diff --git a/application/controllers/Api.php b/application/controllers/Api.php
index 4ae4f64d5..c56436f87 100644
--- a/application/controllers/Api.php
+++ b/application/controllers/Api.php
@@ -74,9 +74,9 @@ class API extends CI_Controller {
} else {
// Success!
- $this->api_model->update_key_description($this->input->post('api_key'), $this->input->post('api_desc'));
+ $this->api_model->update_key_description($this->input->post('api_key', true), $this->input->post('api_desc', true));
- $this->session->set_flashdata('notice', sprintf(__("API Key %s description has been updated."), "".$this->input->post('api_key').""));
+ $this->session->set_flashdata('notice', sprintf(__("API Key %s description has been updated."), "" . htmlspecialchars($this->input->post('api_key', true), ENT_QUOTES, 'UTF-8') . ""));
redirect('api');
}
@@ -118,7 +118,7 @@ class API extends CI_Controller {
$this->api_model->delete_key($key);
- $this->session->set_flashdata('notice', sprintf(__("API Key %s has been deleted"), "".$key."" ));
+ $this->session->set_flashdata('notice', sprintf(__("API Key %s has been deleted"), "" . htmlspecialchars($key, ENT_QUOTES, 'UTF-8') . "" ));
redirect('api');
}
diff --git a/application/controllers/Band.php b/application/controllers/Band.php
index 181287cef..1dc1afc37 100644
--- a/application/controllers/Band.php
+++ b/application/controllers/Band.php
@@ -1,4 +1,4 @@
-load->helper(array('form', 'url'));
$this->load->model('user_model');
- if(!$this->user_model->authorize(2) || !clubaccess_check(9)) { $this->session->set_flashdata('error', __("You're not allowed to do that!")); redirect('dashboard'); }
+ if (!$this->user_model->authorize(2) || !clubaccess_check(9)) {
+ $this->session->set_flashdata('error', __("You're not allowed to do that!"));
+ redirect('dashboard');
+ }
+
+ $this->load->model('bands');
}
- public function index()
- {
- $this->load->model('bands');
-
+ public function index() {
$data['bands'] = $this->bands->get_all_bands_for_user();
// Render Page
@@ -28,10 +29,7 @@ class Band extends CI_Controller {
$this->load->view('interface_assets/footer');
}
- public function edges()
- {
- $this->load->model('bands');
-
+ public function edges() {
$data['bands'] = $this->bands->get_all_bandedges_for_user();
$footerData = [];
@@ -47,10 +45,7 @@ class Band extends CI_Controller {
}
// API endpoint to get band edges for the logged-in user
- public function get_user_bandedges()
- {
- $this->load->model('bands');
-
+ public function get_user_bandedges() {
// Get region parameter from query string, default to 1 (IARU Region 1)
// Note: Region selection is not yet fully implemented in the code
$region = $this->input->get('region');
@@ -63,9 +58,7 @@ class Band extends CI_Controller {
return;
}
- public function create()
- {
- $this->load->model('bands');
+ public function create() {
$this->load->library('form_validation');
$this->form_validation->set_rules('band', 'Band', 'required');
@@ -86,11 +79,8 @@ class Band extends CI_Controller {
}
}
- public function edit()
- {
- $this->load->model('bands');
-
- $item_id_clean = $this->security->xss_clean($this->input->post('id'));
+ public function edit() {
+ $item_id_clean = $this->input->post('id');
$band_query = $this->bands->getband($item_id_clean);
@@ -98,119 +88,109 @@ class Band extends CI_Controller {
$data['page_title'] = __("Edit Band");
- $this->load->view('bands/edit', $data);
+ $this->load->view('bands/edit', $data);
}
public function saveupdatedband() {
- $this->load->model('bands');
+ $id = $this->input->post('id', true);
+ $band['band'] = $this->input->post('band', true);
+ $band['bandgroup'] = $this->input->post('bandgroup', true);
+ $band['ssbqrg'] = $this->input->post('ssbqrg', true);
+ $band['dataqrg'] = $this->input->post('dataqrg', true);
+ $band['cwqrg'] = $this->input->post('cwqrg', true);
- $id = $this->security->xss_clean($this->input->post('id', true));
- $band['band'] = $this->security->xss_clean($this->input->post('band', true));
- $band['bandgroup'] = $this->security->xss_clean($this->input->post('bandgroup', true));
