|
|
@@ -1192,9 +1192,11 @@ include "root.php";
|
|
|
|
|
|
//get the parent field names
|
|
|
$parent_field_names = array();
|
|
|
- if (is_array($array)) foreach ($array as $key => $value) {
|
|
|
- if (!is_array($value)) {
|
|
|
- $parent_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $key);
|
|
|
+ if (is_array($array)) {
|
|
|
+ foreach ($array as $key => $value) {
|
|
|
+ if (!is_array($value)) {
|
|
|
+ $parent_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $key);
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -1245,10 +1247,12 @@ include "root.php";
|
|
|
//foreach ($parent_field_names as $field_name) {
|
|
|
// $sql .= check_str($field_name).", ";
|
|
|
//}
|
|
|
- if (is_array($array)) foreach ($array as $array_key => $array_value) {
|
|
|
- if (!is_array($array_value)) {
|
|
|
- $array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
|
|
|
- $sql .= $array_key.", ";
|
|
|
+ if (is_array($array)) {
|
|
|
+ foreach ($array as $array_key => $array_value) {
|
|
|
+ if (!is_array($array_value)) {
|
|
|
+ $array_key = preg_replace('#[^a-zA-Z0-9_\-]#', '', $array_key);
|
|
|
+ $sql .= $array_key.", ";
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
$sql .= ") ";
|
|
|
@@ -1257,18 +1261,20 @@ include "root.php";
|
|
|
if (!$parent_key_exists) {
|
|
|
$sql .= "'".$parent_key_value."', ";
|
|
|
}
|
|
|
- if (is_array($array)) foreach ($array as $array_key => $array_value) {
|
|
|
- if (!is_array($array_value)) {
|
|
|
- if (strlen($array_value) == 0) {
|
|
|
- $sql .= "null, ";
|
|
|
- }
|
|
|
- elseif ($array_value === "now()") {
|
|
|
- $sql .= "now(), ";
|
|
|
- }
|
|
|
- else {
|
|
|
- //$sql .= "'".check_str($array_value)."', ";
|
|
|
- $sql .= ':'.$array_key.", ";
|
|
|
- $params[$array_key] = $array_value;
|
|
|
+ if (is_array($array)) {
|
|
|
+ foreach ($array as $array_key => $array_value) {
|
|
|
+ if (!is_array($array_value)) {
|
|
|
+ if (strlen($array_value) == 0) {
|
|
|
+ $sql .= "null, ";
|
|
|
+ }
|
|
|
+ elseif ($array_value === "now()") {
|
|
|
+ $sql .= "now(), ";
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ //$sql .= "'".check_str($array_value)."', ";
|
|
|
+ $sql .= ':'.$array_key.", ";
|
|
|
+ $params[$array_key] = $array_value;
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -1409,105 +1415,224 @@ include "root.php";
|
|
|
unset($sql, $action);
|
|
|
|
|
|
//child data
|
|
|
- if (is_array($array)) foreach ($array as $key => $value) {
|
|
|
-
|
|
|
- if (is_array($value)) {
|
|
|
- $table_name = "v_".$key;
|
|
|
- $table_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $table_name);
|
|
|
- foreach ($value as $id => $row) {
|
|
|
- //prepare the variables
|
|
|
- $child_name = $this->singular($key);
|
|
|
- $child_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_name);
|
|
|
- $child_key_name = $child_name."_uuid";
|
|
|
-
|
|
|
- //determine if the parent key exists in the child array
|
|
|
- $parent_key_exists = false;
|
|
|
- if (!isset($array[$parent_key_name])) {
|
|
|
- $parent_key_exists = true;
|
|
|
- }
|
|
|
+ if (is_array($array)) {
|
|
|
+ foreach ($array as $key => $value) {
|
|
|
+
|
|
|
+ if (is_array($value)) {
|
|
|
+ $table_name = "v_".$key;
|
|
|
+ $table_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $table_name);
|
|
|
+ foreach ($value as $id => $row) {
|
|
|
+ //prepare the variables
|
|
|
+ $child_name = $this->singular($key);
|
|
|
+ $child_name = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_name);
|
|
|
+ $child_key_name = $child_name."_uuid";
|
|
|
+
|
|
|
+ //determine if the parent key exists in the child array
|
|
|
+ $parent_key_exists = false;
|
|
|
+ if (!isset($array[$parent_key_name])) {
|
|
|
+ $parent_key_exists = true;
|
|
|
+ }
|
|
|
|
|
|
- //determine if the uuid exists
|
|
|
- $uuid_exists = false;
|
|
|
- if (is_array($row)) foreach ($row as $k => $v) {
|
|
|
- if ($child_key_name == $k) {
|
|
|
- if (strlen($v) > 0) {
|
|
|
- $child_key_value = $v;
|
|
|
- $uuid_exists = true;
|
|
|
- break;
|
|
|
+ //determine if the uuid exists
|
|
|
+ $uuid_exists = false;
|
|
|
+ if (is_array($row)) foreach ($row as $k => $v) {
|
|
|
+ if ($child_key_name == $k) {
|
|
|
+ if (strlen($v) > 0) {
|
|
|
+ $child_key_value = $v;
|
|
|
+ $uuid_exists = true;
|
|
|
+ break;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ $uuid_exists = false;
|
|
|
}
|
|
|
}
|
|
|
- else {
|
|
|
- $uuid_exists = false;
|
|
|
- }
|
|
|
- }
|
|
|
|
|
|
- //allow characters found in the uuid only.
