From 8516bc38ad0ff3e1886774ee651f1bbbeaa89059 Mon Sep 17 00:00:00 2001 From: Nate Date: Tue, 6 Aug 2019 19:49:59 -0600 Subject: [PATCH] Extensions: Database class integration. --- app/extensions/app_defaults.php | 52 +++-- app/extensions/app_languages.php | 20 ++ app/extensions/extension_copy.php | 34 ++- app/extensions/extension_dashboard.php | 170 +++++++------- app/extensions/extension_delete.php | 32 +-- app/extensions/extension_download.php | 175 ++++++++------- app/extensions/extension_edit.php | 300 +++++++++++++------------ app/extensions/extension_imports.php | 98 ++++---- app/extensions/extensions.php | 97 +++----- 9 files changed, 499 insertions(+), 479 deletions(-) diff --git a/app/extensions/app_defaults.php b/app/extensions/app_defaults.php index f58c849760..bd26061466 100644 --- a/app/extensions/app_defaults.php +++ b/app/extensions/app_defaults.php @@ -34,32 +34,50 @@ //update the directory first and last names $sql = "select * from v_extensions "; - $sql .= "where directory_first_name <> '' and directory_last_name is null "; - $prep_statement = $db->prepare(check_sql($sql)); - if ($prep_statement) { - $prep_statement->execute(); - $extensions = $prep_statement->fetchall(PDO::FETCH_ASSOC); - foreach($extensions as $row) { + $sql .= "where directory_first_name <> '' "; + $sql .= "and directory_last_name is null "; + $database = new database; + $extensions = $database->select($sql, null, 'all'); + unset($sql); + if (is_array($extensions) && @sizeof($extensions) != 0) { + foreach($extensions as $index => $row) { $name = explode(' ', $row['directory_first_name']); if (strlen($name[1]) > 0) { - $sql = "UPDATE v_extensions "; - $sql .= "SET directory_first_name = '".$name[0]."', "; - $sql .= "directory_last_name = '".$name[1]."' "; - $sql .= "WHERE extension_uuid = '". $row['extension_uuid'] ."' "; - $db->exec(check_sql($sql)); - unset($sql); + $array['extensions'][$index]['extension_uuid'] = $row['extension_uuid']; + $array['extensions'][$index]['directory_first_name'] = $name[0]; + $array['extensions'][$index]['directory_last_name'] = $name[1]; } } + if (is_array($array) && @sizeof($array) != 0) { + $p = new permissions; + $p->add('extension_edit', 'temp'); + + $database = new database; + $database->app_name = 'extensions'; + $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; + $database->save($array); + unset($array); + + $p->delete('extension_edit', 'temp'); + } } + unset($extensions, $row); //change category security to extension - $sql = "UPDATE v_default_settings "; - $sql .= "SET default_setting_category = 'extension' "; - $sql .= "WHERE default_setting_category = 'security' "; - $sql .= "AND default_setting_subcategory like 'password_%' "; - $db->exec(check_sql($sql)); + $sql = "update v_default_settings "; + $sql .= "set default_setting_category = 'extension' "; + $sql .= "where default_setting_category = 'security' "; + $sql .= "and default_setting_subcategory like 'password_%' "; + + $p = new permissions; + $p->add('default_setting_edit', 'temp'); + + $database = new database; + $database->execute($sql); unset($sql); + $p->delete('default_setting_edit', 'temp'); + } ?> diff --git a/app/extensions/app_languages.php b/app/extensions/app_languages.php index 0373ee0f01..bc03db3c86 100644 --- a/app/extensions/app_languages.php +++ b/app/extensions/app_languages.php @@ -1481,6 +1481,26 @@ $text['label-is_registered']['ru-ru'] = "Зарегистрировано"; $text['label-is_registered']['sv-se'] = "Registrerad"; $text['label-is_registered']['uk-ua'] = ""; +$text['label-column_name']['en-us'] = "Column Name"; +$text['label-column_name']['ar-eg'] = ""; +$text['label-column_name']['de-at'] = ""; +$text['label-column_name']['de-ch'] = ""; +$text['label-column_name']['de-de'] = ""; +$text['label-column_name']['es-cl'] = ""; +$text['label-column_name']['es-mx'] = ""; +$text['label-column_name']['fr-ca'] = ""; +$text['label-column_name']['fr-fr'] = ""; +$text['label-column_name']['he-il'] = ""; +$text['label-column_name']['it-it'] = ""; +$text['label-column_name']['nl-nl'] = ""; +$text['label-column_name']['pl-pl'] = ""; +$text['label-column_name']['pt-br'] = ""; +$text['label-column_name']['pt-pt'] = ""; +$text['label-column_name']['ro-ro'] = ""; +$text['label-column_name']['ru-ru'] = ""; +$text['label-column_name']['sv-se'] = ""; +$text['label-column_name']['uk-ua'] = ""; + $text['header-extensions']['en-us'] = "Extensions"; $text['header-extensions']['ar-eg'] = "الأرقام الداخلية"; $text['header-extensions']['de-at'] = "Nebenstellen"; //copied from de-de diff --git a/app/extensions/extension_copy.php b/app/extensions/extension_copy.php index 5ba8d63033..b3dc42e822 100644 --- a/app/extensions/extension_copy.php +++ b/app/extensions/extension_copy.php @@ -44,7 +44,7 @@ $text = $language->get(); //set the http get/post variable(s) to a php variable - if (isset($_REQUEST["id"]) && isset($_REQUEST["ext"])) { + if (is_uuid($_REQUEST["id"]) && $_REQUEST["ext"] != '') { $extension_uuid = $_REQUEST["id"]; $extension_new = $_REQUEST["ext"]; if (!is_numeric($extension_new)) { @@ -57,19 +57,18 @@ if ($extension->exists($_SESSION['domain_uuid'], $extension_new)) { message::add($text['message-duplicate'], 'negative'); header("Location: extensions.php"); - return; + exit; } -//get the v_extensions data +//get the extension data $sql = "select * from v_extensions "; $sql .= "where domain_uuid = :domain_uuid "; $sql .= "and extension_uuid = :extension_uuid "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $parameters['extension_uuid'] = $extension_uuid; $database = new database; - $result = $database->select($sql, $parameters, 'all'); - unset ($parameters, $sql); - foreach ($result as &$row) { + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $extension = $row["extension"]; $number_alias = $row["number_alias"]; $accountcode = $row["accountcode"]; @@ -100,9 +99,9 @@ $sip_bypass_media = $row["sip_bypass_media"]; $dial_string = $row["dial_string"]; $enabled = $row["enabled"]; - $description = $text['button-copy'].': '.