Merge branch 'mysql2PDO'

This commit is contained in:
Isaac Connor 2014-03-28 10:16:14 -04:00
commit 329f6ae5c4
33 changed files with 95 additions and 144 deletions

View File

@ -437,22 +437,6 @@ function rewind() {
}
//---------------------------------+
// CARPE S l i d e r 1.3 |
// 2005 - 12 - 10 |
@ -590,15 +574,9 @@ function slideManual(val,length,from,to) {
if (yMax == 0) carpeLeft(sliderid, pos) // Snap horizontal slider to corresponding display position.
}
if (ie||dom) start_slider();
else if (document.layers) window.onload=start_slider;
</script>
</body>

View File

@ -232,7 +232,7 @@ function parseFilterToTree( $filter )
$value = "'$value'";
break;
case 'DateTime':
$value = "'".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."'";
$value = strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) );
break;
case 'Date':
$value = "to_days( '".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."' )";

View File

@ -1,5 +0,0 @@
--This line, and those below, will be ignored--
M views/plugin.php
M views/css/plugin.css

View File

@ -71,8 +71,11 @@ $eventCounts = array(
$running = daemonCheck();
$status = $running?$SLANG['Running']:$SLANG['Stopped'];
if ( $group = dbFetchOne( 'select * from Groups where Id = ?', NULL, array(empty($_COOKIE['zmGroup'])?0:$_COOKIE['zmGroup'])) )
$group = NULL;
if ( ! empty($_COOKIE['zmGroup']) ) {
if ( $group = dbFetchOne( 'select * from Groups where Id = ?', NULL, array($_COOKIE['zmGroup'])) )
$groupIds = array_flip(explode( ',', $group['MonitorIds'] ));
}
noCacheHeaders();

View File

@ -25,15 +25,14 @@ if ( !canView( 'Control' ) )
}
$groupSql = "";
if ( !empty($_REQUEST['group']) )
{
if ( !empty($_REQUEST['group']) ) {
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_REQUEST['group']) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
}
$mid = validInt($_REQUEST['mid']);
$sql = "select * from Monitors where Function != 'None' and Controllable = 1$groupSql order by Sequence";
$sql = "SELECT * FROM Monitors WHERE Function != 'None' AND Controllable = 1$groupSql ORDER BY Sequence";
$mids = array();
foreach( dbFetchAll( $sql ) as $row )
{
@ -50,7 +49,7 @@ foreach ( getSkinIncludes( 'includes/control_functions.php' ) as $includeFile )
require_once $includeFile;
$sql = 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?';
$monitor = dbFetchOne( $sql, NULL, $mid );
$monitor = dbFetchOne( $sql, NULL, array( $mid ) );
$focusWindow = true;

View File

@ -24,8 +24,7 @@ if ( !canView( 'Control' ) )
return;
}
$sql = "select * from Controls order by Id";
$controls = dbFetchAll( $sql );
$controls = dbFetchAll( 'SELECT * FROM Controls ORDER BY Id' );
$focusWindow = true;

View File

@ -41,15 +41,11 @@ $groupSql = '';
if ( !empty($_REQUEST['group']) )
{
$group = validInt($_REQUEST['group']);
$row = dbFetchOne( 'select * from Groups where Id = ?', NULL, array( $group) );
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($group) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
}
$sql = "select * from Monitors where Function != 'None'$groupSql";
if ( ''+ZM_SERVER_HOST ) {
$sql .= " and ServerHost='".ZM_SERVER_HOST."'";
}
$sql .= " order by Sequence";
$sql = "SELECT * FROM Monitors WHERE Function != 'None'$groupSql ORDER BY Sequence";
$monitors = array();
$monIdx = 0;
foreach( dbFetchAll( $sql ) as $row )

View File

@ -24,7 +24,7 @@ if ( !canView( 'Devices' ) )
return;
}
$sql = "select * from Devices where Type = 'X10' order by Name";
$sql = "SELECT * FROM Devices WHERE Type = 'X10' ORDER BY Name";
$devices = array();
foreach( dbFetchAll( $sql ) as $row )
{