- $band['ssbqrg'] = $this->security->xss_clean($this->input->post('ssbqrg', true));
- $band['dataqrg'] = $this->security->xss_clean($this->input->post('dataqrg', true));
- $band['cwqrg'] = $this->security->xss_clean($this->input->post('cwqrg', true));
-
- $this->bands->saveupdatedband($id, $band);
+ $this->bands->saveupdatedband($id, $band);
echo json_encode(array('message' => 'OK'));
- return;
+ return;
}
public function delete() {
- $id = $this->input->post('id');
- $this->load->model('bands');
- $this->bands->delete($id);
+ $id = $this->input->post('id', true);
+ $userid = $this->session->userdata('user_id');
+ $this->bands->delete($id, $userid);
}
public function activate() {
- $id = $this->input->post('id');
- $this->load->model('bands');
- $this->bands->activate($id);
- header('Content-Type: application/json');
- echo json_encode(array('message' => 'OK'));
- return;
- }
+ $id = $this->input->post('id', true);
+ $this->bands->activate($id);
+ header('Content-Type: application/json');
+ echo json_encode(array('message' => 'OK'));
+ return;
+ }
- public function deactivate() {
- $id = $this->input->post('id');
- $this->load->model('bands');
- $this->bands->deactivate($id);
- header('Content-Type: application/json');
- echo json_encode(array('message' => 'OK'));
- return;
- }
+ public function deactivate() {
+ $id = $this->input->post('id', true);
+ $this->bands->deactivate($id);
+ header('Content-Type: application/json');
+ echo json_encode(array('message' => 'OK'));
+ return;
+ }
public function activateall() {
- $this->load->model('bands');
- $this->bands->activateall();
- header('Content-Type: application/json');
- echo json_encode(array('message' => 'OK'));
- return;
- }
-
- public function deactivateall() {
- $this->load->model('bands');
- $this->bands->deactivateall();
- header('Content-Type: application/json');
- echo json_encode(array('message' => 'OK'));
+ $this->bands->activateall();
+ header('Content-Type: application/json');
+ echo json_encode(array('message' => 'OK'));
return;
- }
+ }
- public function saveBand() {
- $id = $this->security->xss_clean($this->input->post('id'));
- $band['status'] = $this->security->xss_clean($this->input->post('status'));
- $band['cq'] = $this->security->xss_clean($this->input->post('cq'));
- $band['dok'] = $this->security->xss_clean($this->input->post('dok'));
- $band['dxcc'] = $this->security->xss_clean($this->input->post('dxcc'));
- $band['helvetia'] = $this->security->xss_clean($this->input->post('helvetia'));
- $band['iota'] = $this->security->xss_clean($this->input->post('iota'));
- $band['jcc'] = $this->security->xss_clean($this->input->post('jcc'));
- $band['pota'] = $this->security->xss_clean($this->input->post('pota'));
- $band['rac'] = $this->security->xss_clean($this->input->post('rac'));
- $band['sig'] = $this->security->xss_clean($this->input->post('sig'));
- $band['sota'] = $this->security->xss_clean($this->input->post('sota'));
- $band['uscounties'] = $this->security->xss_clean($this->input->post('uscounties'));
- $band['wap'] = $this->security->xss_clean($this->input->post('wap'));
- $band['wapc'] = $this->security->xss_clean($this->input->post('wapc'));
- $band['was'] = $this->security->xss_clean($this->input->post('was'));
- $band['wwff'] = $this->security->xss_clean($this->input->post('wwff'));
- $band['vucc'] = $this->security->xss_clean($this->input->post('vucc'));
- $band['waja'] = $this->security->xss_clean($this->input->post('waja'));
+ public function deactivateall() {
+ $this->bands->deactivateall();
+ header('Content-Type: application/json');
+ echo json_encode(array('message' => 'OK'));
+ return;
+ }
- $this->load->model('bands');
- $this->bands->saveBand($id, $band);
+ public function saveBand() {
+ $id = $this->input->post('id', true);
+ $band['status'] = $this->input->post('status', true);
+ $band['cq'] = $this->input->post('cq', true);
+ $band['dok'] = $this->input->post('dok', true);
+ $band['dxcc'] = $this->input->post('dxcc', true);
+ $band['helvetia'] = $this->input->post('helvetia', true);
