = check_str($_POST["conference_name"]); $conference_name = $_POST["conference_name"];
$conference_extension = check_str($_POST["conference_extension"]); $conference_extension = $_POST["conference_extension"];
$conference_pin_number = check_str($_POST["conference_pin_number"]); $conference_pin_number = $_POST["conference_pin_number"];
$conference_profile = check_str($_POST["conference_profile"]); $conference_profile = $_POST["conference_profile"];
$conference_flags = check_str($_POST["conference_flags"]); $conference_flags = $_POST["conference_flags"];
$conference_order = check_str($_POST["conference_order"]); $conference_order = $_POST["conference_order"];
$conference_description = check_str($_POST["conference_description"]); $conference_description = $_POST["conference_description"];
$conference_enabled = check_str($_POST["conference_enabled"]); $conference_enabled = $_POST["conference_enabled"];
//sanitize the conference name //sanitize the conference name
$conference_name = preg_replace("/[^A-Za-z0-9\- ]/", "", $conference_name); $conference_name = preg_replace("/[^A-Za-z0-9\- ]/", "", $conference_name);
@ -70,53 +70,65 @@
//delete the user from the v_conference_users //delete the user from the v_conference_users
if ($_GET["a"] == "delete" && permission_exists("conference_delete")) { if ($_GET["a"] == "delete" && permission_exists("conference_delete")) {
//set the variables
$user_uuid = check_str($_REQUEST["user_uuid"]); $user_uuid = $_REQUEST["user_uuid"];
$conference_uuid = check_str($_REQUEST["id"]); $conference_uuid = $_REQUEST["id"];
//delete the group from the users
$sql = "delete from v_conference_users "; $p = new permissions;
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $p->add('conference_user_delete', 'temp');
$sql .= "and conference_uuid = '".$conference_uuid."' ";
$sql .= "and user_uuid = '".$user_uuid."' "; $array['conference_users'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$db->exec(check_sql($sql)); $array['conference_users'][0]['conference_uuid'] = $conference_uuid;
$array['conference_users'][0]['user_uuid'] = $user_uuid;
$database = new database;
$database->app_name = 'conferences';
$database->app_uuid = 'b81412e8-7253-91f4-e48e-42fc2c9a38d9';
$database->delete($array);
$response = $database->message;
unset($array);
$p->delete('conference_user_delete', 'temp');
message::add($text['confirm-delete']); message::add($text['confirm-delete']);
header("Location: conference_edit.php?id=".$conference_uuid); header("Location: conference_edit.php?id=".$conference_uuid);
return; exit;
} }
//add the user to the v_conference_users //add the user to the v_conference_users
if (strlen($_REQUEST["user_uuid"]) > 0 && strlen($_REQUEST["id"]) > 0 && $_GET["a"] != "delete") { if (is_uuid($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && $_GET["a"] != "delete") {
//set the variables //set the variables
$user_uuid = check_str($_REQUEST["user_uuid"]); $user_uuid = $_REQUEST["user_uuid"];
$conference_uuid = check_str($_REQUEST["id"]); $conference_uuid = $_REQUEST["id"];
//assign the user to the extension //assign the user to the extension
$sql_insert = "insert into v_conference_users "; $array['conference_users'][0]['conference_user_uuid'] = uuid();
$sql_insert .= "("; $array['conference_users'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$sql_insert .= "conference_user_uuid, "; $array['conference_users'][0]['conference_uuid'] = $conference_uuid;
$sql_insert .= "domain_uuid, "; $array['conference_users'][0]['user_uuid'] = $user_uuid;
$sql_insert .= "conference_uuid, ";
$sql_insert .= "user_uuid "; $p = new permissions;
$sql_insert .= ")"; $p->add('conference_user_add', 'temp');
$sql_insert .= "values ";
$sql_insert .= "("; $database = new database;
$sql_insert .= "'".uuid()."', "; $database->app_name = 'conferences';
$sql_insert .= "'".$_SESSION['domain_uuid']."', "; $database->app_uuid = 'b81412e8-7253-91f4-e48e-42fc2c9a38d9';
$sql_insert .= "'".$conference_uuid."', "; $database->save($array);
