ChrisChrome/sccp_manager
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Update dbinterface.class.php

Browse source 
Check that labels exist before binding or an exception will occur
This commit is contained in:
steve-lad 2021-03-24 08:59:13 +01:00
parent 03dd9bed5a
commit e3116d39cb
1 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
Sccp_manager.inc/dbinterface.class.php
View file

@ -129,9 +129,15 @@ class dbinterface
$sql .= (empty($sql)) ? 'ref = :ref' : ' and ref = :ref';
}
if (!empty($sql)) {
$stmts = $dbh->prepare('SELECT * FROM sccpbuttonconfig WHERE ' .$sql. ' ORDER BY instance');
$stmts->bindParam(':buttontype', $data['buttontype'],\PDO::PARAM_STR);
$stmts->bindParam(':ref', $data['id'],\PDO::PARAM_STR);
$stmts = $dbh->prepare("SELECT * FROM sccpbuttonconfig WHERE {$sql} ORDER BY instance");
// Now bind labels - only bind label if it exists or bind will create exception.
// can only bind once have prepared, so need to test again.
if (!empty($data['buttontype'])) {
$stmts->bindParam(':buttontype', $data['buttontype'],\PDO::PARAM_STR);
}
if (!empty($data['id'])) {
$stmts->bindParam(':ref', $data['id'],\PDO::PARAM_STR);
}
} else {
$raw_settings = array();
}
@ -141,6 +147,7 @@ class dbinterface
$stmt->execute();
$raw_settings = $stmt->fetch(\PDO::FETCH_ASSOC);
} elseif (!empty($stmts)) {
dbug('statement is before execute', $stmts);
$stmts->execute();
$raw_settings = $stmts->fetchAll(\PDO::FETCH_ASSOC);
}