Misc: Database class integration.

app/access_controls/app_defaults.php

@@ -120,7 +120,6 @@
 							$p->delete('access_control_node_add', 'temp');
 					}
 				}
-				unset($prep_statement);
 
 			//rename the file
 				if (file_exists($xml_dir.'/acl.conf.xml')) {

app/call_broadcast/call_broadcast_edit.php

@@ -366,18 +366,21 @@ function upload_file($sql, $broadcast_phone_numbers) {
 	//echo "		<option></option>\n";
 	//$sql = "";
 	//$sql .= "select * from v_recordings ";
-	//$sql .= "where domain_uuid = '$domain_uuid' ";
-	//$prep_statement = $db->prepare(check_sql($sql));
-	//$prep_statement->execute();
-	//while($row = $prep_statement->fetch()) {
-	//	if ($recording_uuid == $row['recording_uuid']) {
-	//		echo "		<option value='".$row['recording_uuid']."' selected='yes'>".escape($row['recordingname'])."</option>\n";
-	//	}
-	//	else {
-	//		echo "		<option value='".$row['recording_uuid']."'>".escape($row['recordingname'])."</option>\n";
+	//$sql .= "where domain_uuid = :domain_uuid ";
+	//$parameters['domain_uuid'] = $domain_uuid;
+	//$database = new database;
+	//$rows = $database->select($sql, $parameters, 'all');
+	//if (is_array($rows) && @sizeof($rows) != 0) {
+	//	foreach ($rows as $row) {
+	//		if ($recording_uuid == $row['recording_uuid']) {
+	//			echo "		<option value='".$row['recording_uuid']."' selected='yes'>".escape($row['recordingname'])."</option>\n";
+	//		}
+	//		else {
+	//			echo "		<option value='".$row['recording_uuid']."'>".escape($row['recordingname'])."</option>\n";
+	//		}
 	//	}
 	//}
-	//unset ($prep_statement);
+	//unset($sql, $parameters, $rows, $row);
 	//echo "		</select>\n";
 	//echo "<br />\n";
 	//echo "Recording to play when the call is answered.<br />\n";
@@ -525,22 +528,24 @@ function upload_file($sql, $broadcast_phone_numbers) {
 		echo "		<select name='user_category' class='formfld'>\n";
 		echo "		<option></option>\n";
 		$sql = "";
-		$sql .= "select distinct(user_category) as user_category from v_users ";
-		//$sql .= "where domain_uuid = '$domain_uuid' ";
-		$prep_statement = $db->prepare(check_sql($sql));
-		$prep_statement->execute();
-		while($row = $prep_statement->fetch()) {
-			if ($user_category   == $row['user_category']) {
-				echo "		<option value='".escape($row['user_category'])."' selected='yes'>".escape($row['user_category'])."</option>\n";
-			}
-			else {
-				echo "		<option value='".escape($row['user_category'])."'>".escape($row['user_category'])."</option>\n";
+		$sql .= "select distinct user_category as user_category from v_users ";
+		//$sql .= "where domain_uuid = :domain_uuid ";
+		//$parameters['domain_uuid'] = $domain_uuid;
+		$database = new database;
+		$rows = $database->select($sql, null, 'all');
+		if (is_array($rows) && @sizeof($rows) != 0) {
+			foreach ($rows as $row) {
+				if ($user_category   == $row['user_category']) {
+					echo "		<option value='".escape($row['user_category'])."' selected='yes'>".escape($row['user_category'])."</option>\n";
+				}
+				else {
+					echo "		<option value='".escape($row['user_category'])."'>".escape($row['user_category'])."</option>\n";
+				}
 			}
 		}
-		unset ($prep_statement);
+		unset($sql, $parameters, $rows, $row);
 		echo "		</select>\n";
 		echo "<br />\n";
-		//echo "zzz.<br />\n";
 		echo "\n";
 		echo "</td>\n";
 		echo "</tr>\n";