$row["description"]; + $description = $row["description"].' ('.$text['button-copy'].')'; } - unset ($prep_statement); + unset($sql, $parameters, $row); //copy the extension $array['extensions'][0]['domain_uuid'] = $_SESSION['domain_uuid']; @@ -142,6 +141,7 @@ $database = new database; $database->save($array); $message = $database->message; + unset($array); //get the source extension voicemail data if (is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/voicemails')) { @@ -149,24 +149,18 @@ //get the voicemails $sql = "select * from v_voicemails "; $sql .= "where domain_uuid = :domain_uuid "; - if (is_numeric($number_alias)) { - $sql .= "and voicemail_id = :voicemail_id "; - $parameters['voicemail_id'] = $number_alias; - } - else { - $sql .= "and voicemail_id = :voicemail_id "; - $parameters['voicemail_id'] = $extension; - } + $sql .= "and voicemail_id = :voicemail_id "; + $parameters['voicemail_id'] = is_numeric($number_alias) ? $number_alias : $extension; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $database = new database; - $result = $database->select($sql, $parameters, 'all'); - foreach ($result as $row) { + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $voicemail_mailto = $row["voicemail_mail_to"]; $voicemail_file = $row["voicemail_file"]; $voicemail_local_after_email = $row["voicemail_local_after_email"]; $voicemail_enabled = $row["voicemail_enabled"]; } - unset ($prep_statement); + unset($sql, $parameters, $row); //set the new voicemail password if (strlen($voicemail_password) == 0) { @@ -201,6 +195,6 @@ //redirect the user message::add($text['message-copy']); header("Location: extensions.php"); - return; + exit; ?> diff --git a/app/extensions/extension_dashboard.php b/app/extensions/extension_dashboard.php index 2234261d96..923cd40f30 100644 --- a/app/extensions/extension_dashboard.php +++ b/app/extensions/extension_dashboard.php @@ -118,8 +118,8 @@ header("Location: /core/user_settings/user_dashboard.php"); exit; - } //if ($_POST["persistformvar"] != "true") - } //(count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) + } + } //set the sub array index $x = "999"; @@ -132,13 +132,13 @@ //get the destinations $sql = "select destination_caller_id_name, destination_caller_id_number from v_destinations "; - $sql .= "where domain_uuid = '".check_str($_SESSION['domain_uuid'])."' "; + $sql .= "where domain_uuid = :domain_uuid "; $sql .= "and destination_type = 'inbound' "; $sql .= "order by destination_caller_id_name asc, destination_caller_id_number asc"; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $destinations = $prep_statement->fetchAll(PDO::FETCH_ASSOC); - unset ($sql, $prep_statement); + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $database = new database; + $destinations = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); //show the content echo "
\n"; @@ -156,99 +156,99 @@ echo "\n"; $x = 0; - foreach($extensions as $row) { - //set the variables - $extension_uuid = $row['extension_uuid']; - $user = $row['user']; - $number_alias = $row['number_alias']; - $destination = $row['destination']; - $outbound_caller_id_name = $row['outbound_caller_id_name']; - $outbound_caller_id_number = $row['outbound_caller_id_number']; - $description = $row['description']; + if (is_array($extensions) && @sizeof($extensions) != 0) { + foreach($extensions as $row) { + //set the variables + $extension_uuid = $row['extension_uuid']; + $user = $row['user']; + $number_alias = $row['number_alias']; + $destination = $row['destination']; + $outbound_caller_id_name = $row['outbound_caller_id_name']; + $outbound_caller_id_number = $row['outbound_caller_id_number']; + $description = $row['description']; - //set the column names - if ($x === 0 && $previous_extension_uuid != $row['extension_uuid']) { + //set the column names + if ($x === 0 && $previous_extension_uuid != $row['extension_uuid']) { + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + } + + //determine whether to hide the element + if (strlen($device_key_uuid) == 0) { + $element['hidden'] = false; + $element['visibility'] = "visibility:visible;"; + } + else { + $element['hidden'] = true; + $element['visibility'] = "visibility:hidden;"; + } + + //start the row echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - } - //determine whether to hide the element - if (strlen($device_key_uuid) == 0) { - $element['hidden'] = false; - $element['visibility'] = "visibility:visible;"; - } - else { - $element['hidden'] = true; - $element['visibility'] = "visibility:hidden;"; - } + //add the primary key uuid + if (strlen($row['extension_uuid']) > 0) { + echo " \n"; + } - //start the row - echo " \n"; - - //add the primary key uuid - if (strlen($row['extension_uuid']) > 0) { - echo " \n"; - } - - //show the destination - echo " \n"; - - //caller id form input - if (permission_exists('outbound_caller_id_select')) { - //caller id select + //show the destination echo " \n"; + + //caller id form input + if (permission_exists('outbound_caller_id_select')) { + //caller id select + echo " \n"; + } + else { + //caller id name an number input text + echo " \n"; + echo " \n"; } - echo " \n"; - } - else { - //caller id name an number input text - echo " \n"; - echo " \n"; - } - //show the description - echo " \n"; + //show the description + echo " \n"; - //end the row - echo " \n"; - //set the previous extension_uuid - $previous_extension_uuid = $extension_uuid; - //increment the array key - $x++; - //alternate the value - $c = ($c) ? 0 : 1; + //end the row + echo " \n"; + //set the previous extension_uuid + $previous_extension_uuid = $extension_uuid; + //increment the array key + $x++; + //alternate the value + $c = $c ? 0 : 1; + } } + unset($extensions, $row); echo "
".$text['label-extension']."".$text['label-caller_id']."".$text['label-description']."