View File

@ -33,7 +33,7 @@ else
$midSql = '';
$sql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultRate,M.DefaultScale FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE E.Id = ?'.$midSql;
$event = dbFetchOne( $sql, NULL, array( $eid ) );
$event = dbFetchOne( $sql, NULL, array($eid) );
if ( isset( $_REQUEST['rate'] ) )
$rate = validInt($_REQUEST['rate']);

View File

@ -26,7 +26,7 @@ if ( !canEdit( 'Events' ) )
if ( isset($_REQUEST['eid']) ) {
$mode = 'single';
$eid = validInt($_REQUEST['eid']);
$newEvent = dbFetchOne( 'SELECT E.* FROM Events AS E WHERE E.Id = ?', NULL, array( $eid ) );
$newEvent = dbFetchOne( 'SELECT E.* FROM Events AS E WHERE E.Id = ?', NULL, array($eid) );
} elseif ( isset($_REQUEST['eids']) ) {
$mode = 'multi';
$sql = 'SELECT E.* FROM Events AS E WHERE ';

View File

@ -29,16 +29,13 @@ if ( !empty($_REQUEST['execute']) )
executeFilter( $tempFilterName );
}
$countSql = "select count(E.Id) as EventCount from Monitors as M inner join Events as E on (M.Id = E.MonitorId) where";
$eventsSql = "select E.Id,E.MonitorId,M.Name As MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived from Monitors as M inner join Events as E on (M.Id = E.MonitorId) where";
if ( $user['MonitorIds'] )
{
$countSql = 'SELECT count(E.Id) AS EventCount FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE';
$eventsSql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E on (M.Id = E.MonitorId) WHERE';
if ( $user['MonitorIds'] ) {
$user_monitor_ids = " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")";
$countSql .= $user_monitor_ids;
$eventsSql .= $user_monitor_ids;
}
else
{
} else {
$countSql .= " 1";
$eventsSql .= " 1";
}
@ -52,7 +49,7 @@ if ( $_REQUEST['filter']['sql'] )
$countSql .= $_REQUEST['filter']['sql'];
$eventsSql .= $_REQUEST['filter']['sql'];
}
$eventsSql .= " order by $sortColumn $sortOrder";
$eventsSql .= " ORDER BY $sortColumn $sortOrder";
if ( isset($_REQUEST['page']) )
$page = validInt($_REQUEST['page']);
@ -69,18 +66,15 @@ if ( !empty($limit) && $nEvents > $limit )
$nEvents = $limit;
}
$pages = (int)ceil($nEvents/ZM_WEB_EVENTS_PER_PAGE);
if ( $pages > 1 )
{
if ( !empty($page) )
{
if ( $pages > 1 ) {
if ( !empty($page) ) {
if ( $page < 0 )
$page = 1;
if ( $page > $pages )
$page = $pages;
}
}
if ( !empty($page) )
{
if ( !empty($page) ) {
$limitStart = (($page-1)*ZM_WEB_EVENTS_PER_PAGE);
if ( empty( $limit ) )
{
@ -92,10 +86,8 @@ if ( !empty($page) )
$limitAmount = ($limitLeft>ZM_WEB_EVENTS_PER_PAGE)?ZM_WEB_EVENTS_PER_PAGE:$limitLeft;
}
$eventsSql .= " limit $limitStart, $limitAmount";
}
elseif ( !empty( $limit ) )
{
$eventsSql .= " limit 0, $limit";
} elseif ( !empty( $limit ) ) {
$eventsSql .= " limit 0, ".$limit;
}
$maxWidth = 0;

View File

@ -29,17 +29,14 @@ if ( !empty($_REQUEST['fid']) )
$fid = validInt($_REQUEST['fid']);
$sql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultScale FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, array( $eid ) );
$event = dbFetchOne( $sql, NULL, array($eid) );
if ( !empty($fid) )
{
if ( !empty($fid) ) {
$sql = 'SELECT * FROM Frames WHERE EventId = ? AND FrameId = ?';
if ( !($frame = dbFetchOne( $sql, NULL, array( $eid, $fid ) )) )
if ( !($frame = dbFetchOne( $sql, NULL, array($eid, $fid) )) )
$frame = array( 'FrameId'=>$fid, 'Type'=>'Normal', 'Score'=>0 );
}
else
{
$frame = dbFetchOne( 'SELECT * FROM Frames WHERE EventId = ? AND Score = ?', null, array( $eid, $event['MaxScore'] ) );
} else {
$frame = dbFetchOne( 'SELECT * FROM Frames WHERE EventId = ? AND Score = ?', NULL, array( $eid, $event['MaxScore'] ) );
}
$maxFid = $event['Frames'];

