diff --git a/core/apps/apps.php b/core/apps/apps.php
index 8deb5170cc..35b71f3164 100644
--- a/core/apps/apps.php
+++ b/core/apps/apps.php
@@ -50,8 +50,8 @@
$document['title'] = $text['title-apps'];
//get variables used to control the order
- $order_by = check_str($_GET["order_by"]);
- $order = check_str($_GET["order"]);
+ $order_by = $_GET["order_by"];
+ $order = $_GET["order"];
//get the list of installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
diff --git a/core/apps/apps_delete.php b/core/apps/apps_delete.php
index 9f9b2d1fd6..3440b1c75c 100644
--- a/core/apps/apps_delete.php
+++ b/core/apps/apps_delete.php
@@ -39,14 +39,10 @@ else {
$text = $language->get();
//get the id
- if (count($_GET) > 0) {
- $id = check_str($_GET["id"]);
- }
+ if (is_uuid($_GET["id"]) {
-if (strlen($id) > 0) {
-
- if (count($_GET)>0 && $_POST["persistformvar"] != "true") {
$app_uuid = $_GET["id"];
+
//get the list of installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
$x=0;
@@ -60,36 +56,45 @@ if (strlen($id) > 0) {
$name = $row['name'];
if ($row["uuid"] == $app_uuid && $row['category'] != "Core") {
//delete the app from the menu
- foreach ($row['menu'] as &$menu) {
+ foreach ($row['menu'] as $index => &$menu) {
//delete menu groups and permissions from the database
- $sql = "delete from v_menu_item_groups ";
- $sql .= "where menu_item_uuid = '".$menu['uuid']."' ";
- $db->query($sql);
-
- $sql = "delete from v_menu_items ";
- $sql .= "where menu_item_uuid = '".$menu['uuid']."' ";
- $db->query($sql);
-
+ $array['menu_item_groups'][$index]['menu_item_uuid'] = $menu['uuid'];
+ $array['menu_items'][$index['menu_item_uuid'] = $menu['uuid'];
//delete the app from the file system
if (strlen($menu['path']) > 0) {
system('rm -rf '.dirname($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.$menu['path']));
}
}
+ if (is_array($array) && sizeof($array) != 0) {
+ $database = new database;
+ $database->app_name = 'apps';
+ $database->app_uuid = 'd8704214-75a0-e52f-1336-f0780e29fef8';
+ $database->delete($array);
+ unset($array);
+ }
//delete the group permissions for the app
- foreach ($row['permissions'] as &$permission) {
- $sql = "delete from v_group_permissions ";
- $sql .= "where permission_name = '".$permission['name']."' ";
- $db->query($sql);
+ foreach ($row['permissions'] as $index => &$permission) {
+ $array['group_permissions'][$index]['permission_name'] = $permission['name'];
+ }
+ if (is_array($array) && sizeof($array) != 0) {
+ $database = new database;
+ $database->app_name = 'apps';
+ $database->app_uuid = 'd8704214-75a0-e52f-1336-f0780e29fef8';
+ $database->delete($array);
+ unset($array);
}
}
}
}
+
+ //set message
+ message::add($text['message-delete']);
+
}
-}
+
//redirect the browser
- message::add($text['message-delete']);
header("Location: apps.php");
return;
diff --git a/core/apps/apps_edit.php b/core/apps/apps_edit.php
index f705417f10..1773668473 100644
--- a/core/apps/apps_edit.php
+++ b/core/apps/apps_edit.php
@@ -39,9 +39,9 @@ else {
$text = $language->get();
//action add or update
- if (isset($_REQUEST["id"])) {
+ if (is_uuid($_REQUEST["id"])) {
$action = "update";
- $app_uuid = check_str($_REQUEST["id"]);
+ $app_uuid = $_REQUEST["id"];
}
else {
$action = "add";
@@ -49,14 +49,14 @@ else {
//get http post variables and set them to php variables
if (count($_POST)>0) {
- $app_enabled = check_str($_POST["app_enabled"]);
+ $app_enabled = $_POST["app_enabled"];
}
if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$msg = '';
if ($action == "update") {
- $app_uuid = check_str($_POST["app_uuid"]);
+ $app_uuid = $_POST["app_uuid"];
}
//check for all required data
@@ -77,35 +77,27 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
//add or update the database
if ($_POST["persistformvar"] != "true") {
if ($action == "add") {
- $sql = "insert into v_apps ";
- $sql .= "(";
- $sql .= "app_uuid ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."' ";
- $sql .= ")";
- //$db->exec(check_sql($sql));
- unset($sql);
-
+ $array['apps'][0]['app_uuid'] = uuid();
message::add($text['message-add']);
- header("Location: apps.php");
- return;
- } //if ($action == "add")
+ }
if ($action == "update") {
- $sql = "update v_apps set ";