$sql_insert .= "'".$user_uuid."' "; $response = $database->message;
$sql_insert .= ")"; unset($array);
$db->exec($sql_insert);
$p->delete('conference_user_add', 'temp');
//send a message //send a message
message::add($text['confirm-add']); message::add($text['confirm-add']);
header("Location: conference_edit.php?id=".$conference_uuid); header("Location: conference_edit.php?id=".$conference_uuid);
return; exit;
} }
//process http post variables //process http post variables
if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
if ($action == "update") { if ($action == "update") {
$conference_uuid = check_str($_POST["conference_uuid"]); $conference_uuid = $_POST["conference_uuid"];
} }
//check for all required data //check for all required data
@ -150,36 +162,24 @@
$conference_uuid = uuid(); $conference_uuid = uuid();
$dialplan_uuid = uuid(); $dialplan_uuid = uuid();
//add the conference //add the conference
$sql = "insert into v_conferences "; $array['conferences'][0]['domain_uuid'] = $domain_uuid;
$sql .= "("; $array['conferences'][0]['conference_uuid'] = $conference_uuid;
$sql .= "domain_uuid, "; $array['conferences'][0]['dialplan_uuid'] = $dialplan_uuid;
$sql .= "conference_uuid, "; $array['conferences'][0]['conference_name'] = $conference_name;
$sql .= "dialplan_uuid, "; $array['conferences'][0]['conference_extension'] = $conference_extension;
$sql .= "conference_name, "; $array['conferences'][0]['conference_pin_number'] = $conference_pin_number;
$sql .= "conference_extension, "; $array['conferences'][0]['conference_profile'] = $conference_profile;
$sql .= "conference_pin_number, "; $array['conferences'][0]['conference_flags'] = $conference_flags;
$sql .= "conference_profile, "; $array['conferences'][0]['conference_order'] = $conference_order;
$sql .= "conference_flags, "; $array['conferences'][0]['conference_description'] = $conference_description;
$sql .= "conference_order, "; $array['conferences'][0]['conference_enabled'] = $conference_enabled;
$sql .= "conference_description, ";
$sql .= "conference_enabled "; $database = new database;
$sql .= ")"; $database->app_name = 'conferences';
$sql .= "values "; $database->app_uuid = 'b81412e8-7253-91f4-e48e-42fc2c9a38d9';
$sql .= "("; $database->save($array);
$sql .= "'$domain_uuid', "; $response = $database->message;
$sql .= "'$conference_uuid', "; unset($array);
$sql .= "'$dialplan_uuid', ";
$sql .= "'$conference_name', ";
$sql .= "'$conference_extension', ";
$sql .= "'$conference_pin_number', ";
$sql .= "'$conference_profile', ";
$sql .= "'$conference_flags', ";
$sql .= "'$conference_order', ";
$sql .= "'$conference_description', ";
$sql .= "'$conference_enabled' ";
$sql .= ")";
$db->exec(check_sql($sql));
unset($sql);
//create the dialplan entry //create the dialplan entry
$dialplan_name = $conference_name; $dialplan_name = $conference_name;
@ -222,55 +222,78 @@
if ($action == "update") { if ($action == "update") {
//update the conference extension //update the conference extension
$sql = "update v_conferences set "; $array['conferences'][0]['domain_uuid'] = $domain_uuid;
$sql .= "conference_name = '$conference_name', "; $array['conferences'][0]['conference_uuid'] = $conference_uuid;
$sql .= "conference_extension = '$conference_extension', "; $array['conferences'][0]['dialplan_uuid'] = $dialplan_uuid;
$sql .= "conference_pin_number = '$conference_pin_number', "; $array['conferences'][0]['conference_name'] = $conference_name;
$sql .= "conference_profile = '$conference_profile', "; $array['conferences'][0]['conference_extension'] = $conference_extension;
$sql .= "conference_flags = '$conference_flags', "; $array['conferences'][0]['conference_pin_number'] = $conference_pin_number;
$sql .= "conference_order = '$conference_order', "; $array['conferences'][0]['conference_profile'] = $conference_profile;
$sql .= "conference_description = '$conference_description', "; $array['conferences'][0]['conference_flags'] = $conference_flags;
$sql .= "conference_enabled = '$conference_enabled' "; $array['conferences'][0]['conference_order'] = $conference_order;