+ $band['iota'] = $this->input->post('iota', true);
+ $band['jcc'] = $this->input->post('jcc', true);
+ $band['pota'] = $this->input->post('pota', true);
+ $band['rac'] = $this->input->post('rac', true);
+ $band['sig'] = $this->input->post('sig', true);
+ $band['sota'] = $this->input->post('sota', true);
+ $band['uscounties'] = $this->input->post('uscounties', true);
+ $band['wap'] = $this->input->post('wap', true);
+ $band['wapc'] = $this->input->post('wapc', true);
+ $band['was'] = $this->input->post('was', true);
+ $band['wwff'] = $this->input->post('wwff', true);
+ $band['vucc'] = $this->input->post('vucc', true);
+ $band['waja'] = $this->input->post('waja', true);
- header('Content-Type: application/json');
- echo json_encode(array('message' => 'OK'));
- return;
- }
-
- public function saveBandAward() {
- $award = $this->security->xss_clean($this->input->post('award'));
- $status = $this->security->xss_clean($this->input->post('status'));
-
- $this->load->model('bands');
- $this->bands->saveBandAward($award, $status);
+ $this->bands->saveBand($id, $band);
header('Content-Type: application/json');
- echo json_encode(array('message' => 'OK'));
+ echo json_encode(array('message' => 'OK'));
return;
- }
+ }
+
+ public function saveBandAward() {
+ $award = $this->input->post('award', true);
+ $status = $this->input->post('status', true);
+
+ $this->bands->saveBandAward($award, $status);
+
+ header('Content-Type: application/json');
+ echo json_encode(array('message' => 'OK'));
+ return;
+ }
public function saveBandUnit() {
- $unit = $this->security->xss_clean($this->input->post('unit'));
- $band_id = $this->security->xss_clean($this->input->post('band_id'));
+ $unit = $this->input->post('unit', true);
+ $band_id = $this->input->post('band_id', true);
- $this->load->model('bands');
$band = $this->bands->getband($band_id)->row()->band;
$this->user_options_model->set_option('frequency', 'unit', array($band => $unit));
- $this->session->set_userdata('qrgunit_'.$band, $unit);
+ $this->session->set_userdata('qrgunit_' . $band, $unit);
}
public function deletebandedge() {
- $id = $this->input->post('id');
- $this->load->model('bands');
+ $id = $this->input->post('id', true);
$this->bands->deletebandedge($id);
header('Content-Type: application/json');
echo json_encode(array('message' => 'OK'));
@@ -218,14 +198,12 @@ class Band extends CI_Controller {
}
public function saveBandEdge() {
- $this->load->model('bands');
-
- $id = $this->security->xss_clean($this->input->post('id', true));
- $frequencyfrom = $this->security->xss_clean($this->input->post('frequencyfrom', true));
- $frequencyto = $this->security->xss_clean($this->input->post('frequencyto', true));
- $mode = $this->security->xss_clean($this->input->post('mode', true));
+ $id = $this->input->post('id', true);
+ $frequencyfrom = $this->input->post('frequencyfrom', true);
+ $frequencyto = $this->input->post('frequencyto', true);
+ $mode = $this->input->post('mode', true);
if ((is_numeric($frequencyfrom)) && (is_numeric($frequencyfrom))) {
- $overlap=$this->bands->check4overlapEdges($id, $frequencyfrom, $frequencyto, $mode);
+ $overlap = $this->bands->check4overlapEdges($id, $frequencyfrom, $frequencyto, $mode);
if (!($overlap)) {
$this->bands->saveBandEdge($id, $frequencyfrom, $frequencyto, $mode);
echo json_encode(array('message' => 'OK'));
diff --git a/application/controllers/Qso.php b/application/controllers/Qso.php
index b38b62057..71af49524 100644
--- a/application/controllers/Qso.php
+++ b/application/controllers/Qso.php
@@ -573,11 +573,6 @@ class QSO extends CI_Controller {
$data['message_contents'] = "QSO Deleted Successfully";
$this->load->view('messages/message', $data);
}
-
- // If deletes from /logbook dropdown redirect
- if (strpos($_SERVER['HTTP_REFERER'], '/logbook') !== false) {
- redirect($_SERVER['HTTP_REFERER']);
- }
}
/* Delete QSO */
diff --git a/application/models/Bands.php b/application/models/Bands.php
index 17b2cc588..213f86722 100644
--- a/application/models/Bands.php
+++ b/application/models/Bands.php