- $sql .= "app_uuid = '$app_uuid' ";
- $sql .= "where app_uuid = '$app_uuid'";
- //$db->exec(check_sql($sql));
- unset($sql);
-
+ $array['apps'][0]['app_uuid'] = $app_uuid;
message::add($text['message-update']);
- header("Location: apps.php");
- return;
- } //if ($action == "update")
- } //if ($_POST["persistformvar"] != "true")
-} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
+ }
+
+ if (is_array($array) && sizeof($array) != 0) {
+ $database = new database;
+ $database->app_name = 'apps';
+ $database->app_uuid = 'd8704214-75a0-e52f-1336-f0780e29fef8';
+ $database->save($array);
+ unset($array);
+ }
+
+ header("Location: apps.php");
+ exit;
+ }
+}
//show the header
require_once "resources/header.php";
diff --git a/core/databases/database_delete.php b/core/databases/database_delete.php
index d5411a8cf2..a7fcf604e5 100644
--- a/core/databases/database_delete.php
+++ b/core/databases/database_delete.php
@@ -38,23 +38,20 @@ else {
$language = new text;
$text = $language->get();
-//get the id
- if (count($_GET) > 0) {
- $id = check_str($_GET["id"]);
- }
-
//delete the records
- if (strlen($id) > 0) {
- $sql = "";
- $sql .= "delete from v_databases ";
- $sql .= "where database_uuid = '$id' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- unset($sql);
+ if (is_uuid($_GET["id"])) {
+ $database_uuid = $_GET["id"];
+ $array['databases'][0]['database_uuid'] = $database_uuid;
+ $database = new database;
+ $database->app_name = 'databases';
+ $database->app_uuid = '8d229b6d-1383-fcec-74c6-4ce1682479e2';
+ $database->delete($array);
+ unset($array);
+
+ message::add($text['message-delete']);
}
//redirect the browser
- message::add($text['message-delete']);
header("Location: databases.php");
return;
diff --git a/core/databases/database_edit.php b/core/databases/database_edit.php
index 26a096fd10..b92d008af1 100644
--- a/core/databases/database_edit.php
+++ b/core/databases/database_edit.php
@@ -39,9 +39,9 @@ else {
$text = $language->get();
//action add or update
- if (isset($_REQUEST["id"])) {
+ if (is_uuid($_REQUEST["id"])) {
$action = "update";
- $database_uuid = check_str($_REQUEST["id"]);
+ $database_uuid = $_REQUEST["id"];
}
else {
$action = "add";
@@ -60,22 +60,22 @@ else {
//get http post variables and set them to php variables
if (count($_POST)>0) {
- $database_driver = check_str($_POST["database_driver"]);
- $database_type = check_str($_POST["database_type"]);
- $database_host = check_str($_POST["database_host"]);
- $database_port = check_str($_POST["database_port"]);
- $database_name = check_str($_POST["database_name"]);
- $database_username = check_str($_POST["database_username"]);
- $database_password = check_str($_POST["database_password"]);
- $database_path = check_str($_POST["database_path"]);
- $database_description = check_str($_POST["database_description"]);
+ $database_driver = $_POST["database_driver"];
+ $database_type = $_POST["database_type"];
+ $database_host = $_POST["database_host"];
+ $database_port = $_POST["database_port"];
+ $database_name = $_POST["database_name"];
+ $database_username = $_POST["database_username"];
+ $database_password = $_POST["database_password"];
+ $database_path = $_POST["database_path"];
+ $database_description = $_POST["database_description"];
}
if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$msg = '';
if ($action == "update") {
- $database_uuid = check_str($_POST["database_uuid"]);
+ $database_uuid = $_POST["database_uuid"];
}
//check for all required data
@@ -103,39 +103,27 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
//add or update the database
if ($_POST["persistformvar"] != "true") {
+
+ //begin array
+ $array['databases'][0]['database_driver'] = $database_driver;
+ $array['databases'][0]['database_type'] = $database_type;
+ $array['databases'][0]['database_host'] = $database_host;
+ $array['databases'][0]['database_port'] = $database_port;
+ $array['databases'][0]['database_name'] = $database_name;
+ $array['databases'][0]['database_username'] = $database_username;
+ $array['databases'][0]['database_password'] = $database_password;
+ $array['databases'][0]['database_path'] = $database_path;
+ $array['databases'][0]['database_description'] = $database_description;
