diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/acl.conf.lua b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/acl.conf.lua
index bc739429c5..7df083ec4e 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/acl.conf.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/acl.conf.lua
@@ -48,8 +48,14 @@
end
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
+
+ --include json library
+ local json
+ if (debug["sql"]) then
+ json = require "resources.functions.lunajson"
+ end
--exits the script if we didn't connect properly
assert(dbh:connected());
@@ -76,12 +82,13 @@
--get the nodes
sql = "select * from v_access_control_nodes ";
- sql = sql .. "where access_control_uuid = '"..row.access_control_uuid.."' ";
+ sql = sql .. "where access_control_uuid = :access_control_uuid";
+ local params = {access_control_uuid = row.access_control_uuid}
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
x = 0;
- dbh:query(sql, function(field)
+ dbh:query(sql, params, function(field)
if (string.len(field.node_domain) > 0) then
table.insert(xml, [[ ]]);
else
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/callcenter.conf.lua b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/callcenter.conf.lua
index 57cda269fc..84e919abc1 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/callcenter.conf.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/callcenter.conf.lua
@@ -39,8 +39,8 @@
if (XML_STRING == "-ERR NOT FOUND") or (XML_STRING == "-ERR CONNECTION FAILURE") then
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
--exits the script if we didn't connect properly
assert(dbh:connected());
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/conference.conf.lua b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/conference.conf.lua
index 36f8cba3cb..e8b72f6333 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/conference.conf.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/conference.conf.lua
@@ -25,8 +25,14 @@
-- POSSIBILITY OF SUCH DAMAGE.
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
+
+--include json library
+ local json
+ if (debug["sql"]) then
+ json = require "resources.functions.lunajson"
+ end
--exits the script if we didn't connect properly
assert(dbh:connected());
@@ -45,19 +51,20 @@
if (debug["sql"]) then
freeswitch.consoleLog("notice", "[conference_control] SQL: " .. sql .. "\n");
end
- status = dbh:query(sql, function(field)
+ dbh:query(sql, function(field)
conference_control_uuid = field["conference_control_uuid"];
table.insert(xml, [[ ]]);
--get the conference control details from the database
sql = [[SELECT * FROM v_conference_control_details
- WHERE conference_control_uuid = ']] .. conference_control_uuid ..[['
+ WHERE conference_control_uuid = :conference_control_uuid
AND control_enabled = 'true' ]];
+ local params = {conference_control_uuid = conference_control_uuid};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[conference_control] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[conference_control] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
- status = dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
--conference_control_uuid = row["conference_control_uuid"];
--conference_control_detail_uuid = row["conference_control_detail_uuid"];
table.insert(xml, [[ ]]);
@@ -74,19 +81,20 @@
if (debug["sql"]) then
freeswitch.consoleLog("notice", "[conference_profiles] SQL: " .. sql .. "\n");
end
- status = dbh:query(sql, function(field)
+ dbh:query(sql, function(field)
conference_profile_uuid = field["conference_profile_uuid"];
table.insert(xml, [[ ]]);
--get the conference profile parameters from the database
sql = [[SELECT * FROM v_conference_profile_params
- WHERE conference_profile_uuid = ']] .. conference_profile_uuid ..[['
+ WHERE conference_profile_uuid = :conference_profile_uuid
AND profile_param_enabled = 'true' ]];
+ local params = {conference_profile_uuid = conference_profile_uuid};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[conference_profiles] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[conference_profiles] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
- status = dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
--conference_profile_uuid = row["conference_profile_uuid"];
--conference_profile_param_uuid = row["conference_profile_param_uuid"];
--profile_param_description = row["profile_param_description"];
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/ivr.conf.lua b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/ivr.conf.lua
index fff5d76c3a..4001e27508 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/ivr.conf.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/ivr.conf.lua
@@ -41,6 +41,10 @@
--required includes
local Database = require "resources.functions.database"
local Settings = require "resources.functions.lazy_settings"
+ local json
+ if (debug["sql"]) then
+ json = require "resources.functions.lunajson"
+ end
--set the sound prefix
sound_prefix = sounds_dir.."/${default_language}/${default_dialect}/${default_voice}/";
@@ -52,14 +56,15 @@
assert(dbh:connected());
--get the ivr menu from the database
- sql = [[SELECT * FROM v_ivr_menus
- WHERE ivr_menu_uuid = ']] .. ivr_menu_uuid ..[['
+ local sql = [[SELECT * FROM v_ivr_menus
+ WHERE ivr_menu_uuid = :ivr_menu_uuid
AND ivr_menu_enabled = 'true' ]];
+ local params = {ivr_menu_uuid = ivr_menu_uuid};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[ivr_menu] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[ivr_menu] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
- status = dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
domain_uuid = row["domain_uuid"];
ivr_menu_name = row["ivr_menu_name"];
ivr_menu_extension = row["ivr_menu_extension"];
@@ -109,13 +114,14 @@
if not file_exists(path) then
local sql = "SELECT recording_base64 FROM v_recordings " ..
