diff --git a/application/models/Jcc_model.php b/application/models/Jcc_model.php index 788a5fe90..9df83499b 100644 --- a/application/models/Jcc_model.php +++ b/application/models/Jcc_model.php @@ -2,7 +2,7 @@ class Jcc_model extends CI_Model { - + private $location_list=null; function __construct() { $this->load->library('Genfunctions'); @@ -937,7 +937,7 @@ class Jcc_model extends CI_Model { $cities[$city]['count'] = 0; // Inits each city's count } - $qsl = $this->genfunctions->gen_qsl_from_postdata($postdata); + $qsl = $this->genfunctions->gen_qsl_from_postdata($postdata); foreach ($bands as $band) { @@ -997,15 +997,18 @@ class Jcc_model extends CI_Model { } function getJccBandConfirmed($location_list, $band, $postdata) { + $bindings=[]; $sql = "select adif as waja, name from dxcc_entities join ( select col_dxcc from ".$this->config->item('table_name')." thcv where station_id in (" . $location_list . ") and col_dxcc > 0"; - $sql .= $this->genfunctions->addBandToQuery($band); + $sql .= $this->genfunctions->addBandToQuery($band,$bindings); if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->genfunctions->addQslToQuery($postdata); @@ -1016,22 +1019,25 @@ class Jcc_model extends CI_Model { $sql .= " and dxcc_entities.end is null"; } - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } function getJccBandWorked($location_list, $band, $postdata) { + $bindings=[]; $sql = "select adif as waja, name from dxcc_entities join ( select col_dxcc from ".$this->config->item('table_name')." thcv where station_id in (" . $location_list . ") and col_dxcc > 0"; - $sql .= $this->genfunctions->addBandToQuery($band); + $sql .= $this->genfunctions->addBandToQuery($band,$bindings); if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= " group by col_dxcc @@ -1041,7 +1047,7 @@ class Jcc_model extends CI_Model { $sql .= " and dxcc_entities.end is null"; } - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } @@ -1051,29 +1057,34 @@ class Jcc_model extends CI_Model { * $postdata contains data from the form, in this case Lotw or QSL are used */ function getJccWorked($location_list, $band, $postdata) { + $bindings=[]; $sql = "SELECT distinct col_cnty FROM " . $this->config->item('table_name') . " thcv where station_id in (" . $location_list . ")"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->addStateToQuery(); - $sql .= $this->genfunctions->addBandToQuery($band); + $sql .= $this->genfunctions->addBandToQuery($band,$bindings); $sql .= " and not exists (select 1 from ". $this->config->item('table_name') . " where station_id in (". $location_list . ")" . " and col_cnty = thcv.col_cnty"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } - $sql .= $this->genfunctions->addBandToQuery($band); + $sql .= $this->genfunctions->addBandToQuery($band,$bindings); $sql .= $this->genfunctions->addQslToQuery($postdata); $sql .= $this->addStateToQuery(); $sql .= ")"; - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } @@ -1083,25 +1094,28 @@ class Jcc_model extends CI_Model { * $postdata contains data from the form, in this case Lotw or QSL are used */ function getJccConfirmed($location_list, $band, $postdata) { + $bindings=[]; $sql = "SELECT distinct col_cnty FROM " . $this->config->item('table_name') . " thcv where station_id in (" . $location_list . ")"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->addStateToQuery(); - $sql .= $this->genfunctions->addBandToQuery($band); + $sql .= $this->genfunctions->addBandToQuery($band,$bindings); $sql .= $this->genfunctions->addQslToQuery($postdata); - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } - + /* * Function gets worked and confirmed summary on each band on the active stationprofile */ @@ -1122,21 +1136,23 @@ class Jcc_model extends CI_Model { $jccSummary['confirmed']['Total'] = $confirmedTotal[0]->count; if (in_array('SAT', $bands)) { - $worked = $this->getSummaryByBand('SAT', $postdata, $this->location_list); - $confirmed = $this->getSummaryByBandConfirmed('SAT', $postdata, $this->location_list); - $jccSummary['worked']['SAT'] = $worked[0]->count; - $jccSummary['confirmed']['SAT'] = $confirmed[0]->count; + $worked = $this->getSummaryByBand('SAT', $postdata, $this->location_list); + $confirmed = $this->getSummaryByBandConfirmed('SAT', $postdata, $this->location_list); + $jccSummary['worked']['SAT'] = $worked[0]->count; + $jccSummary['confirmed']['SAT'] = $confirmed[0]->count; } return $jccSummary; } function getSummaryByBand($band, $postdata, $location_list) { + $bindings=[]; $sql = "SELECT count(distinct thcv.col_cnty) as count FROM " . $this->config->item('table_name') . " thcv"; $sql .