".$text['label-extension']."".$text['label-caller_id']."".$text['label-description']."
\n"; - echo " ".$row['destination']; - echo " \n"; - if (count($destinations) > 0) { - echo " \n"; + if (count($destinations) > 0) { + echo " \n"; } - echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " ".$row['description']; - echo " \n"; + echo " ".$row['description']; + echo "
\n"; echo "
"; -//show the footer - //require_once "resources/footer.php"; - ?> diff --git a/app/extensions/extension_delete.php b/app/extensions/extension_delete.php index 4637b624b5..e2a9c33773 100644 --- a/app/extensions/extension_delete.php +++ b/app/extensions/extension_delete.php @@ -55,21 +55,22 @@ $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $parameters['extension_uuid'] = $extension_uuid; $database = new database; - $extensions = $database->execute($sql, $parameters); - if (is_array($extensions)) { - foreach ($extensions as &$row) { - $extension = $row["extension"]; - $number_alias = $row["number_alias"]; - $user_context = $row["user_context"]; - $follow_me_uuid = $row["follow_me_uuid"]; - } - + $row = $database->execute($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { + $extension = $row["extension"]; + $number_alias = $row["number_alias"]; + $user_context = $row["user_context"]; + $follow_me_uuid = $row["follow_me_uuid"]; } - unset ($parameters); + unset($sql, $parameters, $row); //delete the data + $p = new permissions; + $p->add('extension_user_delete', 'temp'); + $p->add('follow_me_destination_delete', 'temp'); + $p->add('follow_me_delete', 'temp'); + $array['extension_users'][]['extension_uuid'] = $extension_uuid; - $array['extension_uuid'][]['extension_uuid'] = $extension_uuid; $array['follow_me_destinations'][]['follow_me_uuid'] = $follow_me_uuid; $array['follow_me'][]['follow_me_uuid'] = $follow_me_uuid; $array['extensions'][]['extension_uuid'] = $extension_uuid; @@ -77,7 +78,11 @@ $database->app_name = 'extensions'; $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; $database->delete($array); - //$message = $database->message; + unset($array); + + $p->delete('extension_user_delete', 'temp'); + $p->delete('follow_me_destination_delete', 'temp'); + $p->delete('follow_me_delete', 'temp'); //delete the ring group destinations if (file_exists($_SERVER["PROJECT_ROOT"]."/app/ring_groups/app_config.php")) { @@ -91,7 +96,6 @@ $database->execute($sql, $parameters); unset($sql, $parameters); } - } } @@ -109,6 +113,6 @@ //redirect the browser message::add($text['message-delete']); header("Location: extensions.php"); - return; + exit; ?> diff --git a/app/extensions/extension_download.php b/app/extensions/extension_download.php index d0cc6f60fd..6b6d11a75d 100644 --- a/app/extensions/extension_download.php +++ b/app/extensions/extension_download.php @@ -39,6 +39,60 @@ else { $language = new text; $text = $language->get(); +//define available columns +$available_columns[] = 'extension_uuid'; +$available_columns[] = 'domain_uuid'; +$available_columns[] = 'extension'; +$available_columns[] = 'number_alias'; +$available_columns[] = 'password'; +$available_columns[] = 'accountcode'; +$available_columns[] = 'effective_caller_id_name'; +$available_columns[] = 'effective_caller_id_number'; +$available_columns[] = 'outbound_caller_id_name'; +$available_columns[] = 'outbound_caller_id_number'; +$available_columns[] = 'emergency_caller_id_name'; +$available_columns[] = 'emergency_caller_id_number'; +$available_columns[] = 'directory_first_name'; +$available_columns[] = 'directory_last_name'; +$available_columns[] = 'directory_visible'; +$available_columns[] = 'directory_exten_visible'; +$available_columns[] = 'limit_max'; +$available_columns[] = 'limit_destination'; +$available_columns[] = 'missed_call_app'; +$available_columns[] = 'missed_call_data'; +$available_columns[] = 'user_context'; +$available_columns[] = 'toll_allow'; +$available_columns[] = 'call_timeout'; +$available_columns[] = 'call_group'; +$available_columns[] = 'call_screen_enabled'; +$available_columns[] = 'user_record'; +$available_columns[] = 'hold_music'; +$available_columns[] = 'auth_acl'; +$available_columns[] = 'cidr'; +$available_columns[] = 'sip_force_contact'; +$available_columns[] = 'nibble_account'; +$available_columns[] = 'sip_force_expires'; +$available_columns[] = 'mwi_account'; +$available_columns[] = 'sip_bypass_media'; +$available_columns[] = 'unique_id'; +$available_columns[] = 'dial_string'; +$available_columns[] = 'dial_user'; +$available_columns[] = 'dial_domain'; +$available_columns[] = 'do_not_disturb'; +$available_columns[] = 'forward_all_destination'; +$available_columns[] = 'forward_all_enabled'; +$available_columns[] = 'forward_busy_destination'; +$available_columns[] = 'forward_busy_enabled'; +$available_columns[] = 'forward_no_answer_destination'; +$available_columns[] = 'forward_no_answer_enabled'; +$available_columns[] = 'follow_me_uuid'; +$available_columns[] = 'enabled'; +$available_columns[] = 'description'; +$available_columns[] = 'forward_caller_id_uuid'; +$available_columns[] = 'absolute_codec_string'; +$available_columns[] = 'forward_user_not_registered_destination'; +$available_columns[] = 'forward_user_not_registered_enabled'; + function array2csv(array &$array) { if (count($array) == 0) { @@ -71,76 +125,27 @@ function download_send_headers($filename) { header("Content-Transfer-Encoding: binary"); } -if (isset($_REQUEST["column_group"])) { - - $columns = implode(",",$_REQUEST["column_group"]); - $sql = "select " . $columns . " from v_extensions "; - $sql .= " where domain_uuid = '".$domain_uuid."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $extensions = $prep_statement->fetchAll(PDO::FETCH_ASSOC); - unset ($sql, $prep_statement); -// print_r($extensions); - - download_send_headers("data_export_" . date("Y-m-d") . ".csv"); - echo array2csv($extensions); - die(); +if (is_array($_REQUEST["column_group"]) && @sizeof($_REQUEST["column_group"]) != 0) { + //validate submitted columns + foreach($_REQUEST["column_group"] as $column_name) { + if (in_array($column_name, $available_columns)) { + $selected_columns[] = $column_name; + } + } + if (is_array($selected_columns) && @sizeof($selected_columns) != 0) { + $sql = "select ".implode(', ', $selected_columns)." from v_extensions "; + $sql .