Misc: Database class integration.

core/domains/domain_delete.php

@@ -91,7 +91,7 @@
 			unset($result, $row);
 
 		//get the $apps array from the installed apps from the core and mod directories
-			$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
+			$config_list = glob($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/*/*/app_config.php");
 			$x=0;
 			if (isset($config_list)) foreach ($config_list as &$config_path) {
 				include($config_path);
@@ -99,7 +99,6 @@
 			}
 
 		//delete the domain data from all tables in the database
-			$db->beginTransaction();
 			if (isset($apps)) foreach ($apps as &$app) {
 				if (isset($app['db'])) foreach ($app['db'] as $row) {
 					if (is_array($row['table']['name'])) {
@@ -114,6 +113,7 @@
 					if ($table_name !== "v" && isset($row['fields'])) {
 						foreach ($row['fields'] as $field) {
 							if ($field['name'] == "domain_uuid") {
+
 								$sql = "delete from ".$table_name." where domain_uuid = :domain_uuid ";
 								$parameters['domain_uuid'] = $id;
 								$database = new database;
@@ -126,7 +126,6 @@
 					}
 				}
 			}
-			$db->commit();
 
 		//delete the directories
 			if (strlen($domain_name) > 0) {

core/groups/permissions_copy.php

@@ -97,36 +97,37 @@
 			unset($sql, $parameters);
 
 			if (is_array($result) && sizeof($result) != 0) {
-				foreach ($result as $index => &$row) {
-					$domain_uuid = $row["domain_uuid"];
-					$permission_name = $row["permission_name"];
-					$group_name = $row["group_name"];
-
-					//copy the group permissions
-					$array['group_permissions'][$index]['group_permission_uuid'] = uuid();
-					if (is_uuid($domain_uuid)) {
-						$array['group_permissions'][$index]['domain_uuid'] = $domain_uuid;
-					}
-					$array['group_permissions'][$index]['permission_name'] = $permission_name;
-					$array['group_permissions'][$index]['group_name'] = $new_group_name;
-					$array['group_permissions'][$index]['group_uuid'] = $new_group_uuid;
+				foreach ($result as $x => &$row) {
+					//define group permissions values
+						$domain_uuid = $row["domain_uuid"];
+						$permission_name = $row["permission_name"];
+						$group_name = $row["group_name"];
+					//build insert array
+						$array['group_permissions'][$x]['group_permission_uuid'] = uuid();
+						if (is_uuid($domain_uuid)) {
+							$array['group_permissions'][$x]['domain_uuid'] = $domain_uuid;
+						}
+						$array['group_permissions'][$x]['permission_name'] = $permission_name;
+						$array['group_permissions'][$x]['group_name'] = $new_group_name;
+						$array['group_permissions'][$x]['group_uuid'] = $new_group_uuid;
 				}
 				if (is_array($array) && sizeof($array) != 0) {
-					$p = new permissions;
-					$p->add('group_permission_add', 'temp');
-
-					$database = new database;
-					$database->app_name = 'groups';
-					$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-					$database->save($array);
-					unset($array);
-
-					$p->delete('group_permission_add', 'temp');
-
-					message::add($text['message-copy']);
+					//grant temporary permissions
+						$p = new permissions;
+						$p->add('group_permission_add', 'temp');
+					//execute insert
+						$database = new database;
+						$database->app_name = 'groups';
+						$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+						$database->save($array);
+						unset($array);
+					//revoke temporary permissions
+						$p->delete('group_permission_add', 'temp');
+					//set message
+						message::add($text['message-copy']);
 				}
 			}
-			unset ($prep_statement);
+			unset($result, $row);
 	}
 
 //redirect

core/menu/menu_delete.php

@@ -39,46 +39,36 @@ else {
 	$text = $language->get();
 
 //delete the data
-	if (is_uuid($_GET["id"])) {
-		$menu_uuid = $_GET["id"];
+	$menu_uuid = $_GET['id'];
 
-		//start the database transaction
-			$db->beginTransaction();
+	if (is_uuid($menu_uuid)) {
 
-		//delete the menu
+		//build delete array for the menu, menu items, menu permissions, and menu languages
 			$array['menus'][0]['menu_uuid'] = $menu_uuid;
+			$array['menu_items'][0]['menu_uuid'] = $menu_uuid;
+			$array['menu_item_groups'][0]['menu_uuid'] = $menu_uuid;
+			$array['menu_languages'][0]['menu_uuid'] = $menu_uuid;
+
+		//grant temporary permissions
+			$p = new permissions;
+			$p->add('menu_delete', 'temp');
+			$p->add('menu_item_delete', 'temp');
+			$p->add('menu_item_group_delete', 'temp');
+			$p->add('menu_language_delete', 'temp');
+
+		//execute delete
 			$database = new database;
 			$database->app_name = 'menu';
 			$database->app_uuid = 'f4b3b3d2-6287-489c-2a00-64529e46f2d7';
 			$database->delete($array);
 			unset($array);
 