@@ -300,12 +300,8 @@ class Bands extends CI_Model {
return true;
}
- function delete($id) {
- // Clean ID
- $clean_id = $this->security->xss_clean($id);
-
- // Delete Mode
- $this->db->delete('bandxuser', array('id' => $clean_id));
+ function delete($id, $userid) {
+ $this->db->delete('bandxuser', array('id' => $id, 'userid' => $userid));
}
function saveBand($id, $band) {
diff --git a/application/models/User_model.php b/application/models/User_model.php
index 3fc0e422b..a05d2cde4 100644
--- a/application/models/User_model.php
+++ b/application/models/User_model.php
@@ -293,31 +293,42 @@ class User_Model extends CI_Model {
$this->db->insert($this->config->item('auth_table'), $data);
$insert_id = $this->db->insert_id();
- $this->db->query("insert into bandxuser (bandid, userid) select bands.id, " . $insert_id . " from bands;");
- $this->db->query("insert into paper_types (user_id,paper_name,metric,width,orientation,height) SELECT ".$insert_id.", paper_name, metric, width, orientation,height FROM paper_types where user_id = 0;");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'map_custom','icon','qso','{\"icon\":\"fas fa-dot-circle\",\"color\":\"#ff0000\"}');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'map_custom','icon','qsoconfirm','{\"icon\":\"fas fa-dot-circle\",\"color\":\"#00ff00\"}');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'map_custom','icon','station','{\"icon\":\"fas fa-broadcast-tower\",\"color\":\"#0000ff\"}');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'map_custom','gridsquare','show','0');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'hamsat','hamsat_key','api','".xss_clean($user_hamsat_key)."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'hamsat','hamsat_key','workable','".xss_clean($user_hamsat_workable_only)."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','iota','show',".(xss_clean($user_iota_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','sota','show',".(xss_clean($user_sota_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','wwff','show',".(xss_clean($user_wwff_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','pota','show',".(xss_clean($user_pota_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','sig','show',".(xss_clean($user_sig_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','dok','show',".(xss_clean($user_dok_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_tab','station','show',".(xss_clean($user_station_to_qso_tab ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'dashboard','show_map','boolean','".xss_clean($dashboard_map ?? 'Y')."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'dashboard','show_dashboard_banner','boolean','".xss_clean($dashboard_banner ?? 'Y')."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'dashboard','show_dashboard_solar','boolean','".xss_clean($dashboard_solar ?? 'Y')."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'widget','on_air','enabled','".(xss_clean($on_air_widget_enabled ?? 'false'))."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'widget','on_air','display_last_seen','".(xss_clean($on_air_widget_display_last_seen ?? 'false'))."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'widget','on_air','display_only_most_recent_radio','".(xss_clean($on_air_widget_show_only_most_recent_radio ?? 'true'))."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'widget','qso','display_qso_time','".(xss_clean($qso_widget_display_qso_time ?? 'false'))."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'qso_db_search_priority','enable','boolean','".(xss_clean($user_qso_db_search_priority ?? 'Y'))."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $insert_id . ", 'dxwaterfall','enable','boolean','".xss_clean($user_dxwaterfall_enable ?? 'N')."');");
- $this->db->query("insert into user_options (user_id, option_type, option_name, option_key, option_value) values (?, 'qso_tab', 'map', 'show', ?)", [$insert_id, (int)(xss_clean($user_qso_show_map ?? 1))]);
+ $this->db->query("insert into bandxuser (bandid, userid) select bands.id, ? from bands;", [$insert_id]);