$sql .= "where domain_uuid = '$domain_uuid' "; $array['conferences'][0]['conference_description'] = $conference_description;
$sql .= "and conference_uuid = '$conference_uuid'"; $array['conferences'][0]['conference_enabled'] = $conference_enabled;
$db->exec(check_sql($sql));
unset($sql);
//udpate the conference dialplan $database = new database;
$sql = "update v_dialplans set "; $database->app_name = 'conferences';
$sql .= "dialplan_name = '$conference_name', "; $database->app_uuid = 'b81412e8-7253-91f4-e48e-42fc2c9a38d9';
$database->save($array);
$response = $database->message;
unset($array);
//update the conference dialplan
$array['dialplans'][0]['dialplan_uuid'] = $dialplan_uuid;
$array['dialplans'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$array['dialplans'][0]['dialplan_name'] = $conference_name;
if (strlen($dialplan_order) > 0) { if (strlen($dialplan_order) > 0) {
$sql .= "dialplan_order = '333', "; $array['dialplans'][0]['dialplan_order'] = '333';
} }
$sql .= "dialplan_context = '".$_SESSION['context']."', "; $array['dialplans'][0]['dialplan_context'] = $_SESSION['context'];
$sql .= "dialplan_enabled = 'true', "; $array['dialplans'][0]['dialplan_enabled'] = 'true';
$sql .= "dialplan_description = '$conference_description' "; $array['dialplans'][0]['dialplan_description'] = $conference_description;
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and dialplan_uuid = '$dialplan_uuid' "; $p = new permissions;
$db->query($sql); $p->add('dialplan_edit', 'temp');
unset($sql);
$database = new database;
$database->app_name = 'conferences';
$database->app_uuid = 'b81412e8-7253-91f4-e48e-42fc2c9a38d9';
$database->save($array);
$response = $database->message;
unset($array);
$p->delete('dialplan_edit', 'temp');
//update dialplan detail condition //update dialplan detail condition
$sql = "update v_dialplan_details set "; $sql = "update v_dialplan_details set ";
$sql .= "dialplan_detail_data = '^".$conference_extension."$' "; $sql .= "dialplan_detail_data = :dialplan_detail_data ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and dialplan_detail_tag = 'condition' "; $sql .= "and dialplan_detail_tag = 'condition' ";
$sql .= "and dialplan_detail_type = 'destination_number' "; $sql .= "and dialplan_detail_type = 'destination_number' ";
$sql .= "and dialplan_uuid = '$dialplan_uuid' "; $sql .= "and dialplan_uuid = :dialplan_uuid ";
$db->query($sql); $parameters['dialplan_detail_data'] = '^'.$conference_extension.'$';
unset($sql); $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['dialplan_uuid'] = $dialplan_uuid;
$database = new database;
$database->execute($sql, $parameters);
unset($sql, $parameters);
//update dialplan detail action //update dialplan detail action
$pin_number = ''; if (strlen($conference_pin_number) > 0) { $pin_number = "+".$conference_pin_number; } $pin_number = strlen($conference_pin_number) > 0 ? '+'.$conference_pin_number : null;
$flags = ''; if (strlen($conference_flags) > 0) { $flags = "+flags{".$conference_flags."}"; } $flags = strlen($conference_flags) > 0 ? '+flags{'.$conference_flags.'}' : null;
$dialplan_detail_data = $conference_name.'@'.$_SESSION['domain_name']."@".$conference_profile.$pin_number.$flags; $dialplan_detail_data = $conference_name.'@'.$_SESSION['domain_name']."@".$conference_profile.$pin_number.$flags;
$sql = "update v_dialplan_details set "; $sql = "update v_dialplan_details set ";
$sql .= "dialplan_detail_data = '".$dialplan_detail_data."' "; $sql .= "dialplan_detail_data = :dialplan_detail_data ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and dialplan_detail_tag = 'action' "; $sql .= "and dialplan_detail_tag = 'action' ";
$sql .= "and dialplan_detail_type = 'conference' "; $sql .= "and dialplan_detail_type = 'conference' ";
$sql .= "and dialplan_uuid = '$dialplan_uuid' "; $sql .= "and dialplan_uuid = :dialplan_uuid ";
$db->query($sql); $parameters['dialplan_detail_data'] = $dialplan_detail_data;
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['dialplan_uuid'] = $dialplan_uuid;
