\n";
//echo " | ".$row[username]." | \n";
echo " ".$row[user_type]." | \n";
@@ -355,9 +355,9 @@ require_once "resources/header.php";
}
if ($c==0) { $c=1; } else { $c=0; }
- } //end foreach
- unset($sql, $result, $row_count);
- } //end if results
+ }
+ }
+ unset($result, $row);
echo "";
echo "";
@@ -378,4 +378,5 @@ unset ($key);
unset ($val);
unset ($c);
*/
-?>
+
+?>
\ No newline at end of file
diff --git a/app/call_center_active/call_center_exec.php b/app/call_center_active/call_center_exec.php
index d278b901b7..8cd0ad0ece 100644
--- a/app/call_center_active/call_center_exec.php
+++ b/app/call_center_active/call_center_exec.php
@@ -108,27 +108,25 @@
//validate the user status
$user_status = $_GET['data'];
switch ($user_status) {
- case "Available" :
+ case "Available":
+ case "Available (On Demand)":
+ case "On Break":
+ case "Do Not Disturb":
+ case "Logged Out":
break;
- case "Available (On Demand)" :
- break;
- case "On Break" :
- break;
- case "Do Not Disturb" :
- break;
- case "Logged Out" :
- break;
- default :
+ default:
$user_status = null;
}
$user_status = $data;
- $sql = "update v_users set ";
- $sql .= "user_status = '".trim($user_status, "'")."' ";
+ $sql = "update v_users set ";
+ $sql .= "user_status = :user_status ";
$sql .= "where domain_uuid = '$domain_uuid' ";
$sql .= "and username = '".$username."' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
+ $parameters['user_status'] = trim($user_status, "'");
+ $database = new database;
+ $database->execute($sql, $parameters);
+ unset($sql, $parameters);
}
//fs cmd
@@ -147,4 +145,4 @@
}
*/
-?>
+?>
\ No newline at end of file
diff --git a/app/call_centers/call_center_agent_edit.php b/app/call_centers/call_center_agent_edit.php
index a2023068ef..d12f98f782 100644
--- a/app/call_centers/call_center_agent_edit.php
+++ b/app/call_centers/call_center_agent_edit.php
@@ -212,16 +212,16 @@
//get the users array
$sql = "select * from v_users ";
- $sql .= "where domain_uuid = :domain_uuid'".$_SESSION['domain_uuid']."' ";
+ $sql .= "where domain_uuid = :domain_uuid ";
$sql .= "order by username asc ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $users = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- unset($prep_statement, $sql);
+ $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+ $database = new database;
+ $users = $database->select($sql, $parameters, 'all');
+ unset($sql, $parameters);
//prepare the array
$array['call_center_agents'][] = $_POST;
- if (isset($user_uuid) && strlen($user_uuid) > 0) {
+ if (is_uuid($user_uuid)) {
$array['users'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$array['users'][0]['user_uuid'] = $user_uuid;
$array['users'][0]['user_status'] = $agent_status;
@@ -231,7 +231,7 @@
$database = new database;
$database->app_name = 'call_center';
$database->app_uuid = '95788e50-9500-079e-2807-fd530b0ea370';
- if (strlen($call_center_agent_uuid) > 0) {
+ if (is_uuid($call_center_agent_uuid)) {
$database->uuid($call_center_agent_uuid);
}
$database->save($array);
@@ -269,7 +269,7 @@
$parameters['call_center_agent_uuid'] = $call_center_agent_uuid;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
- if (is_array($row) && sizeof($row) != 0) {
+ if (is_array($row) && @sizeof($row) != 0) {
$call_center_agent_uuid = $row["call_center_agent_uuid"];
$user_uuid = $row["user_uuid"];
$agent_name = $row["agent_name"];
@@ -286,7 +286,7 @@
$agent_busy_delay_time = $row["agent_busy_delay_time"];
//$agent_logout = $row["agent_logout"];
}
- unset($sql, $parameters);
+ unset($sql, $parameters, $row);
}
//set default values
diff --git a/app/conference_centers/conference_center_edit.php b/app/conference_centers/conference_center_edit.php
index d81b4dfee0..7016caaa0f 100644
--- a/app/conference_centers/conference_center_edit.php
+++ b/app/conference_centers/conference_center_edit.php
@@ -332,7 +332,6 @@
echo " \n";
if ($selected) { $tmp_selected = true; }
}
- unset ($prep_statement);
echo "\n";
}
//sounds
diff --git a/app/conference_centers/conference_room_edit.php b/app/conference_centers/conference_room_edit.php
index 76bb8021c7..f5006605ac 100644
--- a/app/conference_centers/conference_room_edit.php
+++ b/app/conference_centers/conference_room_edit.php
@@ -552,7 +552,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
echo "".$text['title-conference_rooms']." | \n";
echo "\n";
echo " \n";
- if (strlen($meeting_uuid) > 0) {
+ if (is_uuid($meeting_uuid)) {
echo " \n";
echo " \n";
}
@@ -574,7 +574,6 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
echo " \n";
}
}
- unset ($prep_statement);
echo " \n";
echo "
\n";
echo "\n";
diff --git a/app/contacts/contact_import_google.php b/app/contacts/contact_import_google.php
index 37d656e8f9..7bb29e2c97 100644
--- a/app/contacts/contact_import_google.php
+++ b/app/contacts/contact_import_google.php
@@ -574,7 +574,7 @@ function curl_file_get_contents($url) {
$curl = curl_init();
$userAgent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)';
- curl_setopt($curl, CURLOPT_URL, $url); //The URL to fetch. This can also be set when initializing a session with curl_init().
+ curl_setopt($curl, CURLOPT_URL, $url); //The URL to retrieve. This can also be set when initializing a session with curl_init().
