mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-03-06 08:11:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

Sanity checked SQL escaping in all the models, improved code under different aspects (#598)

Browse Source
This commit is contained in:
FrancescoUK
2016-05-28 22:41:27 +01:00
parent 6fe1e2a55a
commit 404fc5b548
17 changed files with 1068 additions and 888 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
application/models/Module.php
View File

@@ -6,62 +6,68 @@ class Module extends CI_Model
parent::__construct();
}
function get_module_name($module_id)
public function get_module_name($module_id)
{
$query = $this->db->get_where('modules', array('module_id' => $module_id), 1);
if ($query->num_rows() ==1)
if($query->num_rows() == 1)
{
$row = $query->row();
return $this->lang->line($row->name_lang_key);
}
return $this->lang->line('error_unknown');
}
function get_module_desc($module_id)
public function get_module_desc($module_id)
{
$query = $this->db->get_where('modules', array('module_id' => $module_id), 1);
if ($query->num_rows() ==1)
if($query->num_rows() == 1)
{
$row = $query->row();
return $this->lang->line($row->desc_lang_key);
}
return $this->lang->line('error_unknown');
}
function get_all_permissions()
public function get_all_permissions()
{
$this->db->from('permissions');
return $this->db->get();
}
function get_all_subpermissions()
public function get_all_subpermissions()
{
$this->db->from('permissions');
$this->db->join('modules', 'modules.module_id=permissions.module_id');
$this->db->join('modules', 'modules.module_id = permissions.module_id');
// can't quote the parameters correctly when using different operators..
$this->db->where($this->db->dbprefix('modules').'.module_id!=', 'permission_id', FALSE);
$this->db->where($this->db->dbprefix('modules') . '.module_id!=', 'permission_id', FALSE);
return $this->db->get();
}
function get_all_modules()
public function get_all_modules()
{
$this->db->from('modules');
$this->db->order_by("sort", "asc");
$this->db->order_by('sort', 'asc');
return $this->db->get();
}
function get_allowed_modules($person_id)
public function get_allowed_modules($person_id)
{
$this->db->from('modules');
$this->db->join('permissions','permissions.permission_id=modules.module_id');
$this->db->join('grants','permissions.permission_id=grants.permission_id');
$this->db->where("person_id",$person_id);
$this->db->order_by("sort", "asc");
$this->db->join('permissions', 'permissions.permission_id = modules.module_id');
$this->db->join('grants', 'permissions.permission_id = grants.permission_id');
$this->db->where('person_id', $person_id);
$this->db->order_by('sort', 'asc');
return $this->db->get();
}
}
?>