$database = new database;
$database->execute($sql, $parameters);
unset($sql, $parameters);
//add the message //add the message
message::add($text['confirm-update']); message::add($text['confirm-update']);
@ -304,12 +327,13 @@
if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
$conference_uuid = $_GET["id"]; $conference_uuid = $_GET["id"];
$sql = "select * from v_conferences "; $sql = "select * from v_conferences ";
$sql .= "where domain_uuid = '$domain_uuid' "; $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and conference_uuid = '$conference_uuid' "; $sql .= "and conference_uuid = :conference_uuid ";
$prep_statement = $db->prepare(check_sql($sql)); $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$prep_statement->execute(); $parameters['conference_uuid'] = $conference_uuid;
$result = $prep_statement->fetchAll(); $database = new database;
foreach ($result as &$row) { $row = $database->select($sql, $parameters, 'row');
if (is_array($row) && sizeof($row) != 0) {
$dialplan_uuid = $row["dialplan_uuid"]; $dialplan_uuid = $row["dialplan_uuid"];
$conference_name = $row["conference_name"]; $conference_name = $row["conference_name"];
$conference_extension = $row["conference_extension"]; $conference_extension = $row["conference_extension"];
@ -321,7 +345,7 @@
$conference_enabled = $row["conference_enabled"]; $conference_enabled = $row["conference_enabled"];
$conference_name = str_replace("-", " ", $conference_name); $conference_name = str_replace("-", " ", $conference_name);
} }
unset ($prep_statement); unset($sql, $parameters, $row);
} }
//get the conference profiles //get the conference profiles
@ -329,29 +353,30 @@
$sql .= "from v_conference_profiles "; $sql .= "from v_conference_profiles ";
$sql .= "where profile_enabled = 'true' "; $sql .= "where profile_enabled = 'true' ";
$sql .= "and profile_name <> 'sla' "; $sql .= "and profile_name <> 'sla' ";
$prep_statement = $db->prepare(check_sql($sql)); $database = new database;
$prep_statement->execute(); $conference_profiles = $database->select($sql, null, 'all');
$conference_profiles = $prep_statement->fetchAll(PDO::FETCH_NAMED); unset($sql);
unset ($prep_statement, $sql);
//get conference users //get conference users
$sql = "SELECT * FROM v_conference_users as e, v_users as u "; $sql = "select * from v_conference_users as e, v_users as u ";
$sql .= "where e.user_uuid = u.user_uuid "; $sql .= "where e.user_uuid = u.user_uuid ";
$sql .= "and u.user_enabled = 'true' "; $sql .= "and u.user_enabled = 'true' ";
$sql .= "and e.domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "and e.domain_uuid = :domain_uuid ";
$sql .= "and e.conference_uuid = '".$conference_uuid."' "; $sql .= "and e.conference_uuid = :conference_uuid ";
$prep_statement = $db->prepare(check_sql($sql)); $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$prep_statement->execute(); $parameters['conference_uuid'] = $conference_uuid;
$conference_users = $prep_statement->fetchAll(PDO::FETCH_ASSOC); $database = new database;
$conference_users = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//get the users //get the users
$sql = "SELECT * FROM v_users "; $sql = "select * from v_users ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and user_enabled = 'true' "; $sql .= "and user_enabled = 'true' ";
$prep_statement = $db->prepare(check_sql($sql)); $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$prep_statement->execute(); $database = new database;
$users = $prep_statement->fetchAll(PDO::FETCH_NAMED); $users = $database->select($sql, $parameters, 'all');
unset($sql); unset($sql, $parameters);
//set the default //set the default
if ($conference_profile == "") { $conference_profile = "default"; } if ($conference_profile == "") { $conference_profile = "default"; }
@ -514,7 +539,6 @@
echo "</td>\n"; echo "</td>\n";
echo "<td class='vtable' align='left'>\n"; echo "<td class='vtable' align='left'>\n";
echo " <select class='formfld' name='conference_enabled'>\n"; echo " <select class='formfld' name='conference_enabled'>\n";