= "where domain_uuid = :domain_uuid "; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $extensions = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters, $selected_columns); + download_send_headers("data_export_".date("Y-m-d").".csv"); + echo array2csv($extensions); + exit; + } } -$columns[] = 'extension_uuid'; -$columns[] = 'domain_uuid'; -$columns[] = 'extension'; -$columns[] = 'number_alias'; -$columns[] = 'password'; -$columns[] = 'accountcode'; -$columns[] = 'effective_caller_id_name'; -$columns[] = 'effective_caller_id_number'; -$columns[] = 'outbound_caller_id_name'; -$columns[] = 'outbound_caller_id_number'; -$columns[] = 'emergency_caller_id_name'; -$columns[] = 'emergency_caller_id_number'; -$columns[] = 'directory_first_name'; -$columns[] = 'directory_last_name'; -$columns[] = 'directory_visible'; -$columns[] = 'directory_exten_visible'; -$columns[] = 'limit_max'; -$columns[] = 'limit_destination'; -$columns[] = 'missed_call_app'; -$columns[] = 'missed_call_data'; -$columns[] = 'user_context'; -$columns[] = 'toll_allow'; -$columns[] = 'call_timeout'; -$columns[] = 'call_group'; -$columns[] = 'call_screen_enabled'; -$columns[] = 'user_record'; -$columns[] = 'hold_music'; -$columns[] = 'auth_acl'; -$columns[] = 'cidr'; -$columns[] = 'sip_force_contact'; -$columns[] = 'nibble_account'; -$columns[] = 'sip_force_expires'; -$columns[] = 'mwi_account'; -$columns[] = 'sip_bypass_media'; -$columns[] = 'unique_id'; -$columns[] = 'dial_string'; -$columns[] = 'dial_user'; -$columns[] = 'dial_domain'; -$columns[] = 'do_not_disturb'; -$columns[] = 'forward_all_destination'; -$columns[] = 'forward_all_enabled'; -$columns[] = 'forward_busy_destination'; -$columns[] = 'forward_busy_enabled'; -$columns[] = 'forward_no_answer_destination'; -$columns[] = 'forward_no_answer_enabled'; -$columns[] = 'follow_me_uuid'; -$columns[] = 'enabled'; -$columns[] = 'description'; -$columns[] = 'forward_caller_id_uuid'; -$columns[] = 'absolute_codec_string'; -$columns[] = 'forward_user_not_registered_destination'; -$columns[] = 'forward_user_not_registered_enabled'; - $c = 0; $row_style["0"] = "row_style0"; $row_style["1"] = "row_style1"; @@ -149,32 +154,30 @@ $row_style["1"] = "row_style1"; require_once "resources/header.php"; echo "
\n"; - echo "\n"; + + echo "
\n"; + echo "\n"; + echo "\n"; + echo "
\n"; + echo "".$text['header-export']."\n"; + echo "

\n"; + + echo "
\n"; echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " \n"; + echo " \n"; echo "\n"; - foreach ($columns as $value) { + foreach ($available_columns as $column_name) { echo "\n"; - echo " "; - echo " "; - echo " "; - echo ""; - if ($c==0) { $c=1; } else { $c=0; } + echo " \n"; + echo " \n"; + echo "\n"; + $c = $c ? 0 : 1; } echo " \n"; - echo " \n"; diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php index f5dc18ca0a..ccfa17a37c 100644 --- a/app/extensions/extension_edit.php +++ b/app/extensions/extension_edit.php @@ -43,7 +43,7 @@ $text = $language->get(); //set the action as an add or an update - if (isset($_REQUEST["id"])) { + if (is_uuid($_REQUEST["id"])) { $action = "update"; $extension_uuid = $_REQUEST["id"]; } @@ -54,18 +54,18 @@ //get total extension count from the database, check limit, if defined if ($action == 'add') { if ($_SESSION['limit']['extensions']['numeric'] != '') { - $sql = "select count(*) as num_rows from v_extensions where domain_uuid = '".check_str($_SESSION['domain_uuid'])."' "; - $prep_statement = $db->prepare($sql); - if ($prep_statement) { - $prep_statement->execute(); - $row = $prep_statement->fetch(PDO::FETCH_ASSOC); - $total_extensions = $row['num_rows']; - } - unset($prep_statement, $row); + $sql = "select count(*) "; + $sql .= "from v_extensions "; + $sql .= "where domain_uuid = :domain_uuid "; + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $database = new database; + $total_extensions = $database->select($sql, $parameters, 'column'); + unset($sql, $parameters); + if ($total_extensions >= $_SESSION['limit']['extensions']['numeric']) { message::add($text['message-maximum_extensions'].' '.$_SESSION['limit']['extensions']['numeric'], 'negative'); header('Location: extensions.php'); - return; + exit; } } } @@ -129,7 +129,7 @@ $voicemail_id = $number_alias; } if (!is_numeric($voicemail_id)) { - $voicemail_id = NULL; + $voicemail_id = null; } //change toll allow delimiter @@ -137,27 +137,44 @@ } //delete the user from the v_extension_users - if ($_REQUEST["delete_type"] == "user" && strlen($_REQUEST["delete_uuid"]) > 0 && permission_exists("extension_delete")) { + if ($_REQUEST["delete_type"] == "user" && is_uuid($_REQUEST["delete_uuid"]) && permission_exists("extension_delete")) { //set the variables $extension_uuid = $_REQUEST["id"]; $user_uuid = $_REQUEST["delete_uuid"]; //delete the group from the users - $sql = "delete from v_extension_users "; - $sql .= "where extension_uuid = '".check_str($extension_uuid)."' "; - $sql .= "and user_uuid = '".check_str($user_uuid)."' "; - $db->exec(check_sql($sql)); + $array['extension_users'][0]['extension_uuid'] = $extension_uuid; + $array['extension_users'][0]['user_uuid'] = $user_uuid; + + $p = new permissions; + $p->add('extension_user_delete', 'temp'); + + $database = new database; + $database->app_name = 'extensions'; + $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; + $database->delete($array); + unset($array); + + $p->delete('extension_user_delete', 'temp'); } //delete the line from the v_device_lines if (is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/devices')) { - if ($_REQUEST["delete_type"] == "device_line" && strlen($_REQUEST["delete_uuid"]) > 0 && permission_exists("extension_delete")) { + if ($_REQUEST["delete_type"] == "device_line" && is_uuid($_REQUEST["delete_uuid"]) && permission_exists("extension_delete")) { //set the variables $device_line_uuid = $_REQUEST["delete_uuid"]; //delete device_line - $sql = "delete from v_device_lines "; - $sql .