+ $this->db->query("insert into paper_types (user_id,paper_name,metric,width,orientation,height) SELECT ?, paper_name, metric, width, orientation,height FROM paper_types where user_id = 0;", [$insert_id]);
+
+ // Default user_options rows — [option_type, option_name, option_key, option_value]
+ $user_options = [
+ ['map_custom', 'icon', 'qso', '{"icon":"fas fa-dot-circle","color":"#ff0000"}'],
+ ['map_custom', 'icon', 'qsoconfirm', '{"icon":"fas fa-dot-circle","color":"#00ff00"}'],
+ ['map_custom', 'icon', 'station', '{"icon":"fas fa-broadcast-tower","color":"#0000ff"}'],
+ ['map_custom', 'gridsquare', 'show', '0'],
+ ['hamsat', 'hamsat_key', 'api', $user_hamsat_key],
+ ['hamsat', 'hamsat_key', 'workable', $user_hamsat_workable_only],
+ ['qso_tab', 'iota', 'show', (($user_iota_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'sota', 'show', (($user_sota_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'wwff', 'show', (($user_wwff_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'pota', 'show', (($user_pota_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'sig', 'show', (($user_sig_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'dok', 'show', (($user_dok_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'station', 'show', (($user_station_to_qso_tab ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'map', 'show', (int)(xss_clean($user_qso_show_map ?? 1))],
+ ['dashboard', 'show_map', 'boolean', $dashboard_map ?? 'Y'],
+ ['dashboard', 'show_dashboard_banner', 'boolean', $dashboard_banner ?? 'Y'],
+ ['dashboard', 'show_dashboard_solar', 'boolean', $dashboard_solar ?? 'Y'],
+ ['widget', 'on_air', 'enabled', $on_air_widget_enabled ?? 'false'],
+ ['widget', 'on_air', 'display_last_seen', $on_air_widget_display_last_seen ?? 'false'],
+ ['widget', 'on_air', 'display_only_most_recent_radio',$on_air_widget_show_only_most_recent_radio ?? 'true'],
+ ['widget', 'qso', 'display_qso_time', $qso_widget_display_qso_time ?? 'false'],
+ ['qso_db_search_priority', 'enable', 'boolean', $user_qso_db_search_priority ?? 'Y'],
+ ['dxwaterfall', 'enable', 'boolean', $user_dxwaterfall_enable ?? 'N'],
+ ];
+
+ foreach ($user_options as [$type, $name, $key, $value]) {
+ $this->db->query(
+ "INSERT INTO user_options (user_id, option_type, option_name, option_key, option_value) VALUES (?, ?, ?, ?, ?)",
+ [$insert_id, $type, $name, $key, $value]
+ );
+ }
return OK;
} else {
return EUSERNAMEEXISTS;
@@ -374,28 +385,37 @@ class User_Model extends CI_Model {
$qso_page_last_qso_count = xss_clean($fields['user_qso_page_last_qso_count']);
$qso_page_last_qso_count = $qso_page_last_qso_count > QSO_PAGE_QSOS_COUNT_LIMIT ? QSO_PAGE_QSOS_COUNT_LIMIT : $qso_page_last_qso_count;
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'hamsat','hamsat_key','api','".xss_clean($fields['user_hamsat_key'])."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'hamsat','hamsat_key','workable','".xss_clean($fields['user_hamsat_workable_only'])."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','iota','show',".(xss_clean($fields['user_iota_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','sota','show',".(xss_clean($fields['user_sota_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','wwff','show',".(xss_clean($fields['user_wwff_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','pota','show',".(xss_clean($fields['user_pota_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','sig','show',".(xss_clean($fields['user_sig_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','dok','show',".(xss_clean($fields['user_dok_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','station','show',".(xss_clean($fields['user_station_to_qso_tab'] ?? 'off') == "on" ? 1 : 0).");");
- $this->db->query("replace INTO user_options (user_id, option_type, option_name, option_key, option_value) VALUES (?, 'qso_tab', 'map', 'show', ?)", [$fields['id'], (int)(xss_clean($fields['user_qso_show_map'] ?? 1))]
- );