echo " <option value=''></option>\n";
if ($conference_enabled == "true") { if ($conference_enabled == "true") {
echo " <option value='true' selected='selected'>true</option>\n"; echo " <option value='true' selected='selected'>true</option>\n";
} }

50
app/conferences/conferences.php
View File

@ -64,28 +64,22 @@ else {
//prepare to page the results //prepare to page the results
if (if_group("superadmin") || if_group("admin")) { if (if_group("superadmin") || if_group("admin")) {
//show all extensions //show all extensions
$sql = "select count(*) as num_rows from v_conferences "; $sql = "select count(*) from v_conferences ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "where domain_uuid = :domain_uuid ";
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
} }
else { else {
//show only assigned extensions //show only assigned extensions
$sql = "select count(*) as num_rows from v_conferences as c, v_conference_users as u "; $sql = "select count(*) from v_conferences as c, v_conference_users as u ";
$sql .= "where c.conference_uuid = u.conference_uuid "; $sql .= "where c.conference_uuid = u.conference_uuid ";
$sql .= "and c.domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "and c.domain_uuid = :domain_uuid ";
$sql .= "and u.user_uuid = '".$_SESSION['user_uuid']."' "; $sql .= "and u.user_uuid = :user_uuid ";
} $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; } $parameters['user_uuid'] = $_SESSION['user_uuid'];
$prep_statement = $db->prepare($sql);
if ($prep_statement) {
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
if ($row['num_rows'] > 0) {
$num_rows = $row['num_rows'];
}
else {
$num_rows = '0';
}
} }
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
unset($sql);
//prepare to page the results //prepare to page the results
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
@ -99,22 +93,20 @@ else {
if (if_group("superadmin") || if_group("admin")) { if (if_group("superadmin") || if_group("admin")) {
//show all extensions //show all extensions
$sql = "select * from v_conferences "; $sql = "select * from v_conferences ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "where domain_uuid = :domain_uuid ";
} }
else { else {
//show only assigned extensions //show only assigned extensions
$sql = "select * from v_conferences as c, v_conference_users as u "; $sql = "select * from v_conferences as c, v_conference_users as u ";
$sql .= "where c.conference_uuid = u.conference_uuid "; $sql .= "where c.conference_uuid = u.conference_uuid ";
$sql .= "and c.domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "and c.domain_uuid = :domain_uuid ";
$sql .= "and u.user_uuid = '".$_SESSION['user_uuid']."' "; $sql .= "and u.user_uuid = :user_uuid ";
} }
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; } $sql .= order_by($order_by, $order);
$sql .= "limit $rows_per_page offset $offset "; $sql .= limit_offset($rows_per_page, $offset);
$prep_statement = $db->prepare(check_sql($sql)); $database = new database;
$prep_statement->execute(); $result = $database->select($sql, $parameters, 'all');
$result = $prep_statement->fetchAll(); unset($sql, $parameters);
$result_count = count($result);
unset ($prep_statement, $sql);
$c = 0; $c = 0;
$row_style["0"] = "row_style0"; $row_style["0"] = "row_style0";
@ -138,7 +130,7 @@ else {
echo "</td>\n"; echo "</td>\n";
echo "</tr>\n"; echo "</tr>\n";
if ($result_count > 0) { if (is_array($result) && sizeof($result) != 0) {
foreach($result as $row) { foreach($result as $row) {
$conference_name = $row['conference_name']; $conference_name = $row['conference_name'];
$conference_name = str_replace("-", " ", $conference_name); $conference_name = str_replace("-", " ", $conference_name);
@ -161,7 +153,7 @@ else {
echo "</tr>\n"; echo "</tr>\n";
if ($c==0) { $c=1; } else { $c=0; } if ($c==0) { $c=1; } else { $c=0; }
} //end foreach } //end foreach
unset($sql, $result, $row_count); unset($result);
} //end if results } //end if results
echo "<tr>\n"; echo "<tr>\n";