Database class integration.

2026-01-06 11:43:50 +00:00 · 2019-07-02 10:56:36 -06:00
parent f7742bef81
commit d50170269e
11 changed files with 346 additions and 389 deletions
--- a/app/call_centers/call_center_queue_edit.php
+++ b/app/call_centers/call_center_queue_edit.php
@@ -44,9 +44,9 @@
 	$text = $language->get();

 //action add or update
-	if (isset($_REQUEST["id"])) {
+	if (is_uuid($_REQUEST["id"])) {
 		$action = "update";
-		$call_center_queue_uuid = check_str($_REQUEST["id"]);
+		$call_center_queue_uuid = $_REQUEST["id"];
 	}
 	else {
 		$action = "add";
@@ -55,15 +55,13 @@
 //get total call center queues count from the database, check limit, if defined
 	if ($action == 'add') {
 		if ($_SESSION['limit']['call_center_queues']['numeric'] != '') {
-			$sql = "select count(*) as num_rows from v_call_center_queues ";
-			$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-			$prep_statement = $db->prepare($sql);
-			if ($prep_statement) {
-				$prep_statement->execute();
-				$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-				$total_call_center_queues = $row['num_rows'];
-			}
-			unset($prep_statement, $row);
+			$sql = "select count(*) from v_call_center_queues ";
+			$sql .= "where domain_uuid = :domain_uuid ";
+			$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+			$database = new database;
+			$total_call_center_queues = $database->select($sql, $parameters, 'column');
+			unset($sql, $parameters);
+
 			if ($total_call_center_queues >= $_SESSION['limit']['call_center_queues']['numeric']) {
 				message::add($text['message-maximum_queues'].' '.$_SESSION['limit']['call_center_queues']['numeric'], 'negative');
 				header('Location: call_center_queues.php');
@@ -75,30 +73,30 @@
 //get http post variables and set them to php variables
 	if (is_array($_POST)) {
 		//get the post variables a run a security chack on them
-			//$domain_uuid = check_str($_POST["domain_uuid"]);
-			$dialplan_uuid = check_str($_POST["dialplan_uuid"]);
-			$queue_name = check_str($_POST["queue_name"]);
-			$queue_extension = check_str($_POST["queue_extension"]);
-			$queue_greeting = check_str($_POST["queue_greeting"]);
-			$queue_strategy = check_str($_POST["queue_strategy"]);
-			$queue_moh_sound = check_str($_POST["queue_moh_sound"]);
-			$queue_record_template = check_str($_POST["queue_record_template"]);
-			$queue_time_base_score = check_str($_POST["queue_time_base_score"]);
-			$queue_max_wait_time = check_str($_POST["queue_max_wait_time"]);
-			$queue_max_wait_time_with_no_agent = check_str($_POST["queue_max_wait_time_with_no_agent"]);
-			$queue_max_wait_time_with_no_agent_time_reached = check_str($_POST["queue_max_wait_time_with_no_agent_time_reached"]);
-			$queue_tier_rules_apply = check_str($_POST["queue_tier_rules_apply"]);
-			$queue_tier_rule_wait_second = check_str($_POST["queue_tier_rule_wait_second"]);
-			$queue_tier_rule_wait_multiply_level = check_str($_POST["queue_tier_rule_wait_multiply_level"]);
-			$queue_tier_rule_no_agent_no_wait = check_str($_POST["queue_tier_rule_no_agent_no_wait"]);
-			$queue_timeout_action = check_str($_POST["queue_timeout_action"]);
-			$queue_discard_abandoned_after = check_str($_POST["queue_discard_abandoned_after"]);
-			$queue_abandoned_resume_allowed = check_str($_POST["queue_abandoned_resume_allowed"]);
-			$queue_cid_prefix = check_str($_POST["queue_cid_prefix"]);
-			$queue_announce_sound = check_str($_POST["queue_announce_sound"]);
-			$queue_announce_frequency = check_str($_POST["queue_announce_frequency"]);
-			$queue_cc_exit_keys = check_str($_POST["queue_cc_exit_keys"]);
-			$queue_description = check_str($_POST["queue_description"]);
+			//$domain_uuid = $_POST["domain_uuid"];
+			$dialplan_uuid = $_POST["dialplan_uuid"];
+			$queue_name = $_POST["queue_name"];
+			$queue_extension = $_POST["queue_extension"];
+			$queue_greeting = $_POST["queue_greeting"];
+			$queue_strategy = $_POST["queue_strategy"];
+			$queue_moh_sound = $_POST["queue_moh_sound"];
+			$queue_record_template = $_POST["queue_record_template"];
+			$queue_time_base_score = $_POST["queue_time_base_score"];
+			$queue_max_wait_time = $_POST["queue_max_wait_time"];
+			$queue_max_wait_time_with_no_agent = $_POST["queue_max_wait_time_with_no_agent"];
+			$queue_max_wait_time_with_no_agent_time_reached = $_POST["queue_max_wait_time_with_no_agent_time_reached"];
+			$queue_tier_rules_apply = $_POST["queue_tier_rules_apply"];
+			$queue_tier_rule_wait_second = $_POST["queue_tier_rule_wait_second"];
+			$queue_tier_rule_wait_multiply_level = $_POST["queue_tier_rule_wait_multiply_level"];
+			$queue_tier_rule_no_agent_no_wait = $_POST["queue_tier_rule_no_agent_no_wait"];
+			$queue_timeout_action = $_POST["queue_timeout_action"];
+			$queue_discard_abandoned_after = $_POST["queue_discard_abandoned_after"];
+			$queue_abandoned_resume_allowed = $_POST["queue_abandoned_resume_allowed"];
+			$queue_cid_prefix = $_POST["queue_cid_prefix"];
+			$queue_announce_sound = $_POST["queue_announce_sound"];
+			$queue_announce_frequency = $_POST["queue_announce_frequency"];
+			$queue_cc_exit_keys = $_POST["queue_cc_exit_keys"];
+			$queue_description = $_POST["queue_description"];

