more updates

This commit is contained in:
Isaac Connor 2013-12-17 11:07:19 -05:00
parent 1c028e5806
commit ceca805b48
3 changed files with 16 additions and 27 deletions

View File

@ -7,7 +7,7 @@ if ( empty($_REQUEST['id']) )
if ( canView( 'Control', $_REQUEST['id'] ) ) if ( canView( 'Control', $_REQUEST['id'] ) )
{ {
$monitor = dbFetchOne( "select C.*,M.* from Monitors as M inner join Controls as C on (M.ControlId = C.Id ) where M.Id = '".dbEscape($_REQUEST['id'])."'" ); $monitor = dbFetchOne( 'select C.*,M.* from Monitors as M inner join Controls as C on (M.ControlId = C.Id ) where M.Id = ?', NULL, array($_REQUEST['id']) );
$ctrlCommand = buildControlCommand( $monitor ); $ctrlCommand = buildControlCommand( $monitor );

View File

@ -1,32 +1,21 @@
<?php <?php
if ( empty($_REQUEST['id']) && empty($_REQUEST['eids']) ) if ( empty($_REQUEST['id']) && empty($_REQUEST['eids']) ) {
{
ajaxError( "No event id(s) supplied" ); ajaxError( "No event id(s) supplied" );
} }
if ( canView( 'Events' ) ) if ( canView( 'Events' ) ) {
{ switch ( $_REQUEST['action'] ) {
switch ( $_REQUEST['action'] ) case "video" : {
{ if ( empty($_REQUEST['videoFormat']) ) {
case "video" :
{
if ( empty($_REQUEST['videoFormat']) )
{
ajaxError( "Video Generation Failure, no format given" ); ajaxError( "Video Generation Failure, no format given" );
} } elseif ( empty($_REQUEST['rate']) ) {
elseif ( empty($_REQUEST['rate']) )
{
ajaxError( "Video Generation Failure, no rate given" ); ajaxError( "Video Generation Failure, no rate given" );
} } elseif ( empty($_REQUEST['scale']) ) {
elseif ( empty($_REQUEST['scale']) )
{
ajaxError( "Video Generation Failure, no scale given" ); ajaxError( "Video Generation Failure, no scale given" );
} } else {
else $sql = 'select E.*,M.Name as MonitorName,M.DefaultRate,M.DefaultScale from Events as E inner join Monitors as M on E.MonitorId = M.Id where E.Id = ?'.monitorLimitSql();
{ if ( !($event = dbFetchOne( $sql, NULL, array( $_REQUEST['id'] ) )) )
$sql = "select E.*,M.Name as MonitorName,M.DefaultRate,M.DefaultScale from Events as E inner join Monitors as M on E.MonitorId = M.Id where E.Id = ".dbEscape($_REQUEST['id']).monitorLimitSql();
if ( !($event = dbFetchOne( $sql )) )
ajaxError( "Video Generation Failure, can't load event" ); ajaxError( "Video Generation Failure, can't load event" );
else else
if ( $videoFile = createVideo( $event, $_REQUEST['videoFormat'], $_REQUEST['rate'], $_REQUEST['scale'], !empty($_REQUEST['overwrite']) ) ) if ( $videoFile = createVideo( $event, $_REQUEST['videoFormat'], $_REQUEST['rate'], $_REQUEST['scale'], !empty($_REQUEST['overwrite']) ) )
@ -90,7 +79,7 @@ if ( canEdit( 'Events' ) )
case "rename" : case "rename" :
{ {
if ( !empty($_REQUEST['eventName']) ) if ( !empty($_REQUEST['eventName']) )
dbQuery( "update Events set Name = '".dbEscape($_REQUEST['eventName'])."' where Id = '".dbEscape($_REQUEST['id'])."'" ); dbQuery( 'UPDATE Events SET Name = ? WHERE Id = ?', array( $_REQUEST['eventName'], $_REQUEST['id'] ) );
else else
ajaxError( "No new event name supplied" ); ajaxError( "No new event name supplied" );
ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>true ) ); ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>true ) );
@ -98,7 +87,7 @@ if ( canEdit( 'Events' ) )
} }
case "eventdetail" : case "eventdetail" :
{ {
dbQuery( "update Events set Cause = '".dbEscape($_REQUEST['newEvent']['Cause'])."', Notes = '".dbEscape($_REQUEST['newEvent']['Notes'])."' where Id = '".dbEscape($_REQUEST['id'])."'" ); dbQuery( 'UPDATE Events SET Cause = ?, Notes = ? WHERE Id = ?', array( $_REQUEST['newEvent']['Cause'], $_REQUEST['newEvent']['Notes'], $_REQUEST['id'] ) );
ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>true ) ); ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>true ) );
break; break;
} }
@ -106,13 +95,13 @@ if ( canEdit( 'Events' ) )
case "unarchive" : case "unarchive" :
{ {
$archiveVal = ($_REQUEST['action'] == "archive")?1:0; $archiveVal = ($_REQUEST['action'] == "archive")?1:0;
dbQuery( "update Events set Archived = ".$archiveVal." where Id = '".dbEscape($_REQUEST['id'])."'" ); dbQuery( 'UPDATE Events SET Archived = ? WHERE Id = ?', array( $archiveVal, $_REQUEST['id']) );
ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>false ) ); ajaxResponse( array( 'refreshEvent'=>true, 'refreshParent'=>false ) );
break; break;
} }
case "delete" : case "delete" :
{ {
deleteEvent( dbEscape($_REQUEST['id']) ); deleteEvent( $_REQUEST['id'] );
ajaxResponse( array( 'refreshEvent'=>false, 'refreshParent'=>true ) ); ajaxResponse( array( 'refreshEvent'=>false, 'refreshParent'=>true ) );
break; break;
} }

View File

@ -26,7 +26,7 @@ if ( canView( 'Monitors' ) )
$status = exec( escapeshellcmd($command) ); $status = exec( escapeshellcmd($command) );
chdir( $wd ); chdir( $wd );
$monitor = dbFetchOne( "select * from Monitors where Id = '".dbEscape($_REQUEST['mid'])."'" ); $monitor = dbFetchOne( 'SELECT * FROM Monitors WHERE Id = ?', NULL, array($_REQUEST['mid']) );
$points = coordsToPoints( $_REQUEST['coords'] ); $points = coordsToPoints( $_REQUEST['coords'] );
ajaxResponse( array( ajaxResponse( array(