@@ -554,21 +559,23 @@ function upload_file($sql, $broadcast_phone_numbers) {
 		echo "		<option></option>\n";
 		$sql = "";
 		$sql .= "select * from v_groups ";
-		//$sql .= "where domain_uuid = '$domain_uuid' ";
-		$prep_statement = $db->prepare(check_sql($sql));
-		$prep_statement->execute();
-		while($row = $prep_statement->fetch()) {
-			if ($recording_uuid == $row['group_name']) {
-				echo "		<option value='".escape($row['group_name'])."' selected='yes'>".escape($row['group_name'])."</option>\n";
-			}
-			else {
-				echo "		<option value='".escape($row['group_name'])."'>".escape($row['group_name'])."</option>\n";
+		//$sql .= "where domain_uuid = :domain_uuid ";
+		//$parameters['domain_uuid'] = $domain_uuid;
+		$database = new database;
+		$rows = $database->select($sql, null, 'all');
+		if (is_array($rows) && @sizeof($rows) != 0) {
+			foreach ($rows as $row) {
+				if ($recording_uuid == $row['group_name']) {
+					echo "		<option value='".escape($row['group_name'])."' selected='yes'>".escape($row['group_name'])."</option>\n";
+				}
+				else {
+					echo "		<option value='".escape($row['group_name'])."'>".escape($row['group_name'])."</option>\n";
+				}
 			}
 		}
-		unset ($prep_statement);
+		unset($sql, $parameters, $rows, $row);
 		echo "		</select>\n";
 		echo "<br />\n";
-		//echo "zzz.<br />\n";
 		echo "\n";
 		echo "</td>\n";
 		echo "</tr>\n";
@@ -583,18 +590,21 @@ function upload_file($sql, $broadcast_phone_numbers) {
 		echo "		<option></option>\n";
 		$sql = "";
 		$sql .= "select * from v_gateways ";
-		//$sql .= "where domain_uuid = '$domain_uuid' ";
-		$prep_statement = $db->prepare(check_sql($sql));
-		$prep_statement->execute();
-		while($row = $prep_statement->fetch()) {
-			if ($gateway == $row['gateway']) {
-				echo "		<option value='".escape($row['gateway'])."' selected='yes'>".escape($row['gateway'])."</option>\n";
-			}
-			else {
-				echo "		<option value='".escape($row['gateway'])."'>".escape($row['gateway'])."</option>\n";
+		//$sql .= "where domain_uuid = :domain_uuid ";
+		//$parameters['domain_uuid'] = $domain_uuid;
+		$database = new database;
+		$rows = $database->select($sql, null, 'all');
+		if (is_array($rows) && @sizeof($rows) != 0) {
+			foreach ($rows as $row) {
+				if ($gateway == $row['gateway']) {
+					echo "		<option value='".escape($row['gateway'])."' selected='yes'>".escape($row['gateway'])."</option>\n";
+				}
+				else {
+					echo "		<option value='".escape($row['gateway'])."'>".escape($row['gateway'])."</option>\n";
+				}
 			}
 		}
-		unset ($prep_statement);
+		unset($sql, $parameters, $rows, $row);
 		echo "		<option value='loopback'>loopback</option>\n";
 		echo "		</select>\n";
 		echo "<br />\n";
@@ -617,7 +627,6 @@ function upload_file($sql, $broadcast_phone_numbers) {
 		//echo "		<option value='zzz'>cell</option>\n";
 		echo "		</select>\n";
 		echo "<br />\n";
-		//echo "zzz.<br />\n";
 		echo "\n";
 		echo "</td>\n";
 		echo "</tr>\n";
@@ -636,7 +645,6 @@ function upload_file($sql, $broadcast_phone_numbers) {
 		//echo "		<option value='zzz'>cell</option>\n";
 		echo "		</select>\n";
 		echo "<br />\n";
-		//echo "zzz.<br />\n";
 		echo "\n";
 		echo "</td>\n";
 		echo "</tr>\n";
@@ -657,4 +665,4 @@ function upload_file($sql, $broadcast_phone_numbers) {
 //include the footer
 	require_once "resources/footer.php";
 
