From 6c3dce77d925080d2c6aa43c5360f5d25f3e1caa Mon Sep 17 00:00:00 2001 From: Alexey Melnichuk Date: Fri, 18 Nov 2016 20:16:22 +0300 Subject: [PATCH] Add. Use parameters in cidlookup.lua and call_block app (#2096) --- .../install/scripts/app/call_block/index.lua | 8 +++---- resources/install/scripts/cidlookup.lua | 21 ++++++++++++------- 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/resources/install/scripts/app/call_block/index.lua b/resources/install/scripts/app/call_block/index.lua index 860154189b..25bf3c861a 100644 --- a/resources/install/scripts/app/call_block/index.lua +++ b/resources/install/scripts/app/call_block/index.lua @@ -93,8 +93,8 @@ This method causes the script to get its manadatory arguments directly from the --if not cached then get the information from the database if (cache == "-ERR NOT FOUND") then --connect to the database - require "resources.functions.database_handle"; - dbh = database_handle('system'); + Database = require "resources.functions.database"; + dbh = Database.new('system'); --log if not connect if dbh:connected() == false then @@ -104,8 +104,8 @@ This method causes the script to get its manadatory arguments directly from the --check if the the call block is blocked sql = "SELECT * FROM v_call_block as c " sql = sql .. "JOIN v_domains as d ON c.domain_uuid=d.domain_uuid " - sql = sql .. "WHERE c.call_block_number = '" .. params["cid_num"] .. "' AND d.domain_name = '" .. params["domain_name"] .."'" - status = dbh:query(sql, function(rows) + sql = sql .. "WHERE c.call_block_number = :cid_num AND d.domain_name = :domain_name" + dbh:query(sql, params, function(rows) found_cid_num = rows["call_block_number"]; found_uuid = rows["call_block_uuid"]; found_enabled = rows["call_block_enabled"]; diff --git a/resources/install/scripts/cidlookup.lua b/resources/install/scripts/cidlookup.lua index 420b230086..ac8eb29b79 100644 --- a/resources/install/scripts/cidlookup.lua +++ b/resources/install/scripts/cidlookup.lua @@ -26,9 +26,6 @@ -- add this in Inbound Routes before transfer to use it: -- action set caller_id_name=${luarun cidlookup.lua ${uuid}} ---debug - debug["sql"] = true; - --define the trim function require "resources.functions.trim" @@ -71,9 +68,15 @@ --include config.lua require "resources.functions.config"; +--include json library + local json + if (debug["sql"]) then + json = require "resources.functions.lunajson" + end + --connect to the database - require "resources.functions.database_handle"; - dbh = database_handle('system'); + local Database = require "resources.functions.database"; + dbh = Database.new('system'); if (database["type"] == "mysql") then sql = "SELECT CONCAT(v_contacts.contact_name_given, ' ', v_contacts.contact_name_family,' (',v_contact_phones.phone_type,')') AS name FROM v_contacts "; elseif (database["type"] == "pgsql") then @@ -83,12 +86,14 @@ end sql = sql .. "INNER JOIN v_contact_phones ON v_contact_phones.contact_uuid = v_contacts.contact_uuid "; sql = sql .. "INNER JOIN v_destinations ON v_destinations.domain_uuid = v_contacts.domain_uuid "; - sql = sql .. "WHERE v_contact_phones.phone_number = '"..caller.."' + sql = sql .. "WHERE v_contact_phones.phone_number = :caller" + local params = {caller = caller} if (debug["sql"]) then - freeswitch.consoleLog("notice", "[cidlookup] "..sql.."\n"); + freeswitch.consoleLog("notice", "[cidlookup] SQL: "..sql.."; params:" .. json.encode(params) .. "\n"); end - status = dbh:query(sql, function(row) + + dbh:query(sql, params, function(row) name = row.name; end);