nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2025-12-30 00:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update database.php

Browse Source
This commit is contained in:
FusionPBX
2017-07-14 10:52:30 -06:00
committed by GitHub
parent a55ada0195
commit d0cfe5e0e1
1 changed files with 76 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
resources/classes/database.php
View File

@@ -585,7 +585,7 @@ include "root.php";
if (is_array($new_array)) {
foreach ($new_array as $schema_name => $schema_array) {
$this->name = preg_replace('#[^a-zA-Z0-9_/]#', '', $schema_name);
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $schema_name);
if (is_array($schema_array)) {
foreach ($schema_array as $schema_id => $array) {
@@ -1005,7 +1005,7 @@ include "root.php";
}
//set the name
if (isset($array['name'])) {
$this->name = preg_replace('#[^a-zA-Z0-9_/]#', '', $array['name']);
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array['name']);
}
//set the uuid
if (isset($array['uuid'])) {
@@ -1139,7 +1139,7 @@ include "root.php";
$this->debug["sql"] = true;
//start the atomic transaction
$this->db->beginTransaction();
// $this->db->beginTransaction();
//debug info
//echo "<pre>\n";
@@ -1150,13 +1150,13 @@ include "root.php";
//loop through the array
if (is_array($new_array)) foreach ($new_array as $schema_name => $schema_array) {
$this->name = preg_replace('#[^a-zA-Z0-9_/]#', '', $schema_name);
$this->name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $schema_name);
if (is_array($schema_array)) foreach ($schema_array as $schema_id => $array) {
//set the variables
$table_name = "v_".$this->name;
$parent_key_name = $this->singular($this->name)."_uuid";
$parent_key_name = preg_replace('#[^a-zA-Z0-9_/]#', '', $parent_key_name);
$parent_key_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $parent_key_name);
//if the uuid is set then set parent key exists and value
//determine if the parent_key_exists
@@ -1176,13 +1176,13 @@ include "root.php";
}
//allow characters found in the uuid only.
$parent_key_value = preg_replace('#[^a-zA-Z0-9_/]#', '', $parent_key_value);
$parent_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $parent_key_value);
//get the parent field names
$parent_field_names = array();
if (is_array($array)) foreach ($array as $key => $value) {
if (!is_array($value)) {
$parent_field_names[] = preg_replace('#[^a-zA-Z0-9_/]#', '', $key);
$parent_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $key);
}
}
@@ -1234,7 +1234,7 @@ include "root.php";
//}
if (is_array($array)) foreach ($array as $array_key => $array_value) {
if (!is_array($array_value)) {
$array_key = preg_replace('#[^a-zA-Z0-9_/]#', '', $array_key);
$array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
$sql .= $array_key.", ";
}
}
@@ -1253,8 +1253,9 @@ include "root.php";
$sql .= "now(), ";
}
else {
$sql .= "'".check_str($array_value)."', ";
//$sql .= ":".$array_key.", ";
//$sql .= "'".check_str($array_value)."', ";
$sql .= ':'.$array_key.", ";
$params[$array_key] = $array_value;
}
}
}
@@ -1262,24 +1263,12 @@ include "root.php";
$sql = str_replace(", )", ")", $sql);
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//$prep_statement = $this->db->prepare($sql);
try {
//bind the parameters key and values
//if (is_array($array)) foreach ($array as $array_key => $array_value) {
// if (!is_array($array_value)) {
// if (strlen($array_value) == 0) {}
// elseif ($array_value === "now()") {}
// else {
// $prep_statement->bindParam(':'.$array_key, $array_value);
// $params[$array_key] = $array_value;
// }
// }
//}
$this->db->query(check_sql($sql));
//$prep_statement->execute();
//unset($prep_statement);
//$this->db->query(check_sql($sql));
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute($params);
unset($prep_statement);
$message["message"] = "OK";
$message["code"] = "200";
$message["uuid"] = $parent_key_value;
@@ -1289,9 +1278,10 @@ include "root.php";
$message["details"][$m]["uuid"] = $parent_key_value;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
//if (is_array($params)) {
// $message["details"][$m]["params"] = $params;
//}
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1302,11 +1292,13 @@ include "root.php";
$message["details"][$m]["name"] = $this->name;
$message["details"][$m]["message"] = $e->getMessage();
$message["details"][$m]["code"] = "400";
$message["details"][$m]["array"] = $array;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
//if (is_array($params)) {
// $message["details"][$m]["params"] = $params;
//}
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
//print_r($message);
$this->message = $message;
@@ -1333,7 +1325,7 @@ include "root.php";
if (is_array($array)) {
foreach ($array as $array_key => $array_value) {
if (!is_array($array_value) && $array_key != $parent_key_name) {
