kopia lustrzana https://github.com/magicbug/Cloudlog
added user checks to previous contacts and qsl management
rodzic
b58ed8bcbd
commit
0ff857357c
|
@ -384,7 +384,7 @@ class Logbook extends CI_Controller {
|
|||
|
||||
function view($id) {
|
||||
$this->load->model('user_model');
|
||||
if(!$this->user_model->authorize($this->config->item('auth_mode'))) { return; }
|
||||
if(!$this->user_model->authorize($this->config->item('auth_mode'))) { return; }
|
||||
|
||||
$this->load->library('qra');
|
||||
|
||||
|
@ -408,15 +408,19 @@ class Logbook extends CI_Controller {
|
|||
|
||||
function partial($id) {
|
||||
$this->load->model('user_model');
|
||||
if(!$this->user_model->authorize($this->config->item('auth_mode'))) { return; }
|
||||
if(!$this->user_model->authorize($this->config->item('auth_mode'))) { return; }
|
||||
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbooks_model');
|
||||
$logbooks_locations_array = $CI->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook'));
|
||||
|
||||
$html = "";
|
||||
|
||||
|
||||
$this->db->select(''.$this->config->item('table_name').'.COL_CALL, '.$this->config->item('table_name').'.COL_BAND, '.$this->config->item('table_name').'.COL_TIME_ON, '.$this->config->item('table_name').'.COL_RST_RCVD, '.$this->config->item('table_name').'.COL_RST_SENT, '.$this->config->item('table_name').'.COL_MODE, '.$this->config->item('table_name').'.COL_SUBMODE, '.$this->config->item('table_name').'.COL_PRIMARY_KEY, '.$this->config->item('table_name').'.COL_SAT_NAME, '.$this->config->item('table_name').'.COL_GRIDSQUARE, '.$this->config->item('table_name').'.COL_QSL_RCVD, '.$this->config->item('table_name').'.COL_EQSL_QSL_RCVD, '.$this->config->item('table_name').'.COL_EQSL_QSL_SENT, '.$this->config->item('table_name').'.COL_QSL_SENT, '.$this->config->item('table_name').'.COL_STX, '.$this->config->item('table_name').'.COL_STX_STRING, '.$this->config->item('table_name').'.COL_SRX, '.$this->config->item('table_name').'.COL_SRX_STRING, '.$this->config->item('table_name').'.COL_LOTW_QSL_SENT, '.$this->config->item('table_name').'.COL_LOTW_QSL_RCVD, '.$this->config->item('table_name').'.COL_VUCC_GRIDS, station_profile.*');
|
||||
$this->db->from($this->config->item('table_name'));
|
||||
|
||||
$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
|
||||
$this->db->where_in('station_profile.station_id', $logbooks_locations_array);
|
||||
$this->db->order_by(''.$this->config->item('table_name').'.COL_TIME_ON', "desc");
|
||||
|
||||
$this->db->like($this->config->item('table_name').'.COL_CALL', $id);
|
||||
|
|
|
@ -571,7 +571,12 @@ class Logbook_model extends CI_Model {
|
|||
|
||||
/* Return last 10 QSOs */
|
||||
function last_ten() {
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbooks_model');
|
||||
$logbooks_locations_array = $CI->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook'));
|
||||
|
||||
$this->db->select('COL_CALL, COL_BAND, COL_TIME_ON, COL_RST_RCVD, COL_RST_SENT, COL_MODE, COL_SUBMODE, COL_NAME, COL_COUNTRY, COL_PRIMARY_KEY, COL_SAT_NAME');
|
||||
$this->db->where_in('station_id', $logbooks_locations_array);
|
||||
$this->db->order_by("COL_TIME_ON", "desc");
|
||||
$this->db->limit(10);
|
||||
|
||||
|
@ -580,7 +585,12 @@ class Logbook_model extends CI_Model {
|
|||
|
||||
/* Show custom number of qsos */
|
||||
function last_custom($num) {
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbooks_model');
|
||||
$logbooks_locations_array = $CI->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook'));
|
||||
|
||||
$this->db->select('COL_CALL, COL_BAND, COL_TIME_ON, COL_RST_RCVD, COL_RST_SENT, COL_MODE, COL_SUBMODE, COL_NAME, COL_COUNTRY, COL_PRIMARY_KEY, COL_SAT_NAME');
|
||||
$this->db->where_in('station_id', $logbooks_locations_array);
|
||||
$this->db->order_by("COL_TIME_ON", "desc");
|
||||
$this->db->limit($num);
|
||||
|
||||
|
@ -842,10 +852,15 @@ class Logbook_model extends CI_Model {
|
|||
}
|
||||
|
||||
function get_qso($id) {
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbooks_model');
|
||||
$logbooks_locations_array = $CI->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook'));
|
||||
|
||||
$this->db->select(''.$this->config->item('table_name').'.*, station_profile.*');
|
||||
$this->db->from($this->config->item('table_name'));
|
||||
|
||||
$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
|
||||
$this->db->where_in($this->config->item('table_name').'.station_id', $logbooks_locations_array);
|
||||
$this->db->where('COL_PRIMARY_KEY', $id);
|
||||
|
||||
return $this->db->get();
|
||||
|
@ -2644,6 +2659,19 @@ class Logbook_model extends CI_Model {
|
|||
return $this->db->get($this->config->item('table_name'));
|
||||
}
|
||||
|
||||
public function check_qso_is_accessible($id) {
|
||||
// check if qso belongs to user
|
||||
$this->db->select($this->config->item('table_name').'.COL_PRIMARY_KEY');
|
||||
$this->db->join('station_profile', $this->config->item('table_name').'.station_id = station_profile.station_id');
|
||||
$this->db->where('station_profile.user_id', $this->session->userdata('user_id'));
|
||||
$this->db->where($this->config->item('table_name').'.COL_PRIMARY_KEY', $id);
