diff --git a/app/voicemails/voicemail_delete.php b/app/voicemails/voicemail_delete.php index 1ed1c745c3..3478ba9517 100644 --- a/app/voicemails/voicemail_delete.php +++ b/app/voicemails/voicemail_delete.php @@ -43,12 +43,10 @@ $text = $language->get(); //get the ids - if (is_array($_REQUEST) && sizeof($_REQUEST) > 0) { - + if (is_array($_REQUEST) && @sizeof($_REQUEST) > 0) { $voicemail_uuids = $_REQUEST["id"]; foreach($voicemail_uuids as $voicemail_uuid) { - $voicemail_uuid = check_str($voicemail_uuid); - if ($voicemail_uuid != '') { + if (is_uuid($voicemail_uuid)) { //delete voicemail messages require_once "resources/classes/voicemail.php"; $voicemail = new voicemail; @@ -66,4 +64,4 @@ header("Location: voicemails.php"); return; -?> +?> \ No newline at end of file diff --git a/app/voicemails/voicemail_edit.php b/app/voicemails/voicemail_edit.php index e2298d905a..4d8500e036 100644 --- a/app/voicemails/voicemail_edit.php +++ b/app/voicemails/voicemail_edit.php @@ -43,79 +43,83 @@ $text = $language->get(); //action add or update - if (isset($_REQUEST["id"])) { + if (is_uuid($_REQUEST["id"])) { $action = "update"; - $voicemail_uuid = check_str($_REQUEST["id"]); + $voicemail_uuid = $_REQUEST["id"]; } else { $action = "add"; } //get http variables and set them to php variables - $referer_path = check_str($_REQUEST["referer_path"]); - $referer_query = check_str($_REQUEST["referer_query"]); + $referer_path = $_REQUEST["referer_path"]; + $referer_query = $_REQUEST["referer_query"]; if (count($_POST)>0) { //set the variables from the HTTP values - $voicemail_id = check_str($_POST["voicemail_id"]); - $voicemail_password = check_str($_POST["voicemail_password"]); - $greeting_id = check_str($_POST["greeting_id"]); + $voicemail_id = $_POST["voicemail_id"]; + $voicemail_password = $_POST["voicemail_password"]; + $greeting_id = $_POST["greeting_id"]; $voicemail_options = $_POST["voicemail_options"]; - $voicemail_alternate_greet_id = check_str($_POST["voicemail_alternate_greet_id"]); - $voicemail_mail_to = check_str($_POST["voicemail_mail_to"]); - $voicemail_sms_to = check_str($_POST["voicemail_sms_to"]); - $voicemail_transcription_enabled = check_str($_POST["voicemail_transcription_enabled"]); - $voicemail_file = check_str($_POST["voicemail_file"]); - $voicemail_local_after_email = check_str($_POST["voicemail_local_after_email"]); - $voicemail_enabled = check_str($_POST["voicemail_enabled"]); - $voicemail_description = check_str($_POST["voicemail_description"]); - $voicemail_tutorial = check_str($_POST["voicemail_tutorial"]); + $voicemail_alternate_greet_id = $_POST["voicemail_alternate_greet_id"]; + $voicemail_mail_to = $_POST["voicemail_mail_to"]; + $voicemail_sms_to = $_POST["voicemail_sms_to"]; + $voicemail_transcription_enabled = $_POST["voicemail_transcription_enabled"]; + $voicemail_file = $_POST["voicemail_file"]; + $voicemail_local_after_email = $_POST["voicemail_local_after_email"]; + $voicemail_enabled = $_POST["voicemail_enabled"]; + $voicemail_description = $_POST["voicemail_description"]; + $voicemail_tutorial = $_POST["voicemail_tutorial"]; //remove the space $voicemail_mail_to = str_replace(" ", "", $voicemail_mail_to); - //debug info - //echo "
"; print_r($voicemail_options); echo "
"; } //unassign the voicemail id copy from the voicemail id - if ($_GET["a"] == "delete" && strlen($voicemail_uuid) > 0 && strlen($_REQUEST["voicemail_destination_uuid"]) > 0) { + if ($_GET["a"] == "delete" && is_uuid($voicemail_uuid) && is_uuid($_REQUEST["voicemail_destination_uuid"])) { //set the variables - $voicemail_destination_uuid = check_str($_REQUEST["voicemail_destination_uuid"]); - //delete the voicemail from the destionations - $sqld = " - delete from - v_voicemail_destinations - where - voicemail_destination_uuid = '".$voicemail_destination_uuid."' and - voicemail_uuid = '".$voicemail_uuid."'"; - $db->exec(check_sql($sqld)); - //redirect the browser + $voicemail_destination_uuid = $_REQUEST["voicemail_destination_uuid"]; + //build delete array + $array['voicemail_destinations'][0]['voicemail_destination_uuid'] = $voicemail_destination_uuid; + $array['voicemail_destinations'][0]['voicemail_uuid'] = $voicemail_uuid; + //grant temporary permissions + $p = new permissions; + $p->add('voicemail_destination_delete', 'temp'); + //execute delete + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->delete($array); + unset($array); + //revoke temporary permissions + $p->delete('voicemail_destination_delete', 'temp'); + //set message message::add($text['message-delete']); + //redirect the browser header("Location: voicemail_edit.php?id=".$voicemail_uuid); - return; + exit; } //assign the voicemail id copy to the voicemail id - if (strlen($voicemail_uuid) > 0 && strlen($_REQUEST["voicemail_uuid_copy"]) > 0) { + if (is_uuid($voicemail_uuid) && is_uuid($_REQUEST["voicemail_uuid_copy"])) { //set the variables - $voicemail_uuid_copy = check_str($_REQUEST["voicemail_uuid_copy"]); - //assign the user to the extension - $sqli = " - insert into - v_voicemail_destinations - ( - domain_uuid, - voicemail_destination_uuid, - voicemail_uuid, - voicemail_uuid_copy - ) - values - ( - '".$domain_uuid."', - '".uuid()."', - '".$voicemail_uuid."', - '".