From c89b2d88a66d3a39b9e0f74eeca1e05d85438dd3 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Wed, 14 Aug 2019 22:37:20 -0600
Subject: [PATCH] Update device_profile_delete.php

---
 app/devices/device_profile_delete.php | 103 ++++++++++++++------------
 1 file changed, 54 insertions(+), 49 deletions(-)

diff --git a/app/devices/device_profile_delete.php b/app/devices/device_profile_delete.php
index b51a95af42..6a20146b37 100644
--- a/app/devices/device_profile_delete.php
+++ b/app/devices/device_profile_delete.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Copyright (C) 2008-2016 All Rights Reserved.
+	Copyright (C) 2019 All Rights Reserved.
 
 	Contributor(s):
 	Mark J Crane <markjcrane@fusionpbx.com>
@@ -28,68 +28,73 @@
 	require_once "resources/require.php";
 	require_once "resources/check_auth.php";
 
-//check permissions
-	if (permission_exists('device_profile_delete')) {
-		//access granted
-	}
-	else {
-		echo "access denied";
-		exit;
-	}
-
 //add multi-lingual support
 	$language = new text;
 	$text = $language->get();
 
-//get the id
-	$device_profile_uuid = $_GET["id"];
+//delete the message
+	message::add($text['message-delete']);
 
-//delete the data and subdata
-	if (is_uuid($device_profile_uuid)) {
+//delete the data
+	if (isset($_GET["id"]) && is_uuid($_GET["id"]) && permission_exists('device_profile_delete')) {
 
-		//add temp permissions
-			$p = new permissions;
-			$p->add('device_key_delete', 'temp');
-			$p->add('device_edit', 'temp');
+		//get the id
+			$id = $_GET["id"];
 
-		//create array
-			$array['device_keys'][0]['device_profile_uuid'] = $device_profile_uuid;
-			$array['device_profiles'][0]['device_profile_uuid'] = $device_profile_uuid;
-
-		//delete
+		//delete the data
+			$array['device_profile_keys'][]['device_profile_uuid'] = $id;
+			$array['device_profile_settings'][]['device_profile_uuid'] = $id;
+			$array['device_profiles'][]['device_profile_uuid'] = $id;
 			$database = new database;
 			$database->app_name = 'devices';
 			$database->app_uuid = '4efa1a1a-32e7-bf83-534b-6c8299958a8e';
 			$database->delete($array);
 			unset($array);
 
-		//remove device profile uuid from any assigned devices
-			$sql = "update v_devices set ";
-			$sql .= "device_profile_uuid = null ";
-			$sql .= "where device_profile_uuid = :device_profile_uuid ";
-			$parameters['device_profile_uuid'] = $device_profile_uuid;
-			$database = new database;
-			$database->execute($sql);
-			unset($sql, $parameters);
-
-		//remove temp permissions
-			$p->delete('device_key_delete', 'temp');
-			$p->delete('device_edit', 'temp');
-
-		//write the provision files
-			if ($_SESSION['provision']['path']['text'] != '') {
-				$prov = new provision;
-				$prov->domain_uuid = $domain_uuid;
-				$response = $prov->write();
-			}
-
-		//set message
-			message::add($text['message-delete']);
-
+		//redirect the user
+			header('Location: device_profiles.php');
 	}
 
-//redirect the user
-	header("Location: device_profiles.php");
-	return;
+//delete the child data
+	if (isset($_REQUEST["device_profile_key_uuid"]) && is_uuid($_REQUEST["device_profile_key_uuid"]) && permission_exists('device_profile_key_delete')) {
+		//select from v_device_profile_keys
+			$sql = "select device_profile_uuid from v_device_profile_keys ";
+			$sql .= "where device_profile_key_uuid = :device_profile_key_uuid ";
+			$parameters['device_profile_key_uuid'] = $_REQUEST["device_profile_key_uuid"];
+			$database = new database;
+			$device_profile_uuid = $database->select($sql, $parameters, 'column');
+			unset($sql, $parameters);
+
+		//delete the row
+			$array['device_profile_keys'][]['device_profile_key_uuid'] = $_REQUEST["device_profile_key_uuid"];
+			$database = new database;
+			$database->app_name = 'devices';
+			$database->app_uuid = '4efa1a1a-32e7-bf83-534b-6c8299958a8e';
+			$database->delete($array);
+
+		//redirect the user
+			header('Location: device_profile_edit.php?id='.urlencode($device_profile_uuid));
+	}
+
+//delete the child data
+	if (isset($_REQUEST["device_profile_setting_uuid"]) && is_uuid($_REQUEST["device_profile_setting_uuid"]) && permission_exists('device_profile_setting_delete')) {
+		//select from v_device_profile_settings
+			$sql = "select device_profile_uuid from v_device_profile_settings ";
+			$sql .= "where device_profile_setting_uuid = :device_profile_setting_uuid ";
+			$parameters['device_profile_setting_uuid'] = $_REQUEST["device_profile_setting_uuid"];
+			$database = new database;
+			$device_profile_uuid = $database->select($sql, $parameters, 'column');
+			unset($sql, $parameters);
+
+		//delete the row
+			$array['device_profile_settings'][]['device_profile_setting_uuid'] = $_REQUEST["device_profile_setting_uuid"];
+			$database = new database;
+			$database->app_name = 'devices';
+			$database->app_uuid = '4efa1a1a-32e7-bf83-534b-6c8299958a8e';
+			$database->delete($array);
+
+		//redirect the user
+			header('Location: device_profile_edit.php?id='.urlencode($device_profile_uuid));
+	}
 
 ?>