+
if ($action == "add") {
- //add the data
- $database_uuid = uuid();
- $sql = "insert into v_databases ";
- $sql .= "(";
- //$sql .= "domain_uuid, ";
- $sql .= "database_uuid, ";
- $sql .= "database_driver, ";
- $sql .= "database_type, ";
- $sql .= "database_host, ";
- $sql .= "database_port, ";
- $sql .= "database_name, ";
- $sql .= "database_username, ";
- $sql .= "database_password, ";
- $sql .= "database_path, ";
- $sql .= "database_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- //$sql .= "'$domain_uuid', ";
- $sql .= "'$database_uuid', ";
- $sql .= "'$database_driver', ";
- $sql .= "'$database_type', ";
- $sql .= "'$database_host', ";
- $sql .= "'$database_port', ";
- $sql .= "'$database_name', ";
- $sql .= "'$database_username', ";
- $sql .= "'$database_password', ";
- $sql .= "'$database_path', ";
- $sql .= "'$database_description' ";
- $sql .= ")";
- $db->exec(check_sql($sql));
- unset($sql);
+ //add new uuid
+ $array['databases'][0]['database_uuid'] = uuid();
+
+ $database = new database;
+ $database->app_name = 'databases';
+ $database->app_uuid = '8d229b6d-1383-fcec-74c6-4ce1682479e2';
+ $database->save($array);
+ unset($array);
//set the defaults
require_once "app_defaults.php";
@@ -143,24 +131,18 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
//redirect the browser
message::add($text['message-add']);
header("Location: databases.php");
- return;
- } //if ($action == "add")
+ exit;
+ }
if ($action == "update") {
- //udpate the database
- $sql = "update v_databases set ";
- $sql .= "database_type = '$database_type', ";
- $sql .= "database_driver = '$database_driver', ";
- $sql .= "database_host = '$database_host', ";
- $sql .= "database_port = '$database_port', ";
- $sql .= "database_name = '$database_name', ";
- $sql .= "database_username = '$database_username', ";
- $sql .= "database_password = '$database_password', ";
- $sql .= "database_path = '$database_path', ";
- $sql .= "database_description = '$database_description' ";
- $sql .= "where database_uuid = '$database_uuid' ";
- $db->exec(check_sql($sql));
- unset($sql);
+ //add uuid to update
+ $array['databases'][0]['database_uuid'] = $database_uuid;
+
+ $database = new database;
+ $database->app_name = 'databases';
+ $database->app_uuid = '8d229b6d-1383-fcec-74c6-4ce1682479e2';
+ $database->save($array);
+ unset($array);
//set the defaults
$domains_processed = 1;
@@ -169,20 +151,20 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
//redirect the browser
message::add($text['message-update']);
header("Location: databases.php");
- return;
- } //if ($action == "update")
- } //if ($_POST["persistformvar"] != "true")
-} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
+ exit;
+ }
+ }
+}
//pre-populate the form
if (count($_GET)>0 && $_POST["persistformvar"] != "true") {
$database_uuid = $_GET["id"];
$sql = "select * from v_databases ";
- $sql .= "where database_uuid = '$database_uuid' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- foreach ($result as &$row) {
+ $sql .= "where database_uuid = :database_uuid ";
+ $parameters['database_uuid'] = $database_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && sizeof($row) != 0) {
$database_driver = $row["database_driver"];
$database_type = $row["database_type"];
$database_host = $row["database_host"];
@@ -192,9 +174,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$database_password = $row["database_password"];
$database_path = $row["database_path"];
$database_description = $row["database_description"];
- break; //limit to 1 row
}
- unset ($prep_statement);
+ unset($sql, $parameters, $row);
}
//show the header
diff --git a/core/databases/databases.php b/core/databases/databases.php
index 699d9e31c3..0c3e78d77c 100644
--- a/core/databases/databases.php
+++ b/core/databases/databases.php
@@ -61,19 +61,11 @@ else {
echo "\n";
//prepare to page the results
- $sql = " select count(*) as num_rows from v_databases ";
- if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
- $prep_statement = $db->prepare($sql);
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
- if ($row['num_rows'] > 0) {
- $num_rows = $row['num_rows'];
- }
- else {
- $num_rows = '0';
- }
- }
