From 7bf2c1d19ff1d04275124028608af5c61fea9427 Mon Sep 17 00:00:00 2001 From: Nate Date: Mon, 12 Aug 2019 05:26:58 -0600 Subject: [PATCH] Pin Numbers: Database class integration. --- app/extensions/extension_download.php | 271 +++++++++++++------------- app/extensions/extensions.php | 2 +- app/pin_numbers/app_languages.php | 58 ++---- app/pin_numbers/pin_download.php | 176 +++++++++-------- app/pin_numbers/pin_number_delete.php | 24 +-- app/pin_numbers/pin_number_edit.php | 105 +++++----- app/pin_numbers/pin_numbers.php | 70 +++---- 7 files changed, 339 insertions(+), 367 deletions(-) diff --git a/app/extensions/extension_download.php b/app/extensions/extension_download.php index 6b6d11a75d..16cfcf40d4 100644 --- a/app/extensions/extension_download.php +++ b/app/extensions/extension_download.php @@ -17,138 +17,144 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2012 + Portions created by the Initial Developer are Copyright (C) 2008-2019 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ -include "root.php"; -require_once "resources/require.php"; -require_once "resources/check_auth.php"; -require_once "resources/paging.php"; -if (if_group("superadmin")) { - //access granted -} -else { - echo "access denied"; - exit; -} -//add multi-lingual support -$language = new text; -$text = $language->get(); +//includes + include "root.php"; + require_once "resources/require.php"; + require_once "resources/check_auth.php"; + require_once "resources/paging.php"; -//define available columns -$available_columns[] = 'extension_uuid'; -$available_columns[] = 'domain_uuid'; -$available_columns[] = 'extension'; -$available_columns[] = 'number_alias'; -$available_columns[] = 'password'; -$available_columns[] = 'accountcode'; -$available_columns[] = 'effective_caller_id_name'; -$available_columns[] = 'effective_caller_id_number'; -$available_columns[] = 'outbound_caller_id_name'; -$available_columns[] = 'outbound_caller_id_number'; -$available_columns[] = 'emergency_caller_id_name'; -$available_columns[] = 'emergency_caller_id_number'; -$available_columns[] = 'directory_first_name'; -$available_columns[] = 'directory_last_name'; -$available_columns[] = 'directory_visible'; -$available_columns[] = 'directory_exten_visible'; -$available_columns[] = 'limit_max'; -$available_columns[] = 'limit_destination'; -$available_columns[] = 'missed_call_app'; -$available_columns[] = 'missed_call_data'; -$available_columns[] = 'user_context'; -$available_columns[] = 'toll_allow'; -$available_columns[] = 'call_timeout'; -$available_columns[] = 'call_group'; -$available_columns[] = 'call_screen_enabled'; -$available_columns[] = 'user_record'; -$available_columns[] = 'hold_music'; -$available_columns[] = 'auth_acl'; -$available_columns[] = 'cidr'; -$available_columns[] = 'sip_force_contact'; -$available_columns[] = 'nibble_account'; -$available_columns[] = 'sip_force_expires'; -$available_columns[] = 'mwi_account'; -$available_columns[] = 'sip_bypass_media'; -$available_columns[] = 'unique_id'; -$available_columns[] = 'dial_string'; -$available_columns[] = 'dial_user'; -$available_columns[] = 'dial_domain'; -$available_columns[] = 'do_not_disturb'; -$available_columns[] = 'forward_all_destination'; -$available_columns[] = 'forward_all_enabled'; -$available_columns[] = 'forward_busy_destination'; -$available_columns[] = 'forward_busy_enabled'; -$available_columns[] = 'forward_no_answer_destination'; -$available_columns[] = 'forward_no_answer_enabled'; -$available_columns[] = 'follow_me_uuid'; -$available_columns[] = 'enabled'; -$available_columns[] = 'description'; -$available_columns[] = 'forward_caller_id_uuid'; -$available_columns[] = 'absolute_codec_string'; -$available_columns[] = 'forward_user_not_registered_destination'; -$available_columns[] = 'forward_user_not_registered_enabled'; - -function array2csv(array &$array) -{ - if (count($array) == 0) { - return null; - } - ob_start(); - $df = fopen("php://output", 'w'); - fputcsv($df, array_keys(reset($array))); - foreach ($array as $row) { - fputcsv($df, $row); - } - fclose($df); - return ob_get_clean(); -} - -function download_send_headers($filename) { - // disable caching - $now = gmdate("D, d M Y H:i:s"); - header("Expires: Tue, 03 Jul 2001 06:00:00 GMT"); - header("Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate"); - header("Last-Modified: {$now} GMT"); - - // force download - header("Content-Type: application/force-download"); - header("Content-Type: application/octet-stream"); - header("Content-Type: application/download"); - - // disposition / encoding on response body - header("Content-Disposition: attachment;filename={$filename}"); - header("Content-Transfer-Encoding: binary"); -} - -if (is_array($_REQUEST["column_group"]) && @sizeof($_REQUEST["column_group"]) != 0) { - //validate submitted columns - foreach($_REQUEST["column_group"] as $column_name) { - if (in_array($column_name, $available_columns)) { - $selected_columns[] = $column_name; - } +//check permissions + if (if_group("superadmin")) { + //access granted } - if (is_array($selected_columns) && @sizeof($selected_columns) != 0) { - $sql = "select ".implode(', ', $selected_columns)." from v_extensions "; - $sql .= "where domain_uuid = :domain_uuid "; - $parameters['domain_uuid'] = $domain_uuid; - $database = new database; - $extensions = $database->select($sql, $parameters, 'all'); - unset($sql, $parameters, $selected_columns); - - download_send_headers("data_export_".date("Y-m-d").".csv"); - echo array2csv($extensions); + else { + echo "access denied"; exit; } -} -$c = 0; -$row_style["0"] = "row_style0"; -$row_style["1"] = "row_style1"; +//add multi-lingual support + $language = new text; + $text = $language->get(); + +//define available columns + $available_columns[] = 'extension_uuid'; + $available_columns[] = 'domain_uuid'; + $available_columns[] = 'extension'; + $available_columns[] = 'number_alias'; + $available_columns[] = 'password'; + $available_columns[] = 'accountcode'; + $available_columns[] = 'effective_caller_id_name'; + $available_columns[] = 'effective_caller_id_number'; + $available_columns[] = 'outbound_caller_id_name'; + $available_columns[] = 'outbound_caller_id_number'; + $available_columns[] = 'emergency_caller_id_name'; + $available_columns[] = 'emergency_caller_id_number'; + $available_columns[] = 'directory_first_name'; + $available_columns[] = 'directory_last_name'; + $available_columns[] = 'directory_visible'; + $available_columns[] = 'directory_exten_visible'; + $available_columns[] = 'limit_max'; + $available_columns[] = 'limit_destination'; + $available_columns[] = 'missed_call_app'; + $available_columns[] = 'missed_call_data'; + $available_columns[] = 'user_context'; + $available_columns[] = 'toll_allow'; + $available_columns[] = 'call_timeout'; + $available_columns[] = 'call_group'; + $available_columns[] = 'call_screen_enabled'; + $available_columns[] = 'user_record'; + $available_columns[] = 'hold_music'; + $available_columns[] = 'auth_acl'; + $available_columns[] = 'cidr'; + $available_columns[] = 'sip_force_contact'; + $available_columns[] = 'nibble_account'; + $available_columns[] = 'sip_force_expires'; + $available_columns[] = 'mwi_account'; + $available_columns[] = 'sip_bypass_media'; + $available_columns[] = 'unique_id'; + $available_columns[] = 'dial_string'; + $available_columns[] = 'dial_user'; + $available_columns[] = 'dial_domain'; + $available_columns[] = 'do_not_disturb'; + $available_columns[] = 'forward_all_destination'; + $available_columns[] = 'forward_all_enabled'; + $available_columns[] = 'forward_busy_destination'; + $available_columns[] = 'forward_busy_enabled'; + $available_columns[] = 'forward_no_answer_destination'; + $available_columns[] = 'forward_no_answer_enabled'; + $available_columns[] = 'follow_me_uuid'; + $available_columns[] = 'enabled'; + $available_columns[] = 'description'; + $available_columns[] = 'forward_caller_id_uuid'; + $available_columns[] = 'absolute_codec_string'; + $available_columns[] = 'forward_user_not_registered_destination'; + $available_columns[] = 'forward_user_not_registered_enabled'; + +//define the functions + function array2csv(array &$array) { + if (count($array) == 0) { + return null; + } + ob_start(); + $df = fopen("php://output", 'w'); + fputcsv($df, array_keys(reset($array))); + foreach ($array as $row) { + fputcsv($df, $row); + } + fclose($df); + return ob_get_clean(); + } + + function download_send_headers($filename) { + // disable caching + $now = gmdate("D, d M Y H:i:s"); + header("Expires: Tue, 03 Jul 2001 06:00:00 GMT"); + header("Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate"); + header("Last-Modified: {$now} GMT"); + + // force download + header("Content-Type: application/force-download"); + header("Content-Type: application/octet-stream"); + header("Content-Type: application/download"); + + // disposition / encoding on response body + header("Content-Disposition: attachment;filename={$filename}"); + header("Content-Transfer-Encoding: binary"); + } + +//get the extensions from the database and send them as output + if (is_array($_REQUEST["column_group"]) && @sizeof($_REQUEST["column_group"]) != 0) { + //validate submitted columns + foreach($_REQUEST["column_group"] as $column_name) { + if (in_array($column_name, $available_columns)) { + $selected_columns[] = $column_name; + } + } + if (is_array($selected_columns) && @sizeof($selected_columns) != 0) { + $sql = "select ".implode(', ', $selected_columns)." from v_extensions "; + $sql .= "where domain_uuid = :domain_uuid "; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $extensions = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters, $selected_columns); + + download_send_headers("data_export_".date("Y-m-d").".csv"); + echo array2csv($extensions); + exit; + } + } + +//set the row styles + $c = 0; + $row_style["0"] = "row_style0"; + $row_style["1"] = "row_style1"; //begin the page content require_once "resources/header.php"; @@ -169,23 +175,24 @@ $row_style["1"] = "row_style1"; echo "\n"; foreach ($available_columns as $column_name) { + $tr_link = "onclick=\"document.getElementById('checkbox_".$column_name."').checked = document.getElementById('checkbox_".$column_name."').checked ? false : true;\""; echo "\n"; - echo " \n"; - echo " ".$column_name."\n"; + echo " \n"; + echo " ".$column_name."\n"; echo "\n"; $c = $c ? 0 : 1; } - echo " \n"; - echo " \n"; - echo "
"; - echo " \n"; - echo " \n"; - echo " "; + echo "\n"; + echo " \n"; + echo "
\n"; + echo " \n"; + echo " \n"; + echo "\n"; - echo ""; - echo "

"; - echo ""; + echo "\n"; + echo "

\n"; + echo "\n"; //define the checkbox_toggle function echo "\n"; //include the footer - require_once "resources/footer.php"; + require_once "resources/footer.php"; ?> diff --git a/app/pin_numbers/pin_number_delete.php b/app/pin_numbers/pin_number_delete.php index 4f4bed16b2..af592056b0 100644 --- a/app/pin_numbers/pin_number_delete.php +++ b/app/pin_numbers/pin_number_delete.php @@ -43,23 +43,25 @@ $text = $language->get(); //get the id - if (count($_GET)>0) { - $id = check_str($_GET["id"]); - } + $pin_number_uuid = $_GET["id"]; //delete the data - if (strlen($id)>0) { + if (is_uuid($pin_number_uuid)) { + //build array + $array['pin_numbers'][0]['pin_number_uuid'] = $pin_number_uuid; + $array['pin_numbers'][0]['domain_uuid'] = $domain_uuid; //delete pin_number - $sql = "delete from v_pin_numbers "; - $sql .= "where pin_number_uuid = '$id' "; - $sql .= "and domain_uuid = '$domain_uuid' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - unset($sql); + $database = new database; + $database->app_name = 'pin_numbers'; + $database->app_uuid = '4b88ccfb-cb98-40e1-a5e5-33389e14a388'; + $database->delete($array); + unset($array); + //set message + message::add($text['message-delete']); } //redirect the user - message::add($text['message-delete']); header('Location: pin_numbers.php'); + exit; ?> \ No newline at end of file diff --git a/app/pin_numbers/pin_number_edit.php b/app/pin_numbers/pin_number_edit.php index 2ee4c15afc..c443a99cfa 100644 --- a/app/pin_numbers/pin_number_edit.php +++ b/app/pin_numbers/pin_number_edit.php @@ -43,9 +43,9 @@ $text = $language->get(); //action add or update - if (isset($_REQUEST["id"])) { + if (is_uuid($_REQUEST["id"])) { $action = "update"; - $pin_number_uuid = check_str($_REQUEST["id"]); + $pin_number_uuid = $_REQUEST["id"]; } else { $action = "add"; @@ -53,17 +53,17 @@ //get http post variables and set them to php variables if (count($_POST)>0) { - $pin_number = check_str($_POST["pin_number"]); - $accountcode = check_str($_POST["accountcode"]); - $enabled = check_str($_POST["enabled"]); - $description = check_str($_POST["description"]); + $pin_number = $_POST["pin_number"]; + $accountcode = $_POST["accountcode"]; + $enabled = $_POST["enabled"]; + $description = $_POST["description"]; } if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { - $pin_number_uuid = check_str($_POST["pin_number_uuid"]); + $pin_number_uuid = $_POST["pin_number_uuid"]; } //check for all required data @@ -87,68 +87,58 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { //add or update the database if ($_POST["persistformvar"] != "true") { if ($action == "add" && permission_exists('pin_number_add')) { - $sql = "insert into v_pin_numbers "; - $sql .