|
|
|
- $child_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_key_value);
|
|
|
+ //allow characters found in the uuid only.
|
|
|
+ $child_key_value = preg_replace('#[^a-zA-Z0-9_\-]#', '', $child_key_value);
|
|
|
|
|
|
- //get the child field names
|
|
|
- $child_field_names = array();
|
|
|
- if (is_array($row)) foreach ($row as $k => $v) {
|
|
|
- if (!is_array($v)) {
|
|
|
- $child_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
+ //get the child field names
|
|
|
+ $child_field_names = array();
|
|
|
+ if (is_array($row)) {
|
|
|
+ foreach ($row as $k => $v) {
|
|
|
+ if (!is_array($v)) {
|
|
|
+ $child_field_names[] = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
- }
|
|
|
|
|
|
- //determine sql update or delete and get the original data
|
|
|
- if ($uuid_exists) {
|
|
|
- $sql = "SELECT ". implode(", ", $child_field_names)." FROM ".$table_name." ";
|
|
|
- $sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
|
|
- $prep_statement = $this->db->prepare($sql);
|
|
|
- if ($prep_statement) {
|
|
|
- //get the data
|
|
|
- $prep_statement->execute();
|
|
|
- $child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
|
|
- //set the action
|
|
|
- if (is_array($child_array)) {
|
|
|
- $action = "update";
|
|
|
+ //determine sql update or delete and get the original data
|
|
|
+ if ($uuid_exists) {
|
|
|
+ $sql = "SELECT ". implode(", ", $child_field_names)." FROM ".$table_name." ";
|
|
|
+ $sql .= "WHERE ".$child_key_name." = '".$child_key_value."' ";
|
|
|
+ $prep_statement = $this->db->prepare($sql);
|
|
|
+ if ($prep_statement) {
|
|
|
+ //get the data
|
|
|
+ $prep_statement->execute();
|
|
|
+ $child_array = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
|
|
+ //set the action
|
|
|
+ if (is_array($child_array)) {
|
|
|
+ $action = "update";
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ $action = "add";
|
|
|
+ }
|
|
|
+ //add to the parent array
|
|
|
+ if (is_array($child_array)) {
|
|
|
+ $old_array[$schema_name][$schema_id][$key][] = $child_array;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ unset($prep_statement);
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ $action = "add";
|
|
|
+ }
|
|
|
+
|
|
|
+ //update the child data
|
|
|
+ if ($action == "update") {
|
|
|
+ if (permission_exists($child_name.'_edit')) {
|
|
|
+ $sql = "UPDATE ".$table_name." SET ";
|
|
|
+ if (is_array($row)) {
|
|
|
+ foreach ($row as $k => $v) {
|
|
|
+ if (!is_array($v) && ($k != $parent_key_name || $k != $child_key_name)) {
|
|
|
+ $k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
+ if (strlen($v) == 0) {
|
|
|
+ $sql .= $k." = null, ";
|
|
|
+ }
|
|
|
+ elseif ($v === "now()") {
|
|
|
+ $sql .= $k." = now(), ";
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ //$sql .= "$k = '".check_str($v)."', ";
|
|
|
+ $sql .= $k." = :".$k.", ";
|
|
|
+ $params[$k] = $v;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ $sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
|
|
+ $sql .= "AND ".$child_key_name." = '".$child_key_value."' ";
|
|
|
+ $sql = str_replace(", WHERE", " WHERE", $sql);