+ $sql = "select count(*) from v_databases ";
+ $sql .= order_by($order_by, $order);
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
//prepare to page the results
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
@@ -85,13 +77,11 @@ else {
//get the list
$sql = "select * from v_databases ";
- if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
- $sql .= "limit $rows_per_page offset $offset ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- $result_count = count($result);
- unset ($prep_statement, $sql);
+ $sql .= order_by($order_by, $order);
+ $sql .= limit_offset($rows_per_page, $offset);
+ $database = new database;
+ $result = $database->select($sql, null, 'all');
+ unset($sql);
$c = 0;
$row_style["0"] = "row_style0";
@@ -113,7 +103,7 @@ else {
echo "\n";
echo "\n";
- if ($result_count > 0) {
+ if (is_array($result) && sizeof($result) != 0) {
foreach($result as $row) {
$tr_link = "href='database_edit.php?id=".$row['database_uuid']."'";
echo "\n";
@@ -132,7 +122,7 @@ else {
echo "
\n";
if ($c==0) { $c=1; } else { $c=0; }
} //end foreach
- unset($sql, $result, $row_count);
+ unset($result);
} //end if results
echo "\n";
diff --git a/core/default_settings/default_setting_edit.php b/core/default_settings/default_setting_edit.php
index 40883faf40..4d8c50be82 100644
--- a/core/default_settings/default_setting_edit.php
+++ b/core/default_settings/default_setting_edit.php
@@ -43,24 +43,24 @@
$text = $language->get();
//action add or update
- if (isset($_REQUEST["id"])) {
+ if (is_uuid($_REQUEST["id"])) {
$action = "update";
- $default_setting_uuid = check_str($_REQUEST["id"]);
+ $default_setting_uuid = $_REQUEST["id"];
}
else {
$action = "add";
}
- $search = check_str($_REQUEST['search']);
+ $search = $_REQUEST['search'];
//get http post variables and set them to php variables
if (count($_REQUEST) > 0) {
- $default_setting_category = strtolower(check_str($_REQUEST["default_setting_category"]));
- $default_setting_subcategory = strtolower(check_str($_POST["default_setting_subcategory"]));
- $default_setting_name = strtolower(check_str($_POST["default_setting_name"]));
- $default_setting_value = check_str($_POST["default_setting_value"]);
- $default_setting_order = check_str($_POST["default_setting_order"]);
- $default_setting_enabled = check_str($_POST["default_setting_enabled"]);
- $default_setting_description = check_str($_POST["default_setting_description"]);
+ $default_setting_category = strtolower($_REQUEST["default_setting_category"]);
+ $default_setting_subcategory = strtolower($_POST["default_setting_subcategory"]);
+ $default_setting_name = strtolower($_POST["default_setting_name"]);
+ $default_setting_value = $_POST["default_setting_value"];
+ $default_setting_order = $_POST["default_setting_order"];
+ $default_setting_enabled = $_POST["default_setting_enabled"];
+ $default_setting_description = $_POST["default_setting_description"];
}
//process the http post
@@ -68,7 +68,7 @@
//set the default_setting_uuid
if ($action == "update") {
- $default_setting_uuid = check_str($_POST["default_setting_uuid"]);
+ $default_setting_uuid = $_POST["default_setting_uuid"];
}
else {
$default_setting_uuid = uuid();
@@ -104,30 +104,31 @@
//update switch timezone variables
if ($default_setting_category == "domain" && $default_setting_subcategory == "time_zone" && $default_setting_name == "name" ) {
//get the action
- $sql = "select * from v_vars ";
+ $sql = "select count(*) from v_vars ";
$sql .= "where var_name = 'timezone' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- $var_action = "add";
- foreach ($result as $row) {
- $var_action = "update";
- }
- unset ($prep_statement);
-
- //update the timezone
- if ($var_action == "update") {
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
+ //update
+ if ($num_rows != 0) {
$sql = "update v_vars ";
- $sql .= "set var_value = '".$default_setting_value."' ";
+ $sql .= "set var_value = :default_setting_value ";
$sql .= "where var_name = 'timezone' ";
+ $parameters['default_setting_value'] = $default_setting_value;
}
+ //insert
else {
$sql = "insert into v_vars ";
$sql .= "(var_uuid, var_name, var_value, var_category, var_command, var_enabled) ";