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); //TRUE to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly.
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5); //The number of seconds to wait while trying to connect.
curl_setopt($curl, CURLOPT_USERAGENT, $userAgent); //The contents of the "User-Agent: " header to be used in a HTTP request.
diff --git a/app/email_logs/email_log_cron.php b/app/email_logs/email_log_cron.php
index 759db62fe9..d6c21a6396 100644
--- a/app/email_logs/email_log_cron.php
+++ b/app/email_logs/email_log_cron.php
@@ -27,33 +27,34 @@
//process the emails
if (is_array($emails) && @sizeof($emails) != 0) {
- foreach($emails as $index => $row) {
+ foreach($emails as $x => $row) {
$email_log_uuid = $row['email_log_uuid'];
$msg = $row['email'];
require_once "secure/v_mailto.php";
if ($mailer_error == '') {
- //get the message
- message::add($text['message-message_resent']);
+ //set the message
+ message::add($text['message-message_resent']);
- //add to array
- $array['email_logs'][$index]['email_log_uuid'] = $email_log_uuid;
+ //build delete array
+ $array['email_logs'][$x]['email_log_uuid'] = $email_log_uuid;
}
unset($mailer_error);
}
if (is_array($array) && @sizeof($array) != 0) {
- $p = new permissions;
- $p->add('email_log_delete', 'temp');
-
- $database = new database;
- $database->app_name = 'email_logs';
- $database->app_uuid = 'bd64f590-9a24-468d-951f-6639ac728694';
- $database->delete($array);
- unset($array);
-
- $p->delete('email_log_delete', 'temp');
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('email_log_delete', 'temp');
+ //execute delete
+ $database = new database;
+ $database->app_name = 'email_logs';
+ $database->app_uuid = 'bd64f590-9a24-468d-951f-6639ac728694';
+ $database->delete($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete('email_log_delete', 'temp');
}
}
- unset ($prep_statement, $sql, $emails);
+ unset($sql, $emails, $x, $row);
?>
diff --git a/app/email_logs/email_logs.php b/app/email_logs/email_logs.php
index 25579a8730..de3e4e14c1 100644
--- a/app/email_logs/email_logs.php
+++ b/app/email_logs/email_logs.php
@@ -39,26 +39,27 @@
//download email
if ($_REQUEST['a'] == 'download' && permission_exists('email_log_download')) {
- $email_log_uuid = check_str($_REQUEST["id"]);
+ $email_log_uuid = $_REQUEST["id"];
$msg_found = false;
- if ($email_log_uuid != '') {
- $sql = "select call_uuid, email from v_email_logs ";
- $sql .= "where email_log_uuid = '".$email_log_uuid."' ";
- $sql .= "and domain_uuid = '".$domain_uuid."' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- if (is_array($result)) {
- foreach($result as $row) {
- $call_uuid = $row['call_uuid'];
- $email = $row['email'];
- $msg_found = true;
- break;
- }
+ if (is_uuid($email_log_uuid)) {
+ $sql = "select ";
+ $sql .= "call_uuid, ";
+ $sql .= "email ";
+ $sql .= "from v_email_logs ";
+ $sql .= "where email_log_uuid = :email_log_uuid ";
+ $sql .= "and domain_uuid = :domain_uuid ";
+ $parameters['email_log_uuid'] = $email_log_uuid;
+ $parameters['domain_uuid'] = $domain_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && @sizeof($row) != 0) {
+ $call_uuid = $row['call_uuid'];
+ $email = $row['email'];
+ $msg_found = true;
}
- unset ($prep_statement, $sql, $result);
+ unset($sql, $parameters, $row);
}
if ($msg_found) {
@@ -74,28 +75,26 @@
//resend email
if ($_REQUEST['a'] == 'resend' && permission_exists('email_log_resend')) {
- $email_log_uuid = check_str($_REQUEST["id"]);
+ $email_log_uuid = $_REQUEST["id"];
$resend = true;
$msg_found = false;
- if ($email_log_uuid != '') {
+ if (is_uuid($email_log_uuid)) {
$sql = "select email from v_email_logs ";
- $sql .= "where email_log_uuid = '".$email_log_uuid."' ";
+ $sql .= "where email_log_uuid = :email_log_uuid ";
if (!permission_exists('email_log_all') || $_REQUEST['showall'] != 'true') {
- $sql .= "and domain_uuid = '".$domain_uuid."' ";
+ $sql .= "and domain_uuid = :domain_uuid ";
+ $parameters['domain_uuid'] = $domain_uuid;
}
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- if (is_array($result)) {
- foreach($result as $row) {
- $email = $row['email'];
- $msg_found = true;
- break;
- }
+ $parameters['email_log_uuid'] = $email_log_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && @sizeof($row) != 0) {
+ $email = $row['email'];
+ $msg_found = true;
}
- unset ($prep_statement, $sql, $result);
+ unset($sql, $parameters, $row);
}
if ($msg_found) {
@@ -103,19 +102,11 @@
require_once "secure/v_mailto.php";
if ($mailer_error == '') {
message::add($text['message-message_resent']);
- if (permission_exists('email_log_all') && $_REQUEST['showall'] == 'true') {
- header("Location: email_log_delete.php?id=".$email_log_uuid."&showall=true");
- } else {
- header("Location: email_log_delete.php?id=".$email_log_uuid);
- }
+ header("Location: email_log_delete.php?id=".$email_log_uuid.(permission_exists('email_log_all') && $_REQUEST['showall'] == 'true' ? "&showall=true" : null));
}
else {
message::add($text['message-resend_failed'].": ".$mailer_error, 'negative', 4000);
- if (permission_exists('email_log_all') && $_REQUEST['showall'] == 'true') {
- header("Location: email_logs.php?showall=true");
- } else {
- header("Location: email_logs.php");
- }
+ header("Location: email_logs.php".(permission_exists('email_log_all') && $_REQUEST['showall'] == 'true' ? "?showall=true" : null));
