From f8146133b590e327f0229c14be895693ae49d5dc Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 12 Aug 2024 12:02:16 +0000 Subject: [PATCH 1/6] Bindings and xss for Accumulated-Model --- application/controllers/Accumulated.php | 8 +- application/models/Accumulate_model.php | 346 +++++++++++++----------- 2 files changed, 189 insertions(+), 165 deletions(-) diff --git a/application/controllers/Accumulated.php b/application/controllers/Accumulated.php index 3f024d14b..183329f73 100644 --- a/application/controllers/Accumulated.php +++ b/application/controllers/Accumulated.php @@ -40,10 +40,10 @@ class Accumulated extends CI_Controller { //load model $this->load->model('accumulate_model'); - $band = $this->input->post('Band'); - $award = $this->input->post('Award'); - $mode = $this->input->post('Mode'); - $period = $this->input->post('Period'); + $band = xss_clean($this->input->post('Band')); + $award = xss_clean($this->input->post('Award')); + $mode = xss_clean($this->input->post('Mode')); + $period = xss_clean($this->input->post('Period')); // get data $data = $this->accumulate_model->get_accumulated_data($band, $award, $mode, $period); diff --git a/application/models/Accumulate_model.php b/application/models/Accumulate_model.php index 46a3102dd..13d61e627 100644 --- a/application/models/Accumulate_model.php +++ b/application/models/Accumulate_model.php @@ -38,106 +38,118 @@ class Accumulate_model extends CI_Model return $result; } - function get_accumulated_dxcc($band, $mode, $period, $location_list) - { - if ($period == "year") { - $sql = "select year(thcv.col_time_on) year"; - } else if ($period == "month") { - $sql = "select date_format(col_time_on, '%Y-%m') year"; - } + function get_accumulated_dxcc($band, $mode, $period, $location_list) { + $binding=[]; + if ($period == "year") { + $sql = "select year(thcv.col_time_on) year"; + } else if ($period == "month") { + $sql = "select date_format(col_time_on, '%Y-%m') year"; + } - $sql .= ", coalesce(y.tot, 0) tot - from " . $this->config->item('table_name') . " thcv - left outer join ( - select count(col_dxcc) as tot, year - from (select distinct "; + $sql .= ", coalesce(y.tot, 0) tot + from " . $this->config->item('table_name') . " thcv + left outer join ( + select count(col_dxcc) as tot, year + from (select distinct "; - if ($period == "year") { - $sql .= "year(col_time_on)"; - } else if ($period == "month") { - $sql .= "date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= "year(col_time_on)"; + } else if ($period == "month") { + $sql .= "date_format(col_time_on, '%Y-%m')"; + } - $sql .= " year, col_dxcc - from " . $this->config->item('table_name') . - " where col_dxcc > 0 and station_id in (" . $location_list . ")"; + $sql .= " year, col_dxcc + from " . $this->config->item('table_name') . + " where col_dxcc > 0 and station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " order by year - ) x - where not exists (select 1 from " . $this->config->item('table_name') . " where"; + $sql .= " order by year + ) x + where not exists (select 1 from " . $this->config->item('table_name') . " where"; - if ($period == "year") { - $sql .= " year(col_time_on) < year";; - } else if ($period == "month") { - $sql .= " date_format(col_time_on, '%Y-%m') < year";; - } + if ($period == "year") { + $sql .= " year(col_time_on) < year";; + } else if ($period == "month") { + $sql .= " date_format(col_time_on, '%Y-%m') < year";; + } - $sql .= " and col_dxcc = x.col_dxcc"; + $sql .= " and col_dxcc = x.col_dxcc"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " and station_id in (" . $location_list . ")) - group by year - order by year"; + $sql .= " and station_id in (" . $location_list . ")) + group by year + order by year"; - if ($period == "year") { - $sql .= " ) y on year(thcv.col_time_on) = y.year"; - } else if ($period == "month") { - $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; - } + if ($period == "year") { + $sql .= " ) y on year(thcv.col_time_on) = y.year"; + } else if ($period == "month") { + $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; + } - $sql .= " where thcv.col_dxcc > 0"; + $sql .= " where thcv.col_dxcc > 0"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " and station_id in (" . $location_list . ")"; + $sql .= " and station_id in (" . $location_list . ")"; - if ($period == "year") { - $sql .= " group by year(thcv.col_time_on), y.tot - order by year(thcv.col_time_on)"; - } else if ($period == "month") { - $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot - order by date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= " group by year(thcv.col_time_on), y.tot + order by year(thcv.col_time_on)"; + } else if ($period == "month") { + $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot + order by date_format(col_time_on, '%Y-%m')"; + } - $query = $this->db->query($sql); + $query = $this->db->query($sql,$binding); - return $this->count_and_add_accumulated_total($query->result()); + return $this->count_and_add_accumulated_total($query->result()); } function count_and_add_accumulated_total($array) @@ -651,102 +663,114 @@ class Accumulate_model extends CI_Model return $sql; } - function slowquery($band, $mode, $period, $location_list) { - $sql = ""; - if ($period == "year") { - $sql = "select year(thcv.col_time_on) year"; - } else if ($period == "month") { - $sql = "select date_format(col_time_on, '%Y-%m') year"; - } + function slowquery($band, $mode, $period, $location_list) { + $sql = ""; + if ($period == "year") { + $sql = "select year(thcv.col_time_on) year"; + } else if ($period == "month") { + $sql = "select date_format(col_time_on, '%Y-%m') year"; + } - $sql .= ", coalesce(y.tot, 0) tot - from " . $this->config->item('table_name') . " thcv - left outer join ( - select count(substr(col_gridsquare,1,4)) as tot, year - from (select distinct "; + $sql .