- $sql .= "values ('".uuid()."', 'timezone', '$default_setting_value', 'Defaults', 'set', 'true'); ";
+ $sql .= "values ('".uuid()."', 'timezone', :default_setting_value, 'Defaults', 'set', 'true'); ";
+ $parameters['default_setting_value'] = $default_setting_value;
}
- $db->query($sql);
- unset($sql);
+ //execute
+ $database = new database;
+ $database->app_name = 'default_settings';
+ $database->app_uuid = '2c2453c0-1bea-4475-9f44-4d969650de09';
+ $database->execute($sql, $parameters);
+ unset($sql, $parameters);
//synchronize the configuration
save_var_xml();
@@ -167,13 +168,13 @@
//pre-populate the form
if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
- $default_setting_uuid = check_str($_GET["id"]);
+ $default_setting_uuid = $_GET["id"];
$sql = "select * from v_default_settings ";
- $sql .= "where default_setting_uuid = '$default_setting_uuid' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $default_settings = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- foreach ($default_settings as &$row) {
+ $sql .= "where default_setting_uuid = :default_setting_uuid ";
+ $parameters['default_setting_uuid'] = $default_setting_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && sizeof($row) != 0) {
$default_setting_category = $row["default_setting_category"];
$default_setting_subcategory = $row["default_setting_subcategory"];
$default_setting_name = $row["default_setting_name"];
@@ -181,9 +182,8 @@
$default_setting_order = $row["default_setting_order"];
$default_setting_enabled = $row["default_setting_enabled"];
$default_setting_description = $row["default_setting_description"];
- break; //limit to 1 row
}
- unset ($prep_statement);
+ unset($sql, $parameters);
}
//show the header
@@ -297,21 +297,21 @@
}
elseif ($category == "domain" && $subcategory == "menu" && $name == "uuid" ) {
echo " \n";
}
elseif ($category == "domain" && $subcategory == "template" && $name == "name" ) {
diff --git a/core/default_settings/default_setting_toggle.php b/core/default_settings/default_setting_toggle.php
index 554562a3e2..cdf44ddc05 100644
--- a/core/default_settings/default_setting_toggle.php
+++ b/core/default_settings/default_setting_toggle.php
@@ -46,27 +46,33 @@ else {
$toggled = 0;
if (is_array($default_setting_uuids) && sizeof($default_setting_uuids) > 0) {
foreach ($default_setting_uuids as $default_setting_uuid) {
- //get current status
- $sql = "select default_setting_enabled from v_default_settings where default_setting_uuid = '".check_str($default_setting_uuid)."'";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_NAMED);
- $new_status = ($row['default_setting_enabled'] == 'true') ? 'false' : "true";
- unset ($sql, $prep_statement, $row);
- //set new status
- $sql = "update v_default_settings set default_setting_enabled = '".$new_status."' where default_setting_uuid = '".check_str($default_setting_uuid)."'";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- unset ($sql, $prep_statement);
-
- $toggled++;
+ if (is_uuid($default_setting_uuid)) {
+ //get current status
+ $sql = "select default_setting_enabled from v_default_settings where default_setting_uuid = :default_setting_uuid ";
+ $parameters['default_setting_uuid'] = $default_setting_uuid;
+ $database = new database;
+ $default_setting_enabled = $database->select($sql, $parameters, 'column');
+ $new_status = ($default_setting_enabled == 'true') ? 'false' : 'true';
+ unset($sql, $parameters);
+ //set new status
+ $array['default_settings'][0]['default_setting_uuid'] = $default_setting_uuid;
+ $array['default_settings'][0]['default_setting_enabled'] = $new_status;
+ $database = new database;
+ $database->app_name = 'default_settings';
+ $database->app_uuid = '2c2453c0-1bea-4475-9f44-4d969650de09';
+ $database->save($array);
+ $message = $database->message;
+ unset($array);
+ //increment toggle total
+ $toggled++;
+ }
+ }
+ if ($toggled > 0) {
+ $_SESSION["message"] = $text['message-toggled'].': '.$toggled;
}
}
//redirect the user
- if ($toggled > 0) {
- $_SESSION["message"] = $text['message-toggled'].': '.$toggled;
- }
- header("Location: default_settings.php".(($search != '') ? '?search='.$search : null));
+ header("Location: default_settings.php".($search != '' ? '?search='.$search : null));
?>