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'widget','on_air','enabled','".(xss_clean($fields['on_air_widget_enabled'] ?? 'false'))."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'widget','on_air','display_last_seen','".(xss_clean($fields['on_air_widget_display_last_seen'] ?? 'false'))."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'widget','on_air','display_only_most_recent_radio','".(xss_clean($fields['on_air_widget_show_only_most_recent_radio'] ?? 'true'))."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'widget','qso','display_qso_time','".(xss_clean($fields['qso_widget_display_qso_time'] ?? 'false'))."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'dashboard','last_qso_count','count','".$dashboard_last_qso_count."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_tab','last_qso_count','count','".$qso_page_last_qso_count."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'dashboard','show_map','boolean','".xss_clean($fields['user_dashboard_map'] ?? 'Y')."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'dashboard','show_dashboard_banner','boolean','".xss_clean($fields['user_dashboard_banner'] ?? 'Y')."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'dashboard','show_dashboard_solar','boolean','".xss_clean($fields['user_dashboard_solar'] ?? 'N')."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'qso_db_search_priority','enable','boolean','".xss_clean($fields['user_qso_db_search_priority'] ?? 'Y')."');");
- $this->db->query("replace into user_options (user_id, option_type, option_name, option_key, option_value) values (" . $fields['id'] . ", 'dxwaterfall','enable','boolean','".xss_clean($fields['user_dxwaterfall_enable'] ?? 'N')."');");
+ // Updated user_options rows — [option_type, option_name, option_key, option_value]
+ $user_options = [
+ ['hamsat', 'hamsat_key', 'api', $fields['user_hamsat_key']],
+ ['hamsat', 'hamsat_key', 'workable', $fields['user_hamsat_workable_only']],
+ ['qso_tab', 'iota', 'show', (($fields['user_iota_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'sota', 'show', (($fields['user_sota_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'wwff', 'show', (($fields['user_wwff_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'pota', 'show', (($fields['user_pota_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'sig', 'show', (($fields['user_sig_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'dok', 'show', (($fields['user_dok_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'station', 'show', (($fields['user_station_to_qso_tab'] ?? 'off') == "on" ? 1 : 0)],
+ ['qso_tab', 'map', 'show', (int)($fields['user_qso_show_map'] ?? 1)],
+ ['qso_tab', 'last_qso_count', 'count', $qso_page_last_qso_count],
+ ['widget', 'on_air', 'enabled', $fields['on_air_widget_enabled'] ?? 'false'],
+ ['widget', 'on_air', 'display_last_seen', $fields['on_air_widget_display_last_seen'] ?? 'false'],
+ ['widget', 'on_air', 'display_only_most_recent_radio',$fields['on_air_widget_show_only_most_recent_radio'] ?? 'true'],
+ ['widget', 'qso', 'display_qso_time', $fields['qso_widget_display_qso_time'] ?? 'false'],
+ ['dashboard', 'last_qso_count', 'count', $dashboard_last_qso_count],
+ ['dashboard', 'show_map', 'boolean', $fields['user_dashboard_map'] ?? 'Y'],
+ ['dashboard', 'show_dashboard_banner', 'boolean', $fields['user_dashboard_banner'] ?? 'Y'],
+ ['dashboard', 'show_dashboard_solar', 'boolean', $fields['user_dashboard_solar'] ?? 'N'],
+ ['qso_db_search_priority', 'enable', 'boolean', $fields['user_qso_db_search_priority'] ?? 'Y'],
+ ['dxwaterfall', 'enable', 'boolean', $fields['user_dxwaterfall_enable'] ?? 'N'],
+ ];
+
+ foreach ($user_options as [$type, $name, $key, $value]) {
+ $this->db->query(
+ "REPLACE INTO user_options (user_id, option_type, option_name, option_key, option_value) VALUES (?, ?, ?, ?, ?)",
+ [$fields['id'], $type, $name, $key, $value]
+ );
+ }
$this->session->set_userdata('dashboard_last_qso_count', $dashboard_last_qso_count);
$this->session->set_userdata('qso_page_last_qso_count', $qso_page_last_qso_count);
$this->session->set_userdata('user_dashboard_map',xss_clean($fields['user_dashboard_map'] ?? 'Y'));