$voicemail_uuid_copy."' - )"; - $db->exec(check_sql($sqli)); - //redirect the browser + $voicemail_uuid_copy = $_REQUEST["voicemail_uuid_copy"]; + //build insert array + $array['voicemail_destinations'][0]['domain_uuid'] = $domain_uuid; + $array['voicemail_destinations'][0]['voicemail_destination_uuid'] = uuid(); + $array['voicemail_destinations'][0]['voicemail_uuid'] = $voicemail_uuid; + $array['voicemail_destinations'][0]['voicemail_uuid_copy'] = $voicemail_uuid_copy; + //grant temporary permissions + $p = new permissions; + $p->add('voicemail_destination_add', 'temp'); + //execute insert + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->save($array); + unset($array); + //revoke temporary permissions + $p = new permissions; + $p->delete('voicemail_destination_add', 'temp'); + //set message message::add($text['message-add']); } @@ -123,7 +127,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { - $voicemail_uuid = check_str($_POST["voicemail_uuid"]); + $voicemail_uuid = $_POST["voicemail_uuid"]; } //check for all required data @@ -143,73 +147,44 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //add or update the database if ($_POST["persistformvar"] != "true") { if ($action == "add" && permission_exists('voicemail_add')) { - $sql = "insert into v_voicemails "; - $sql .= "("; - $sql .= "domain_uuid, "; - $sql .= "voicemail_uuid, "; - $sql .= "voicemail_id, "; - $sql .= "voicemail_password, "; - $sql .= "greeting_id, "; - $sql .= "voicemail_alternate_greet_id, "; - $sql .= "voicemail_mail_to, "; - $sql .= "voicemail_sms_to, "; - $sql .= "voicemail_transcription_enabled, "; - $sql .= "voicemail_tutorial, "; - $sql .= "voicemail_file, "; - if (permission_exists('voicemail_local_after_email')) { - $sql .= "voicemail_local_after_email, "; - } - $sql .= "voicemail_enabled, "; - $sql .= "voicemail_description "; - $sql .= ")"; - $sql .= "values "; - $sql .= "("; - $sql .= "'".$domain_uuid."', "; - $sql .= "'".uuid()."', "; - $sql .= "'".$voicemail_id."', "; - $sql .= "'".$voicemail_password."', "; - $sql .= (($greeting_id != '') ? "'".$greeting_id."'" : 'null').", "; - $sql .= (($voicemail_alternate_greet_id != '') ? "'".$voicemail_alternate_greet_id."'" : 'null').", "; - $sql .= "'".$voicemail_mail_to."', "; - $sql .= "'".$voicemail_sms_to."', "; - $sql .= "'".$voicemail_transcription_enabled."', "; - $sql .= "'".$voicemail_tutorial."', "; - $sql .= "'".$voicemail_file."', "; - if (permission_exists('voicemail_local_after_email')) { - $sql .= "'".$voicemail_local_after_email."', "; - } - $sql .= "'".$voicemail_enabled."', "; - $sql .= "'".$voicemail_description."' "; - $sql .= ")"; - $db->exec(check_sql($sql)); - unset($sql); - - message::add($text['message-add']); - } //if ($action == "add") + //begin insert array + $voicemail_uuid = uuid(); + $array['voicemails'][0]['voicemail_uuid'] = $voicemail_uuid; + //set message + message::add($text['message-add']); + } if ($action == "update" && permission_exists('voicemail_edit')) { - $sql = "update v_voicemails set "; - $sql .= "voicemail_id = '".$voicemail_id."', "; - $sql .= "voicemail_password = '".$voicemail_password."', "; - $sql .= "greeting_id = ".(($greeting_id != '') ? "'".$greeting_id."'" : 'null').", "; - $sql .= "voicemail_alternate_greet_id = ".(($voicemail_alternate_greet_id != '') ? "'".$voicemail_alternate_greet_id."'" : 'null').", "; - $sql .= "voicemail_mail_to = '".$voicemail_mail_to."', "; - $sql .= "voicemail_sms_to = '".$voicemail_sms_to."', "; - $sql .= "voicemail_transcription_enabled = '".$voicemail_transcription_enabled."', "; - $sql .= "voicemail_tutorial = '".$voicemail_tutorial."', "; - $sql .= "voicemail_file = '".$voicemail_file."', "; - if (permission_exists('voicemail_local_after_email')) { - $sql .= "voicemail_local_after_email = '".$voicemail_local_after_email."', "; - } - $sql .= "voicemail_enabled = '".$voicemail_enabled."', "; - $sql .= "voicemail_description = '".$voicemail_description."' "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and voicemail_uuid = '".$voicemail_uuid."'"; - $db->exec(check_sql($sql)); - unset($sql); + //begin update array + $array['voicemails'][0]['voicemail_uuid'] = $voicemail_uuid; + //set message + message::add($text['message-update']); + } - message::add($text['message-update']); - } //if ($action == "update") + if (is_array($array) && @sizeof($array) != 0) { + //add common array fields + $array['voicemails'][0]['domain_uuid'] = $domain_uuid; + $array['voicemails'][0]['voicemail_id'] = $voicemail_id; + $array['voicemails'][0]['voicemail_password'] = $voicemail_password; + $array['voicemails'][0]['greeting_id'] = $greeting_id != '' ? $greeting_id : null; + $array['voicemails'][0]['voicemail_alternate_greet_id'] = $voicemail_alternate_greet_id != '' ? $voicemail_alternate_greet_id : null; + $array['voicemails'][0]['voicemail_mail_to'] = $voicemail_mail_to; + $array['voicemails'][0]['voicemail_sms_to'] = $voicemail_sms_to; + $array['voicemails'][0]['voicemail_transcription_enabled'] = $voicemail_transcription_enabled; + $array['voicemails'][0]['voicemail_tutorial'] = $voicemail_tutorial; + $array['voicemails'][0]['voicemail_file'] = $voicemail_file; + if (permission_exists('voicemail_local_after_email')) { + $array['voicemails'][0]['voicemail_local_after_email'] = $voicemail_local_after_email; + } + $array['voicemails'][0]['voicemail_enabled'] = $voicemail_enabled; + $array['voicemails'][0]['voicemail_description'] = $voicemail_description; + //execute insert/update + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->save($array); + unset($array); + } // add voicemail options @@ -217,25 +192,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { foreach ($voicemail_options as $index => $voicemail_option) { if ($voicemail_option['voicemail_option_digits'] == '' || $voicemail_option['voicemail_option_param'] == '') { unset($voicemail_options[$index]); } } - } - if (sizeof($voicemail_options) > 0) { - $sql = "insert into v_voicemail_options "; - $sql .