-?>
+?>

app/call_broadcast/call_broadcast_send.php

@@ -275,20 +275,20 @@ function cmd_async($cmd) {
 		$sql = " select * from v_users as u, v_user_groups as m ";
 		$sql .= "where u.user_uuid = m.user_uuid ";
 		$sql .= "and u.user_enabled = 'true' ";
-		$sql .= "and m.group_name = '".$group_name."' ";
-		$sql .= "and u.user_category = '".$user_category."' ";
-		//echo $sql."<br />";
+		$sql .= "and m.group_name = :group_name ";
+		$sql .= "and u.user_category = :user_category ";
+		$parameters['group_name'] = $group_name;
+		$parameters['user_category'] = $user_category;
 	}
 	else {
 		$sql = "select * from v_users as u ";
-		$sql .= "where u.user_category = '".$user_category."' ";
+		$sql .= "where u.user_category = :user_category ";
 		$sql .= "and u.user_enabled = 'true' ";
-		//echo $sql."<br />";
+		$parameters['user_category'] = $user_category;
 	}
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-	unset ($prep_statement, $sql);
+	$database = new database;
+	$result = $database->select($sql, $parameters, 'all');
+	unset($sql, $parameters);
 
 	$c = 0;
 	$row_style["0"] = "row_style0";
@@ -307,8 +307,8 @@ function cmd_async($cmd) {
 	echo th_order_by('user_phone_2', 'phone_2', $order_by, $order);
 	echo "<tr>\n";
 
-	if (is_array($result)) {
-		foreach($result as $row) {
+	if (is_array($result) && @sizeof($result) != 0) {
+		foreach ($result as $row) {
 			echo "<tr >\n";
 			//echo "	<td valign='top' class='".$row_style[$c]."'>".$row[username]."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".$row[user_type]."&nbsp;</td>\n";
@@ -355,9 +355,9 @@ function cmd_async($cmd) {
 				}
 
 			if ($c==0) { $c=1; } else { $c=0; }
-		} //end foreach
-		unset($sql, $result, $row_count);
-	} //end if results
+		}
+	}
+	unset($result, $row);
 
 	echo "</table>";
 	echo "</div>";
@@ -378,4 +378,5 @@ function cmd_async($cmd) {
 unset ($val);
 unset ($c);
 */
-?>
+
+?>

app/call_center_active/call_center_exec.php

@@ -108,27 +108,25 @@
 		//validate the user status
 			$user_status = $_GET['data'];
 			switch ($user_status) {
-				case "Available" :
+				case "Available":
+				case "Available (On Demand)":
+				case "On Break":
+				case "Do Not Disturb":
+				case "Logged Out":
 					break;
-				case "Available (On Demand)" :
-					break;
-				case "On Break" :
-					break;
-				case "Do Not Disturb" :
-					break;
-				case "Logged Out" :
-					break;
-				default :
+				default:
 					$user_status = null;
 			}
 
 			$user_status = $data;
-			$sql  = "update v_users set ";
-			$sql .= "user_status = '".trim($user_status, "'")."' ";
+			$sql = "update v_users set ";
+			$sql .= "user_status = :user_status ";
 			$sql .= "where domain_uuid = '$domain_uuid' ";
 			$sql .= "and username = '".$username."' ";
-			$prep_statement = $db->prepare(check_sql($sql));
-			$prep_statement->execute();
+			$parameters['user_status'] = trim($user_status, "'");
+			$database = new database;
+			$database->execute($sql, $parameters);
+			unset($sql, $parameters);
 		}
 
 		//fs cmd
@@ -147,4 +145,4 @@
 	}
 */
 
-?>
+?>

app/call_centers/call_center_agent_edit.php

@@ -212,16 +212,16 @@
 
 		//get the users array
 			$sql = "select * from v_users ";
-			$sql .= "where domain_uuid = :domain_uuid'".$_SESSION['domain_uuid']."' ";
+			$sql .= "where domain_uuid = :domain_uuid ";
 			$sql .= "order by username asc ";
-			$prep_statement = $db->prepare(check_sql($sql));
-			$prep_statement->execute();
-			$users = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-			unset($prep_statement, $sql);
+			$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+			$database = new database;
+			$users = $database->select($sql, $parameters, 'all');
+			unset($sql, $parameters);
 