= " where station_id in (" . $location_list . ")"; if ($band == 'SAT') { - $sql .= " and thcv.col_prop_mode ='" . $band . "'"; + $sql .= " and thcv.col_prop_mode = ?"; + $bindings[]=$band; } else if ($band == 'All') { $this->load->model('bands'); $bandslots = $this->bands->get_worked_bands('was'); @@ -1146,26 +1162,31 @@ class Jcc_model extends CI_Model { " and thcv.col_prop_mode !='SAT'"; } else { $sql .= " and thcv.col_prop_mode !='SAT'"; - $sql .= " and thcv.col_band ='" . $band . "'"; + $sql .= " and thcv.col_band = ?"; + $bindings[]=$band; } if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->addStateToQuery(); - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } function getSummaryByBandConfirmed($band, $postdata, $location_list) { + $bindings=[]; $sql = "SELECT count(distinct thcv.col_cnty) as count FROM " . $this->config->item('table_name') . " thcv"; $sql .= " where station_id in (" . $location_list . ")"; if ($band == 'SAT') { - $sql .= " and thcv.col_prop_mode ='" . $band . "'"; + $sql .= " and thcv.col_prop_mode = ?"; + $bindings[]=$band; } else if ($band == 'All') { $this->load->model('bands'); $bandslots = $this->bands->get_worked_bands('was'); @@ -1175,16 +1196,19 @@ class Jcc_model extends CI_Model { " and thcv.col_prop_mode !='SAT'"; } else { $sql .= " and thcv.col_prop_mode !='SAT'"; - $sql .= " and thcv.col_band ='" . $band . "'"; + $sql .= " and thcv.col_band = ?"; + $bindings[]=$band; } if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->genfunctions->addQslToQuery($postdata); $sql .= $this->addStateToQuery(); - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } @@ -1198,19 +1222,22 @@ class Jcc_model extends CI_Model { } function exportJcc($postdata) { + $bindings=[]; $sql = "SELECT distinct col_cnty FROM " . $this->config->item('table_name') . " thcv where station_id in (" . $this->location_list . ")"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->addStateToQuery(); - $sql .= $this->genfunctions->addBandToQuery($postdata['band']); + $sql .= $this->genfunctions->addBandToQuery($postdata['band'],$bindings); $sql .= $this->genfunctions->addQslToQuery($postdata); $sql .= ' ORDER BY COL_CNTY ASC'; - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); $jccs = array(); foreach($query->result() as $line) { @@ -1226,44 +1253,54 @@ class Jcc_model extends CI_Model { } function getFirstQso($location_list, $jcc, $postdata) { + $bindings=[]; $sql = 'SELECT COL_CNTY, COL_CALL, COL_TIME_ON, COL_BAND, COL_MODE, COL_PROP_MODE FROM '.$this->config->item('table_name').' t1 WHERE station_id in ('.$location_list.')'; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->addStateToQuery(); - $sql .= $this->genfunctions->addBandToQuery($postdata['band']); + $sql .= $this->genfunctions->addBandToQuery($postdata['band'],$bindings); $sql .= $this->genfunctions->addQslToQuery($postdata); - $sql .= ' AND COL_CNTY = \''.$jcc.'\''; + $sql .= ' AND COL_CNTY = ?'; + $bindings[]=$jcc; $sql .= ' ORDER BY COL_TIME_ON ASC LIMIT 1'; - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } function fetch_jcc_wkd($postdata) { + $bindings=[]; $sql = 'SELECT DISTINCT `COL_CNTY` FROM '.$this->config->item('table_name').' WHERE 1 and station_id in ('.$this->location_list.')'; $sql .= $this->addStateToQuery(); - $sql .= $this->genfunctions->addBandToQuery($postdata['band']); + $sql .= $this->genfunctions->addBandToQuery($postdata['band'],$bindings); if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= ' ORDER BY COL_CNTY ASC'; - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); } function fetch_jcc_cnfm($postdata) { + $bindings=[]; $sql = 'SELECT DISTINCT `COL_CNTY` FROM '.$this->config->item('table_name').' WHERE 1 and station_id in ('.$this->location_list.')'; $sql .= $this->addStateToQuery(); - $sql .= $this->genfunctions->addBandToQuery($postdata['band']); + $sql .= $this->genfunctions->addBandToQuery($postdata['band'],$bindings); if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $bindings[]=$postdata['mode']; + $bindings[]=$postdata['mode']; } $sql .= $this->genfunctions->addQslToQuery($postdata); $sql .= ' ORDER BY COL_CNTY ASC'; - $query = $this->db->query($sql); + $query = $this->db->query($sql,$bindings); return $query->result(); }