= "( "; - $sql .= "voicemail_option_uuid, "; - $sql .= "voicemail_uuid, "; - $sql .= "domain_uuid, "; - $sql .= "voicemail_option_digits, "; - $sql .= "voicemail_option_action, "; - $sql .= "voicemail_option_param, "; - $sql .= "voicemail_option_order, "; - $sql .= "voicemail_option_description "; - $sql .= ") "; - $sql .= "values "; foreach ($voicemail_options as $index => $voicemail_option) { - - //set the uuid - $voicemail_option_uuid = uuid(); - if (is_numeric($voicemail_option["voicemail_option_param"])) { //if numeric then add tranfer $1 XML domain_name $voicemail_option['voicemail_option_action'] = "menu-exec-app"; @@ -248,21 +205,30 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $voicemail_option['voicemail_option_param'] = join(':', $option_array); } - //continue building insert query - $sql_record[$index] = "( "; - $sql_record[$index] .= "'".$voicemail_option_uuid."', "; - $sql_record[$index] .= "'".$voicemail_uuid."', "; - $sql_record[$index] .= "'".$domain_uuid."', "; - $sql_record[$index] .= "'".trim($voicemail_option['voicemail_option_digits'])."', "; - $sql_record[$index] .= "'".trim($voicemail_option['voicemail_option_action'])."', "; - $sql_record[$index] .= "'".trim($voicemail_option['voicemail_option_param'])."', "; - $sql_record[$index] .= $voicemail_option['voicemail_option_order'].", "; - $sql_record[$index] .= "'".trim($voicemail_option['voicemail_option_description'])."' "; - $sql_record[$index] .= ") "; + //build insert array + $voicemail_option_uuid = uuid(); + $array['voicemail_options'][$index]['voicemail_option_uuid'] = $voicemail_option_uuid; + $array['voicemail_options'][$index]['voicemail_uuid'] = $voicemail_uuid; + $array['voicemail_options'][$index]['domain_uuid'] = $domain_uuid; + $array['voicemail_options'][$index]['voicemail_option_digits'] = $voicemail_option['voicemail_option_digits']; + $array['voicemail_options'][$index]['voicemail_option_action'] = $voicemail_option['voicemail_option_action']; + $array['voicemail_options'][$index]['voicemail_option_param'] = $voicemail_option['voicemail_option_param']; + $array['voicemail_options'][$index]['voicemail_option_order'] = $voicemail_option['voicemail_option_order']; + $array['voicemail_options'][$index]['voicemail_option_description'] = $voicemail_option['voicemail_option_description']; + } + if (is_array($array) && @sizeof($array) != 0) { + //grant temporary permissions + $p = new permissions; + $p->add('voicemail_option_add', 'temp'); + //execute inserts + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->save($array); + unset($array); + //revoke temporary permissions + $p->delete('voicemail_option_add', 'temp'); } - $sql .= implode(",", $sql_record); - $db->exec(check_sql($sql)); - unset($sql); } //redirect user @@ -274,22 +240,23 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { } exit; - } //if ($_POST["persistformvar"] != "true") -} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) + } +} //initialize the destinations object $destination = new destinations; //pre-populate the form - if (count($_GET)>0 && $_POST["persistformvar"] != "true") { - $voicemail_uuid = check_str($_GET["id"]); + if (count($_GET)>0 && is_uuid($_GET["id"]) && $_POST["persistformvar"] != "true") { + $voicemail_uuid = $_GET["id"]; $sql = "select * from v_voicemails "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and voicemail_uuid = '".$voicemail_uuid."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and voicemail_uuid = :voicemail_uuid "; + $parameters['domain_uuid'] = $domain_uuid; + $parameters['voicemail_uuid'] = $voicemail_uuid; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $voicemail_id = $row["voicemail_id"]; $voicemail_password = $row["voicemail_password"]; $greeting_id = $row["greeting_id"]; @@ -302,9 +269,8 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $voicemail_local_after_email = $row["voicemail_local_after_email"]; $voicemail_enabled = $row["voicemail_enabled"]; $voicemail_description = $row["voicemail_description"]; - break; //limit to 1 row } - unset ($prep_statement); + unset($sql, $parameters, $row); } else { $voicemail_file = $_SESSION['voicemail']['voicemail_file']['text']; @@ -322,14 +288,14 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //get the greetings list $sql = "select * from v_voicemail_greetings "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and voicemail_id = '".$voicemail_id."' "; + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and voicemail_id = :voicemail_id "; $sql .= "order by greeting_name asc "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $greetings = $prep_statement->fetchAll(PDO::FETCH_NAMED); - $greeting_count = count($greetings); - unset ($prep_statement, $sql); + $parameters['domain_uuid'] = $domain_uuid; + $parameters['voicemail_id'] = $voicemail_id; + $database = new database; + $greetings = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); //show the header require_once "resources/header.php"; @@ -431,7 +397,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; echo " \n"; - //echo " \n"; if (strlen(htmlspecialchars($voicemail_option_order))> 0) { echo " \n"; } - $i=0; - while($i<=999) { + $i = 0; + while ($i <= 999) { if (strlen($i) == 1) { echo " \n"; } @@ -638,16 +605,16 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { v_voicemail_destinations as d where d.voicemail_uuid_copy = v.voicemail_uuid and - v.domain_uuid = '".