= "where device_line_uuid = '".check_str($device_line_uuid)."' "; - $db->exec(check_sql($sql)); - unset($sql); + $array['device_lines'][0]['device_line_uuid'] = $device_line_uuid; + + $p = new permissions; + $p->add('device_line_delete', 'temp'); + + $database = new database; + $database->app_name = 'extensions'; + $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; + $database->delete($array); + unset($array); + + $p->delete('device_line_delete', 'temp'); } } @@ -165,12 +182,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //set the domain_uuid - if (permission_exists('extension_domain')) { - $domain_uuid = $_POST["domain_uuid"]; - } - else { - $domain_uuid = $_SESSION['domain_uuid']; - } + $domain_uuid = permission_exists('extension_domain') ? $_POST["domain_uuid"] : $_SESSION['domain_uuid']; //check for all required data $msg = ''; @@ -402,17 +414,19 @@ if ($voicemail_id !== NULL) { //get the voicemail_uuid $sql = "select voicemail_uuid from v_voicemails "; - $sql .= "where voicemail_id = '".check_str($voicemail_id)."' "; - $sql .= "and domain_uuid = '".check_str($domain_uuid)."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { + $sql .= "where voicemail_id = :voicemail_id "; + $sql .= "and domain_uuid = :domain_uuid "; + $parameters['voicemail_id'] = $voicemail_id; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $voicemail_uuid = $row["voicemail_uuid"]; } + unset($sql, $parameters, $row); //if voicemail_uuid does not exist then get a new uuid - if (!isset($voicemail_uuid)) { + if (!is_uuid($voicemail_uuid)) { $voicemail_uuid = uuid(); $voicemail_tutorial = 'true'; } @@ -459,24 +473,33 @@ //update devices having extension assigned to line(s) with new password if ($action == "update" && $range == 1 && permission_exists('extension_password')) { $sql = "update v_device_lines set "; - $sql .= "password = '".check_str($password)."' "; - $sql .= "where domain_uuid = '".check_str($_SESSION['domain_uuid'])."' "; - $sql .= "and server_address = '".check_str($_SESSION['domain_name'])."' "; - $sql .= "and user_id = '".check_str($extension)."' "; - $db->exec(check_sql($sql)); - unset($sql); + $sql .= "password = :password "; + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and server_address = :server_address "; + $sql .= "and user_id = :user_id "; + $parameters['password'] = $password; + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $parameters['server_address'] = $_SESSION['domain_name']; + $parameters['user_id'] = $extension; + $database = new database; + $database->execute($sql, $parameters); + unset($sql, $parameters); } //update device key label if (strlen($effective_caller_id_name) > 0) { $sql = "update v_device_keys set "; - $sql .= "device_key_label = '".$effective_caller_id_name."' "; - $sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; - $sql .= "and device_key_value = '".$extension."' "; - $db->exec(check_sql($sql)); - unset($sql); + $sql .= "device_key_label = :device_key_label "; + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and device_key_value = :device_key_value "; + $parameters['device_key_label'] = $effective_caller_id_name; + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $parameters['device_key_value'] = $extension; + $database = new database; + $database->execute($sql, $parameters); + unset($sql, $parameters); } //assign the user to the extension - if ($action == "update" && strlen($_POST["extension_users"][0]["user_uuid"]) > 0) { + if ($action == "update" && is_uuid($_POST["extension_users"][0]["user_uuid"])) { $array["extension_users"][0]["extension_user_uuid"] = uuid(); $array["extension_users"][0]["domain_uuid"] = $_SESSION['domain_uuid']; $array["extension_users"][0]["user_uuid"] = $_POST["extension_users"][0]["user_uuid"]; @@ -498,16 +521,14 @@ $device_mac_address = preg_replace('#[^a-fA-F0-9./]#', '', $device_mac_address); //get the device_uuid - $sql = "SELECT device_uuid FROM v_devices "; - $sql .= "WHERE device_mac_address = '".check_str($device_mac_address)."' "; - $sql .= "AND domain_uuid = '".check_str($domain_uuid)."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach($result as $field) { - $device_uuid = $field['device_uuid']; - } - unset($sql, $prep_statement); + $sql = "select device_uuid from v_devices "; + $sql .= "where device_mac_address = :device_mac_address "; + $sql .= "and domain_uuid = :domain_uuid "; + $parameters['device_mac_address'] = $device_mac_address; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $device_uuid = $database->select($sql, $parameters, 'column'); + unset($sql, $parameters); //set a default line number if (strlen($line_number) == 0) { $line_number = '1'; } @@ -526,12 +547,7 @@ $array["devices"][0]["device_lines"][0]["server_address"] = $_SESSION['domain_name']; $array["devices"][0]["device_lines"][0]["outbound_proxy_primary"] = $_SESSION['provision']['outbound_proxy_primary']['text']; $array["devices"][0]["device_lines"][0]["outbound_proxy_secondary"] = $_SESSION['provision']['outbound_proxy_secondary']['text']; - if (strlen($effective_caller_id_name) > 0) { - $array["devices"][0]["device_lines"][0]["display_name"] = $effective_caller_id_name; - } - else { - $array["devices"][0]["device_lines"][0]["display_name"] = $extension; - } + $array["devices"][0]["device_lines"][0]["display_name"] = strlen($effective_caller_id_name) > 0 ? $effective_caller_id_name : $extension; $array["devices"][0]["device_lines"][0]["user_id"] = $extension; $array["devices"][0]["device_lines"][0]["auth_id"] = $extension; $array["devices"][0]["device_lines"][0]["password"] = $password; @@ -545,12 +561,10 @@ //save to the data $database = new database; $database->app_name = 'extensions'; - $database->app_uuid = null; + $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; $database->save($array); $message = $database->message; - // echo "
".print_r($array, true)."