View File

@ -27,7 +27,7 @@ $sql = 'SELECT E.*,M.Name AS MonitorName FROM Events AS E INNER JOIN Monitors AS
$event = dbFetchOne( $sql, NULL, array($_REQUEST['eid']) );
$sql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId';
$frames = dbFetchAll( $sql, NULL, array( $_REQUEST['eid']) );
$frames = dbFetchAll( $sql, NULL, array( $_REQUEST['eid'] ) );
$focusWindow = true;

View File

@ -1,5 +1,5 @@
/*
* ZoneMinder Base Stylesheet, $Date: 2011-06-23 22:53:45 +0100 (Thu, 23 Jun 2011) $, $Revision: 3462 $
* ZoneMinder Base Stylesheet, $Date$, $Revision$
* Copyright (C) 2001-2008 Philip Coombes
*
* This program is free software; you can redistribute it and/or

View File

@ -596,8 +596,8 @@ function exportEventImagesMaster( $eids )
<?php
foreach ($eids as $eid) {
//get monitor id and event id
$sql = 'SELECT E.MonitorId FROM Monitors as M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, ARRAY( $eid ) );
$sql = 'SELECT E.MonitorId FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, array( $eid ) );
$eventMonitorId[$eid] = $event['MonitorId'];
}
@ -758,7 +758,7 @@ function exportFileList( $eid, $exportDetail, $exportFrames, $exportImages, $exp
if ( canView( 'Events' ) && $eid )
{
$sql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.Width,M.Height,E.Name,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, ARRAY($eid) );
$event = dbFetchOne( $sql, NULL, array($eid) );
$eventPath = mygetEventPath( $event );
$files = array();
if ( $dir = opendir( $eventPath ) )

View File

@ -71,8 +71,9 @@ $eventCounts = array(
$running = daemonCheck();
$status = $running?$SLANG['Running']:$SLANG['Stopped'];
$group = NULL;
if ( ! empty($_COOKIE['zmGroup']) ) {
if ( $group = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, ARRAY($_COOKIE['zmGroup']) ) )
if ( $group = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_COOKIE['zmGroup']) ) )
$groupIds = array_flip(explode( ',', $group['MonitorIds'] ));
}
@ -107,7 +108,7 @@ for ( $i = 0; $i < count($monitors); $i++ )
}
$monitors[$i]['zmc'] = zmcStatus( $monitors[$i] );
$monitors[$i]['zma'] = zmaStatus( $monitors[$i] );
$monitors[$i]['ZoneCount'] = dbFetchOne( 'SELECT count(Id) AS ZoneCount FROM Zones WHERE MonitorId = ?', 'ZoneCount', ARRAY( $monitors[$i]['Id'] ) );
$monitors[$i]['ZoneCount'] = dbFetchOne( 'SELECT count(Id) AS ZoneCount FROM Zones WHERE MonitorId = ?', 'ZoneCount', array( $monitors[$i]['Id'] ) );
$counts = array();
for ( $j = 0; $j < count($eventCounts); $j++ )
{
@ -116,8 +117,8 @@ for ( $i = 0; $i < count($monitors); $i++ )
$counts[] = "count(if(1".$filter['sql'].",1,NULL)) as EventCount$j";
$monitors[$i]['eventCounts'][$j]['filter'] = $filter;
}
$sql = 'SELECT '.join($counts,", ").' FROM Events AS E WHERE MonitorId = ?';
$counts = dbFetchOne( $sql, NULL, ARRAY( $monitors[$i]['Id'] ) );
$sql = 'SELECT '.join($counts,', ').' FROM Events AS E WHERE MonitorId = ?';
$counts = dbFetchOne( $sql, NULL, array( $monitors[$i]['Id'] ) );
if ( $monitors[$i]['Function'] != 'None' )
{
$cycleCount++;
@ -126,7 +127,7 @@ for ( $i = 0; $i < count($monitors); $i++ )
if ( $maxWidth < $scaleWidth ) $maxWidth = $scaleWidth;
if ( $maxHeight < $scaleHeight ) $maxHeight = $scaleHeight;
}
$monitors[$i] = array_merge( $monitors[$i], $counts );
if ( $counts ) $monitors[$i] = array_merge( $monitors[$i], $counts );
$seqIdList[] = $monitors[$i]['Id'];
$displayMonitors[] = $monitors[$i];
}