$_SESSION['domain_uuid']."' and + v.domain_uuid = :domain_uuid and v.voicemail_enabled = 'true' and - d.voicemail_uuid = '".$voicemail_uuid."' + d.voicemail_uuid = :voicemail_uuid order by v.voicemail_id asc"; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - $result_count = count($result); - if ($result_count > 0) { + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $parameters['voicemail_uuid'] = $voicemail_uuid; + $database = new database; + $result = $database->select($sql, $parameters, 'all'); + if (is_array($result) && @sizeof($result) != 0) { echo " \n"; foreach($result as $field) { echo " \n"; @@ -656,15 +623,25 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo " ".$v_link_label_delete."\n"; echo " \n"; echo " \n"; - $voicemail_uuid_copied[] = $field['voicemail_uuid_copy']; + $voicemail_uuids_copied[] = $field['voicemail_uuid_copy']; } echo "
\n"; echo "
\n"; } + unset($sql, $parameters, $result, $field); - if (sizeof($voicemail_uuid_copied) > 0) { + if (is_array($voicemail_uuids_copied) && @sizeof($voicemail_uuids_copied) != 0) { // modify sql to remove already copied voicemail uuids from the list - $sql_mod = " and v.voicemail_uuid not in ('".implode("','", $voicemail_uuid_copied)."') "; + foreach ($voicemail_uuids_copied as $x => $voicemail_uuid_copied) { + if (is_uuid($voicemail_uuid_copied)) { + $sql_where_and[] = 'v.voicemail_uuid <> :voicemail_uuid_'.$x; + $parameters['voicemail_uuid_'.$x] = $voicemail_uuid_copied; + } + } + if (is_array($sql_where_and) && @sizeof($sql_where_and) != 0) { + $sql_where = ' and '.implode(' and ', $sql_where_and); + } + unset($voicemail_uuids_copied, $x, $voicemail_uuid_copied, $sql_where_and); } $sql = " @@ -674,23 +651,26 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { from v_voicemails as v where - v.domain_uuid = '".$_SESSION['domain_uuid']."' and + v.domain_uuid = :domain_uuid and v.voicemail_enabled = 'true' and - v.voicemail_uuid <> '".$voicemail_uuid."' - ".$sql_mod." + v.voicemail_uuid <> :voicemail_uuid + ".$sql_where." order by v.voicemail_id asc"; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $parameters['voicemail_uuid'] = $voicemail_uuid; + $database = new database; + $result = $database->select($sql, $parameters, 'all'); echo " "; echo " \n"; - unset($sql, $result); echo "
\n"; echo " ".$text['description-forward_destinations']."\n"; echo "
\n"; @@ -757,7 +737,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo " $(window).keypress(function(event){\n"; echo " if (event.which == 13) { submit_form(); }\n"; echo " });\n"; -// convert password fields to +//hide password fields, change to text, before submit echo " function submit_form() {\n"; echo " $('input:password').css('visibility','hidden');\n"; echo " $('input:password').attr({type:'text'});\n"; @@ -768,4 +748,4 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/app/voicemails/voicemail_imports.php b/app/voicemails/voicemail_imports.php index f1d4a7d3e9..c97966ac65 100644 --- a/app/voicemails/voicemail_imports.php +++ b/app/voicemails/voicemail_imports.php @@ -58,12 +58,10 @@ ini_set(max_execution_time,7200); //get the http get values and set them as php variables - $action = check_str($_POST["action"]); - $from_row = check_str($_POST["from_row"]); - $order_by = check_str($_POST["order_by"]); - $order = check_str($_POST["order"]); - $delimiter = check_str($_POST["data_delimiter"]); - $enclosure = check_str($_POST["data_enclosure"]); + $action = $_POST["action"]; + $from_row = $_POST["from_row"]; + $delimiter = $_POST["data_delimiter"]; + $enclosure = $_POST["data_enclosure"]; //save the data to the csv file if (isset($_POST['data'])) { @@ -75,7 +73,7 @@ //copy the csv file //$_POST['submit'] == "Upload" && if ( is_uploaded_file($_FILES['ulfile']['tmp_name']) && permission_exists('voicemail_import')) { - if (check_str($_POST['type']) == 'csv') { + if ($_POST['type'] == 'csv') { move_uploaded_file($_FILES['ulfile']['tmp_name'], $_SESSION['server']['temp']['dir'].'/'.$_FILES['ulfile']['name']); $save_msg = "Uploaded file to ".$_SESSION['server']['temp']['dir']."/". htmlentities($_FILES['ulfile']['name']); //system('chmod -R 744 '.$_SESSION['server']['temp']['dir'].'*'); @@ -126,10 +124,6 @@ $i++; } } - //echo "
\n";
-			//print_r($schema);
-			//echo "
\n"; - //exit; } //match the column names to the field names @@ -312,13 +306,7 @@ } //end while fclose($handle); - //debug info - //echo "
\n";
-					//print_r($array);
-					//echo "
\n"; - //exit; - - //save to the data + //save to the data if (is_array($array)) { $database = new database; $database->app_name = 'voicemails'; @@ -439,4 +427,4 @@ //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/app/voicemails/voicemail_message_delete.php b/app/voicemails/voicemail_message_delete.php index 04d5fa8e1f..f938597a1d 100644 --- a/app/voicemails/voicemail_message_delete.php +++ b/app/voicemails/voicemail_message_delete.php @@ -34,34 +34,31 @@ else { exit; } -/* -echo "
".print_r($_REQUEST, true)."