diff --git a/core/default_settings/default_settings.php b/core/default_settings/default_settings.php
index 28c3f6db3f..e8db245760 100644
--- a/core/default_settings/default_settings.php
+++ b/core/default_settings/default_settings.php
@@ -44,38 +44,41 @@
//get posted values, if any
if (sizeof($_REQUEST) > 0) {
- $action = check_str($_REQUEST["action"]);
+ $action = $_REQUEST["action"];
$default_setting_uuids = $_REQUEST["id"];
- $enabled = check_str($_REQUEST['enabled']);
- $category = check_str($_REQUEST['category']);
- $search = check_str($_REQUEST['search']);
+ $enabled = $_REQUEST['enabled'];
+ $category = $_REQUEST['category'];
+ $search = $_REQUEST['search'];
- if (sizeof($default_setting_uuids) == 1 && $enabled != '') {
- $sql = "update v_default_settings set ";
- $sql .= "default_setting_enabled = '".$enabled."' ";
- $sql .= "where default_setting_uuid = '".$default_setting_uuids[0]."'";
- $db->exec(check_sql($sql));
- unset($sql);
+ if (sizeof($default_setting_uuids) == 1 && $enabled != '' && is_uuid($default_setting_uuids[0])) {
+ $array['default_settings'][0]['default_setting_uuid'] = $default_setting_uuids[0];
+ $array['default_settings'][0]['default_setting_enabled'] = $enabled;
+ $database = new database;
+ $database->app_name = 'default_settings';
+ $database->app_uuid = '2c2453c0-1bea-4475-9f44-4d969650de09';
+ $database->save($array);
+ $message = $database->message;
+ unset($array);
message::add($text['message-update']);
- header("Location: default_settings.php".(($search != '') ? "?search=".escape($search) : null)."#anchor_".escape($category));
+ header("Location: default_settings.php".($search != '' ? "?search=".escape($search) : null)."#anchor_".escape($category));
exit;
}
if ($action == 'copy' && permission_exists('domain_setting_add')) {
- $target_domain_uuid = check_str($_POST["target_domain_uuid"]);
+ $target_domain_uuid = $_POST["target_domain_uuid"];
- if ($target_domain_uuid != '' && sizeof($default_setting_uuids) > 0) {
+ if (is_uuid($target_domain_uuid) && sizeof($default_setting_uuids) > 0) {
$settings_copied = 0;
foreach ($default_setting_uuids as $default_setting_uuid) {
// get default setting from db
$sql = "select * from v_default_settings ";
- $sql .= "where default_setting_uuid = '".$default_setting_uuid."' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- foreach ($result as &$row) {
+ $sql .= "where default_setting_uuid = :default_setting_uuid ";
+ $parameters['default_setting_uuid'] = $default_setting_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && sizeof($row) != 0) {
$default_setting_category = $row["default_setting_category"];
$default_setting_subcategory = $row["default_setting_subcategory"];
$default_setting_name = $row["default_setting_name"];
@@ -84,7 +87,7 @@
$default_setting_enabled = $row["default_setting_enabled"];
$default_setting_description = $row["default_setting_description"];
}
- unset ($prep_statement);
+ unset($sql, $parameters, $row);
//set a random password for http_auth_password
if ($default_setting_subcategory == "http_auth_password") {
@@ -93,77 +96,54 @@
// check if exists
$sql = "select domain_setting_uuid from v_domain_settings ";
- $sql .= "where domain_uuid = '".$target_domain_uuid."' ";
- $sql .= "and domain_setting_category = '".$default_setting_category."' ";
- $sql .= "and domain_setting_subcategory = '".$default_setting_subcategory."' ";
- $sql .= "and domain_setting_name = '".$default_setting_name."' ";
+ $sql .= "where domain_uuid = :domain_uuid ";
+ $sql .= "and domain_setting_category = :domain_setting_category ";
+ $sql .= "and domain_setting_subcategory = :domain_setting_subcategory ";
+ $sql .= "and domain_setting_name = :domain_setting_name ";
$sql .= "and domain_setting_name <> 'array' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- if (sizeof($result) > 0) {
- foreach ($result as &$row) {
- $target_domain_setting_uuid = $row["domain_setting_uuid"];
- break;
- }
- $action = "update";
- }
- else {
- $action = "add";
- }
- unset ($prep_statement);
+ $parameters['domain_uuid'] = $target_domain_uuid;
+ $parameters['domain_setting_category'] = $default_setting_category;
+ $parameters['domain_setting_subcategory'] = $default_setting_subcategory;