- "WHERE domain_uuid = '" .. domain_uuid .. "' " ..
- "AND recording_filename = '" .. name .. "' "
+ "WHERE domain_uuid = :domain_uuid " ..
+ "AND recording_filename = :name "
+ local params = {domain_uuid = domain_uuid, name = name};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[ivr_menu] SQL: "..sql.."\n");
+ freeswitch.consoleLog("notice", "[ivr_menu] SQL: "..sql.."; params:" .. json.encode(params) .. "\n");
end
- dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
--get full path to recording
is_base64, name = true, path
@@ -226,11 +232,12 @@
table.insert(xml, [[ >]]);
--get the ivr menu options
- sql = [[SELECT * FROM v_ivr_menu_options WHERE ivr_menu_uuid = ']] .. ivr_menu_uuid ..[[' ORDER BY ivr_menu_option_order asc ]];
+ local sql = [[SELECT * FROM v_ivr_menu_options WHERE ivr_menu_uuid = :ivr_menu_uuid ORDER BY ivr_menu_option_order asc ]];
+ local params = {ivr_menu_uuid = ivr_menu_uuid};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[ivr_menu] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[ivr_menu] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
- status = dbh:query(sql, function(r)
+ dbh:query(sql, params, function(r)
ivr_menu_option_digits = r.ivr_menu_option_digits
ivr_menu_option_action = r.ivr_menu_option_action
ivr_menu_option_param = r.ivr_menu_option_param
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/local_stream.conf.lua b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/local_stream.conf.lua
index fbdaabc2f1..bcc19b3ca7 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/local_stream.conf.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/local_stream.conf.lua
@@ -1,7 +1,7 @@
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
--exits the script if we didn't connect properly
assert(dbh:connected());
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/sofia.conf.lua b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/sofia.conf.lua
index af45ad6f84..ed2eec27dc 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/configuration/sofia.conf.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/configuration/sofia.conf.lua
@@ -41,8 +41,14 @@
end
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
+
+ --include json library
+ local json
+ if (debug["sql"]) then
+ json = require "resources.functions.lunajson"
+ end
--exits the script if we didn't connect properly
assert(dbh:connected());
@@ -52,11 +58,12 @@
--get the domain_uuid
if (domain_name ~= nil) then
sql = "SELECT domain_uuid FROM v_domains ";
- sql = sql .. "WHERE domain_name = '" .. domain_name .."' ";
+ sql = sql .. "WHERE domain_name = :domain_name";
+ local params = {domain_name = domain_name};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
- status = dbh:query(sql, function(rows)
+ dbh:query(sql, params, function(rows)
domain_uuid = rows["domain_uuid"];
end);
end
@@ -88,14 +95,15 @@
sql = sql .. "from v_sip_profiles as p, v_sip_profile_settings as s ";
sql = sql .. "where s.sip_profile_setting_enabled = 'true' ";
sql = sql .. "and p.sip_profile_enabled = 'true' ";
- sql = sql .. "and (p.sip_profile_hostname = '" .. hostname.. "' or p.sip_profile_hostname is null or p.sip_profile_hostname = '') ";
+ sql = sql .. "and (p.sip_profile_hostname = :hostname or p.sip_profile_hostname is null or p.sip_profile_hostname = '') ";
sql = sql .. "and p.sip_profile_uuid = s.sip_profile_uuid ";
sql = sql .. "order by p.sip_profile_name asc ";