}
}
@@ -137,7 +128,8 @@
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
if (permission_exists('email_log_all') && $_REQUEST['showall'] == 'true') {
$param .= "&showall=true";
- } else {
+ }
+ else {
$param = "";
}
$page = $_GET['page'];
diff --git a/app/ivr_menus/ivr_menu_edit.php b/app/ivr_menus/ivr_menu_edit.php
index 9222345916..dbdf286a39 100644
--- a/app/ivr_menus/ivr_menu_edit.php
+++ b/app/ivr_menus/ivr_menu_edit.php
@@ -1113,7 +1113,6 @@
echo " \n";
}
}
- unset ($prep_statement);
echo "\n";
}
//sounds
@@ -1203,7 +1202,6 @@
echo " \n";
}
}
- unset ($prep_statement);
echo "\n";
}
//sounds
diff --git a/app/ivr_menus/resources/functions/ivr_menu_xml.php b/app/ivr_menus/resources/functions/ivr_menu_xml.php
index 8801a1d090..731c33b1a2 100644
--- a/app/ivr_menus/resources/functions/ivr_menu_xml.php
+++ b/app/ivr_menus/resources/functions/ivr_menu_xml.php
@@ -26,7 +26,7 @@
if (!function_exists('save_ivr_menu_xml')) {
function save_ivr_menu_xml() {
- global $db, $domain_uuid;
+ global $domain_uuid;
//prepare for dialplan .xml files to be written. delete all dialplan files that are prefixed with dialplan_ and have a file extension of .xml
if (count($_SESSION["domains"]) > 1) {
@@ -53,17 +53,17 @@
}
$sql = "select * from v_ivr_menus ";
- $sql .= " where domain_uuid = '$domain_uuid' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
- $result_count = count($result);
- unset ($prep_statement, $sql);
- if ($result_count > 0) {
+ $sql .= " where domain_uuid = :domain_uuid ";
+ $parameters['domain_uuid'] = $domain_uuid;
+ $database = new database;
+ $result = $database->select($sql, $parameters, 'all');
+ unset($sql, $parameters);
+
+ if (is_array($result) && @sizeof($result) != 0) {
foreach($result as $row) {
$dialplan_uuid = $row["dialplan_uuid"];
$ivr_menu_uuid = $row["ivr_menu_uuid"];
- $ivr_menu_name = check_str($row["ivr_menu_name"]);
+ $ivr_menu_name = $row["ivr_menu_name"];
$ivr_menu_extension = $row["ivr_menu_extension"];
$ivr_menu_greet_long = $row["ivr_menu_greet_long"];
$ivr_menu_greet_short = $row["ivr_menu_greet_short"];
@@ -83,7 +83,7 @@
$ivr_menu_digit_len = $row["ivr_menu_digit_len"];
$ivr_menu_direct_dial = $row["ivr_menu_direct_dial"];
$ivr_menu_enabled = $row["ivr_menu_enabled"];
- $ivr_menu_description = check_str($row["ivr_menu_description"]);
+ $ivr_menu_description = $row["ivr_menu_description"];
//replace space with an underscore
$ivr_menu_name = str_replace(" ", "_", $ivr_menu_name);
@@ -132,28 +132,31 @@
$tmp .= " digit-len=\"$ivr_menu_digit_len\">\n";
$sub_sql = "select * from v_ivr_menu_options ";
- $sub_sql .= "where ivr_menu_uuid = '$ivr_menu_uuid' ";
- $sub_sql .= "and domain_uuid = '$domain_uuid' ";
+ $sub_sql .= "where ivr_menu_uuid = :ivr_menu_uuid ";
+ $sub_sql .= "and domain_uuid = :domain_uuid ";
$sub_sql .= "order by ivr_menu_option_order asc ";
- $sub_prep_statement = $db->prepare(check_sql($sub_sql));
- $sub_prep_statement->execute();
- $sub_result = $sub_prep_statement->fetchAll(PDO::FETCH_ASSOC);
- foreach ($sub_result as &$sub_row) {
- //$ivr_menu_uuid = $sub_row["ivr_menu_uuid"];
- $ivr_menu_option_digits = $sub_row["ivr_menu_option_digits"];
- $ivr_menu_option_action = $sub_row["ivr_menu_option_action"];
- $ivr_menu_option_param = $sub_row["ivr_menu_option_param"];
- $ivr_menu_option_description = $sub_row["ivr_menu_option_description"];
+ $parameters['ivr_menu_uuid'] = $ivr_menu_uuid;
+ $parameters['domain_uuid'] = $domain_uuid;
+ $database = new database;
+ $sub_result = $database->select($sub_sql, $parameters, 'all');
+ if (is_array($sub_result) && @sizeof($sub_result) != 0) {
+ foreach ($sub_result as &$sub_row) {
+ //$ivr_menu_uuid = $sub_row["ivr_menu_uuid"];
+ $ivr_menu_option_digits = $sub_row["ivr_menu_option_digits"];
+ $ivr_menu_option_action = $sub_row["ivr_menu_option_action"];
+ $ivr_menu_option_param = $sub_row["ivr_menu_option_param"];
+ $ivr_menu_option_description = $sub_row["ivr_menu_option_description"];
- $tmp .= " ";
- if (strlen($ivr_menu_option_description) == 0) {
- $tmp .= "\n";
- }
- else {
- $tmp .= " \n";
+ $tmp .= " ";
+ if (strlen($ivr_menu_option_description) == 0) {
+ $tmp .= "\n";
+ }
+ else {
+ $tmp .= " \n";
+ }
}
}
- unset ($sub_prep_statement, $sub_row);
+ unset($sub_sql, $sub_result, $sub_row);
if ($ivr_menu_direct_dial == "true") {
$tmp .= " \n";
@@ -176,6 +179,8 @@
fclose($fout);
}
}
+ unset($result, $row);
+
save_dialplan_xml();
//apply settings
diff --git a/app/provision/app_defaults.php b/app/provision/app_defaults.php
index 3a9566c774..7a0583fdb8 100644
--- a/app/provision/app_defaults.php
+++ b/app/provision/app_defaults.php
@@ -31,56 +31,65 @@ if ($domains_processed == 1) {
$sql = "select device_uuid, device_mac_address ";
$sql .= "from v_devices ";
$sql .= "where (device_mac_address like '%-%' or device_mac_address like '%:%') ";
- $prep_statement = $db->prepare(check_sql($sql));
- if ($prep_statement) {
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- if (is_array($result)) {
- foreach($result as $row) {
+ $database = new database;
+ $result = $database->select($sql, null, 'all');
+ if (is_array($result) && @sizeof($result) != 0) {
+ foreach ($result as $row) {
+ //define update values
$device_uuid = $row["device_uuid"];
$device_mac_address = $row["device_mac_address"];
$device_mac_address = strtolower($device_mac_address);