"; -exit; -*/ - //add multi-lingual support $language = new text; $text = $language->get(); //get submitted variables - if (count($_REQUEST)>0) { - $voicemail_messages = $_REQUEST["voicemail_messages"]; - } + $voicemail_messages = $_REQUEST["voicemail_messages"]; //delete the voicemail message $deleted = 0; - if (is_array($voicemail_messages) && sizeof($voicemail_messages) > 0) { + if (is_array($voicemail_messages) && @sizeof($voicemail_messages) > 0) { require_once "resources/classes/voicemail.php"; foreach ($voicemail_messages as $voicemail_uuid => $voicemail_message_uuids) { - foreach ($voicemail_message_uuids as $voicemail_message_uuid) { - $voicemail = new voicemail; - $voicemail->db = $db; - $voicemail->domain_uuid = $_SESSION['domain_uuid']; - $voicemail->voicemail_uuid = check_str($voicemail_uuid); - $voicemail->voicemail_message_uuid = check_str($voicemail_message_uuid); - $result = $voicemail->message_delete(); - unset($voicemail); - $deleted++; + if (is_array($voicemail_message_uuids) && @sizeof($voicemail_message_uuids) != 0) { + foreach ($voicemail_message_uuids as $voicemail_message_uuid) { + if (is_uuid($voicemail_uuid) && is_uuid($voicemail_message_uuid)) { + $voicemail = new voicemail; + $voicemail->db = $db; + $voicemail->domain_uuid = $_SESSION['domain_uuid']; + $voicemail->voicemail_uuid = $voicemail_uuid; + $voicemail->voicemail_message_uuid = $voicemail_message_uuid; + $result = $voicemail->message_delete(); + unset($voicemail); + $deleted++; + } + } } } } @@ -73,7 +70,7 @@ exit; //redirect the user if ($deleted > 0) { - $_SESSION["message"] = $text['message-delete'].': '.$deleted; + message::add($text['message-delete'].': '.$deleted); } if ($referer_path == PROJECT_PATH."/app/voicemails/voicemail_messages.php") { header("Location: voicemail_messages.php?".$referer_query); diff --git a/app/voicemails/voicemail_message_edit.php b/app/voicemails/voicemail_message_edit.php index d51e4b98eb..a0fc7e2bb9 100644 --- a/app/voicemails/voicemail_message_edit.php +++ b/app/voicemails/voicemail_message_edit.php @@ -39,36 +39,36 @@ else { $text = $language->get(); //action add or update - if (isset($_REQUEST["id"])) { + if (is_uuid($_REQUEST["id"])) { $action = "update"; - $voicemail_message_uuid = check_str($_REQUEST["id"]); + $voicemail_message_uuid = $_REQUEST["id"]; } else { $action = "add"; } //set the parent uuid - if (strlen($_GET["voicemail_uuid"]) > 0) { - $voicemail_uuid = check_str($_GET["voicemail_uuid"]); + if (is_uuid($_GET["voicemail_uuid"])) { + $voicemail_uuid = $_GET["voicemail_uuid"]; } //get http post variables and set them to php variables if (count($_POST)>0) { - $voicemail_uuid = check_str($_POST["voicemail_uuid"]); - $created_epoch = check_str($_POST["created_epoch"]); - $read_epoch = check_str($_POST["read_epoch"]); - $caller_id_name = check_str($_POST["caller_id_name"]); - $caller_id_number = check_str($_POST["caller_id_number"]); - $message_length = check_str($_POST["message_length"]); - $message_status = check_str($_POST["message_status"]); - $message_priority = check_str($_POST["message_priority"]); + $voicemail_uuid = $_POST["voicemail_uuid"]; + $created_epoch = $_POST["created_epoch"]; + $read_epoch = $_POST["read_epoch"]; + $caller_id_name = $_POST["caller_id_name"]; + $caller_id_number = $_POST["caller_id_number"]; + $message_length = $_POST["message_length"]; + $message_status = $_POST["message_status"]; + $message_priority = $_POST["message_priority"]; } if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { - $voicemail_message_uuid = check_str($_POST["voicemail_message_uuid"]); + $voicemail_message_uuid = $_POST["voicemail_message_uuid"]; } //check for all required data @@ -96,73 +96,55 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { //add or update the database if ($_POST["persistformvar"] != "true") { if ($action == "add" && permission_exists('voicemail_message_add')) { - $sql = "insert into v_voicemail_messages "; - $sql .= "("; - $sql .= "domain_uuid, "; - $sql .= "voicemail_message_uuid, "; - $sql .= "voicemail_uuid, "; - $sql .= "created_epoch, "; - $sql .= "read_epoch, "; - $sql .= "caller_id_name, "; - $sql .= "caller_id_number, "; - $sql .= "message_length, "; - $sql .= "message_status, "; - $sql .= "message_priority "; - $sql .= ")"; - $sql .= "values "; - $sql .= "("; - $sql .= "'$domain_uuid', "; - $sql .= "'".uuid()."', "; - $sql .= "'$voicemail_uuid', "; - $sql .= "'$created_epoch', "; - $sql .= "'$read_epoch', "; - $sql .= "'$caller_id_name', "; - $sql .= "'$caller_id_number', "; - $sql .= "'$message_length', "; - $sql .= "'$message_status', "; - $sql .= "'$message_priority' "; - $sql .= ")"; - $db->exec(check_sql($sql)); - unset($sql); - - message::add($text['message-add']); - header("Location: voicemail_edit.php?id=".$voicemail_uuid); - return; - } //if ($action == "add") + //begin insert array + $array['voicemail_messages'][0]['voicemail_message_uuid'] = uuid(); + //message + message::add($text['message-add']); + } if ($action == "update" && permission_exists('voicemail_message_edit')) { - $sql = "update v_voicemail_messages set "; - $sql .= "voicemail_uuid = '$voicemail_uuid', "; - $sql .= "voicemail_uuid = '$voicemail_uuid', "; - $sql .