meteo/Sentri
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed the basequery builder so it can be set manually.

Browse Source
This commit is contained in:
Meteo
2026-01-07 23:13:11 +01:00
parent f279a78366
commit 604d71e0e6
2 changed files with 20 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
pub/api/classes/API.php
View File

@@ -39,6 +39,9 @@ class API
private $requiredFields = []; private $requiredFields = [];
private $optionalFields = []; private $optionalFields = [];
# Used for the query builder base
public $baseQuery = false;
public function __construct() public function __construct()
{ {
# Setup Database connection # Setup Database connection
@@ -222,13 +225,11 @@ class API
$field = $builder['where'][0]; $field = $builder['where'][0];
$value = $builder['where'][1]; $value = $builder['where'][1];
// Check if the field is allowed (in required or optional)
$rules = $requiredFields[$field] ?? $optionalFields[$field] ?? null; $rules = $requiredFields[$field] ?? $optionalFields[$field] ?? null;
if (!$rules) { if (!$rules) {
$this->apiOutput(403, ['error' => "Field not allowed in query: $field"]); $this->apiOutput(403, ['error' => "Field not allowed in query: $field"]);
} }
// Validate and sanitize
if (!$this->validateField($value, $rules)) { if (!$this->validateField($value, $rules)) {
$this->apiOutput(422, ['error' => "Invalid value for builder field: $field"]); $this->apiOutput(422, ['error' => "Invalid value for builder field: $field"]);
} }
@@ -682,13 +683,16 @@ class API
protected function buildDynamicQuery(string $tableName): array protected function buildDynamicQuery(string $tableName): array
{ {
$baseQuery = "SELECT * FROM " . $tableName; if (!$this->baseQuery) {
$this->baseQuery = "SELECT * FROM " . $tableName;
}
$whereClauses = []; $whereClauses = [];
$types = ''; $types = '';
$values = []; $values = [];
if (!isset($_GET['builder']) || !is_array($_GET['builder'])) { if (!isset($_GET['builder']) || !is_array($_GET['builder'])) {
return [$baseQuery, $types, $values]; return [$this->baseQuery, $types, $values];
} }
foreach ($_GET['builder'] as $builder) { foreach ($_GET['builder'] as $builder) {
@@ -705,10 +709,10 @@ class API
} }
if (!empty($whereClauses)) { if (!empty($whereClauses)) {
$baseQuery .= " WHERE " . implode(" AND ", $whereClauses); $this->baseQuery .= " WHERE " . implode(" AND ", $whereClauses);
} }
return [$baseQuery, $types, $values]; return [$this->baseQuery, $types, $values];
} }
protected function generalGetFunction($query, $types, $params, $returnBoolean, $itemName) protected function generalGetFunction($query, $types, $params, $returnBoolean, $itemName)

36
pub/bin/pages/servers/pageServerOverview_view.php
View File

@@ -28,16 +28,11 @@ $jsScriptLoadData['multiFilterSelectServers'] = true;
# Retrieve Information for the page # Retrieve Information for the page
if (!isset($_GET['del'])) { if (!isset($_GET['del'])) {
$query = "SELECT * FROM servers LEFT JOIN companies ON companies.company_uuid = servers.company_uuid WHERE servers.server_state != 'deleted' ORDER BY server_vm_host_name"; if ($GLOBALS['modules_enabled']['customers']) {
} else { $API_servers->baseQuery = "SELECT * FROM servers LEFT JOIN companies ON companies.company_uuid = servers.company_uuid WHERE servers.server_state != 'deleted'";
$query = "SELECT * FROM servers LEFT JOIN companies ON companies.company_uuid = servers.company_uuid ORDER BY server_vm_host_name"; } else {
} $API_servers->baseQuery = "SELECT * FROM servers WHERE servers.server_state != 'deleted'";
}
$stmt = $GLOBALS['conn']->query($query);
$servers = [];
while ($row = $stmt->fetch_assoc()) {
array_push($servers, $row);
}
$allBackupTypes = []; $allBackupTypes = [];
$allLicenseTypes = []; $allLicenseTypes = [];
@@ -94,23 +89,12 @@ if (isset($_COOKIE['serverTableColumns'])) {
$showColumns[$CheckedColumn] = true; $showColumns[$CheckedColumn] = true;
} }
} else { } else {
$showColumns['server_hostname'] = true; if ($GLOBALS['modules_enabled']['customers']) {
$showColumns['company_name'] = true; $API_servers->baseQuery = "SELECT * FROM servers LEFT JOIN companies ON companies.company_uuid = servers.company_uuid";
$showColumns['server_os'] = true; } else {
$showColumns['server_cpu'] = true; $API_servers->baseQuery = "SELECT * FROM servers";
$showColumns['server_memory'] = true;
$showColumns['server_memory_demand'] = true;
$showColumns['server_disks'] = true;
$showColumns['server_state'] = true;
}
function cleanNumber($num)
{
// If integer value, return without formatting
if (floor($num) == $num) {
return (string)$num;
} }
}
// Otherwise return trimmed float // Otherwise return trimmed float
return rtrim(rtrim(number_format($num, 10, '.', ''), '0'), '.'); return rtrim(rtrim(number_format($num, 10, '.', ''), '0'), '.');