-		//delete the items in the menu
-			$sql = "delete from v_menu_items ";
-			$sql .= "where menu_uuid = :menu_uuid ";
-			$parameters['menu_uuid'] = $menu_uuid;
-			$database = new database;
-			$database->execute($sql, $parameters);
-			unset($sql, $parameters);
-
-		//delete the menu permissions
-			$sql = "delete from v_menu_item_groups ";
-			$sql .= "where menu_uuid = :menu_uuid ";
-			$parameters['menu_uuid'] = $menu_uuid;
-			$database = new database;
-			$database->execute($sql, $parameters);
-			unset($sql, $parameters);
-
-		//delete the menu languages
-			$sql = "delete from v_menu_languages ";
-			$sql .= "where menu_uuid = :menu_uuid ";
-			$parameters['menu_uuid'] = $menu_uuid;
-			$database = new database;
-			$database->execute($sql, $parameters);
-			unset($sql, $parameters);
-
-		//save the changes to the database
-			$db->commit();
+		//revoke temporary permissions
+			$p = new permissions;
+			$p->delete('menu_delete', 'temp');
+			$p->delete('menu_item_delete', 'temp');
+			$p->delete('menu_item_group_delete', 'temp');
+			$p->delete('menu_language_delete', 'temp');
 
 		//set message
 			message::add($text['message-delete']);

core/upgrade/app_defaults.php

@@ -108,27 +108,27 @@ if ($domains_processed == 1) {
 			$database = new database;
 			$result = $database->select($sql, null, 'all');
 			if (is_array($result) && count($result) > 0) {
-					foreach($result as $row) {
-						$current_default_setting_uuid = $row["default_setting_uuid"];
-						$current_default_setting_value = $row["default_setting_value"];
-						break;
-					}
+				foreach($result as $row) {
+					$current_default_setting_uuid = $row["default_setting_uuid"];
+					$current_default_setting_value = $row["default_setting_value"];
+					break;
+				}
 
-					// compare to message in language file, update and enable if different
-					$new_default_setting_value = str_replace("''", "'", $text['login-message_text']);
-					if ($current_default_setting_value != $new_default_setting_value) {
-						$sql = "update v_default_settings set ";
-						$sql .= "default_setting_value = :default_setting_value, ";
-						$sql .= "default_setting_enabled = 'true' ";
-						$sql .= "where default_setting_uuid = :default_setting_uuid ";
-						$parameters['default_setting_value'] = $text['login-message_text'];
-						$parameters['default_setting_uuid'] = $current_default_setting_uuid;
-						$database = new database;
-						$database->execute($sql, $parameters);
-						unset($sql, $parameters);
-					}
+				// compare to message in language file, update and enable if different
+				$new_default_setting_value = str_replace("''", "'", $text['login-message_text']);
+				if ($current_default_setting_value != $new_default_setting_value) {
+					$sql = "update v_default_settings set ";
+					$sql .= "default_setting_value = :default_setting_value, ";
+					$sql .= "default_setting_enabled = 'true' ";
+					$sql .= "where default_setting_uuid = :default_setting_uuid ";
+					$parameters['default_setting_value'] = $text['login-message_text'];
+					$parameters['default_setting_uuid'] = $current_default_setting_uuid;
+					$database = new database;
+					$database->execute($sql, $parameters);
+					unset($sql, $parameters);
 				}
-				unset($prep_statement, $result);
+			}
+			unset($sql, $result, $row);
 		}
 
 }

resources/check_auth.php

@@ -88,10 +88,7 @@
 			else {
 				//debug
 					if ($debug) {
-						echo "<pre>";
-						print_r($result);
-						echo "</pre>";
-						exit;
+						view_array($result);
 					}
 
 				//log the failed auth attempt to the system, to be available for fail2ban.
@@ -107,19 +104,26 @@
 			}
 