\n";
-					// echo "
".print_r($message, true)."
\n";
-					// die();
+					unset($array);
 
 				//check the permissions
 					if (permission_exists('extension_add') || permission_exists('extension_edit')) {
@@ -606,36 +620,36 @@
 									echo "
\n"; echo " \n"; echo " \n"; - foreach($generated_users as $tmp_user){ + foreach ($generated_users as $tmp_user) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; } - if ($c==0) { $c=1; } else { $c=0; } + $c = $c ? 0 : 1; echo "
".$text['header-export']."
\n"; - echo " \n"; - echo "
Column NameDescription".$text['label-column_name']."
"; - echo " $value"; - echo ""; - echo "
".$column_name."
\n"; + echo " \n"; echo "
"; echo " \n"; echo " 		UsernamePassword
".$tmp_user['username']."".$tmp_user['password']."
"; echo "\n"; require_once "resources/footer.php"; } - return; + exit; } if ($action == "update") { message::add($text['message-update']); header("Location: extension_edit.php?id=".$extension_uuid); return; } - } //if ($_POST["persistformvar"] != "true") - } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) + } + } //pre-populate the form if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { $extension_uuid = $_GET["id"]; $sql = "select * from v_extensions "; - $sql .= "where extension_uuid = '".check_str($extension_uuid)."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { + $sql .= "where extension_uuid = :extension_uuid "; + $parameters['extension_uuid'] = $extension_uuid; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $domain_uuid = $row["domain_uuid"]; $extension = $row["extension"]; $number_alias = $row["number_alias"]; @@ -675,30 +689,27 @@ $enabled = $row["enabled"]; $description = $row["description"]; } - unset ($prep_statement); + unset($sql, $parameters, $row); //get the voicemail data if (is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/voicemails')) { //get the voicemails $sql = "select * from v_voicemails "; - $sql .= "where domain_uuid = '".check_str($domain_uuid)."' "; - $sql .= "and voicemail_id = '".((is_numeric($number_alias)) ? check_str($number_alias) : check_str($extension))."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { - $voicemail_password = $row["voicemail_password"]; - $voicemail_mail_to = $row["voicemail_mail_to"]; - $voicemail_mail_to = str_replace(" ", "", $voicemail_mail_to); + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and voicemail_id = :voicemail_id "; + $parameters['domain_uuid'] = $domain_uuid; + $parameters['voicemail_id'] = is_numeric($number_alias) ? $number_alias : $extension; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { + $voicemail_password = str_replace("#", "", $row["voicemail_password"]); + $voicemail_mail_to = str_replace(" ", "", $row["voicemail_mail_to"]); $voicemail_file = $row["voicemail_file"]; $voicemail_local_after_email = $row["voicemail_local_after_email"]; $voicemail_enabled = $row["voicemail_enabled"]; $voicemail_tutorial = $row["voicemail_tutorial"]; } - unset ($prep_statement); - //clean the variables - $voicemail_password = str_replace("#", "", $voicemail_password); - $voicemail_mail_to = str_replace(" ", "", $voicemail_mail_to); + unset($sql, $parameters, $row); } } @@ -708,75 +719,83 @@ } //get the device lines - $sql = "SELECT d.device_mac_address, d.device_template, d.device_description, l.device_line_uuid, l.device_uuid, l.line_number "; - $sql .= "FROM v_device_lines as l, v_devices as d "; - $sql .= "WHERE (l.user_id = '".check_str($extension)."' or l.user_id = '".check_str($number_alias)."')"; - $sql .= "AND l.domain_uuid = '".check_str($domain_uuid)."' "; - $sql .= "AND l.device_uuid = d.device_uuid "; - $sql .= "ORDER BY l.line_number, d.device_mac_address asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $device_lines = $prep_statement->fetchAll(PDO::FETCH_NAMED); - unset($sql, $prep_statement); + $sql = "select d.device_mac_address, d.device_template, d.device_description, l.device_line_uuid, l.device_uuid, l.line_number "; + $sql .= "from v_device_lines as l, v_devices as d "; + $sql .= "where (l.user_id = :user_id_1 or l.user_id = :user_id_2)"; + $sql .= "and l.domain_uuid = :domain_uuid "; + $sql .= "and l.device_uuid = d.device_uuid "; + $sql .= "order by l.line_number, d.device_mac_address asc "; + $parameters['user_id_1'] = $extension; + $parameters['user_id_2'] = $number_alias; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $device_lines = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); //get the devices - $sql = "SELECT * FROM v_devices "; - $sql .= "WHERE domain_uuid = '".check_str($domain_uuid)."' "; - $sql .= "ORDER BY device_mac_address asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $devices = $prep_statement->fetchAll(PDO::FETCH_NAMED); - unset($sql, $prep_statement); + $sql = "select * from v_devices "; + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "order by device_mac_address asc "; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $devices = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); //get the device vendors - $sql = "SELECT name "; - $sql .= "FROM v_device_vendors "; - $sql .= "WHERE enabled = 'true' "; - $sql .= "ORDER BY name ASC "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $device_vendors = $prep_statement->fetchAll(PDO::FETCH_NAMED); + $sql = "select name "; + $sql .= "from v_device_vendors "; + $sql .= "where enabled = 'true' "; + $sql .= "order by name asc "; + $database = new database; + $device_vendors = $database->select($sql, null, 'all'); + unset($sql); //get assigned users if (is_uuid($extension_uuid)) { - $sql = "SELECT u.username, e.user_uuid FROM v_extension_users as e, v_users as u "; + $sql = "select u.username, e.user_uuid "; + $sql .