$device_mac_address = preg_replace('#[^a-fA-F0-9./]#', '', $device_mac_address);
-
- $sql = "update v_devices set ";
- $sql .= "device_mac_address = '".$device_mac_address."' ";
- $sql .= "where device_uuid = '".$device_uuid."' ";
- $db->exec(check_sql($sql));
- unset($sql);
- }
+ //build update array
+ $array['devices'][0]['device_uuid'] = $device_uuid;
+ $array['devices'][0]['device_mac_address'] = $device_mac_address;
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('device_add', 'temp');
+ //execute update
+ $database = new database;
+ $database->app_name = 'provision';
+ $database->app_uuid = 'abf28ead-92ef-3de6-ebbb-023fbc2b6dd3';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete('device_add', 'temp');
}
- unset($prep_statement, $result);
}
+ unset($sql, $result, $row);
//update http_auth_enabled set to true
$sql = "select * from v_default_settings ";
$sql .= "where default_setting_subcategory = 'http_auth_disable' ";
- $prep_statement = $db->prepare($sql);
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- if (is_array($result)) {
- foreach($result as $row) {
- if ($row["default_setting_value"] == 'false' && $row["default_setting_enabled"] == 'true') {
- $sql = "update v_default_settings ";
- $sql .= "set default_setting_subcategory = 'http_auth_enabled', ";
- $sql .= "default_setting_value = 'false', ";
- $sql .= "default_setting_enabled = 'true' ";
- $sql .= "where default_setting_uuid = 'c998c762-6a43-4911-a465-a9653eeb793d'; ";
- $db->exec(check_sql($sql));
- unset($sql);
- }
- else {
- $sql = "update v_default_settings ";
- $sql .= "set default_setting_subcategory = 'http_auth_enabled', ";
- $sql .= "default_setting_value = 'true', ";
- $sql .= "default_setting_enabled = 'true' ";
- $sql .= "where default_setting_uuid = 'c998c762-6a43-4911-a465-a9653eeb793d'; ";
- $db->exec(check_sql($sql));
- unset($sql);
- }
+ $database = new database;
+ $result = $database->select($sql, null, 'all');
+ if (is_array($result) && @sizeof($result) != 0) {
+ foreach ($result as $x => $row) {
+ //determine value
+ $default_setting_value = $row["default_setting_value"] == 'false' && $row["default_setting_enabled"] == 'true' ? 'false' : 'true';
+ //build update array
+ $array['default_settings'][$x]['default_setting_uuid'] = 'c998c762-6a43-4911-a465-a9653eeb793d';
+ $array['default_settings'][$x]['default_setting_subcategory'] = 'http_auth_enabled';
+ $array['default_settings'][$x]['default_setting_value'] = $default_setting_value;
+ $array['default_settings'][$x]['default_setting_enabled'] = 'true';
}
- unset($prep_statement, $result);
+ if (is_array($array) && @sizeof($array) != 0) {
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('default_setting_add', 'temp');
+ //execute update
+ $database = new database;
+ $database->app_name = 'provision';
+ $database->app_uuid = 'abf28ead-92ef-3de6-ebbb-023fbc2b6dd3';
+ $database->save($array);
+ unset($array);
+ //grant temporary permissions
+ $p = new permissions;
+ $p->delete('default_setting_add', 'temp');
+ }
+
}
+ unset($sql, $result, $row);
//update default settings
$sql = "update v_default_settings set ";
@@ -92,8 +101,8 @@ if ($domains_processed == 1) {
$sql .= "and default_setting_name = 'text' ";
$sql .= "and default_setting_value = 'false' ";
$sql .= "and default_setting_enabled = 'false' ";
- $db->exec($sql);
- unset($sql);
+ $database = new database;
+ $database->execute($sql);
//update default settings
$sql = "update v_default_settings set ";
@@ -101,8 +110,8 @@ if ($domains_processed == 1) {
$sql .= "where default_setting_category = 'provision' ";
$sql .= "and default_setting_subcategory = 'http_auth_password' ";
$sql .= "and default_setting_name = 'text' ";
- $db->exec($sql);
- unset($sql);
+ $database = new database;
+ $database->execute($sql);
//update domain settings
$sql = "update v_domain_settings set ";
@@ -110,8 +119,8 @@ if ($domains_processed == 1) {
$sql .= "where domain_setting_category = 'provision' ";
$sql .= "and domain_setting_subcategory = 'http_auth_password' ";
$sql .= "and domain_setting_name = 'text' ";
- $db->exec($sql);
- unset($sql);
+ $database = new database;
+ $database->execute($sql);
}
diff --git a/app/provision/index.php b/app/provision/index.php
index 474229fa38..cc56e5deb2 100644
--- a/app/provision/index.php
+++ b/app/provision/index.php
@@ -150,9 +150,6 @@
//get the domain name
$domain_name = $_SESSION['domains'][$domain_uuid]['domain_name'];
- //set the PDO error mode
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
//get the default settings
$sql = "select * from v_default_settings ";
$sql .= "where default_setting_enabled = 'true' ";
diff --git a/app/recordings/recording_delete.php b/app/recordings/recording_delete.php
index ad85a809a6..8d3d41c6e9 100644
--- a/app/recordings/recording_delete.php
+++ b/app/recordings/recording_delete.php
@@ -50,7 +50,7 @@ if (is_uuid($recording_uuid)) {
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$filename = $database->select($sql, $parameters, 'column');
- unset($prep_statement);
+ unset($sql, $parameters);
//build array
$array['recordings'][0]['recording_uuid'] = $recording_uuid;
diff --git a/app/vars/app_defaults.php b/app/vars/app_defaults.php
index 94ecec79ab..3f7ccb49b3 100644
--- a/app/vars/app_defaults.php
+++ b/app/vars/app_defaults.php
