From 850d53359cbac2127c563116085da88613f4f8e8 Mon Sep 17 00:00:00 2001 From: markjcrane Date: Thu, 20 Aug 2015 20:16:07 -0600 Subject: [PATCH] Move SQL queries out of the content as a best practice and coding standard. Fix number alias when using auth name and auth id. --- app/extensions/extension_edit.php | 137 ++++++++++++++++-------------- 1 file changed, 71 insertions(+), 66 deletions(-) diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php index 32b6938152..c53af07369 100644 --- a/app/extensions/extension_edit.php +++ b/app/extensions/extension_edit.php @@ -873,6 +873,66 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $voicemail_local_after_email = $_SESSION['voicemail']['keep_local']['boolean']; } +//get the device lines + $sql = "SELECT d.device_mac_address, d.device_template, d.device_description, l.device_line_uuid, l.device_uuid, l.line_number "; + $sql .= "FROM v_device_lines as l, v_devices as d "; + $sql .= "WHERE (l.user_id = '".$extension."' or l.user_id = '".$number_alias."')"; + $sql .= "AND l.domain_uuid = '".$domain_uuid."' "; + $sql .= "AND l.device_uuid = d.device_uuid "; + $sql .= "ORDER BY l.line_number, d.device_mac_address asc "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $device_lines = $prep_statement->fetchAll(PDO::FETCH_NAMED); + unset($sql, $prep_statement); + +//get the devices + $sql = "SELECT * FROM v_devices "; + $sql .= "WHERE domain_uuid = '".$domain_uuid."' "; + $sql .= "ORDER BY device_mac_address asc "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $devices = $prep_statement->fetchAll(PDO::FETCH_NAMED); + unset($sql, $prep_statement); + +//get assigned users + $sql = "SELECT u.username, e.user_uuid FROM v_extension_users as e, v_users as u "; + $sql .= "where e.user_uuid = u.user_uuid "; + $sql .= "and u.user_enabled = 'true' "; + $sql .= "and e.domain_uuid = '".$domain_uuid."' "; + $sql .= "and e.extension_uuid = '".$extension_uuid."' "; + $sql .= "order by u.username asc "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $assigned_users = $prep_statement->fetchAll(PDO::FETCH_NAMED); + foreach($assigned_users as $field) { + $assigned_user_uuids[] = $field['user_uuid']; + } + unset($sql, $prep_statement); + +//get the users + $sql = "SELECT * FROM v_users "; + $sql .= "where domain_uuid = '".$domain_uuid."' "; + foreach($assigned_user_uuids as $assigned_user_uuid) { + $sql .= "and user_uuid <> '".$assigned_user_uuid."' "; + } + unset($assigned_user_uuids); + $sql .= "and user_enabled = 'true' "; + $sql .= "order by username asc "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $users = $prep_statement->fetchAll(PDO::FETCH_NAMED); + unset($sql, $prep_statement); + +//get the destinations + $sql = "select * from v_destinations "; + $sql .= "where domain_uuid = '".$domain_uuid."' "; + $sql .= "and destination_type = 'inbound' "; + $sql .= "order by destination_number asc "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $destinations = $prep_statement->fetchAll(PDO::FETCH_ASSOC); + unset ($sql, $prep_statement); + //set the defaults if (strlen($limit_max) == 0) { $limit_max = '5'; } if (strlen($call_timeout) == 0) { $call_timeout = '30'; } @@ -1034,20 +1094,9 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo " "; echo " ".$text['label-user_list'].""; echo " "; - - $sql = "SELECT u.username, e.user_uuid FROM v_extension_users as e, v_users as u "; - $sql .= "where e.user_uuid = u.user_uuid "; - $sql .= "and u.user_enabled = 'true' "; - $sql .= "and e.domain_uuid = '".$domain_uuid."' "; - $sql .= "and e.extension_uuid = '".$extension_uuid."' "; - $sql .= "order by u.username asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - $result_count = count($result); - if ($result_count > 0) { + if (count($assigned_users) > 0) { echo " \n"; - foreach($result as $field) { + foreach($assigned_users as $field) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; - $assigned_user_uuids[] = $field['user_uuid']; } echo "
".$field['username']."\n"; @@ -1055,30 +1104,19 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //echo " $v_link_label_delete\n"; echo "
\n"; echo "
\n"; } - $sql = "SELECT * FROM v_users "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - foreach($assigned_user_uuids as $assigned_user_uuid) { - $sql .= "and user_uuid <> '".$assigned_user_uuid."' "; - } - unset($assigned_user_uuids); - $sql .= "and user_enabled = 'true' "; - $sql .= "order by username asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); + echo " "; echo " \n"; - unset($sql, $result); + echo "
\n"; echo " ".$text['description-user_list']."\n"; echo "
\n"; @@ -1128,18 +1166,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //} echo " \n"; echo " \n"; - - $sql = "SELECT d.device_mac_address, d.device_template, d.device_description, l.device_line_uuid, l.device_uuid, l.line_number "; - $sql .= "FROM v_device_lines as l, v_devices as d "; - $sql .= "WHERE l.user_id = '".$extension."' "; - $sql .= "AND l.domain_uuid = '".$domain_uuid."' "; - $sql .= "AND l.device_uuid = d.device_uuid "; - $sql .= "ORDER BY l.line_number, d.device_mac_address asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - $result_count = count($result); - foreach($result as $row) { + foreach($device_lines as $row) { $device_mac_address = $row['device_mac_address']; $device_mac_address = substr($device_mac_address, 0,2).'-'.substr($device_mac_address, 2,2).'-'.substr($device_mac_address, 4,2).'-'.substr($device_mac_address, 6,2).'-'.substr($device_mac_address, 8,2).'-'.substr($device_mac_address, 10,2); echo " \n"; @@ -1201,15 +1228,9 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { } prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); echo " \n"; echo " \n"; echo " \n"; @@ -1337,17 +1357,10 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; echo "\n"; if (permission_exists('outbound_caller_id_select')) { - $sql = "select * from v_destinations "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and destination_type = 'inbound' "; - $sql .= "order by destination_number asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_ASSOC); - if (count($result) > 0) { + if (count($destinations) > 0) { echo " \n"; } - unset ($prep_statement); } else { echo " \n"; @@ -1378,17 +1390,10 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; echo "\n"; if (permission_exists('outbound_caller_id_select')) { - $sql = "select * from v_destinations "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and destination_type = 'inbound' "; - $sql .= "order by destination_number asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_ASSOC); - if (count($result) > 0) { + if (count($destinations) > 0) { echo "