|
||||
$query = $this->db->get($this->config->item('table_name'));
|
||||
if ($query->num_rows() == 1) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function validateADIFDate($date, $format = 'Ymd')
|
||||
|
|
|
@ -175,7 +175,8 @@ class Logbooks_model extends CI_Model {
|
|||
}
|
||||
|
||||
public function check_logbook_is_accessible($id) {
|
||||
// check if logbook belongs to user
|
||||
// check if logbook belongs to user
|
||||
$this->db->select('logbook_id');
|
||||
$this->db->where('user_id', $this->session->userdata('user_id'));
|
||||
$this->db->where('logbook_id', $id);
|
||||
$query = $this->db->get('station_logbooks');
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
class Qsl_model extends CI_Model {
|
||||
function getQsoWithQslList() {
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('Stations');
|
||||
$station_id = $CI->Stations->find_active();
|
||||
$CI->load->model('logbooks_model');
|
||||
$logbooks_locations_array = $CI->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook'));
|
||||
|
||||
$this->db->select('*');
|
||||
$this->db->from($this->config->item('table_name'));
|
||||
$this->db->join('qsl_images', 'qsl_images.qsoid = ' . $this->config->item('table_name') . '.col_primary_key');
|
||||
$this->db->where('station_id', $station_id);
|
||||
$this->db->where_in('station_id', $logbooks_locations_array);
|
||||
|
||||
return $this->db->get();
|
||||
}
|
||||
|
@ -17,6 +17,13 @@ class Qsl_model extends CI_Model {
|
|||
// Clean ID
|
||||
$clean_id = $this->security->xss_clean($id);
|
||||
|
||||
// be sure that QSO belongs to user
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbook_model');
|
||||
if (!$CI->logbook_model->check_qso_is_accessible($clean_id)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->db->select('*');
|
||||
$this->db->from('qsl_images');
|
||||
$this->db->where('qsoid', $clean_id);
|
||||
|
@ -25,8 +32,18 @@ class Qsl_model extends CI_Model {
|
|||
}
|
||||
|
||||
function saveQsl($qsoid, $filename) {
|
||||
// Clean ID
|
||||
$clean_id = $this->security->xss_clean($qsoid);
|
||||
|
||||
// be sure that QSO belongs to user
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbook_model');
|
||||
if (!$CI->logbook_model->check_qso_is_accessible($clean_id)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$data = array(
|
||||
'qsoid' => $qsoid,
|
||||
'qsoid' => $clean_id,
|
||||
'filename' => $filename
|
||||
);
|
||||
|
||||
|
@ -39,6 +56,13 @@ class Qsl_model extends CI_Model {
|
|||
// Clean ID
|
||||
$clean_id = $this->security->xss_clean($id);
|
||||
|
||||
// be sure that QSO belongs to user
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbook_model');
|
||||
if (!$CI->logbook_model->check_qso_is_accessible($clean_id)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Delete Mode
|
||||
$this->db->delete('qsl_images', array('id' => $clean_id));
|
||||
}
|
||||
|
@ -47,6 +71,13 @@ class Qsl_model extends CI_Model {
|
|||
// Clean ID
|
||||
$clean_id = $this->security->xss_clean($id);
|
||||
|
||||
// be sure that QSO belongs to user
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbook_model');
|
||||
if (!$CI->logbook_model->check_qso_is_accessible($clean_id)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->db->select('filename');
|
||||
$this->db->from('qsl_images');
|
||||
$this->db->where('id', $clean_id);
|
||||
|
@ -54,14 +85,14 @@ class Qsl_model extends CI_Model {
|
|||
return $this->db->get();
|
||||
}
|
||||
|
||||
function searchQsos($callsign) {
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('Stations');
|
||||
$station_id = $CI->Stations->find_active();
|
||||
function searchQsos($callsign) {
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbooks_model');
|
||||
$logbooks_locations_array = $CI->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook'));
|
||||
|
||||
$this->db->select('*');
|
||||
$this->db->from($this->config->item('table_name'));
|
||||
$this->db->where('station_id', $station_id);
|
||||
$this->db->where_in('station_id', $logbooks_locations_array);
|
||||
$this->db->where('col_call', $callsign);
|
||||
|
||||
return $this->db->get();
|
||||
|
@ -71,8 +102,15 @@ class Qsl_model extends CI_Model {
|
|||
$clean_qsoid = $this->security->xss_clean($qsoid);
|
||||
$clean_filename = $this->security->xss_clean($filename);
|
||||
|
||||
// be sure that QSO belongs to user
|
||||
$CI =& get_instance();
|
||||
$CI->load->model('logbook_model');
|
||||
if (!$CI->logbook_model->check_qso_is_accessible($clean_qsoid)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$data = array(
|
||||
'qsoid' => $qsoid,
|
||||
'qsoid' => $clean_qsoid,
|
||||
'filename' => $filename
|
||||
);
|
||||
|
||||
|
|
|
@ -290,6 +290,7 @@ class Stations extends CI_Model {
|
|||
|
||||
public function check_station_is_accessible($id) {
|
||||
// check if station belongs to user
|
||||
$this->db->select('station_id');
|
||||
$this->db->where('user_id', $this->session->userdata('user_id'));
|
||||
$this->db->where('station_id', $id);
|
||||
$query = $this->db->get('station_profile');
|
||||
|
|
Ładowanie…
Reference in New Issue