 		//remove invalid characters
 			$queue_cid_prefix = str_replace(":", "-", $queue_cid_prefix);
@@ -111,23 +109,25 @@
 //delete the tier (agent from the queue)
 	if ($_REQUEST["a"] == "delete" && strlen($_REQUEST["id"]) > 0 && permission_exists("call_center_tier_delete")) {
 		//set the variables
-			$call_center_queue_uuid = check_str($_REQUEST["id"]);
-			$call_center_tier_uuid = check_str($_REQUEST["call_center_tier_uuid"]);
+			$call_center_queue_uuid = $_REQUEST["id"];
+			$call_center_tier_uuid = $_REQUEST["call_center_tier_uuid"];
 		//get the agent details
 			$sql = "select agent_name, queue_name, call_center_agent_uuid, call_center_queue_uuid ";
 			$sql .= "from v_call_center_tiers ";
-			$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-			$sql .= "and call_center_tier_uuid = '".$call_center_tier_uuid."' ";
-			$prep_statement = $db->prepare(check_sql($sql));
-			$prep_statement->execute();
-			$tiers = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-			if (is_array($tiers)) {
+			$sql .= "where domain_uuid = :domain_uuid ";
+			$sql .= "and call_center_tier_uuid = :call_center_tier_uuid ";
+			$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+			$parameters['call_center_tier_uuid'] = $call_center_tier_uuid;
+			$database = new database;
+			$tiers = $database->select($sql, $parameters, 'all');
+			unset($sql, $parameters);
+
+			if (is_array($tiers) && sizeof($tiers) != 0) {
 				foreach ($tiers as &$row) {
 					$call_center_agent_uuid = $row["call_center_agent_uuid"];
 					$call_center_queue_uuid = $row["call_center_queue_uuid"];
 				}
 			}
-			unset ($prep_statement);
 		//delete the agent from freeswitch
 			//setup the event socket connection
 			$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
@@ -139,10 +139,19 @@
 			}
 		//delete the tier from the database
 			if (strlen($call_center_tier_uuid) > 0) {
-				$sql = "delete from v_call_center_tiers where domain_uuid = '".$_SESSION['domain_uuid']."' and call_center_tier_uuid = '".$call_center_tier_uuid."'";
-				$prep_statement = $db->prepare(check_sql($sql));
-				$prep_statement->execute();
-				unset($sql);
+				$array['call_center_tiers'][0]['call_center_tier_uuid'] = $call_center_tier_uuid;
+				$array['call_center_tiers'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
+
+				$p = new permissions;
+				$p->add('call_center_tier_delete', 'temp');
+
+				$database = new database;
+				$database->app_name = 'call_centers';
+				$database->app_uuid = '95788e50-9500-079e-2807-fd530b0ea370';
+				$database->delete($array);
+				unset($array);
+
+				$p->delete('call_center_tier_delete', 'temp');
 			}
 	}