@@ -92,7 +92,7 @@ if ($domains_processed == 1) {
//set country depend variables as country code and international direct dialing code (exit code)
if (!function_exists('set_country_vars')) {
- function set_country_vars($db, $x) {
+ function set_country_vars($x) {
require "resources/countries.php";
//$country_iso=$_SESSION['domain']['country']['iso_code'];
diff --git a/app/voicemail_greetings/voicemail_greeting_delete.php b/app/voicemail_greetings/voicemail_greeting_delete.php
index 46d3d2f86a..2246901dc7 100644
--- a/app/voicemail_greetings/voicemail_greeting_delete.php
+++ b/app/voicemail_greetings/voicemail_greeting_delete.php
@@ -54,7 +54,7 @@ if (is_uuid($voicemail_greeting_uuid) && $voicemail_id != '') {
$parameters['voicemail_id'] = $voicemail_id;
$database = new database;
$greeting_filename = $database->select($sql, $parameters, 'column');
- unset($prep_statement);
+ unset($sql, $parameters);
//build delete array
$array['voicemail_greetings'][0]['voicemail_greeting_uuid'] = $voicemail_greeting_uuid;
diff --git a/core/domains/domain_delete.php b/core/domains/domain_delete.php
index 0b0c99f5ae..f2fa6c7ec7 100644
--- a/core/domains/domain_delete.php
+++ b/core/domains/domain_delete.php
@@ -91,7 +91,7 @@
unset($result, $row);
//get the $apps array from the installed apps from the core and mod directories
- $config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
+ $config_list = glob($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/*/*/app_config.php");
$x=0;
if (isset($config_list)) foreach ($config_list as &$config_path) {
include($config_path);
@@ -99,7 +99,6 @@
}
//delete the domain data from all tables in the database
- $db->beginTransaction();
if (isset($apps)) foreach ($apps as &$app) {
if (isset($app['db'])) foreach ($app['db'] as $row) {
if (is_array($row['table']['name'])) {
@@ -114,6 +113,7 @@
if ($table_name !== "v" && isset($row['fields'])) {
foreach ($row['fields'] as $field) {
if ($field['name'] == "domain_uuid") {
+
$sql = "delete from ".$table_name." where domain_uuid = :domain_uuid ";
$parameters['domain_uuid'] = $id;
$database = new database;
@@ -126,7 +126,6 @@
}
}
}
- $db->commit();
//delete the directories
if (strlen($domain_name) > 0) {
diff --git a/core/groups/permissions_copy.php b/core/groups/permissions_copy.php
index 0d1ce9b3dc..dfad081cc4 100644
--- a/core/groups/permissions_copy.php
+++ b/core/groups/permissions_copy.php
@@ -97,36 +97,37 @@
unset($sql, $parameters);
if (is_array($result) && sizeof($result) != 0) {
- foreach ($result as $index => &$row) {
- $domain_uuid = $row["domain_uuid"];
- $permission_name = $row["permission_name"];
- $group_name = $row["group_name"];
-
- //copy the group permissions
- $array['group_permissions'][$index]['group_permission_uuid'] = uuid();
- if (is_uuid($domain_uuid)) {
- $array['group_permissions'][$index]['domain_uuid'] = $domain_uuid;
- }
- $array['group_permissions'][$index]['permission_name'] = $permission_name;
- $array['group_permissions'][$index]['group_name'] = $new_group_name;
- $array['group_permissions'][$index]['group_uuid'] = $new_group_uuid;
+ foreach ($result as $x => &$row) {
+ //define group permissions values
+ $domain_uuid = $row["domain_uuid"];
+ $permission_name = $row["permission_name"];
+ $group_name = $row["group_name"];
+ //build insert array
+ $array['group_permissions'][$x]['group_permission_uuid'] = uuid();
+ if (is_uuid($domain_uuid)) {
+ $array['group_permissions'][$x]['domain_uuid'] = $domain_uuid;
+ }
+ $array['group_permissions'][$x]['permission_name'] = $permission_name;
+ $array['group_permissions'][$x]['group_name'] = $new_group_name;
+ $array['group_permissions'][$x]['group_uuid'] = $new_group_uuid;
}
if (is_array($array) && sizeof($array) != 0) {
- $p = new permissions;
- $p->add('group_permission_add', 'temp');
-
- $database = new database;
- $database->app_name = 'groups';
- $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
- $database->save($array);
- unset($array);
-
- $p->delete('group_permission_add', 'temp');
-
- message::add($text['message-copy']);
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('group_permission_add', 'temp');
+ //execute insert
+ $database = new database;
+ $database->app_name = 'groups';
+ $database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete('group_permission_add', 'temp');
+ //set message
+ message::add($text['message-copy']);
}
}
- unset ($prep_statement);
+ unset($result, $row);
}
//redirect
diff --git a/core/menu/menu_delete.php b/core/menu/menu_delete.php
index 3ac63da312..1423284ccf 100644
--- a/core/menu/menu_delete.php
+++ b/core/menu/menu_delete.php
@@ -39,46 +39,36 @@ else {
$text = $language->get();
//delete the data
- if (is_uuid($_GET["id"])) {
- $menu_uuid = $_GET["id"];
+ $menu_uuid = $_GET['id'];
- //start the database transaction
- $db->beginTransaction();
+ if (is_uuid($menu_uuid)) {
- //delete the menu
+ //build delete array for the menu, menu items, menu permissions, and menu languages
$array['menus'][0]['menu_uuid'] = $menu_uuid;
+ $array['menu_items'][0]['menu_uuid'] = $menu_uuid;
+ $array['menu_item_groups'][0]['menu_uuid'] = $menu_uuid;
+ $array['menu_languages'][0]['menu_uuid'] = $menu_uuid;
+
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('menu_delete', 'temp');
+ $p->add('menu_item_delete', 'temp');
+ $p->add('menu_item_group_delete', 'temp');