= "created_epoch = '$created_epoch', "; - $sql .= "read_epoch = '$read_epoch', "; - $sql .= "caller_id_name = '$caller_id_name', "; - $sql .= "caller_id_number = '$caller_id_number', "; - $sql .= "message_length = '$message_length', "; - $sql .= "message_status = '$message_status', "; - $sql .= "message_priority = '$message_priority' "; - $sql .= "where domain_uuid = '$domain_uuid' "; - $sql .= "and voicemail_message_uuid = '$voicemail_message_uuid'"; - $db->exec(check_sql($sql)); - unset($sql); + //begin update array + $array['voicemail_messages'][0]['voicemail_message_uuid'] = $voicemail_message_uuid; + //set message + message::add($text['message-update']); + } - message::add($text['message-update']); - header("Location: voicemail_edit.php?id=".$voicemail_uuid); - return; - } //if ($action == "update") - } //if ($_POST["persistformvar"] != "true") -} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) + if (is_array($array) && @sizeof($array) != 0) { + //add common array fields + $array['voicemail_messages'][0]['domain_uuid'] = $domain_uuid; + $array['voicemail_messages'][0]['voicemail_uuid'] = $voicemail_uuid; + $array['voicemail_messages'][0]['created_epoch'] = $created_epoch; + $array['voicemail_messages'][0]['read_epoch'] = $read_epoch; + $array['voicemail_messages'][0]['caller_id_name'] = $caller_id_name; + $array['voicemail_messages'][0]['caller_id_number'] = $caller_id_number; + $array['voicemail_messages'][0]['message_length'] = $message_length; + $array['voicemail_messages'][0]['message_status'] = $message_status; + $array['voicemail_messages'][0]['message_priority'] = $message_priority; + //execute insert/update + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->save($array); + unset($array); + //redirect + header("Location: voicemail_edit.php?id=".$voicemail_uuid); + exit; + } + } + +} //pre-populate the form - if (count($_GET)>0 && $_POST["persistformvar"] != "true") { - $voicemail_message_uuid = check_str($_GET["id"]); + if (count($_GET)>0 && is_uuid($_GET["id"]) && $_POST["persistformvar"] != "true") { + $voicemail_message_uuid = $_GET["id"]; $sql = "select * from v_voicemail_messages "; - $sql .= "where domain_uuid = '$domain_uuid' "; - $sql .= "and voicemail_message_uuid = '$voicemail_message_uuid' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(); - foreach ($result as &$row) { + $sql .= "where domain_uuid = :domain_uuid "; + $sql .= "and voicemail_message_uuid = :voicemail_message_uuid "; + $parameters['domain_uuid'] = $domain_uuid; + $parameters['voicemail_message_uuid'] = $voicemail_message_uuid; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $voicemail_uuid = $row["voicemail_uuid"]; $created_epoch = $row["created_epoch"]; $read_epoch = $row["read_epoch"]; @@ -171,9 +153,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { $message_length = $row["message_length"]; $message_status = $row["message_status"]; $message_priority = $row["message_priority"]; - break; //limit to 1 row } - unset ($prep_statement); + unset($sql, $parameters, $row); } //show the header @@ -279,4 +260,5 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { //include the footer require_once "resources/footer.php"; -?> + +?> \ No newline at end of file diff --git a/app/voicemails/voicemail_message_toggle.php b/app/voicemails/voicemail_message_toggle.php index f2da870c5a..b823832d00 100644 --- a/app/voicemails/voicemail_message_toggle.php +++ b/app/voicemails/voicemail_message_toggle.php @@ -47,14 +47,16 @@ else { require_once "resources/classes/voicemail.php"; foreach ($voicemail_messages as $voicemail_uuid => $voicemail_message_uuids) { foreach ($voicemail_message_uuids as $voicemail_message_uuid) { - $voicemail = new voicemail; - $voicemail->db = $db; - $voicemail->domain_uuid = $_SESSION['domain_uuid']; - $voicemail->voicemail_uuid = check_str($voicemail_uuid); - $voicemail->voicemail_message_uuid = check_str($voicemail_message_uuid); - $result = $voicemail->message_toggle(); - unset($voicemail); - $toggled++; + if (is_uuid($voicemail_uuid) && is_uuid($voicemail_message_uuid)) { + $voicemail = new voicemail; + $voicemail->db = $db; + $voicemail->domain_uuid = $_SESSION['domain_uuid']; + $voicemail->voicemail_uuid = $voicemail_uuid; + $voicemail->voicemail_message_uuid = $voicemail_message_uuid; + $result = $voicemail->message_toggle(); + unset($voicemail); + $toggled++; + } } } } @@ -66,7 +68,7 @@ else { //redirect the user if ($toggled > 0) { - $_SESSION["message"] = $text['message-toggled'].': '.$toggled; + message::add($text['message-toggled'].': '.$toggled); } if ($referer_path == PROJECT_PATH."/app/voicemails/voicemail_messages.php") { header("Location: voicemail_messages.php?".$referer_query); diff --git a/app/voicemails/voicemail_messages.php b/app/voicemails/voicemail_messages.php index 33ab0442d7..5f899fa57a 100644 --- a/app/voicemails/voicemail_messages.php +++ b/app/voicemails/voicemail_messages.php @@ -29,7 +29,7 @@ require_once "resources/require.php"; //check permissions - if (!(check_str($_REQUEST["action"]) == "download" && check_str($_REQUEST["src"]) == "email")) { + if (!