 		//get the groups assigned to the user and then set the groups in $_SESSION["groups"]
-			$sql = "select u.user_group_uuid, u.domain_uuid, u.user_uuid, u.group_uuid, g.group_name, g.group_level ";
-			$sql .= "from v_user_groups as u, v_groups as g  ";
+			$sql = "select ";
+			$sql .= "u.user_group_uuid, ";
+			$sql .= "u.domain_uuid, ";
+			$sql .= "u.user_uuid, ";
+			$sql .= "u.group_uuid, ";
+			$sql .= "g.group_name, ";
+			$sql .= "g.group_level ";
+			$sql .= "from ";
+			$sql .= "v_user_groups as u, ";
+			$sql .= "v_groups as g ";
 			$sql .= "where u.domain_uuid = :domain_uuid ";
 			$sql .= "and u.user_uuid = :user_uuid ";
 			$sql .= "and u.group_uuid = g.group_uuid ";
-			$prep_statement = $db->prepare($sql);
-			$prep_statement->bindParam(':domain_uuid', $_SESSION["domain_uuid"] );
-			$prep_statement->bindParam(':user_uuid', $_SESSION["user_uuid"]);
-			$prep_statement->execute();
-			$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+			$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
+			$parameters['user_uuid'] = $_SESSION["user_uuid"];
+			$database = new database;
+			$result = $database->select($sql, $parameters, 'all');
 			$_SESSION["groups"] = $result;
 			$_SESSION["user"]["groups"] = $result;
-			unset($sql, $row_count, $prep_statement);
+			unset($sql, $parameters);
 
 		//get the users group level
 			$_SESSION["user"]["group_level"] = 0;
@@ -130,42 +134,42 @@
 			}
 
 		//get the permissions assigned to the groups that the user is a member of set the permissions in $_SESSION['permissions']
-			if (count($_SESSION["groups"]) > 0) {
+			if (is_array($_SESSION["groups"]) && @sizeof($_SESSION["groups"]) != 0) {
 				$x = 0;
 				$sql = "select distinct(permission_name) from v_group_permissions ";
-				foreach($_SESSION["groups"] as $field) {
+				$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
+				foreach ($_SESSION["groups"] as $field) {
 					if (strlen($field['group_name']) > 0) {
-						if ($x == 0) {
-							$sql .= "where (domain_uuid = '".$_SESSION["domain_uuid"]."' and domain_uuid = null) ";
-						}
-						else {
-							$sql .= "or (domain_uuid = '".$_SESSION["domain_uuid"]."' and domain_uuid = null) ";
-						}
-						$sql .= "or group_name = '".$field['group_name']."' ";
+						$sql_where_or[] = "group_name = :group_name_".$x;
+						$parameters['group_name_'.$x] = $field['group_name'];
 						$x++;
 					}
 				}
-				$prep_statement_sub = $db->prepare($sql);
-				$prep_statement_sub->execute();
-				$result = $prep_statement_sub->fetchAll(PDO::FETCH_NAMED);
-				if (is_array($result)) {
+				if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) {
+					$sql .= "and (".implode(' or ', $sql_where_or).") ";
+				}
+				$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
+				$database = new database;
+				$result = $database->select($sql, $parameters, 'all');
+				if (is_array($result) && @sizeof($result) != 0) {
 					foreach ($result as $row) {
 						$_SESSION['permissions'][$row["permission_name"]] = true;
 						$_SESSION["user"]["permissions"][$row["permission_name"]] = true;
 					}
 				}
-				unset($sql, $prep_statement_sub);
+				unset($sql, $parameters, $result, $row);
 			}
 
 		//get the user settings
 			$sql = "select * from v_user_settings ";
-			$sql .= "where domain_uuid = '" . $_SESSION["domain_uuid"] . "' ";
-			$sql .= "and user_uuid = '" . $_SESSION["user_uuid"] . "' ";
+			$sql .= "where domain_uuid = :domain_uuid ";
+			$sql .= "and user_uuid = :user_uuid ";
 			$sql .= "and user_setting_enabled = 'true' ";
-			$prep_statement = $db->prepare($sql);
-			if ($prep_statement) {
-				$prep_statement->execute();
-				$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+			$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
+			$parameters['user_uuid'] = $_SESSION["user_uuid"];
+			$database = new database;
+			$result = $database->select($sql, $parameters, 'all');
+			if (is_array($result) && @sizeof($result) != 0) {
 				foreach ($result as $row) {
 					$name = $row['user_setting_name'];
 					$category = $row['user_setting_category'];
@@ -179,7 +183,8 @@
 							else {
 								$_SESSION[$category][$name] = $row['user_setting_value'];
 							}
-						} else {
+						}
+						else {
 							//$$category[$subcategory][$name] = $row['domain_setting_value'];
 							if ($name == "array") {
 								$_SESSION[$category][$subcategory][] = $row['user_setting_value'];
@@ -191,57 +196,62 @@
 					}
 				}
 			}
+			unset($sql, $parameters, $result, $row);
 