= "("; - $sql .= "domain_uuid, "; - $sql .= "pin_number_uuid, "; - $sql .= "pin_number, "; - $sql .= "accountcode, "; - $sql .= "enabled, "; - $sql .= "description "; - $sql .= ")"; - $sql .= "values "; - $sql .= "("; - $sql .= "'$domain_uuid', "; - $sql .= "'".uuid()."', "; - $sql .= "'$pin_number', "; - $sql .= "'$accountcode', "; - $sql .= "'$enabled', "; - $sql .= "'$description' "; - $sql .= ")"; - $db->exec(check_sql($sql)); - unset($sql); - - message::add($text['message-add']); - header("Location: pin_numbers.php"); - return; - - } //if ($action == "add") + //begin array + $pin_number_uuid = uuid(); + $array['pin_numbers'][0]['pin_number_uuid'] = $pin_number_uuid; + //set message + message::add($text['message-add']); + } if ($action == "update" && permission_exists('pin_number_edit')) { - $sql = "update v_pin_numbers set "; - $sql .= "pin_number = '$pin_number', "; - $sql .= "accountcode = '$accountcode', "; - $sql .= "enabled = '$enabled', "; - $sql .= "description = '$description' "; - $sql .= "where pin_number_uuid = '$pin_number_uuid'"; - $sql .= "and domain_uuid = '$domain_uuid' "; - $db->exec(check_sql($sql)); - unset($sql); + //begin array + $array['pin_numbers'][0]['pin_number_uuid'] = $pin_number_uuid; + //set message + message::add($text['message-update']); + } - message::add($text['message-update']); - header("Location: pin_numbers.php"); - return; + if (is_array($array) && @sizeof($array) != 0) { + //add common array items + $array['pin_numbers'][0]['domain_uuid'] = $domain_uuid; + $array['pin_numbers'][0]['pin_number'] = $pin_number; + $array['pin_numbers'][0]['accountcode'] = $accountcode; + $array['pin_numbers'][0]['enabled'] = $enabled; + $array['pin_numbers'][0]['description'] = $description; + //save data + $database = new database; + $database->app_name = 'pin_numbers'; + $database->app_uuid = '4b88ccfb-cb98-40e1-a5e5-33389e14a388'; + $database->save($array); + unset($array); + //redirect + header("Location: pin_numbers.php"); + exit; + } + } - } //if ($action == "update") - } //if ($_POST["persistformvar"] != "true") -} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) +} //pre-populate the form if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { - $pin_number_uuid = check_str($_GET["id"]); + $pin_number_uuid = $_GET["id"]; $sql = "select * from v_pin_numbers "; - $sql .= "where domain_uuid = '$domain_uuid' "; - $sql .= "and pin_number_uuid = '$pin_number_uuid' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and pin_number_uuid = :pin_number_uuid "; + $parameters['domain_uuid'] = $domain_uuid; + $parameters['pin_number_uuid'] = $pin_number_uuid; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $pin_number = $row["pin_number"]; $accountcode = $row["accountcode"]; $enabled = $row["enabled"]; $description = $row["description"]; } - unset ($prep_statement); + unset($sql, $parameters, $row); } //show the header @@ -193,7 +183,6 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; echo "\n"; echo " \n"; echo " \n"; echo " \n"; - echo "\n"; echo " \n"; echo " \n"; echo " \n"; @@ -137,16 +126,16 @@ echo "\n"; echo "\n"; - if (is_array($result)) { + if (is_array($result) && @sizeof($result) != 0) { foreach($result as $row) { if (permission_exists('pin_number_edit')) { $tr_link = "href='pin_number_edit.php?id=".escape($row['pin_number_uuid'])."'"; } echo "\n"; - echo " ".$row['pin_number']." \n"; - echo " ".$row['accountcode']." \n"; - echo " ".$row['enabled']." \n"; - echo " ".$row['description']." \n"; + echo " ".escape($row['pin_number'])." \n"; + echo " ".escape($row['accountcode'])." \n"; + echo " ".($row['enabled'] == 'true' ? $text['label-true'] : $text['label-false'])."\n"; + echo " ".escape($row['description'])." \n"; echo " "; if (permission_exists('pin_number_edit')) { echo "$v_link_label_edit"; @@ -156,10 +145,10 @@ } echo " \n"; echo "\n"; - if ($c==0) { $c=1; } else { $c=0; } - } //end foreach - unset($sql, $result, $row_count); - } //end if results + $c = $c ? 0 : 1; + } + } + unset($result, $row); echo "\n"; echo "\n"; @@ -184,4 +173,5 @@ //include the footer require_once "resources/footer.php"; + ?>