|
|
|
+ $this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
+
|
|
|
+ //$prep_statement->bindParam(':domain_uuid', $this->domain_uuid );
|
|
|
+
|
|
|
+ try {
|
|
|
+ //$this->db->query(check_sql($sql));
|
|
|
+ $prep_statement = $this->db->prepare($sql);
|
|
|
+ $prep_statement->execute($params);
|
|
|
+ unset($prep_statement);
|
|
|
+ $message["details"][$m]["name"] = $key;
|
|
|
+ $message["details"][$m]["message"] = "OK";
|
|
|
+ $message["details"][$m]["code"] = "200";
|
|
|
+ $message["details"][$m]["uuid"] = $child_key_value;
|
|
|
+ if ($this->debug["sql"]) {
|
|
|
+ $message["details"][$m]["sql"] = $sql;
|
|
|
+ if (is_array($params)) {
|
|
|
+ $message["details"][$m]["params"] = $params;
|
|
|
+ unset($params);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ $this->message = $message;
|
|
|
+ $m++;
|
|
|
}
|
|
|
- else {
|
|
|
- $action = "add";
|
|
|
+ catch(PDOException $e) {
|
|
|
+ if ($message["code"] = "200") {
|
|
|
+ $message["message"] = "Bad Request";
|
|
|
+ $message["code"] = "400";
|
|
|
+ }
|
|
|
+ $message["details"][$m]["name"] = $key;
|
|
|
+ $message["details"][$m]["message"] = $e->getMessage();
|
|
|
+ $message["details"][$m]["code"] = "400";
|
|
|
+ if ($this->debug["sql"]) {
|
|
|
+ $message["details"][$m]["sql"] = $sql;
|
|
|
+ if (is_array($params)) {
|
|
|
+ $message["details"][$m]["params"] = $params;
|
|
|
+ unset($params);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ $this->message = $message;
|
|
|
+ $m++;
|
|
|
}
|
|
|
- //add to the parent array
|
|
|
- if (is_array($child_array)) {
|
|
|
- $old_array[$schema_name][$schema_id][$key][] = $child_array;
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ $message["name"] = $child_name;
|
|
|
+ $message["message"] = "Forbidden, does not have '${child_name}_edit'";
|
|
|
+ $message["code"] = "403";
|
|
|
+ $message["line"] = __line__;
|
|
|
+ $this->message = $message;
|
|
|
+ $m++;
|
|
|
+ }
|
|
|
+ } //action update
|
|
|
+
|
|
|
+ //add the child data
|
|
|
+ if ($action == "add") {
|
|
|
+ if (permission_exists($child_name.'_add')) {
|
|
|
+ //determine if child or parent key exists
|
|
|
+ $child_key_name = $child_name.'_uuid';
|
|
|
+ $parent_key_exists = false;
|
|
|
+ $child_key_exists = false;
|
|
|
+ if (is_array($row)) {
|
|
|
+ foreach ($row as $k => $v) {
|
|
|
+ if ($k == $parent_key_name) {
|
|
|
+ $parent_key_exists = true;
|
|
|
+ }
|
|
|
+ if ($k == $child_key_name) {
|
|
|
+ $child_key_exists = true;
|
|
|
+ $child_key_value = $v;
|
|
|
+ }
|
|
|
}
|
|
|
- }
|
|
|
- unset($prep_statement);
|
|
|
- }
|
|
|
- else {
|
|
|
- $action = "add";
|
|
|
- }
|
|
|
-
|
|
|
- //update the data
|
|
|
- if ($action == "update") {
|
|
|
- if (permission_exists($child_name.'_edit')) {
|
|
|
- $sql = "UPDATE ".$table_name." SET ";
|
|
|
+ }
|
|
|
+ if (!$child_key_value) {
|
|
|
+ $child_key_value = uuid();
|
|
|
+ }
|
|
|
+ //build the insert
|
|
|
+ $sql = "INSERT INTO ".$table_name." ";
|
|
|
+ $sql .= "(";
|
|
|
+ if (!$parent_key_exists) {
|
|
|
+ $sql .= $this->singular($parent_key_name).", ";
|
|
|
+ }
|
|
|