= "from v_extension_users as e, v_users as u "; $sql .= "where e.user_uuid = u.user_uuid "; $sql .= "and u.user_enabled = 'true' "; - $sql .= "and e.domain_uuid = '".check_str($domain_uuid)."' "; - $sql .= "and e.extension_uuid = '".check_str($extension_uuid)."' "; + $sql .= "and e.domain_uuid = :domain_uuid "; + $sql .= "and e.extension_uuid = :extension_uuid "; $sql .= "order by u.username asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $assigned_users = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach($assigned_users as $field) { - $assigned_user_uuids[] = $field['user_uuid']; + $parameters['domain_uuid'] = $domain_uuid; + $parameters['extension_uuid'] = $extension_uuid; + $database = new database; + $assigned_users = $database->select($sql, $parameters, 'all'); + if (is_array($assigned_users) && @sizeof($assigned_users) != 0) { + foreach($assigned_users as $row) { + $assigned_user_uuids[] = $row['user_uuid']; + } } - unset($sql, $prep_statement); + unset($sql, $parameters, $row); } //get the users - $sql = "SELECT * FROM v_users "; - $sql .= "where domain_uuid = '".check_str($domain_uuid)."' "; - if (isset($assigned_user_uuids)) foreach($assigned_user_uuids as $assigned_user_uuid) { - $sql .= "and user_uuid <> '".check_str($assigned_user_uuid)."' "; + $sql = "select * from v_users "; + $sql .= "where domain_uuid = :domain_uuid "; + if (is_array($assigned_user_uuids) && @sizeof($assigned_user_uuids) != 0) { + foreach ($assigned_user_uuids as $index => $assigned_user_uuid) { + $sql .= "and user_uuid <> :user_uuid_".$index." "; + $parameters['user_uuid_'.$index] = $assigned_user_uuid; + } } - unset($assigned_user_uuids); $sql .= "and user_enabled = 'true' "; $sql .= "order by username asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $users = $prep_statement->fetchAll(PDO::FETCH_NAMED); - unset($sql, $prep_statement); + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $users = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters, $assigned_user_uuids, $assigned_user_uuid); //get the destinations $sql = "select * from v_destinations "; - $sql .= "where domain_uuid = '".check_str($domain_uuid)."' "; + $sql .= "where domain_uuid = :domain_uuid "; $sql .= "and destination_type = 'inbound' "; $sql .= "order by destination_number asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $destinations = $prep_statement->fetchAll(PDO::FETCH_ASSOC); - unset ($sql, $prep_statement); + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $destinations = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); //change toll allow delimiter $toll_allow = str_replace(':',',', $toll_allow); @@ -1241,7 +1260,6 @@ else { echo " \n"; } - unset ($prep_statement); } else { echo " \n"; @@ -1715,9 +1733,9 @@ echo " \n"; echo " \n"; echo " \n"; - echo " \n"; - echo " \n"; + echo "\n"; + echo "\n"; echo " \n"; echo " ".$text['description-import']."\n"; echo " \n"; - echo " \n"; + echo "\n"; //echo "\n"; //echo "".$text['header-import']."\n"; @@ -169,13 +169,13 @@ foreach ($line_fields as $line_field) { $line_field = trim(trim($line_field), $enclosure); echo "\n"; - echo "\n"; + echo " \n"; //echo " ".$text['label-zzz']."\n"; echo $line_field; - echo "\n"; - echo "\n"; - echo " \n"; + echo " \n"; foreach($schema as $row) { echo " \n"; foreach($row['fields'] as $field) { @@ -184,30 +184,30 @@ $selected = "selected='selected'"; } if ($field !== 'domain_uuid') { - echo " \n"; + echo " \n"; } } echo " \n"; } - echo " \n"; + echo " \n"; //echo "
\n"; //echo $text['description-zzz']."\n"; - echo " \n"; - echo " \n"; + echo " \n"; + echo "\n"; $x++; } - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "\n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo "\n"; - echo " \n"; + echo "\n"; echo "
\n"; require_once "resources/footer.php"; @@ -246,10 +246,11 @@ $domain_uuid = $_SESSION['domain_uuid']; //get the users - $sql = "select * from v_users where domain_uuid = '".$domain_uuid."' "; - $prep_statement = $db->prepare($sql); - $prep_statement->execute(); - $users = $prep_statement->fetchAll(PDO::FETCH_ASSOC); + $sql = "select * from v_users where domain_uuid = :domain_uuid "; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $users = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); //get the contents of the csv file and convert them into an array $handle = @fopen($_SESSION['file'], "r"); @@ -297,14 +298,14 @@ } if ($field_name == "username") { - foreach ($users as $field) { - if ($field['username'] == $result[$key]) { - //$array[$parent][$row_id]['extension_users'][$y]['cextension_user_uuid'] = uuid(); - $array[$parent][$row_id]['extension_users'][$y]['domain_uuid'] = $domain_uuid; - //$array[$parent][$row_id]['extension_users'] = $row['extension_uuid']; - $array[$parent][$row_id]['extension_users'][$y]['user_uuid'] = $field['user_uuid']; - } + foreach ($users as $field) { + if ($field['username'] == $result[$key]) { + //$array[$parent][$row_id]['extension_users'][$y]['cextension_user_uuid'] = uuid(); + $array[$parent][$row_id]['extension_users'][$y]['domain_uuid'] = $domain_uuid; + //$array[$parent][$row_id]['extension_users'] = $row['extension_uuid']; + $array[$parent][$row_id]['extension_users'][$y]['user_uuid'] = $field['user_uuid']; } + } } } } @@ -317,7 +318,6 @@ $database->app_name = 'extensions'; $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; $database->save($array); - //$message = $database->message; //clear the array unset($array); @@ -332,24 +332,18 @@ } //end while fclose($handle); - //debug info - //echo "