View File

@ -26,7 +26,7 @@ if ( !canView( 'Control' ) )
$groupSql = "";
if ( !empty($_REQUEST['group']) ) {
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, ARRAY($_REQUEST['group']) );
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_REQUEST['group']) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
}
@ -49,7 +49,7 @@ foreach ( getSkinIncludes( 'includes/control_functions.php' ) as $includeFile )
require_once $includeFile;
$sql = 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?';
$monitor = dbFetchOne( $sql, NULL, ARRAY( $mid ) );
$monitor = dbFetchOne( $sql, NULL, array( $mid ) );
$focusWindow = true;

View File

@ -48,7 +48,7 @@ else
{
if ( !empty($_REQUEST['cid']) )
{
$control = dbFetchOne( 'SELECT * FROM Controls WHERE Id = ?', NULL, ARRAY($_REQUEST['cid']) );
$control = dbFetchOne( 'SELECT * FROM Controls WHERE Id = ?', NULL, array($_REQUEST['cid']) );
}
else
{

View File

@ -24,11 +24,10 @@ if ( !canEdit( 'Monitors' ) )
return;
}
$monitor = dbFetchOne( 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?', NULL, ARRAY($_REQUEST['mid']) );
$monitor = dbFetchOne( 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?', NULL, array($_REQUEST['mid']) );
$labels = array();
foreach( dbFetchAll( 'SELECT * FROM ControlPresets WHERE MonitorId = ?', NULL, ARRAY($monitor['Id']) ) as $row )
{
foreach( dbFetchAll( 'SELECT * FROM ControlPresets WHERE MonitorId = ?', NULL, array($monitor['Id']) ) as $row ) {
$labels[$row['Preset']] = $row['Label'];
}

View File

@ -41,7 +41,7 @@ $groupSql = '';
if ( !empty($_REQUEST['group']) )
{
$group = validInt($_REQUEST['group']);
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, ARRAY($group) );
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($group) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
}

View File

@ -24,10 +24,8 @@ if ( !canEdit( 'Devices' ) )
return;
}
if ( !empty($_REQUEST['did']) ) {
$newDevice = dbFetchOne( 'SELECT * FROM Devices WHERE Id = ?', NULL, ARRAY($_REQUEST['did']) );
}
else
{
$newDevice = dbFetchOne( 'SELECT * FROM Devices WHERE Id = ?', NULL, array($_REQUEST['did']) );
} else {
$newDevice = array(
"Id" => "",
"Name" => "New Device",

View File

@ -31,10 +31,10 @@ if ( !empty($_REQUEST['execute']) )
$countSql = 'SELECT count(E.Id) AS EventCount FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE';
$eventsSql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E on (M.Id = E.MonitorId) WHERE';
if ( $user['MonitorIds'] )
{
$countSql .= " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")";
$eventsSql .= " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")";
if ( $user['MonitorIds'] ) {
$user_monitor_ids = " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")";
$countSql .= $user_monitor_ids;
$eventsSql .= $user_monitor_ids;
} else {
$countSql .= " 1";
$eventsSql .= " 1";

View File

@ -27,7 +27,7 @@ $sql = 'SELECT E.*,M.Name AS MonitorName FROM Events AS E INNER JOIN Monitors AS
$event = dbFetchOne( $sql, NULL, array($_REQUEST['eid']) );
$sql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId';
$frames = dbFetchAll( $sql, NULL, array($_REQUEST['eid']) );
$frames = dbFetchAll( $sql, NULL, array( $_REQUEST['eid'] ) );
$focusWindow = true;