+ $p->add('menu_language_delete', 'temp');
+
+ //execute delete
$database = new database;
$database->app_name = 'menu';
$database->app_uuid = 'f4b3b3d2-6287-489c-2a00-64529e46f2d7';
$database->delete($array);
unset($array);
- //delete the items in the menu
- $sql = "delete from v_menu_items ";
- $sql .= "where menu_uuid = :menu_uuid ";
- $parameters['menu_uuid'] = $menu_uuid;
- $database = new database;
- $database->execute($sql, $parameters);
- unset($sql, $parameters);
-
- //delete the menu permissions
- $sql = "delete from v_menu_item_groups ";
- $sql .= "where menu_uuid = :menu_uuid ";
- $parameters['menu_uuid'] = $menu_uuid;
- $database = new database;
- $database->execute($sql, $parameters);
- unset($sql, $parameters);
-
- //delete the menu languages
- $sql = "delete from v_menu_languages ";
- $sql .= "where menu_uuid = :menu_uuid ";
- $parameters['menu_uuid'] = $menu_uuid;
- $database = new database;
- $database->execute($sql, $parameters);
- unset($sql, $parameters);
-
- //save the changes to the database
- $db->commit();
+ //revoke temporary permissions
+ $p = new permissions;
+ $p->delete('menu_delete', 'temp');
+ $p->delete('menu_item_delete', 'temp');
+ $p->delete('menu_item_group_delete', 'temp');
+ $p->delete('menu_language_delete', 'temp');
//set message
message::add($text['message-delete']);
diff --git a/core/notifications/app_defaults.php b/core/notifications/app_defaults.php
index 100e5ea659..e94092ae4b 100644
--- a/core/notifications/app_defaults.php
+++ b/core/notifications/app_defaults.php
@@ -29,27 +29,28 @@ if ($domains_processed == 1) {
//update the notifications table
if (is_array($_SESSION['switch']['scripts'])) {
- $sql = "select count(*) as num_rows from v_notifications ";
+ $sql = "select count(*) from v_notifications ";
$database = new database;
$num_rows = $database->select($sql, null, 'column');
- if ($row['num_rows'] == 0) {
- $sql = "insert into v_notifications ";
- $sql .= "(";
- $sql .= "notification_uuid, ";
- $sql .= "project_notifications ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."', ";
- $sql .= "'false' ";
- $sql .= ")";
- $database = new database;
- $database->execute($sql, null);
- unset($sql);
+ if ($num_rows == 0) {
+ //build insert array
+ $array['notifications'][0]['notification_uuid'] = uuid();
+ $array['notifications'][0]['project_notifications'] = 'false';
+ //grant temporary permissions
+ $p = new permissions;
+ $p->add('notification_add', 'temp');
+ //execute insert
+ $database = new database;
+ $database->app_name = 'notifications';
+ $database->app_uuid = 'e746fbcb-f67f-4e0e-ab64-c414c01fac11';
+ $database->save($array);
+ unset($array);
+ //revoke temporary permissions
+ $p->delete('notification_add', 'temp');
}
- unset($prep_statement, $row);
+ unset($sql, $num_rows);
}
}
-?>
+?>
\ No newline at end of file
diff --git a/core/upgrade/app_defaults.php b/core/upgrade/app_defaults.php
index 04b75c52c7..e267d0f3a8 100644
--- a/core/upgrade/app_defaults.php
+++ b/core/upgrade/app_defaults.php
@@ -108,27 +108,27 @@ if ($domains_processed == 1) {
$database = new database;
$result = $database->select($sql, null, 'all');
if (is_array($result) && count($result) > 0) {
- foreach($result as $row) {
- $current_default_setting_uuid = $row["default_setting_uuid"];
- $current_default_setting_value = $row["default_setting_value"];
- break;
- }
-
- // compare to message in language file, update and enable if different
- $new_default_setting_value = str_replace("''", "'", $text['login-message_text']);
- if ($current_default_setting_value != $new_default_setting_value) {
- $sql = "update v_default_settings set ";
- $sql .= "default_setting_value = :default_setting_value, ";
- $sql .= "default_setting_enabled = 'true' ";
- $sql .= "where default_setting_uuid = :default_setting_uuid ";
- $parameters['default_setting_value'] = $text['login-message_text'];
- $parameters['default_setting_uuid'] = $current_default_setting_uuid;
- $database = new database;
- $database->execute($sql, $parameters);
- unset($sql, $parameters);
- }
+ foreach($result as $row) {
+ $current_default_setting_uuid = $row["default_setting_uuid"];
+ $current_default_setting_value = $row["default_setting_value"];
+ break;
}
- unset($prep_statement, $result);
+
+ // compare to message in language file, update and enable if different
+ $new_default_setting_value = str_replace("''", "'", $text['login-message_text']);
+ if ($current_default_setting_value != $new_default_setting_value) {
+ $sql = "update v_default_settings set ";
+ $sql .= "default_setting_value = :default_setting_value, ";
+ $sql .= "default_setting_enabled = 'true' ";
+ $sql .= "where default_setting_uuid = :default_setting_uuid ";
+ $parameters['default_setting_value'] = $text['login-message_text'];
+ $parameters['default_setting_uuid'] = $current_default_setting_uuid;
+ $database = new database;
+ $database->execute($sql, $parameters);
+ unset($sql, $parameters);
+ }
+ }
+ unset($sql, $result, $row);
}
}
diff --git a/resources/check_auth.php b/resources/check_auth.php
index e329894f16..41cac3136e 100644
--- a/resources/check_auth.php
+++ b/resources/check_auth.php
@@ -88,10 +88,7 @@
else {
//debug
if ($debug) {
- echo "";
- print_r($result);
- echo " ";
- exit;
+ view_array($result);
}
//log the failed auth attempt to the system, to be available for fail2ban.
