nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-06 11:43:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update call_center_queues.php

Browse Source
This commit is contained in:
AlexanderDCrane
2019-06-01 12:29:59 -06:00
committed by GitHub
parent 91414a830e
commit 36f07d70b9
1 changed files with 32 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
app/call_centers/call_center_queues.php
View File

@@ -51,6 +51,21 @@
$order_by = $_GET["order_by"]; $order_by = $_GET["order_by"];
$order = $_GET["order"]; $order = $_GET["order"];
//validate order by
if (strlen($order_by) > 0) {
$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', $order_by);
}
//validate the order
switch ($order) {
case 'asc':
break;
case 'desc':
break;
default:
$order = '';
}
//show the content //show the content
echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n"; echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
echo "<tr>\n"; echo "<tr>\n";
@@ -70,14 +85,11 @@
echo "</tr></table>\n"; echo "</tr></table>\n";
//get total call center queues count from the database //get total call center queues count from the database
$sql = "select count(*) as num_rows from v_call_center_queues where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql = "select count(*) as num_rows from v_call_center_queues where domain_uuid = :domain_uuid ";
$prep_statement = $db->prepare($sql); $database = new database;
if ($prep_statement) { $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$prep_statement->execute(); $row = $database->select($sql, $parameters, 'all');
$row = $prep_statement->fetch(PDO::FETCH_ASSOC); $total_call_center_queues = $row['num_rows'];
$total_call_center_queues = $row['num_rows'];
}
unset($prep_statement, $row);
//prepare to page the results (reuse $sql from above) //prepare to page the results (reuse $sql from above)
if (strlen($order_by) == 0) { if (strlen($order_by) == 0) {
@@ -87,12 +99,10 @@
else { else {
$sql .= "order by $order_by $order "; $sql .= "order by $order_by $order ";
} }
$prep_statement = $db->prepare(check_sql($sql)); $database = new database;
$prep_statement->execute(); $result = $database->select($sql, $parameters, 'all');
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $num_rows = $database->select($sql, $parameters, 'column');
$num_rows = count($result);
unset ($prep_statement, $result, $sql);
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
$param = ""; $param = "";
$page = $_GET['page']; $page = $_GET['page'];
@@ -101,7 +111,7 @@
$offset = $rows_per_page * $page; $offset = $rows_per_page * $page;
$sql = "select * from v_call_center_queues "; $sql = "select * from v_call_center_queues ";
$sql .= "where domain_uuid = '$domain_uuid' "; $sql .= "where domain_uuid = :domain_uuid ";
if (strlen($order_by) == 0) { if (strlen($order_by) == 0) {
$order_by = 'queue_name'; $order_by = 'queue_name';
$order = 'asc'; $order = 'asc';
@@ -109,13 +119,12 @@
else { else {
$sql .= "order by $order_by $order "; $sql .= "order by $order_by $order ";
} }
$sql .= " limit $rows_per_page offset $offset "; $sql .= " limit :rows_per_page offset :offset ";
$prep_statement = $db->prepare(check_sql($sql)); $database = new database;
$prep_statement->execute(); $parameters['rows_per_page'] = $rows_per_page;
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $parameters['offset'] = $offset;
$result_count = count($result); $result = $database->select($sql, $parameters, 'all');
unset ($prep_statement, $sql);
$c = 0; $c = 0;
$row_style["0"] = "row_style0"; $row_style["0"] = "row_style0";
$row_style["1"] = "row_style1"; $row_style["1"] = "row_style1";
@@ -146,7 +155,7 @@
echo "</td>\n"; echo "</td>\n";
echo "</tr>\n"; echo "</tr>\n";
if ($result_count > 0) { if (is_array($result)) {
foreach($result as $row) { foreach($result as $row) {
$tr_link = (permission_exists('call_center_queue_edit')) ? "href='call_center_queue_edit.php?id=".escape($row[call_center_queue_uuid])."'" : null; $tr_link = (permission_exists('call_center_queue_edit')) ? "href='call_center_queue_edit.php?id=".escape($row[call_center_queue_uuid])."'" : null;
echo "<tr ".$tr_link.">\n"; echo "<tr ".$tr_link.">\n";