+ if (!$child_key_exists) {
|
|
|
+ $sql .= $this->singular($child_key_name).", ";
|
|
|
+ }
|
|
|
if (is_array($row)) {
|
|
|
foreach ($row as $k => $v) {
|
|
|
- if (!is_array($v) && ($k != $parent_key_name || $k != $child_key_name)) {
|
|
|
+ if (!is_array($v)) {
|
|
|
$k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
+ $sql .= $k.", ";
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ $sql .= ") ";
|
|
|
+ $sql .= "VALUES ";
|
|
|
+ $sql .= "(";
|
|
|
+ if (!$parent_key_exists) {
|
|
|
+ $sql .= "'".$parent_key_value."', ";
|
|
|
+ }
|
|
|
+ if (!$child_key_exists) {
|
|
|
+ $sql .= "'".$child_key_value."', ";
|
|
|
+ }
|
|
|
+ if (is_array($row)) {
|
|
|
+ foreach ($row as $k => $v) {
|
|
|
+ if (!is_array($v)) {
|
|
|
if (strlen($v) == 0) {
|
|
|
- $sql .= $k." = null, ";
|
|
|
+ $sql .= "null, ";
|
|
|
}
|
|
|
elseif ($v === "now()") {
|
|
|
- $sql .= $k." = now(), ";
|
|
|
+ $sql .= "now(), ";
|
|
|
}
|
|
|
else {
|
|
|
- //$sql .= "$k = '".check_str($v)."', ";
|
|
|
- $sql .= $k." = :".$k.", ";
|
|
|
+ $k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
+ //$sql .= "'".check_str($v)."', ";
|
|
|
+ $sql .= ':'.$k.", ";
|
|
|
$params[$k] = $v;
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- $sql .= "WHERE ".$parent_key_name." = '".$parent_key_value."' ";
|
|
|
- $sql .= "AND ".$child_key_name." = '".$child_key_value."' ";
|
|
|
- $sql = str_replace(", WHERE", " WHERE", $sql);
|
|
|
+ $sql .= ");";
|
|
|
+ $sql = str_replace(", )", ")", $sql);
|
|
|
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
-
|
|
|
- //$prep_statement->bindParam(':domain_uuid', $this->domain_uuid );
|
|
|
-
|
|
|
try {
|
|
|
//$this->db->query(check_sql($sql));
|
|
|
$prep_statement = $this->db->prepare($sql);
|
|
|
@@ -1548,136 +1673,21 @@ include "root.php";
|
|
|
}
|
|
|
else {
|
|
|
$message["name"] = $child_name;
|
|
|
- $message["message"] = "Forbidden, does not have '${child_name}_edit'";
|
|
|
+ $message["message"] = "Forbidden, does not have '${child_name}_add'";
|
|
|
$message["code"] = "403";
|
|
|
$message["line"] = __line__;
|
|
|
$this->message = $message;
|
|
|
$m++;
|
|
|
}
|
|
|
- } //action update
|
|
|
+ } //action add
|
|
|
|
|
|
- //add the data
|
|
|
- if ($action == "add") {
|
|
|
- if (permission_exists($child_name.'_add')) {
|
|
|
- //determine if child or parent key exists
|
|
|
- $child_key_name = $child_name.'_uuid';
|
|
|
- $parent_key_exists = false;
|
|
|
- $child_key_exists = false;
|
|
|
- if (is_array($row)) {
|
|
|
- foreach ($row as $k => $v) {
|
|
|
- if ($k == $parent_key_name) {
|
|
|
- $parent_key_exists = true;
|
|
|
- }
|
|
|
- if ($k == $child_key_name) {
|
|
|
- $child_key_exists = true;
|
|
|
- $child_key_value = $v;
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- if (!$child_key_value) {
|
|
|
- $child_key_value = uuid();
|
|
|
- }
|
|
|
- //build the insert
|
|
|
- $sql = "INSERT INTO ".$table_name." ";
|
|
|
- $sql .= "(";
|
|
|
- if (!$parent_key_exists) {
|
|
|
- $sql .= $this->singular($parent_key_name).", ";
|
|
|
- }
|
|
|
- if (!$child_key_exists) {
|
|
|