\n";
-					//print_r($array);
-					//echo "
\n"; - //exit; - //save to the data if (is_array($array)) { $database = new database; $database->app_name = 'extensions'; $database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3'; $database->save($array); - //$message = $database->message; + unset($array); } //send the redirect header header("Location: extensions.php"); - return; + exit; } } diff --git a/app/extensions/extensions.php b/app/extensions/extensions.php index 5df4524663..c696becbb7 100644 --- a/app/extensions/extensions.php +++ b/app/extensions/extensions.php @@ -49,21 +49,22 @@ $text = $language->get(); //get the http values and set them as variables - $search = check_str($_GET["search"]); - $order_by = check_str($_GET["order_by"]); - $order = check_str($_GET["order"]); + $search = $_GET["search"]; + $order_by = $_GET["order_by"]; + $order = $_GET["order"]; //handle search term - $search = check_str($_GET["search"]); + $search = $_GET["search"]; if (strlen($search) > 0) { $search = strtolower($search); $sql_search = "and ( "; - $sql_search .= "lower(extension) like '%".$search."%' "; - $sql_search .= "or lower(call_group) like '%".$search."%' "; - $sql_search .= "or lower(user_context) like '%".$search."%' "; - $sql_search .= "or lower(enabled) like '%".$search."%' "; - $sql_search .= "or lower(description) like '%".$search."%' "; + $sql_search .= "lower(extension) like :search "; + $sql_search .= "or lower(call_group) like :search "; + $sql_search .= "or lower(user_context) like :search "; + $sql_search .= "or lower(enabled) like :search "; + $sql_search .= "or lower(description) like :search "; $sql_search .= ") "; + $parameters['search'] = '%'.$search.'%'; } //additional includes @@ -71,36 +72,23 @@ $document['title'] = $text['title-extensions']; require_once "resources/paging.php"; -//get total extension count from the database - $sql = "select "; - $sql .= "(select count(*) from v_extensions "; - $sql .= "where 1 = 1 "; - if ($_GET['show'] == "all" && permission_exists('extension_all')) { - //show all extensions - } else { - $sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' "; +//get total extension count + $sql_1 = "select count(*) from v_extensions "; + if (!($_GET['show'] == "all" && permission_exists('extension_all'))) { + $sql_1 .= "where domain_uuid = :domain_uuid "; + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; } - $sql .= " ".$sql_search.") as num_rows "; - if ($db_type == "pgsql") { - $sql .= ", (select count(*) as count from v_extensions "; - $sql .= "where 1 = 1 "; - if ($_GET['show'] == "all" && permission_exists('extension_all')) { - //show all extensions - } else { - $sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' "; - } - $sql .= "and extension ~ '^[0-9]+$') as numeric_extensions "; + $sql_1 .= $sql_search; + $database = new database; + $total_extensions = $database->select($sql_1, $parameters, 'column'); + +//get total numeric extension count + if ($db_type == "pgsql" || $db_type == "mysql") { + $sql_2 = $sql_1." and extension ~ '^[0-9]+$' "; + $database = new database; + $numeric_extensions = $database->select($sql_2, $parameters, 'column'); } - $prep_statement = $db->prepare($sql); - if ($prep_statement) { - $prep_statement->execute(); - $row = $prep_statement->fetch(PDO::FETCH_ASSOC); - $total_extensions = $row['num_rows']; - if (($db_type == "pgsql") or ($db_type == "mysql")) { - $numeric_extensions = $row['numeric_extensions']; - } - } - unset($prep_statement, $row); + unset($sql_2); //prepare to page the results $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; @@ -112,33 +100,15 @@ $offset = $rows_per_page * $_GET['page']; //to cast or not to cast - if ($db_type == "pgsql") { - $order_text = ($total_extensions == $numeric_extensions) ? "cast(extension as bigint)" : "extension"; - } - else { - $order_text = "extension"; - } + $order_text = $db_type == "pgsql" && $total_extensions == $numeric_extensions ? 'cast(extension as bigint)' : 'extension'; //get the extensions - $sql = "select * from v_extensions "; - $sql .= "where 1 = 1 "; - if ($_GET['show'] == "all" && permission_exists('extension_all')) { - //show all gateways - } else { - $sql .= "and domain_uuid = '$domain_uuid' "; - } - $sql .= $sql_search; //add search mod from above - if (strlen($order_by) > 0) { - $sql .= ($order_by == 'extension') ? "order by $order_text ".$order." " : "order by ".$order_by." ".$order." "; - } - else { - $sql .= "order by $order_text $order"; - } - $sql .= "limit $rows_per_page offset $offset "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $extensions = $prep_statement->fetchAll(PDO::FETCH_NAMED); - unset ($prep_statement, $sql); + $sql_3 = str_replace('count(*)', '*', $sql_1); + $sql_3 .= $order_by == '' || $order_by == 'extension' ? ' order by '.$order_text.' '.$order.' ' : order_by($order_by, $order); + $sql_3 .= limit_offset($rows_per_page, $offset); + $database = new database; + $extensions = $database->select($sql_3, $parameters, 'all'); + unset($sql_1, $sql_3, $parameters); //set the alternating styles $c = 0; @@ -215,7 +185,6 @@ echo "\n"; if (is_array($extensions)) { - foreach($extensions as $row) { $tr_link = (permission_exists('extension_edit')) ? " href='extension_edit.php?id=".escape($row['extension_uuid'])."'" : null; echo "\n"; @@ -281,8 +250,8 @@ echo "\n"; $c = ($c) ? 0 : 1; } - unset($extensions, $row); } + unset($extensions, $row); if (is_array($extensions)) { echo "\n";