+ local params = {hostname = hostname};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "; params: " .. json.encode(params) .. "\n");
end
x = 0;
- dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
--set as variables
sip_profile_name = row.sip_profile_name;
--sip_profile_description = row.sip_profile_description;
@@ -117,19 +125,20 @@
--get the gateways
if (domain_count > 1) then
sql = "select * from v_gateways as g, v_domains as d ";
- sql = sql .. "where g.profile = '"..sip_profile_name.."' ";
+ sql = sql .. "where g.profile = :profile ";
sql = sql .. "and g.enabled = 'true' ";
sql = sql .. "and (g.domain_uuid = d.domain_uuid or g.domain_uuid is null) ";
else
sql = "select * from v_gateways as g ";
- sql = sql .. "where g.enabled = 'true' and g.profile = '"..sip_profile_name.."' ";
+ sql = sql .. "where g.enabled = 'true' and g.profile = :profile ";
end
- sql = sql .. "and (g.hostname = '" .. hostname.. "' or g.hostname is null or g.hostname = '') ";
+ sql = sql .. "and (g.hostname = :hostname or g.hostname is null or g.hostname = '') ";
+ local params = {profile = sip_profile_name, hostname = hostname};
if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "\n");
+ freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
x = 0;
- dbh:query(sql, function(field)
+ dbh:query(sql, params, function(field)
table.insert(xml, [[ ]]);
if (string.len(field.username) > 0) then
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/dialplan/dialplan.lua b/resources/install/scripts/app/xml_handler/resources/scripts/dialplan/dialplan.lua
index 898aecb7ac..601f42f234 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/dialplan/dialplan.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/dialplan/dialplan.lua
@@ -47,8 +47,14 @@
if not XML_STRING then
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
+
+ --include json library
+ local json
+ if (debug["sql"]) then
+ json = require "resources.functions.lunajson"
+ end
--exits the script if we didn't connect properly
assert(dbh:connected());
@@ -63,19 +69,20 @@
--get the dialplan xml
sql = "select dialplan_xml from v_dialplans as p ";
if (call_context == "public" or string.sub(call_context, 0, 7) == "public@" or string.sub(call_context, -7) == ".public") then
- sql = sql .. "where p.dialplan_context = '" .. call_context .. "' ";
+ sql = sql .. "where p.dialplan_context = :call_context ";
else
- sql = sql .. "where (p.dialplan_context = '" .. call_context .. "' or p.dialplan_context = '${domain_name}') ";
+ sql = sql .. "where (p.dialplan_context = :call_context or p.dialplan_context = '${domain_name}') ";
end
sql = sql .. "and p.dialplan_enabled = 'true' ";
sql = sql .. "order by ";
sql = sql .. "p.dialplan_order asc ";
+ local params = {call_context = call_context};
if (debug["sql"]) then
- log.notice("SQL: " .. sql);
+ freeswitch.consoleLog("notice", "[dialplan] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
local x = 0;
local pass
- dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
table.insert(xml, row.dialplan_xml);
end);
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/directory/action/domains.lua b/resources/install/scripts/app/xml_handler/resources/scripts/directory/action/domains.lua
index cfd42346e3..e68a2a1f9a 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/directory/action/domains.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/directory/action/domains.lua
@@ -25,8 +25,8 @@
-- POSSIBILITY OF SUCH DAMAGE.
--connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
--exits the script if we didn't connect properly
assert(dbh:connected());
@@ -36,7 +36,7 @@
table.insert(xml, [[]]);
table.insert(xml, [[]]);
table.insert(xml, [[ ]]);
- sql = "SELECT domain_name FROM v_domains ";
+ local sql = "SELECT domain_name FROM v_domains ";
dbh:query(sql, function(row)
table.insert(xml, [[ ]]);
end);
diff --git a/resources/install/scripts/app/xml_handler/resources/scripts/languages/languages.lua b/resources/install/scripts/app/xml_handler/resources/scripts/languages/languages.lua
index f0b01d242d..e5a009021b 100644
--- a/resources/install/scripts/app/xml_handler/resources/scripts/languages/languages.lua
+++ b/resources/install/scripts/app/xml_handler/resources/scripts/languages/languages.lua
@@ -67,29 +67,35 @@
--build the XML string from the database
if (source == "database") then
- --database connection
+ --connect to the database
+ local Database = require "resources.functions.database";
+ dbh = Database.new('system');
+
+ --include json library
+ local json
+ if (debug["sql"]) then
+ json = require "resources.functions.lunajson"
+ end
+
+ --exits the script if we didn't connect properly
+ assert(dbh:connected());
+
+ --get the domain_uuid
if (continue) then
- --connect to the database
- require "resources.functions.database_handle";
- dbh = database_handle('system');
-
- --exits the script if we didn't connect properly
- assert(dbh:connected());
-
- --get the domain_uuid
- if (domain_uuid == nil) then
- --get the domain_uuid
- if (domain_name ~= nil) then
- sql = "SELECT domain_uuid FROM v_domains ";
- sql = sql .. "WHERE domain_name = '" .. domain_name .."' ";
- if (debug["sql"]) then
- freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "\n");
- end
- status = dbh:query(sql, function(rows)
- domain_uuid = rows["domain_uuid"];
- end);
+ if (domain_uuid == nil) then
+ --get the domain_uuid
+ if (domain_name ~= nil) then
+ local sql = "SELECT domain_uuid FROM v_domains ";
+ sql = sql .. "WHERE domain_name = :domain_name ";
+ local params = {domain_name = domain_name};
+ if (debug["sql"]) then
+ freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "; params:" .. json.encode(params) .. "\n");
end
- end
+ dbh:query(sql, params, function(rows)
+ domain_uuid = rows["domain_uuid"];
+ end);
+ end
+ end
end
--prevent processing for invalid domains
@@ -113,20 +119,21 @@
table.insert(xml, [[ ]]);
table.insert(xml, [[ ]]);
- sql = "SELECT * FROM v_phrases as p, v_phrase_details as d ";
- sql = sql .. "WHERE d.domain_uuid = '" .. domain_uuid .. "' ";
- sql = sql .. "AND p.phrase_uuid = '".. macro_name .."' ";
- sql = sql .. "AND p.phrase_language = '".. language .."' ";
+ local sql = "SELECT * FROM v_phrases as p, v_phrase_details as d ";
+ sql = sql .. "WHERE d.domain_uuid = :domain_uuid ";
+ sql = sql .. "AND p.phrase_uuid = :macro_name ";
+ sql = sql .. "AND p.phrase_language = :language ";
sql = sql .. "AND p.phrase_uuid = d.phrase_uuid ";
sql = sql .. "AND p.phrase_enabled = 'true' ";
sql = sql .. "ORDER BY d.domain_uuid, p.phrase_uuid, d.phrase_detail_order ASC ";
+ local params = {domain_uuid = domain_uuid, macro_name = macro_name, language = language};
if (debug["sql"]) then
freeswitch.consoleLog("notice", "[xml_handler] SQL: " .. sql .. "\n");
end
previous_phrase_uuid = "";
match_tag = "open";
x = 0;
- dbh:query(sql, function(row)
+ dbh:query(sql, params, function(row)
--phrase_uuid,domain_uuid,phrase_name,phrase_language
--phrase_description,phrase_enabled,phrase_detail_uuid
--phrase_detail_group,phrase_detail_tag,phrase_detail_pattern