@@ -107,19 +104,26 @@
}
//get the groups assigned to the user and then set the groups in $_SESSION["groups"]
- $sql = "select u.user_group_uuid, u.domain_uuid, u.user_uuid, u.group_uuid, g.group_name, g.group_level ";
- $sql .= "from v_user_groups as u, v_groups as g ";
+ $sql = "select ";
+ $sql .= "u.user_group_uuid, ";
+ $sql .= "u.domain_uuid, ";
+ $sql .= "u.user_uuid, ";
+ $sql .= "u.group_uuid, ";
+ $sql .= "g.group_name, ";
+ $sql .= "g.group_level ";
+ $sql .= "from ";
+ $sql .= "v_user_groups as u, ";
+ $sql .= "v_groups as g ";
$sql .= "where u.domain_uuid = :domain_uuid ";
$sql .= "and u.user_uuid = :user_uuid ";
$sql .= "and u.group_uuid = g.group_uuid ";
- $prep_statement = $db->prepare($sql);
- $prep_statement->bindParam(':domain_uuid', $_SESSION["domain_uuid"] );
- $prep_statement->bindParam(':user_uuid', $_SESSION["user_uuid"]);
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+ $parameters['domain_uuid'] = $_SESSION["domain_uuid"];
+ $parameters['user_uuid'] = $_SESSION["user_uuid"];
+ $database = new database;
+ $result = $database->select($sql, $parameters, 'all');
$_SESSION["groups"] = $result;
$_SESSION["user"]["groups"] = $result;
- unset($sql, $row_count, $prep_statement);
+ unset($sql, $parameters);
//get the users group level
$_SESSION["user"]["group_level"] = 0;
@@ -130,42 +134,42 @@
}
//get the permissions assigned to the groups that the user is a member of set the permissions in $_SESSION['permissions']
- if (count($_SESSION["groups"]) > 0) {
+ if (is_array($_SESSION["groups"]) && @sizeof($_SESSION["groups"]) != 0) {
$x = 0;
$sql = "select distinct(permission_name) from v_group_permissions ";
- foreach($_SESSION["groups"] as $field) {
+ $sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
+ foreach ($_SESSION["groups"] as $field) {
if (strlen($field['group_name']) > 0) {
- if ($x == 0) {
- $sql .= "where (domain_uuid = '".$_SESSION["domain_uuid"]."' and domain_uuid = null) ";
- }
- else {
- $sql .= "or (domain_uuid = '".$_SESSION["domain_uuid"]."' and domain_uuid = null) ";
- }
- $sql .= "or group_name = '".$field['group_name']."' ";
+ $sql_where_or[] = "group_name = :group_name_".$x;
+ $parameters['group_name_'.$x] = $field['group_name'];
$x++;
}
}
- $prep_statement_sub = $db->prepare($sql);
- $prep_statement_sub->execute();
- $result = $prep_statement_sub->fetchAll(PDO::FETCH_NAMED);
- if (is_array($result)) {
+ if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) {
+ $sql .= "and (".implode(' or ', $sql_where_or).") ";
+ }
+ $parameters['domain_uuid'] = $_SESSION["domain_uuid"];
+ $database = new database;
+ $result = $database->select($sql, $parameters, 'all');
+ if (is_array($result) && @sizeof($result) != 0) {
foreach ($result as $row) {
$_SESSION['permissions'][$row["permission_name"]] = true;
$_SESSION["user"]["permissions"][$row["permission_name"]] = true;
}
}
- unset($sql, $prep_statement_sub);
+ unset($sql, $parameters, $result, $row);
}
//get the user settings
$sql = "select * from v_user_settings ";
- $sql .= "where domain_uuid = '" . $_SESSION["domain_uuid"] . "' ";
- $sql .= "and user_uuid = '" . $_SESSION["user_uuid"] . "' ";
+ $sql .= "where domain_uuid = :domain_uuid ";
+ $sql .= "and user_uuid = :user_uuid ";
$sql .= "and user_setting_enabled = 'true' ";
- $prep_statement = $db->prepare($sql);
- if ($prep_statement) {
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+ $parameters['domain_uuid'] = $_SESSION["domain_uuid"];
+ $parameters['user_uuid'] = $_SESSION["user_uuid"];
+ $database = new database;
+ $result = $database->select($sql, $parameters, 'all');
+ if (is_array($result) && @sizeof($result) != 0) {
foreach ($result as $row) {
$name = $row['user_setting_name'];
$category = $row['user_setting_category'];
@@ -179,7 +183,8 @@
else {
$_SESSION[$category][$name] = $row['user_setting_value'];
}
- } else {
+ }
+ else {
//$$category[$subcategory][$name] = $row['domain_setting_value'];
if ($name == "array") {
$_SESSION[$category][$subcategory][] = $row['user_setting_value'];
@@ -191,57 +196,62 @@
}
}
}
+ unset($sql, $parameters, $result, $row);