+ $parameters['domain_setting_name'] = $default_setting_name;
+ $database = new database;
+ $target_domain_setting_uuid = $database->select($sql, $parameters, 'column');
+ $action = is_uuid($target_domain_setting_uuid) ? 'update' : 'add';
+ unset($sql, $parameters);
// fix null
- $default_setting_order = ($default_setting_order != '') ? $default_setting_order : 'null';
+ $default_setting_order = $default_setting_order != '' ? $default_setting_order : 'null';
- // insert for target domain
+ //begin array
+ $array['domain_settings'][0]['domain_uuid'] = $target_domain_uuid;
+ $array['domain_settings'][0]['domain_setting_category'] = $default_setting_category;
+ $array['domain_settings'][0]['domain_setting_subcategory'] = $default_setting_subcategory;
+ $array['domain_settings'][0]['domain_setting_name'] = $default_setting_name;
+ $array['domain_settings'][0]['domain_setting_value'] = $default_setting_value;
+ $array['domain_settings'][0]['domain_setting_order'] = $default_setting_order;
+ $array['domain_settings'][0]['domain_setting_enabled'] = $default_setting_enabled;
+ $array['domain_settings'][0]['domain_setting_description'] = $default_setting_description;
+
+ //insert
if ($action == "add" && permission_exists("domain_select") && permission_exists("domain_setting_add") && count($_SESSION['domains']) > 1) {
- $sql = "insert into v_domain_settings ";
- $sql .= "(";
- $sql .= "domain_uuid, ";
- $sql .= "domain_setting_uuid, ";
- $sql .= "domain_setting_category, ";
- $sql .= "domain_setting_subcategory, ";
- $sql .= "domain_setting_name, ";
- $sql .= "domain_setting_value, ";
- $sql .= "domain_setting_order, ";
- $sql .= "domain_setting_enabled, ";
- $sql .= "domain_setting_description ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".$target_domain_uuid."', ";
- $sql .= "'".uuid()."', ";
- $sql .= "'".$default_setting_category."', ";
- $sql .= "'".$default_setting_subcategory."', ";
- $sql .= "'".$default_setting_name."', ";
- $sql .= "'".$default_setting_value."', ";
- $sql .= " ".$default_setting_order." , ";
- $sql .= "'".$default_setting_enabled."', ";
- $sql .= "'".$default_setting_description."' ";
- $sql .= ")";
- $db->exec(check_sql($sql));
- unset($sql);
-
- $settings_copied++;
- } // add
-
+ $array['domain_settings'][0]['domain_setting_uuid'] = uuid();
+ }
+ //update
if ($action == "update" && permission_exists('domain_setting_edit')) {
- $sql = "update v_domain_settings set ";
- $sql .= "domain_setting_category = '".$default_setting_category."', ";
- $sql .= "domain_setting_subcategory = '".$default_setting_subcategory."', ";
- $sql .= "domain_setting_name = '".$default_setting_name."', ";
- $sql .= "domain_setting_value = '".$default_setting_value."', ";
- $sql .= "domain_setting_order = ".$default_setting_order.", ";
- $sql .= "domain_setting_enabled = '".$default_setting_enabled."', ";
- $sql .= "domain_setting_description = '".$default_setting_description."' ";
- $sql .= "where domain_uuid = '".$target_domain_uuid."' ";
- $sql .= "and domain_setting_uuid = '".$target_domain_setting_uuid."' ";
- $db->exec(check_sql($sql));
- unset($sql);
+ $array['domain_settings'][0]['domain_setting_uuid'] = $target_domain_setting_uuid;
+ }
+
+ //execute
+ if (is_uuid($array['domain_settings'][0]['domain_setting_uuid'])) {
+ $database = new database;
+ $database->app_name = 'default_settings';
+ $database->app_uuid = '2c2453c0-1bea-4475-9f44-4d969650de09';
+ $database->save($array);
+ $message = $database->message;
+ unset($array);
$settings_copied++;
- } // update
+ }
+
} // foreach
// set message
@@ -174,21 +154,24 @@
message::add($text['message-copy_failed']);
}
- header("Location: default_settings.php".(($search != '') ? "?search=".escape($search) : null));
+ header("Location: default_settings.php".($search != '' ? "?search=".escape($search) : null));
exit;
}
if ($action == 'delete' && permission_exists('default_setting_delete')) {
if (sizeof($default_setting_uuids) > 0) {
- foreach ($default_setting_uuids as $default_setting_uuid) {
+ foreach ($default_setting_uuids as $index => $default_setting_uuid) {
//delete default_setting(s)
- $sql = "delete from v_default_settings ";
