Public_Tools/wavelog
2
0
Fork 0
mirror of https://github.com/wavelog/wavelog.git synced 2026-03-22 10:24:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

added checks to backend and frontend of "print requested qsls" to only

Browse Source 
allow access to QSOs of user
This commit is contained in:
Thomas Werzmirzowsky
2021-11-17 22:30:20 +01:00
parent e044da8df0
commit 821a00dabb
4 changed files with 43 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
application/models/Qslprint_model.php
View File

@@ -8,19 +8,33 @@ class Qslprint_model extends CI_Model {
$station_id = $CI->Stations->find_active();
$data = array(
'COL_QSLSDATE' => date('Y-m-d'),
'COL_QSL_SENT' => "Y",
'COL_QSL_SENT_VIA' => "B",
'COL_QSLSDATE' => date('Y-m-d'),
'COL_QSL_SENT' => "Y",
'COL_QSL_SENT_VIA' => "B",
);
$this->db->where_in("COL_QSL_SENT", array("R","Q"));
if ($station_id2 == NULL) {
$this->db->where("station_id", $station_id);
} else if ($station_id2 == 'All') {
// get all stations of user
$stations = $CI->Stations->all_of_user();
$station_ids = array();
foreach ($stations->result() as $row) {
array_push($station_ids, $row->station_id);
}
// filter by all stations
$this->db->where_in("station_id", $station_ids);
} else if ($station_id2 != 'All') {
// be sure that station belongs to user
if (!$CI->Stations->check_station_is_accessible($station_id2)) {
return;
}
$this->db->where("station_id", $station_id2);
}
$this->db->where_in("COL_QSL_SENT", array("R","Q"));
$this->db->update($this->config->item('table_name'), $data);
}
@@ -35,6 +49,8 @@ class Qslprint_model extends CI_Model {
}
$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
// always filter user. this ensures that even if the station_id is from another user no inaccesible QSOs will be returned
$this->db->where('station_profile.user_id', $this->session->userdata('user_id'));
$this->db->where_in('COL_QSL_SENT', array('R', 'Q'));
$this->db->order_by("COL_TIME_ON", "ASC");
$query = $this->db->get($this->config->item('table_name'));
@@ -49,6 +65,13 @@ class Qslprint_model extends CI_Model {
}
function delete_from_qsl_queue($id) {
// be sure that QSO belongs to user
$CI =& get_instance();
$CI->load->model('logbook_model');
if (!$CI->logbook_model->check_qso_is_accessible($id)) {
return;
}
$data = array(
'COL_QSL_SENT' => "N",
);
@@ -60,6 +83,13 @@ class Qslprint_model extends CI_Model {
}
function add_qso_to_print_queue($id) {
// be sure that QSO belongs to user
$CI =& get_instance();
$CI->load->model('logbook_model');
if (!$CI->logbook_model->check_qso_is_accessible($id)) {
return;
}
$data = array(
'COL_QSL_SENT' => "R",
);
@@ -72,6 +102,8 @@ class Qslprint_model extends CI_Model {
function open_qso_list($callsign) {
$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
// always filter user. this ensures that no inaccesible QSOs will be returned
$this->db->where('station_profile.user_id', $this->session->userdata('user_id'));
$this->db->where('COL_CALL like "%'.$callsign.'%"');
$this->db->where('coalesce(COL_QSL_SENT, "") not in ("R", "Q")');
$this->db->order_by("COL_TIME_ON", "ASC");