From f4765e954bc96ade407623a36ca93c32af3bf1e2 Mon Sep 17 00:00:00 2001 From: markjcrane Date: Tue, 21 Jun 2016 18:00:38 -0600 Subject: [PATCH] Improve code for access controls. --- app/access_controls/access_control_delete.php | 24 ++-- app/access_controls/access_control_edit.php | 38 ++++--- app/access_controls/access_controls.php | 104 +++++++++--------- 3 files changed, 89 insertions(+), 77 deletions(-) diff --git a/app/access_controls/access_control_delete.php b/app/access_controls/access_control_delete.php index 9b703f3ac3..50b5b28930 100644 --- a/app/access_controls/access_control_delete.php +++ b/app/access_controls/access_control_delete.php @@ -1,14 +1,18 @@ 0 && strlen($_POST["persistformvar"]) == 0) { unset($sql); remove_config_from_cache('configuration:acl.conf'); - $_SESSION['message'] = $text['message-add']; - header('Location: access_controls.php'); + $_SESSION["message"] = $text['message-add']; + header("Location: access_controls.php"); return; } //if ($action == "add") @@ -91,8 +95,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { unset($sql); remove_config_from_cache('configuration:acl.conf'); - $_SESSION['message'] = $text['message-update']; - header('Location: access_controls.php'); + $_SESSION["message"] = $text['message-update']; + header("Location: access_controls.php"); return; } //if ($action == "update") @@ -120,8 +124,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; //show the content - echo "
\n"; - echo "\n"; + echo "\n"; + echo "
\n"; echo "\n"; echo "\n"; echo ""; echo "
".$text['title-access_control']."

\n"; @@ -186,7 +190,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo "
"; echo "
"; - echo "

"; + echo "

"; if ($action == "update") { require "access_control_nodes.php"; diff --git a/app/access_controls/access_controls.php b/app/access_controls/access_controls.php index f2a8cc6938..e3f0315167 100644 --- a/app/access_controls/access_controls.php +++ b/app/access_controls/access_controls.php @@ -1,14 +1,18 @@ 0) { $sql .= "order by $order_by $order "; } + $prep_statement = $db->prepare($sql); + if ($prep_statement) { + $prep_statement->execute(); + $row = $prep_statement->fetch(PDO::FETCH_ASSOC); + if ($row['num_rows'] > 0) { + $num_rows = $row['num_rows']; + } + else { + $num_rows = '0'; + } + } + +//prepare to page the results + $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; + $param = ""; + $page = $_GET['page']; + if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } + list($paging_controls, $rows_per_page, $var3) = paging($num_rows, $param, $rows_per_page); + $offset = $rows_per_page * $page; + +//get the list + $sql = "select * from v_access_controls "; + if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; } + $sql .= "limit $rows_per_page offset $offset "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); + unset ($prep_statement, $sql); + +//alternate the row style + $c = 0; + $row_style["0"] = "row_style0"; + $row_style["1"] = "row_style1"; + //show the content echo "\n"; echo " \n"; @@ -35,43 +76,6 @@ else { echo " \n"; echo "
\n"; - //prepare to page the results - $sql = "select count(*) as num_rows from v_access_controls "; - if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; } - $prep_statement = $db->prepare($sql); - if ($prep_statement) { - $prep_statement->execute(); - $row = $prep_statement->fetch(PDO::FETCH_ASSOC); - if ($row['num_rows'] > 0) { - $num_rows = $row['num_rows']; - } - else { - $num_rows = '0'; - } - } - - //prepare to page the results - $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; - $param = ""; - $page = $_GET['page']; - if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } - list($paging_controls, $rows_per_page, $var3) = paging($num_rows, $param, $rows_per_page); - $offset = $rows_per_page * $page; - - //get the list - $sql = "select * from v_access_controls "; - if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; } - $sql .= "limit $rows_per_page offset $offset "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - $result_count = count($result); - unset ($prep_statement, $sql); - - $c = 0; - $row_style["0"] = "row_style0"; - $row_style["1"] = "row_style1"; - echo "\n"; echo "\n"; echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order); @@ -87,7 +91,7 @@ else { echo "\n"; echo "\n"; - if ($result_count > 0) { + if (is_array($result)) { foreach($result as $row) { if (permission_exists('access_control_edit')) { $tr_link = "href='access_control_edit.php?id=".$row['access_control_uuid']."'"; @@ -125,8 +129,7 @@ else { } echo " \n"; echo " \n"; - echo "
\n"; - + echo " \n"; echo "\n"; echo "\n"; echo ""; @@ -134,4 +137,5 @@ else { //include the footer require_once "resources/footer.php"; + ?> \ No newline at end of file