- $sql .= "where default_setting_uuid = '".$default_setting_uuid."' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- unset($sql);
+ $array['default_settings'][$index]['default_setting_uuid'] = $default_setting_uuid;
+ }
+ if (is_array($array)) {
+ $database = new database;
+ $database->app_name = 'default_settings';
+ $database->app_uuid = '2c2453c0-1bea-4475-9f44-4d969650de09';
+ $database->delete($array);
+ $message = $database->message;
+ unset($array);
}
-
// set message
$_SESSION["message"] = $text['message-delete'].": ".sizeof($default_setting_uuids);
}
@@ -298,18 +281,10 @@
echo "
";
//prepare to page the results
- $sql = "select count(*) as num_rows from v_default_settings ";
- $prep_statement = $db->prepare($sql);
- if ($prep_statement) {
- $prep_statement->execute();
- $row = $prep_statement->fetch(PDO::FETCH_ASSOC);
- if ($row['num_rows'] > 0) {
- $num_rows = $row['num_rows'];
- }
- else {
- $num_rows = '0';
- }
- }
+ $sql = "select count(*) from v_default_settings ";
+ $database = new database;
+ $num_rows = $database->select($sql, null, 'column');
+ unset($sql);
//prepare to page the results
$rows_per_page = 1000;
@@ -321,24 +296,22 @@
//get the list
$sql = "select * from v_default_settings ";
- if (strlen($order_by) == 0) {
+ if ($order_by == '') {
$sql .= "order by default_setting_category, default_setting_subcategory, default_setting_order asc, default_setting_name, default_setting_value ";
}
else {
- $sql .= "order by $order_by $order ";
+ $sql .= order_by($order_by, $order);
}
- $sql .= "limit $rows_per_page offset $offset ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- $result_count = count($result);
- unset ($prep_statement, $sql);
+ $sql .= limit_offset($rows_per_page, $offset);
+ $database = new database;
+ $result = $database->select($sql, null, 'all');
+ unset($sql);
$c = 0;
$row_style["0"] = "row_style0";
$row_style["1"] = "row_style1";
- if ($result_count > 0) {
+ if (is_array($result) && sizeof($result) != 0) {
$previous_category = '';
foreach($result as $row) {
@@ -403,14 +376,14 @@
$name = $row['default_setting_name'];
if ($category == "domain" && $subcategory == "menu" && $name == "uuid" ) {
$sql = "select * from v_menus ";
- $sql .= "where menu_uuid = '".$row['default_setting_value']."' ";
- $sub_prep_statement = $db->prepare(check_sql($sql));
- $sub_prep_statement->execute();
- $sub_result = $sub_prep_statement->fetchAll(PDO::FETCH_NAMED);
- unset ($prep_statement, $sql);
+ $sql .= "where menu_uuid = :menu_uuid ";
+ $parameters['menu_uuid'] = $row['default_setting_value'];
+ $database = new database;
+ $sub_result = $database->select($sql, $parameters, 'all');
foreach ($sub_result as &$sub_row) {
echo $sub_row["menu_language"]." - ".$sub_row["menu_name"]."\n";
}
+ unset($sql, $sub_result, $sub_row);
}
else if ($category == "domain" && $subcategory == "template" && $name == "name" ) {
echo " ".ucwords($row['default_setting_value']);
diff --git a/core/default_settings/default_settings_reload.php b/core/default_settings/default_settings_reload.php
index 8eb3ef8c0b..5de9fea158 100644
--- a/core/default_settings/default_settings_reload.php
+++ b/core/default_settings/default_settings_reload.php
@@ -38,7 +38,7 @@ else {
$language = new text;
$text = $language->get();
-$search = check_str($_REQUEST['search']);
+$search = $_REQUEST['search'];
require "resources/classes/domains.php";
$domain = new domains();
@@ -46,6 +46,6 @@ $domain->db = $db;
$domain->set();
message::add($text['message-settings_reloaded']);
-header("Location: default_settings.php".(($search != '') ? "?search=".$search : null));
+header("Location: default_settings.php".($search != '' ? "?search=".$search : null));
?>
\ No newline at end of file
diff --git a/resources/classes/database.php b/resources/classes/database.php
index d03f9f1a46..337ed326fd 100644
--- a/resources/classes/database.php
+++ b/resources/classes/database.php
@@ -1813,6 +1813,9 @@ include "root.php";
private function singular($word) {
//"-es" is used for words that end in "-x", "-s", "-z", "-sh", "-ch" in which case you add
if (substr($word, -2) == "es") {
+ if (substr($word, -3) == "ses") {
+ return rtrim($word, "s");
+ }
if (substr($word, -3) == "ies") {
return substr($word,0,-3)."y";
}