 		//get the extensions that are assigned to this user
 			if (file_exists($_SERVER["PROJECT_ROOT"]."/app/extensions/app_config.php")) {
-				if (isset($_SESSION["user"]) && isset($_SESSION["user_uuid"]) && $db && strlen($_SESSION["domain_uuid"]) > 0 && strlen($_SESSION["user_uuid"]) > 0 && count($_SESSION['user']['extension']) == 0) {
+				if (
+					isset($_SESSION["user"]) &&
+					is_uuid($_SESSION["user_uuid"]) &&
+					is_uuid($_SESSION["domain_uuid"]) &&
+					count($_SESSION['user']['extension']) == 0
+					) {
 					//get the user extension list
 						$_SESSION['user']['extension'] = null;
 						$sql = "select ";
-						$sql .= "	e.extension_uuid, ";
-						$sql .= "	e.extension, ";
-						$sql .= "	e.number_alias, ";
-						$sql .= "	e.user_context, ";
-						$sql .= "	e.outbound_caller_id_name, ";
-						$sql .= "	e.outbound_caller_id_number, ";
-						$sql .= "	e.description ";
+						$sql .= "e.extension_uuid, ";
+						$sql .= "e.extension, ";
+						$sql .= "e.number_alias, ";
+						$sql .= "e.user_context, ";
+						$sql .= "e.outbound_caller_id_name, ";
+						$sql .= "e.outbound_caller_id_number, ";
+						$sql .= "e.description ";
 						$sql .= "from ";
-						$sql .= "	v_extension_users as u, ";
-						$sql .= "	v_extensions as e ";
+						$sql .= "v_extension_users as u, ";
+						$sql .= "v_extensions as e ";
 						$sql .= "where ";
-						$sql .= "	e.domain_uuid = '".$_SESSION['domain_uuid']."' ";
-						$sql .= "	and e.extension_uuid = u.extension_uuid ";
-						$sql .= "	and u.user_uuid = '".$_SESSION['user_uuid']."' ";
-						$sql .= "	and e.enabled = 'true' ";
+						$sql .= "e.domain_uuid = :domain_uuid ";
+						$sql .= "and e.extension_uuid = u.extension_uuid ";
+						$sql .= "and u.user_uuid = :user_uuid ";
+						$sql .= "and e.enabled = 'true' ";
 						$sql .= "order by ";
-						$sql .= "	e.extension asc ";
-						$query = $db->query($sql);
-						if($query !== false) {
-							$result = $db->query($sql)->fetchAll(PDO::FETCH_ASSOC);
-							$x = 0;
-							foreach($result as $row) {
+						$sql .= "e.extension asc ";
+						$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+						$parameters['user_uuid'] = $_SESSION['user_uuid'];
+						$database = new database;
+						$result = $database->select($sql, $parameters, 'all');
+						if (is_array($result) && @sizeof($result) != 0) {
+							foreach($result as $x => $row) {
 								//set the destination
-								$destination = $row['extension'];
-								if (strlen($row['number_alias']) > 0) {
-									$destination = $row['number_alias'];
-								}
-
-								//build the uers array
-								$_SESSION['user']['extension'][$x]['user'] = $row['extension'];
-								$_SESSION['user']['extension'][$x]['number_alias'] = $row['number_alias'];
-								$_SESSION['user']['extension'][$x]['destination'] = $destination;
-								$_SESSION['user']['extension'][$x]['extension_uuid'] = $row['extension_uuid'];
-								$_SESSION['user']['extension'][$x]['outbound_caller_id_name'] = $row['outbound_caller_id_name'];
-								$_SESSION['user']['extension'][$x]['outbound_caller_id_number'] = $row['outbound_caller_id_number'];
-								$_SESSION['user']['extension'][$x]['user_context'] = $row['user_context'];
-								$_SESSION['user']['extension'][$x]['description'] = $row['description'];
-
+									$destination = $row['extension'];
+									if (strlen($row['number_alias']) > 0) {
+										$destination = $row['number_alias'];
+									}
+								//build the user array
+									$_SESSION['user']['extension'][$x]['user'] = $row['extension'];
+									$_SESSION['user']['extension'][$x]['number_alias'] = $row['number_alias'];
+									$_SESSION['user']['extension'][$x]['destination'] = $destination;
+									$_SESSION['user']['extension'][$x]['extension_uuid'] = $row['extension_uuid'];
+									$_SESSION['user']['extension'][$x]['outbound_caller_id_name'] = $row['outbound_caller_id_name'];
+									$_SESSION['user']['extension'][$x]['outbound_caller_id_number'] = $row['outbound_caller_id_number'];
+									$_SESSION['user']['extension'][$x]['user_context'] = $row['user_context'];
+									$_SESSION['user']['extension'][$x]['description'] = $row['description'];
 								//set the user context
-								$_SESSION['user']['user_context'] = $row["user_context"];
-								$_SESSION['user_context'] = $row["user_context"];
-								$x++;
+									$_SESSION['user']['user_context'] = $row["user_context"];
+									$_SESSION['user_context'] = $row["user_context"];
 							}
 						}
+						unset($sql, $parameters, $result, $row);
 				}
 			}
 
@@ -281,4 +291,4 @@
 		$v_path_show = false;
 	}
 
-?>
+?>