View File

@ -44,7 +44,7 @@ if ( !empty($_REQUEST['mid']) )
{
$monitor = dbFetchMonitor( $_REQUEST['mid'] );
if ( ZM_OPT_X10 )
$x10Monitor = dbFetchOne( "select * from TriggersX10 where MonitorId = '".dbEscape($_REQUEST['mid'])."'" );
$x10Monitor = dbFetchOne( 'SELECT * FROM TriggersX10 WHERE MonitorId = ?', NULL, array($_REQUEST['mid']) );
}
else
{
@ -143,7 +143,7 @@ if ( $newMonitor['AlarmMaxFPS'] == '0.00' )
if ( !empty($_REQUEST['preset']) )
{
$preset = dbFetchOne( "select Type, Device, Channel, Format, Protocol, Method, Host, Port, Path, Width, Height, Palette, MaxFPS, Controllable, ControlId, ControlDevice, ControlAddress, DefaultRate, DefaultScale from MonitorPresets where Id = '".dbEscape($_REQUEST['preset'])."'" );
$preset = dbFetchOne( 'SELECT Type, Device, Channel, Format, Protocol, Method, Host, Port, Path, Width, Height, Palette, MaxFPS, Controllable, ControlId, ControlDevice, ControlAddress, DefaultRate, DefaultScale FROM MonitorPresets WHERE Id = ?', NULL, array($_REQUEST['preset']) );
foreach ( $preset as $name=>$value )
{
if ( isset($value) )

View File

@ -27,12 +27,12 @@ if ( !canView( 'Stream' ) )
$groupSql = "";
if ( !empty($_REQUEST['group']) )
{
$sql = "select * from Groups where Id = '".dbEscape($_REQUEST['group'])."'";
$row = dbFetchOne( $sql );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
$row = dbFetchOne( 'select * from Groups where Id = ?', NULL, array($_REQUEST['group']) );
$sql = "select * from Monitors where Function != 'None' and find_in_set( Id, '".$row['MonitorIds']."' ) order by Sequence";
} else {
$sql = "select * from Monitors where Function != 'None' order by Sequence";
}
$sql = "select * from Monitors where Function != 'None'$groupSql order by Sequence";
$maxWidth = 0;
$maxHeight = 0;
$showControl = false;
@ -70,11 +70,11 @@ foreach( dbFetchAll( $sql ) as $row )
$focusWindow = true;
$layouts = array(
'montage_freeform.css' => 'Default',
'montage_2wide.css' => '2-wide grid',
'montage_3wide.css' => '3-wide grid',
'montage_4wide.css' => '4-wide grid',
'montage_3wide50enlarge.css' => '3-wide grid, scaled, enlarge on alarm',
'montage_freeform.css' => $SLANG['MtgDefault'],
'montage_2wide.css' => $SLANG['Mtg2widgrd'],
'montage_3wide.css' => $SLANG['Mtg3widgrd'],
'montage_4wide.css' => $SLANG['Mtg4widgrd'],
'montage_3wide50enlarge.css' => $SLANG['Mtg3widgrx'],
);
if ( isset($_COOKIE['zmMontageLayout']) )