//get the extensions that are assigned to this user
if (file_exists($_SERVER["PROJECT_ROOT"]."/app/extensions/app_config.php")) {
- if (isset($_SESSION["user"]) && isset($_SESSION["user_uuid"]) && $db && strlen($_SESSION["domain_uuid"]) > 0 && strlen($_SESSION["user_uuid"]) > 0 && count($_SESSION['user']['extension']) == 0) {
+ if (
+ isset($_SESSION["user"]) &&
+ is_uuid($_SESSION["user_uuid"]) &&
+ is_uuid($_SESSION["domain_uuid"]) &&
+ count($_SESSION['user']['extension']) == 0
+ ) {
//get the user extension list
$_SESSION['user']['extension'] = null;
$sql = "select ";
- $sql .= " e.extension_uuid, ";
- $sql .= " e.extension, ";
- $sql .= " e.number_alias, ";
- $sql .= " e.user_context, ";
- $sql .= " e.outbound_caller_id_name, ";
- $sql .= " e.outbound_caller_id_number, ";
- $sql .= " e.description ";
+ $sql .= "e.extension_uuid, ";
+ $sql .= "e.extension, ";
+ $sql .= "e.number_alias, ";
+ $sql .= "e.user_context, ";
+ $sql .= "e.outbound_caller_id_name, ";
+ $sql .= "e.outbound_caller_id_number, ";
+ $sql .= "e.description ";
$sql .= "from ";
- $sql .= " v_extension_users as u, ";
- $sql .= " v_extensions as e ";
+ $sql .= "v_extension_users as u, ";
+ $sql .= "v_extensions as e ";
$sql .= "where ";
- $sql .= " e.domain_uuid = '".$_SESSION['domain_uuid']."' ";
- $sql .= " and e.extension_uuid = u.extension_uuid ";
- $sql .= " and u.user_uuid = '".$_SESSION['user_uuid']."' ";
- $sql .= " and e.enabled = 'true' ";
+ $sql .= "e.domain_uuid = :domain_uuid ";
+ $sql .= "and e.extension_uuid = u.extension_uuid ";
+ $sql .= "and u.user_uuid = :user_uuid ";
+ $sql .= "and e.enabled = 'true' ";
$sql .= "order by ";
- $sql .= " e.extension asc ";
- $query = $db->query($sql);
- if($query !== false) {
- $result = $db->query($sql)->fetchAll(PDO::FETCH_ASSOC);
- $x = 0;
- foreach($result as $row) {
+ $sql .= "e.extension asc ";
+ $parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+ $parameters['user_uuid'] = $_SESSION['user_uuid'];
+ $database = new database;
+ $result = $database->select($sql, $parameters, 'all');
+ if (is_array($result) && @sizeof($result) != 0) {
+ foreach($result as $x => $row) {
//set the destination
- $destination = $row['extension'];
- if (strlen($row['number_alias']) > 0) {
- $destination = $row['number_alias'];
- }
-
- //build the uers array
- $_SESSION['user']['extension'][$x]['user'] = $row['extension'];
- $_SESSION['user']['extension'][$x]['number_alias'] = $row['number_alias'];
- $_SESSION['user']['extension'][$x]['destination'] = $destination;
- $_SESSION['user']['extension'][$x]['extension_uuid'] = $row['extension_uuid'];
- $_SESSION['user']['extension'][$x]['outbound_caller_id_name'] = $row['outbound_caller_id_name'];
- $_SESSION['user']['extension'][$x]['outbound_caller_id_number'] = $row['outbound_caller_id_number'];
- $_SESSION['user']['extension'][$x]['user_context'] = $row['user_context'];
- $_SESSION['user']['extension'][$x]['description'] = $row['description'];
-
+ $destination = $row['extension'];
+ if (strlen($row['number_alias']) > 0) {
+ $destination = $row['number_alias'];
+ }
+ //build the user array
+ $_SESSION['user']['extension'][$x]['user'] = $row['extension'];
+ $_SESSION['user']['extension'][$x]['number_alias'] = $row['number_alias'];
+ $_SESSION['user']['extension'][$x]['destination'] = $destination;
+ $_SESSION['user']['extension'][$x]['extension_uuid'] = $row['extension_uuid'];
+ $_SESSION['user']['extension'][$x]['outbound_caller_id_name'] = $row['outbound_caller_id_name'];
+ $_SESSION['user']['extension'][$x]['outbound_caller_id_number'] = $row['outbound_caller_id_number'];
+ $_SESSION['user']['extension'][$x]['user_context'] = $row['user_context'];
+ $_SESSION['user']['extension'][$x]['description'] = $row['description'];
//set the user context
- $_SESSION['user']['user_context'] = $row["user_context"];
- $_SESSION['user_context'] = $row["user_context"];
- $x++;
+ $_SESSION['user']['user_context'] = $row["user_context"];
+ $_SESSION['user_context'] = $row["user_context"];
}
}
+ unset($sql, $parameters, $result, $row);
}
}
@@ -281,4 +291,4 @@
$v_path_show = false;
}
-?>
+?>
\ No newline at end of file
|