- $sql .= $this->singular($child_key_name).", ";
|
|
|
- }
|
|
|
- if (is_array($row)) {
|
|
|
- foreach ($row as $k => $v) {
|
|
|
- if (!is_array($v)) {
|
|
|
- $k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
- $sql .= $k.", ";
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- $sql .= ") ";
|
|
|
- $sql .= "VALUES ";
|
|
|
- $sql .= "(";
|
|
|
- if (!$parent_key_exists) {
|
|
|
- $sql .= "'".$parent_key_value."', ";
|
|
|
- }
|
|
|
- if (!$child_key_exists) {
|
|
|
- $sql .= "'".$child_key_value."', ";
|
|
|
- }
|
|
|
- if (is_array($row)) {
|
|
|
- foreach ($row as $k => $v) {
|
|
|
- if (!is_array($v)) {
|
|
|
- if (strlen($v) == 0) {
|
|
|
- $sql .= "null, ";
|
|
|
- }
|
|
|
- elseif ($v === "now()") {
|
|
|
- $sql .= "now(), ";
|
|
|
- }
|
|
|
- else {
|
|
|
- $k = preg_replace('#[^a-zA-Z0-9_\-]#', '', $k);
|
|
|
- //$sql .= "'".check_str($v)."', ";
|
|
|
- $sql .= ':'.$k.", ";
|
|
|
- $params[$k] = $v;
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- $sql .= ");";
|
|
|
- $sql = str_replace(", )", ")", $sql);
|
|
|
- $this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
- try {
|
|
|
- //$this->db->query(check_sql($sql));
|
|
|
- $prep_statement = $this->db->prepare($sql);
|
|
|
- $prep_statement->execute($params);
|
|
|
- unset($prep_statement);
|
|
|
- $message["details"][$m]["name"] = $key;
|
|
|
- $message["details"][$m]["message"] = "OK";
|
|
|
- $message["details"][$m]["code"] = "200";
|
|
|
- $message["details"][$m]["uuid"] = $child_key_value;
|
|
|
- if ($this->debug["sql"]) {
|
|
|
- $message["details"][$m]["sql"] = $sql;
|
|
|
- if (is_array($params)) {
|
|
|
- $message["details"][$m]["params"] = $params;
|
|
|
- unset($params);
|
|
|
- }
|
|
|
- }
|
|
|
- $this->message = $message;
|
|
|
- $m++;
|
|
|
- }
|
|
|
- catch(PDOException $e) {
|
|
|
- if ($message["code"] = "200") {
|
|
|
- $message["message"] = "Bad Request";
|
|
|
- $message["code"] = "400";
|
|
|
- }
|
|
|
- $message["details"][$m]["name"] = $key;
|
|
|
- $message["details"][$m]["message"] = $e->getMessage();
|
|
|
- $message["details"][$m]["code"] = "400";
|
|
|
- if ($this->debug["sql"]) {
|
|
|
- $message["details"][$m]["sql"] = $sql;
|
|
|
- if (is_array($params)) {
|
|
|
- $message["details"][$m]["params"] = $params;
|
|
|
- unset($params);
|
|
|
- }
|
|
|
- }
|
|
|
- $this->message = $message;
|
|
|
- $m++;
|
|
|
- }
|
|
|
- }
|
|
|
- else {
|
|
|
- $message["name"] = $child_name;
|
|
|
- $message["message"] = "Forbidden, does not have '${child_name}_add'";
|
|
|
- $message["code"] = "403";
|
|
|
- $message["line"] = __line__;
|
|
|
- $this->message = $message;
|
|
|
- $m++;
|
|
|
- }
|
|
|
- } //action add
|
|
|
+ //unset the variables
|
|
|
+ unset($sql, $action, $child_key_name, $child_key_value);
|
|
|
+ } // foreach value
|
|
|
|
|
|
- //unset the variables
|
|
|
- unset($sql, $action, $child_key_name, $child_key_value);
|
|
|
- } // foreach value
|
|
|
-
|
|
|
- } //is array
|
|
|
- } //foreach array
|
|
|
+ } //is array
|
|
|
+ } //foreach array
|
|
|
+ }
|
|
|
|
|
|
} // foreach schema_array
|
|
|
} // foreach main array
|
FusionPBX