($_REQUEST["action"] == "download" && $_REQUEST["src"] == "email")) { require_once "resources/check_auth.php"; if (permission_exists('voicemail_message_view')) { //access granted @@ -45,19 +45,19 @@ $text = $language->get(); //set the voicemail_uuid - if (strlen($_REQUEST["id"]) > 0) { - $voicemail_uuid = check_str($_REQUEST["id"]); + if (is_uuid($_REQUEST["id"])) { + $voicemail_uuid = $_REQUEST["id"]; } //required class require_once "app/voicemails/resources/classes/voicemail.php"; //download the message - if (check_str($_REQUEST["action"]) == "download") { - $voicemail_message_uuid = check_str($_REQUEST["uuid"]); - $voicemail_id = check_str($_REQUEST["id"]); - $voicemail_uuid = check_str($_REQUEST["voicemail_uuid"]); - if ($voicemail_message_uuid != '' && $voicemail_id != '' && $voicemail_uuid != '') { + if ($_REQUEST["action"] == "download") { + $voicemail_message_uuid = $_REQUEST["uuid"]; + $voicemail_id = $_REQUEST["id"]; + $voicemail_uuid = $_REQUEST["voicemail_uuid"]; + if (is_uuid($voicemail_message_uuid) && $voicemail_id != '' && is_uuid($voicemail_uuid)) { $voicemail = new voicemail; $voicemail->db = $db; $voicemail->domain_uuid = $_SESSION['domain_uuid']; @@ -71,8 +71,8 @@ } //get the html values and set them as variables - $order_by = check_str($_GET["order_by"]); - $order = check_str($_GET["order"]); + $order_by = $_GET["order_by"]; + $order = $_GET["order"]; //get the voicemail $vm = new voicemail; @@ -100,7 +100,7 @@ $row_style["1"] = "row_style1"; //loop through the voicemail messages - if (is_array($voicemails)) { + if (is_array($voicemails) && @sizeof($voicemails) != 0) { echo "
\n"; @@ -108,7 +108,7 @@ echo "\n"; $previous_voicemail_id = ''; - foreach($voicemails as $field) { + foreach ($voicemails as $field) { if ($previous_voicemail_id != $field['voicemail_id']) { if ($previous_voicemail_id != '') { echo "\n"; @@ -155,7 +155,7 @@ } if (count($field['messages']) > 0) { - foreach($field['messages'] as &$row) { + foreach ($field['messages'] as &$row) { $style = ($row['message_status'] == '' && $_REQUEST["uuid"] != $row['voicemail_message_uuid']) ? "font-weight: bold;" : null; //playback progress bar @@ -204,11 +204,10 @@ } else { echo ""; - }//end foreach + } unset($row); $previous_voicemail_id = $field['voicemail_id']; - unset($sql, $result, $result_count); } echo "



".$text['message-messages_not_found']."
"; echo "

"; @@ -222,8 +221,8 @@ echo "
"; //autoplay message - if (check_str($_REQUEST["action"]) == "autoplay" && check_str($_REQUEST["uuid"]) != '') { - echo ""; + if ($_REQUEST["action"] == "autoplay" && is_uuid($_REQUEST["uuid"])) { + echo ""; } //check or uncheck all voicemail checkboxes @@ -259,4 +258,4 @@ //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/app/voicemails/voicemail_option_delete.php b/app/voicemails/voicemail_option_delete.php index bf9a9e0876..e0c7ad773a 100644 --- a/app/voicemails/voicemail_option_delete.php +++ b/app/voicemails/voicemail_option_delete.php @@ -30,7 +30,7 @@ require_once "resources/check_auth.php"; //check permissions - if (permission_exists('voicemail_option_edit')) { + if (permission_exists('voicemail_option_delete')) { //access granted } else { @@ -43,22 +43,28 @@ $text = $language->get(); //set the http values as variables - if (count($_GET)>0) { - $voicemail_option_uuid = check_str($_GET["id"]); - $voicemail_uuid = check_str($_GET["voicemail_uuid"]); - } + $voicemail_option_uuid = $_GET["id"]; + $voicemail_uuid = $_GET["voicemail_uuid"]; //delete the voicemail option - if (strlen($voicemail_option_uuid) > 0) { - $sql = "delete from v_voicemail_options "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and voicemail_option_uuid = '".$voicemail_option_uuid."' "; - $db->exec(check_sql($sql)); - unset($sql); + if (is_uuid($voicemail_option_uuid) && is_uuid($voicemail_uuid)) { + //build delete array + $array['voicemail_options'][0]['voicemail_option_uuid'] = $voicemail_option_uuid; + $array['voicemail_options'][0]['domain_uuid'] = $domain_uuid; + //execute delete + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->delete($array); + unset($array); + //set message + message::add($text['message-delete']); + //redirect + header('Location: voicemail_edit.php?id='.$voicemail_uuid); + exit; } -//redirect the user - message::add($text['message-delete']); - header('Location: voicemail_edit.php?id='.$voicemail_uuid); +//default redirect + header('Location: voicemails.php'); -?> +?> \ No newline at end of file diff --git a/app/voicemails/voicemail_option_edit.php b/app/voicemails/voicemail_option_edit.php index 7bea44e1c5..585d62a416 100644 --- a/app/voicemails/voicemail_option_edit.php +++ b/app/voicemails/voicemail_option_edit.php @@ -39,24 +39,24 @@ else { $text = $language->get(); //action add or update - if (isset($_REQUEST["id"])) { + if (is_uuid($_REQUEST["id"])) { $action = "update"; - $voicemail_option_uuid = check_str($_REQUEST["id"]); + $voicemail_option_uuid = $_REQUEST["id"]; } //get the menu id - if (strlen($_GET["voicemail_uuid"]) > 0) { - $voicemail_uuid = check_str($_GET["voicemail_uuid"]); + if (is_uuid($_GET["voicemail_uuid"])) { + $voicemail_uuid = $_GET["voicemail_uuid"]; } //get the http post variables and set them to php variables if (count($_POST)>0) { - $voicemail_uuid = check_str($_POST["voicemail_uuid"]); - $voicemail_option_digits = check_str($_POST["voicemail_option_digits"]); - $voicemail_option_action = check_str($_POST["voicemail_option_action"]); - $voicemail_option_param = check_str($_POST["voicemail_option_param"]); - $voicemail_option_order = check_str($_POST["voicemail_option_order"]); - $voicemail_option_description = check_str($_POST["voicemail_option_description"]); + $voicemail_uuid = $_POST["voicemail_uuid"]; + $voicemail_option_digits = $_POST["voicemail_option_digits"]; + $voicemail_option_action = $_POST["voicemail_option_action"]; + $voicemail_option_param = $_POST["voicemail_option_param"]; + $voicemail_option_order = $_POST["voicemail_option_order"]; + $voicemail_option_description = $_POST["voicemail_option_description"]; //set the default voicemail_option_action if (strlen($voicemail_option_action) == 0) { @@ -72,7 +72,7 @@ else { if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; - $voicemail_option_uuid = check_str($_POST["voicemail_option_uuid"]); + $voicemail_option_uuid = $_POST["voicemail_option_uuid"]; //check for all required data if (strlen($voicemail_option_digits) == 0) { $msg .= $text['message-required'].$text['label-option']."
\n"; } @@ -91,26 +91,33 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { } //update the database - if ($_POST["persistformvar"] != "true") { - if (permission_exists('voicemail_edit')) { - $sql = "update v_voicemail_options set "; - $sql .= "voicemail_option_digits = '".$voicemail_option_digits."', "; - $sql .= "voicemail_option_action = '".$voicemail_option_action."', "; - $sql .= "voicemail_option_param = '".$voicemail_option_param."', "; - $sql .= "voicemail_option_order = ".$voicemail_option_order.", "; - $sql .= "voicemail_option_description = '".$voicemail_option_description."' "; - $sql .= "where domain_uuid = '".$domain_uuid."' "; - $sql .= "and voicemail_option_uuid = '".$voicemail_option_uuid."' "; - $db->exec(check_sql($sql)); - unset($sql); - - //redirect the user - message::add($text['message-update']); - header('Location: voicemail_edit.php?id='.$voicemail_uuid); - return; - } - } //if ($_POST["persistformvar"] != "true") -} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) + if ($_POST["persistformvar"] != "true" && permission_exists('voicemail_edit')) { + //build update array + $array['voicemail_options'][0]['voicemail_option_uuid'] = $voicemail_option_uuid; + $array['voicemail_options'][0]['domain_uuid'] = $domain_uuid; + $array['voicemail_options'][0]['voicemail_option_digits'] = $voicemail_option_digits; + $array['voicemail_options'][0]['voicemail_option_action'] = $voicemail_option_action; + $array['voicemail_options'][0]['voicemail_option_param'] = $voicemail_option_param; + $array['voicemail_options'][0]['voicemail_option_order'] = $voicemail_option_order; + $array['voicemail_options'][0]['voicemail_option_description'] = $voicemail_option_description; + //grant temporary permissions + $p = new permissions; + $p->add('voicemail_option_edit', 'temp'); + //execute update + $database = new database; + $database->app_name = 'voicemails'; + $database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044'; + $database->save($array); + unset($array); + //revoke temporary permissions + $p->delete('voicemail_option_edit', 'temp'); + //set message + message::add($text['message-update']); + //redirect the user + header('Location: voicemail_edit.php?id='.$voicemail_uuid); + exit; + } +} //initialize the destinations object $destination = new destinations; @@ -119,33 +126,30 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { if (count($_GET)>0 && $_POST["persistformvar"] != "true") { $voicemail_option_uuid = $_GET["id"]; $sql = "select * from v_voicemail_options "; - $sql .= "where voicemail_option_uuid = '".$voicemail_option_uuid."' "; - $sql .= "and domain_uuid = '".$domain_uuid."' "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach ($result as &$row) { + $sql .= "where voicemail_option_uuid = :voicemail_option_uuid "; + $sql .= "and domain_uuid = :domain_uuid "; + $parameters['voicemail_option_uuid'] = $voicemail_option_uuid; + $parameters['domain_uuid'] = $domain_uuid; + $database = new database; + $row = $database->select($sql, $parameters, 'row'); + if (is_array($row) && @sizeof($row) != 0) { $domain_uuid = $row["domain_uuid"]; $voicemail_uuid = $row["voicemail_uuid"]; $voicemail_option_digits = trim($row["voicemail_option_digits"]); $voicemail_option_action = $row["voicemail_option_action"]; $voicemail_option_param = $row["voicemail_option_param"]; - //if admin show only the param if (if_group("admin")) { $voicemail_options_label = $voicemail_option_param; } - //if superadmin show both the action and param if (if_group("superadmin")) { $voicemail_options_label = $voicemail_option_action.':'.$voicemail_option_param; } - $voicemail_option_order = $row["voicemail_option_order"]; $voicemail_option_description = $row["voicemail_option_description"]; - break; //limit to 1 row } - unset ($prep_statement); + unset($sql, $parameters, $row); } //send the content to the browser @@ -201,8 +205,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; echo "\n"; echo "