@@ -151,7 +160,7 @@

 		//get the uuid from the POST
 			if ($action == "update") {
-				$call_center_queue_uuid = check_str($_POST["call_center_queue_uuid"]);
+				$call_center_queue_uuid = $_POST["call_center_queue_uuid"];
 			}
 	
 		//check for all required data
@@ -313,9 +322,9 @@
 			remove_config_from_cache('configuration:callcenter.conf');

 		//add agent/tier to queue
-			$agent_name = check_str($_POST["agent_name"]);
-			$tier_level = check_str($_POST["tier_level"]);
-			$tier_position = check_str($_POST["tier_position"]);
+			$agent_name = $_POST["agent_name"];
+			$tier_level = $_POST["tier_level"];
+			$tier_position = $_POST["tier_position"];

 			if ($agent_name != '') {
 				//setup the event socket connection
@@ -362,11 +371,14 @@
 	if (is_array($_GET) && is_uuid($_GET["id"]) && $_POST["persistformvar"] != "true") {
 		$call_center_queue_uuid = $_GET["id"];
 		$sql = "select * from v_call_center_queues ";
-		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-		$sql .= "and call_center_queue_uuid = '$call_center_queue_uuid' ";
-		$prep_statement = $db->prepare(check_sql($sql));
-		$prep_statement->execute();
-		$call_center_queues = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+		$sql .= "where domain_uuid = :domain_uuid ";
+		$sql .= "and call_center_queue_uuid = :call_center_queue_uuid ";
+		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+		$parameters['call_center_queue_uuid'] = $call_center_queue_uuid;
+		$database = new database;
+		$call_center_queues = $database->select($sql, $parameters, 'all');
+		unset($sql, $parameters);
+
 		if (is_array($call_center_queues)) {
 			foreach ($call_center_queues as &$row) {
 				$queue_name = $row["queue_name"];
@@ -395,19 +407,20 @@
 				$queue_description = $row["queue_description"];
 			}
 		}
-		unset ($prep_statement);
 	}

 //get the tiers
 	$sql = "select t.call_center_tier_uuid, t.call_center_agent_uuid, t.call_center_queue_uuid, t.tier_level, t.tier_position, a.agent_name ";
 	$sql .= "from v_call_center_tiers as t, v_call_center_agents as a ";
-	$sql .= "where t.call_center_queue_uuid = '".$call_center_queue_uuid."' ";
+	$sql .= "where t.call_center_queue_uuid = :call_center_queue_uuid ";
 	$sql .= "and t.call_center_agent_uuid = a.call_center_agent_uuid ";
-	$sql .= "and t.domain_uuid = '".$_SESSION['domain_uuid']."' ";
+	$sql .= "and t.domain_uuid = :domain_uuid ";
 	$sql .= "order by tier_level asc, tier_position asc, a.agent_name asc";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$tiers = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+	$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+	$parameters['call_center_queue_uuid'] = $call_center_queue_uuid;
+	$database = new database;
+	$tiers = $database->select($sql, $parameters, 'all');
+	unset($sql, $parameters);

 //add an empty row to the tiers array
 	if (count($tiers) == 0) {
@@ -430,13 +443,14 @@

 //get the agents
 	$sql = "select call_center_agent_uuid, agent_name from v_call_center_agents ";
-	$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
+	$sql .= "where domain_uuid = :domain_uuid ";
 	$sql .= "order by agent_name asc";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$agents = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+	$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+	$database = new database;
+	$agents = $database->select($sql, $parameters, 'all');
+	unset($sql, $parameters);

-//get the sounds
+	//get the sounds
 	$sounds = new sounds;
 	$sounds = $sounds->get();

@@ -674,7 +688,7 @@
 			$assigned_agents[] = $field['agent_name'];
 			$x++;
 		}
-		unset ($prep_statement, $sql, $tiers);
+		unset ($tiers);
 		echo "		</table>\n";
 		echo "		<br>\n";
 		echo "		".$text['description-tiers']."\n";