View File

@ -29,15 +29,14 @@ $mid = validInt($_REQUEST['mid']);
$zid = !empty($_REQUEST['zid'])?validInt($_REQUEST['zid']):0;
if ( $zid > 0 )
{
$newZone = dbFetchOne( "select * from Zones where MonitorId = '".dbEscape($mid)."' and Id = '".dbEscape($zid)."'" );
if ( $zid > 0 ) {
$newZone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId = ? AND Id = ?', NULL, array( $mid, $zid) );
} else {
$view = "error";
return;
}
$monitor = dbFetchMonitor ( $mid );
$plugin = dbEscape($_REQUEST['pl']);
$plugin = $_REQUEST['pl'];
$plugin_path = dirname(ZM_PLUGINS_CONFIG_PATH)."/".$plugin;
@ -61,8 +60,8 @@ if(file_exists($plugin_path."/config.php"))
include_once($plugin_path."/config.php");
}
$sql="SELECT * FROM PluginsConfig WHERE MonitorId=$mid AND ZoneId=$zid AND pluginName='$plugin'";
foreach( dbFetchAll( $sql ) as $popt )
$sql='SELECT * FROM PluginsConfig WHERE MonitorId=? AND ZoneId=? AND pluginName=?';
foreach( dbFetchAll( $sql, NULL, array( $mid, $zid, $plugin ) ) as $popt )
{
if(array_key_exists($popt['Name'], $pluginOptions)
&& $popt['Type']==$pluginOptions[$popt['Name']]['Type']
@ -72,7 +71,7 @@ foreach( dbFetchAll( $sql ) as $popt )
$pluginOptions[$popt['Name']]=$popt;
array_push($optionNames, $popt['Name']);
} else {
dbQuery("DELETE from PluginsConfig WHERE Id=".$popt['Id']);
dbQuery('DELETE FROM PluginsConfig WHERE Id=?', array( $popt['Id'] ) );
}
}
foreach($pluginOptions as $name => $values)
@ -80,10 +79,8 @@ foreach($pluginOptions as $name => $values)
if(!in_array($name, $optionNames))
{
$popt=$pluginOptions[$name];
$sql="INSERT INTO PluginsConfig VALUES
('','".dbEscape($popt['Name'])."','".dbEscape($popt['Value'])."',
'".dbEscape($popt['Type'])."','".dbEscape($popt['Choices'])."','$mid','$zid','$plugin')";
dbQuery($sql);
$sql="INSERT INTO PluginsConfig VALUES ('',?,?,?,?,?,?,?)";
dbQuery($sql, array( $popt['Name'], $popt['Value'], $popt['Type'], $popt['Choices'], $mid, $zid, $plugin ) );
}
}

View File

@ -27,8 +27,8 @@ if ( !canView( 'Events' ) )
$eid = validInt($_REQUEST['eid']);
$fid = validInt($_REQUEST['fid']);
$sql = "select S.*,E.*,Z.Name as ZoneName,Z.Units,Z.Area,M.Name as MonitorName from Stats as S left join Events as E on S.EventId = E.Id left join Zones as Z on S.ZoneId = Z.Id left join Monitors as M on E.MonitorId = M.Id where S.EventId = '".dbEscape($eid)."' and S.FrameId = '".dbEscape($fid)."' order by S.ZoneId";
$stats = dbFetchAll( $sql );
$sql = 'SELECT S.*,E.*,Z.Name AS ZoneName,Z.Units,Z.Area,M.Name AS MonitorName FROM Stats AS S LEFT JOIN Events AS E ON S.EventId = E.Id LEFT JOIN Zones AS Z ON S.ZoneId = Z.Id LEFT JOIN Monitors AS M ON E.MonitorId = M.Id WHERE S.EventId = ? AND S.FrameId = ? ORDER BY S.ZoneId';
$stats = dbFetchAll( $sql, NULL, array( $eid, $fid ) );
$focusWindow = true;