 		//prepare the array
 			$array['call_center_agents'][] = $_POST;
-			if (isset($user_uuid) && strlen($user_uuid) > 0) {
+			if (is_uuid($user_uuid)) {
 				$array['users'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
 				$array['users'][0]['user_uuid'] = $user_uuid;
 				$array['users'][0]['user_status'] = $agent_status;
@@ -231,7 +231,7 @@
 			$database = new database;
 			$database->app_name = 'call_center';
 			$database->app_uuid = '95788e50-9500-079e-2807-fd530b0ea370';
-			if (strlen($call_center_agent_uuid) > 0) {
+			if (is_uuid($call_center_agent_uuid)) {
 				$database->uuid($call_center_agent_uuid);
 			}
 			$database->save($array);
@@ -269,7 +269,7 @@
 		$parameters['call_center_agent_uuid'] = $call_center_agent_uuid;
 		$database = new database;
 		$row = $database->select($sql, $parameters, 'row');
-		if (is_array($row) && sizeof($row) != 0) {
+		if (is_array($row) && @sizeof($row) != 0) {
 			$call_center_agent_uuid = $row["call_center_agent_uuid"];
 			$user_uuid = $row["user_uuid"];
 			$agent_name = $row["agent_name"];
@@ -286,7 +286,7 @@
 			$agent_busy_delay_time = $row["agent_busy_delay_time"];
 			//$agent_logout = $row["agent_logout"];
 		}
-		unset($sql, $parameters);
+		unset($sql, $parameters, $row);
 	}
 
 //set default values

app/conference_centers/conference_center_edit.php

@@ -332,7 +332,6 @@
 				echo "	<option value='phrase:".escape($row["phrase_uuid"])."' ".(($selected) ? "selected='selected'" : null).">".escape($row["phrase_name"])."</option>\n";
 				if ($selected) { $tmp_selected = true; }
 			}
-			unset ($prep_statement);
 			echo "</optgroup>\n";
 		}
 	//sounds

app/conference_centers/conference_room_edit.php

@@ -552,7 +552,7 @@ function get_meeting_pin($length, $meeting_uuid) {
 	echo "<td align='left' valign='top' width='30%' nowrap='nowrap'><b>".$text['title-conference_rooms']."</b></td>\n";
 	echo "<td width='70%' align='right' valign='top'>\n";
 	echo "	<input type='button' class='btn' name='' alt='".$text['button-back']."' onclick=\"window.location='conference_rooms.php'\" value='".$text['button-back']."'>\n";
-	if (strlen($meeting_uuid) > 0) {
+	if (is_uuid($meeting_uuid)) {
 		echo "	<input type='button' class='btn' name='' alt='".$text['button-sessions']."' onclick=\"window.location='conference_sessions.php?id=".escape($meeting_uuid)."'\" value='".$text['button-sessions']."'>\n";
 		echo "	<input type='button' class='btn' name='' alt='".$text['button-view']."' onclick=\"window.location='".PROJECT_PATH."/app/conferences_active/conference_interactive.php?c=".escape($meeting_uuid)."'\" value='".$text['button-view']."'>\n";
 	}
@@ -574,7 +574,6 @@ function get_meeting_pin($length, $meeting_uuid) {
 			echo "		<option value='".escape($row["conference_center_uuid"])."'>".escape($row["conference_center_name"])."</option>\n";
 		}
 	}
-	unset ($prep_statement);
 	echo "	</select>\n";
 	echo "	<br />\n";
 	echo "\n";

app/contacts/contact_import_google.php

@@ -574,7 +574,7 @@ function curl_file_get_contents($url) {
 	$curl = curl_init();
 	$userAgent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)';
 
-	curl_setopt($curl, CURLOPT_URL, $url);	//The URL to fetch. This can also be set when initializing a session with curl_init().
+	curl_setopt($curl, CURLOPT_URL, $url);	//The URL to retrieve. This can also be set when initializing a session with curl_init().
 	curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);	//TRUE to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly.
 	curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5);	//The number of seconds to wait while trying to connect.
 	curl_setopt($curl, CURLOPT_USERAGENT, $userAgent);	//The contents of the "User-Agent: " header to be used in a HTTP request.