$array_key = preg_replace('#[^a-zA-Z0-9_/]#', '', $array_key);
$array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
if (strlen($array_value) == 0) {
$sql .= $array_key." = null, ";
}
@@ -1341,7 +1333,9 @@ include "root.php";
$sql .= $array_key." = now(), ";
}
else {
$sql .= $array_key." = '".check_str($array_value)."', ";
//$sql .= $array_key." = '".check_str($array_value)."', ";
$sql .= $array_key." = :".$array_key.", ";
$params[$array_key] = $array_value;
}
}
}
@@ -1350,7 +1344,9 @@ include "root.php";
$sql = str_replace(", WHERE", " WHERE", $sql);
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$this->db->query(check_sql($sql));
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute($params);
//$this->db->query(check_sql($sql));
$message["message"] = "OK";
$message["code"] = "200";
$message["uuid"] = $parent_key_value;
@@ -1360,6 +1356,10 @@ include "root.php";
$message["details"][$m]["uuid"] = $parent_key_value;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1373,6 +1373,10 @@ include "root.php";
$message["details"][$m]["code"] = "400";
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1396,11 +1400,11 @@ include "root.php";
if (is_array($value)) {
$table_name = "v_".$key;
$table_name = preg_replace('#[^a-zA-Z0-9_/]#', '', $table_name);
$table_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $table_name);
foreach ($value as $id => $row) {
//prepare the variables
$child_name = $this->singular($key);
$child_name = preg_replace('#[^a-zA-Z0-9_/]#', '', $child_name);
$child_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_name);
$child_key_name = $child_name."_uuid";
//determine if the parent key exists in the child array
@@ -1425,13 +1429,13 @@ include "root.php";
}
//allow characters found in the uuid only.
$child_key_value = preg_replace('#[^a-zA-Z0-9_/]#', '', $child_key_value);
$child_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_key_value);
//get the child field names
$child_field_names = array();
if (is_array($row)) foreach ($row as $k => $v) {
if (!is_array($v)) {
$child_field_names[] = preg_replace('#[^a-zA-Z0-9_/]#', '', $k);
$child_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
}
}
@@ -1469,7 +1473,7 @@ include "root.php";
if (is_array($row)) {
foreach ($row as $k => $v) {
if (!is_array($v) && ($k != $parent_key_name || $k != $child_key_name)) {
$k = preg_replace('#[^a-zA-Z0-9_/]#', '', $k);
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
if (strlen($v) == 0) {
$sql .= $k." = null, ";
}
@@ -1477,7 +1481,9 @@ include "root.php";
$sql .= $k." = now(), ";
}
else {
$sql .= "$k = '".check_str($v)."', ";
//$sql .= "$k = '".check_str($v)."', ";
$sql .= $array_key." = :".$array_key.", ";
$params[$array_key] = $array_value;
}
}
}
@@ -1490,13 +1496,19 @@ include "root.php";
//$prep_statement->bindParam(':domain_uuid', $_SESSION["domain_uuid"] );
try {
$this->db->query(check_sql($sql));
//$this->db->query(check_sql($sql));
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute($params);
$message["details"][$m]["name"] = $key;
$message["details"][$m]["message"] = "OK";
$message["details"][$m]["code"] = "200";
$message["details"][$m]["uuid"] = $child_key_value;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1511,6 +1523,10 @@ include "root.php";
$message["details"][$m]["code"] = "400";
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1559,7 +1575,7 @@ include "root.php";
if (is_array($row)) {
foreach ($row as $k => $v) {
if (!is_array($v)) {
$k = preg_replace('#[^a-zA-Z0-9_/]#', '', $k);
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
$sql .= $k.", ";
}
}
@@ -1583,7 +1599,10 @@ include "root.php";
$sql .= "now(), ";
}
else {
$sql .= "'".check_str($v)."', ";
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
//$sql .= "'".check_str($v)."', ";
$sql .= ':'.$k.", ";
$params[$k] = $v;
}
}
}
@@ -1592,13 +1611,20 @@ include "root.php";
$sql = str_replace(", )", ")", $sql);
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$this->db->query(check_sql($sql));
//$this->db->query(check_sql($sql));
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute($params);
unset($prep_statement);
$message["details"][$m]["name"] = $key;
$message["details"][$m]["message"] = "OK";
$message["details"][$m]["code"] = "200";
$message["details"][$m]["uuid"] = $child_key_value;
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1613,6 +1639,10 @@ include "root.php";
$message["details"][$m]["code"] = "400";
if ($this->debug["sql"]) {
$message["details"][$m]["sql"] = $sql;
if (is_array($params)) {
$message["details"][$m]["params"] = $params;
unset($params);
}
}
$this->message = $message;
$m++;
@@ -1655,7 +1685,7 @@ include "root.php";
$this->message = $message;
//commit the atomic transaction
$this->db->commit();
// $this->db->commit();
//get the UUIDs
$user_uuid = $_SESSION['user_uuid'];