View File

@ -382,8 +382,8 @@ foreach( dbFetchAll( $eventsSql ) as $event )
{
if ( $startIndex == $endIndex )
{
$framesSql = "select FrameId,Score from Frames where EventId = '".$event['Id']."' and Score > 0 order by Score desc limit 1";
$frame = dbFetchOne( $framesSql );
$framesSql = "select FrameId,Score from Frames where EventId = ? and Score > 0 order by Score desc limit 1";
$frame = dbFetchOne( $framesSql, NULL, array($event['Id']) );
$i = $startIndex;
if ( !isset($currFrameSlots[$i]) )
@ -407,8 +407,8 @@ foreach( dbFetchAll( $eventsSql ) as $event )
}
else
{
$framesSql = "select FrameId,Delta,unix_timestamp(TimeStamp) as TimeT,Score from Frames where EventId = '".$event['Id']."' and Score > 0";
$result = dbQuery( $framesSql );
$framesSql = "select FrameId,Delta,unix_timestamp(TimeStamp) as TimeT,Score from Frames where EventId = ? and Score > 0";
$result = dbQuery( $framesSql, array( $event['Id'] ) );
while( $frame = dbFetchNext( $result ) )
{
if ( $frame['Score'] == 0 )
@ -462,8 +462,8 @@ if ( false )
{
if ( !isset($currFrameSlots[$i]['frame']) )
{
$framesSql = "select FrameId,Score from Frames where EventId = '".$currFrameSlots[$i]['event']['Id']."' and Score > 0 order by FrameId limit 1";
$currFrameSlots[$i]['frame'] = dbFetchOne( $framesSql );
$framesSql = "select FrameId,Score from Frames where EventId = ? and Score > 0 order by FrameId limit 1";
$currFrameSlots[$i]['frame'] = dbFetchOne( $framesSql, NULL, array( $currFrameSlots[$i]['event']['Id'] ) );
}
}
}
@ -818,10 +818,10 @@ xhtmlHeaders(__FILE__, $SLANG['Timeline'] );
<div id="dataPanel">
<div id="textPanel">
<div id="instruction">
<p>Pass your mouse over the graph to view a snapshot image and event details.</p>
<p>Click on the coloured sections of the graph, or the image, to view the event.</p>
<p>Click on the background to zoom in to a smaller time period based around your click.</p>
<p>Use the controls below to zoom out or navigate back and forward through the time range.</p>
<p><?= $SLANG['TimelineTip1'] ?></p>
<p><?= $SLANG['TimelineTip2'] ?></p>
<p><?= $SLANG['TimelineTip3'] ?></p>
<p><?= $SLANG['TimelineTip4'] ?></p>
</div>
<div id="eventData">
</div>

View File

@ -25,9 +25,7 @@ if ( !canEdit( 'System' ) && !$selfEdit )
$view = "error";
return;
}
$sql = "select * from Users where Id = '".dbEscape($_REQUEST['uid'])."'";
if ( !($newUser = dbFetchOne( $sql )) )
{
if ( !($newUser = dbFetchOne( 'SELECT * FROM Users WHERE Id = ?', NULL, $_REQUEST['uid']) ) ); {
$newUser = array();
$newUser['Username'] = $SLANG['NewUser'];
$newUser['Enabled'] = 1;

View File

@ -29,8 +29,8 @@ if ( !empty($user['MonitorIds']) )
else
$midSql = '';
$sql = "select E.*,M.Name as MonitorName,M.DefaultRate,M.DefaultScale from Events as E inner join Monitors as M on E.MonitorId = M.Id where E.Id = ".dbEscape($_REQUEST['eid']).$midSql;
$event = dbFetchOne( $sql );
$sql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultRate,M.DefaultScale FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE E.Id = ?'.$midSql;
$event = dbFetchOne( $sql, NULL, array( $_REQUEST['eid'] ) );
if ( isset( $_REQUEST['rate'] ) )
$rate = validInt($_REQUEST['rate']);

View File

@ -24,8 +24,8 @@ if ( !canView( 'Stream' ) )
return;
}
$sql = "select C.*, M.* from Monitors as M left join Controls as C on (M.ControlId = C.Id ) where M.Id = '".dbEscape($_REQUEST['mid'])."'";
$monitor = dbFetchOne( $sql );
$sql = 'SELECT C.*, M.* FROM Monitors AS M LEFT JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?';
$monitor = dbFetchOne( $sql, NULL, array($_REQUEST['mid']) );
if ( isset($_REQUEST['showControls']) )
$showControls = validInt($_REQUEST['showControls']);

View File

@ -70,7 +70,7 @@ if ( !isset($newZone) )
{
if ( $zid > 0 )
{
$zone = dbFetchOne( "select * from Zones where MonitorId = '".dbEscape($monitor['Id'])."' and Id = '".dbEscape($zid)."'" );
$zone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId = ? AND Id=?', NULL, array( $monitor['Id'], $zid ) );
}
else
{

View File

@ -32,9 +32,8 @@ chdir( $wd );
$monitor = dbFetchMonitor( $mid );
$sql = "select * from Zones where MonitorId = '".$mid."' order by Area desc";
$zones = array();
foreach( dbFetchAll( $sql ) as $row )
foreach( dbFetchAll( 'select * from Zones where MonitorId = ? order by Area desc', NULL, array($mid) ) as $row )
{
if ( $row['Points'] = coordsToPoints( $row['Coords'] ) )
{