more updates

This commit is contained in:
Isaac Connor 2013-12-17 11:07:19 -05:00
parent 1c028e5806
commit ceca805b48
3 changed files with 16 additions and 27 deletions

View File

@ -7,7 +7,7 @@ if ( empty($_REQUEST['id']) )
if ( canView( 'Control', $_REQUEST['id'] ) )
{
$monitor = dbFetchOne( "select C.*,M.* from Monitors as M inner join Controls as C on (M.ControlId = C.Id ) where M.Id = '".dbEscape($_REQUEST['id'])."'" );
$monitor = dbFetchOne( 'select C.*,M.* from Monitors as M inner join Controls as C on (M.ControlId = C.Id ) where M.Id = ?', NULL, array($_REQUEST['id']) );
$ctrlCommand = buildControlCommand( $monitor );

View File

@ -1,32 +1,21 @@
<?php
if ( empty($_REQUEST['id']) && empty($_REQUEST['eids']) )
{
if ( empty($_REQUEST['id']) && empty($_REQUEST['eids']) ) {
ajaxError( "No event id(s) supplied" );
}
if ( canView( 'Events' ) )
{
switch ( $_REQUEST['action'] )
{
case "video" :
{
if ( empty($_REQUEST['videoFormat']) )
{
if ( canView( 'Events' ) ) {
switch ( $_REQUEST['action'] ) {
case "video" : {
if ( empty($_REQUEST['videoFormat']) ) {
ajaxError( "Video Generation Failure, no format given" );
}
elseif ( empty($_REQUEST['rate']) )
{
} elseif ( empty($_REQUEST['rate']) ) {
ajaxError( "Video Generation Failure, no rate given" );
}
elseif ( empty($_REQUEST['scale']) )
{
} elseif ( empty($_REQUEST['scale']) ) {
ajaxError( "Video Generation Failure, no scale given" );
}
else
{
$sql = "select E.*,M.Name as MonitorName,M.DefaultRate,M.DefaultScale from Events as E inner join Monitors as M on E.MonitorId = M.Id where E.Id = ".dbEscape($_REQUEST['id']).monitorLimitSql();
if ( !($event = dbFetchOne( $sql )) )
} else {
$sql = 'select E.*,M.Name as MonitorName,M.DefaultRate,M.DefaultScale from Events as E inner join Monitors as M on E.MonitorId = M.Id where E.Id = ?'.monitorLimitSql();
if ( !($event = dbFetchOne( $sql, NULL, array( $_REQUEST['id'] ) )) )
ajaxError( "Video Generation Failure, can't load event" );
else
if ( $videoFile = createVideo( $event, $_REQUEST['videoFormat'], $_REQUEST['rate'], $_REQUEST['scale'], !empty($_REQUEST['overwrite']) ) )
@ -90,7 +79,7 @@ if ( canEdit( 'Events' ) )
case "rename" :
{
if ( !empty($_REQUEST['eventName']) )
dbQuery( "update Events set Name = '".dbEscape($_REQUEST['eventName'])."' where Id = '".dbEscape($_REQUEST['id'])."'" );
dbQuery( 'UPDATE Events SET Name = ? WHERE Id = ?', array( $_REQUEST['eventName'], $_REQUEST['id'] ) );
else
ajaxError( "No new event name supplied" );
ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>true ) );
@ -98,7 +87,7 @@ if ( canEdit( 'Events' ) )
}
case "eventdetail" :
{
dbQuery( "update Events set Cause = '".dbEscape($_REQUEST['newEvent']['Cause'])."', Notes = '".dbEscape($_REQUEST['newEvent']['Notes'])."' where Id = '".dbEscape($_REQUEST['id'])."'" );
dbQuery( 'UPDATE Events SET Cause = ?, Notes = ? WHERE Id = ?', array( $_REQUEST['newEvent']['Cause'], $_REQUEST['newEvent']['Notes'], $_REQUEST['id'] ) );
ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>true ) );
break;
}
@ -106,13 +95,13 @@ if ( canEdit( 'Events' ) )
case "unarchive" :
{
$archiveVal = ($_REQUEST['action'] == "archive")?1:0;
dbQuery( "update Events set Archived = ".$archiveVal." where Id = '".dbEscape($_REQUEST['id'])."'" );
dbQuery( 'UPDATE Events SET Archived = ? WHERE Id = ?', array( $archiveVal, $_REQUEST['id']) );
ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>false ) );
break;
}
case "delete" :
{
deleteEvent( dbEscape($_REQUEST['id']) );
deleteEvent( $_REQUEST['id'] );
ajaxResponse( array( 'refreshEvent'=>false, 'refreshParent'=>true ) );
break;
}

View File

@ -26,7 +26,7 @@ if ( canView( 'Monitors' ) )
$status = exec( escapeshellcmd($command) );
chdir( $wd );
$monitor = dbFetchOne( "select * from Monitors where Id = '".dbEscape($_REQUEST['mid'])."'" );
$monitor = dbFetchOne( 'SELECT * FROM Monitors WHERE Id = ?', NULL, array($_REQUEST['mid']) );
$points = coordsToPoints( $_REQUEST['coords'] );
ajaxResponse( array(