= ", coalesce(y.tot, 0) tot + from " . $this->config->item('table_name') . " thcv + left outer join ( + select count(substr(col_gridsquare,1,4)) as tot, year + from (select distinct "; - if ($period == "year") { - $sql .= "year(col_time_on)"; - } else if ($period == "month") { - $sql .= "date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= "year(col_time_on)"; + } else if ($period == "month") { + $sql .= "date_format(col_time_on, '%Y-%m')"; + } - $sql .= " year, substr(col_gridsquare,1,4) as col_gridsquare - from " . $this->config->item('table_name') . - " where station_id in (" . $location_list . ")"; + $sql .= " year, substr(col_gridsquare,1,4) as col_gridsquare + from " . $this->config->item('table_name') . + " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[]=$band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[]=$band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[]=$mode; + $binding[]=$mode; + } - $sql .= " order by year - ) x - where not exists (select 1 from " . $this->config->item('table_name') . " where"; + $sql .= " order by year + ) x + where not exists (select 1 from " . $this->config->item('table_name') . " where"; - if ($period == "year") { - $sql .= " year(col_time_on) < year";; - } else if ($period == "month") { - $sql .= " date_format(col_time_on, '%Y-%m') < year";; - } + if ($period == "year") { + $sql .= " year(col_time_on) < year";; + } else if ($period == "month") { + $sql .= " date_format(col_time_on, '%Y-%m') < year";; + } - $sql .= " and substr(col_gridsquare,1,4) = substr(x.col_gridsquare,1,4)"; + $sql .= " and substr(col_gridsquare,1,4) = substr(x.col_gridsquare,1,4)"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[]=$band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[]=$band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[]=$mode; + $binding[]=$mode; + } - $sql .= " and station_id in (" . $location_list . ")) - group by year - order by year"; + $sql .= " and station_id in (" . $location_list . ")) + group by year + order by year"; - if ($period == "year") { - $sql .= " ) y on year(thcv.col_time_on) = y.year"; - } else if ($period == "month") { - $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; - } + if ($period == "year") { + $sql .= " ) y on year(thcv.col_time_on) = y.year"; + } else if ($period == "month") { + $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; + } - $sql .= " where station_id in (" . $location_list . ")"; + $sql .= " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[]=$band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[]=$band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[]=$mode; + $binding[]=$mode; + } - if ($period == "year") { - $sql .= " group by year(thcv.col_time_on), y.tot - order by year(thcv.col_time_on)"; - } else if ($period == "month") { - $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot - order by date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= " group by year(thcv.col_time_on), y.tot + order by year(thcv.col_time_on)"; + } else if ($period == "month") { + $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot + order by date_format(col_time_on, '%Y-%m')"; + } - return $sql; - } + return $sql; + } } From 739579b168178a8e28fa73352faceabebc9cb422 Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 12 Aug 2024 12:26:12 +0000 Subject: [PATCH 2/6] Refactored Queries II --- application/models/Accumulate_model.php | 696 +++++++++++++----------- 1 file changed, 377 insertions(+), 319 deletions(-) diff --git a/application/models/Accumulate_model.php b/application/models/Accumulate_model.php index 13d61e627..035f9711b 100644 --- a/application/models/Accumulate_model.php +++ b/application/models/Accumulate_model.php @@ -152,8 +152,7 @@ class Accumulate_model extends CI_Model return $this->count_and_add_accumulated_total($query->result()); } - function count_and_add_accumulated_total($array) - { + function count_and_add_accumulated_total($array) { $counter = 0; for ($i = 0; $i < count($array); $i++) { $array[$i]->total = $array[$i]->tot + $counter; @@ -163,6 +162,7 @@ class Accumulate_model extends CI_Model } function get_accumulated_waja($band, $mode, $period, $location_list) { + $binding=[]; if ($period == "year") { $sql = "select year(thcv.col_time_on) year"; } else if ($period == "month") { @@ -187,15 +187,19 @@ class Accumulate_model extends CI_Model if ($band != 'All') { if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; } else { $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; + $sql .= " and col_band = ?"; + $binding[] = $band; } } if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; } $sql .= " and COL_DXCC in ('339') and trim(coalesce(col_state,'')) != ''"; @@ -214,15 +218,19 @@ class Accumulate_model extends CI_Model if ($band != 'All') { if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; } else { $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; + $sql .= " and col_band = ?"; + $binding[] = $band; } } if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; } $sql .= " and COL_DXCC in ('339')"; @@ -241,15 +249,19 @@ class Accumulate_model extends CI_Model if ($band != 'All') { if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; } else { $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; + $sql .= " and col_band = ?"; + $binding[] = $band; } } if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; } if ($period == "year") { @@ -260,315 +272,350 @@ class Accumulate_model extends CI_Model order by date_format(col_time_on, '%Y-%m')"; } - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); return $this->count_and_add_accumulated_total($query->result()); } - function get_accumulated_was($band, $mode, $period, $location_list) - { - if ($period == "year") { - $sql = "select year(thcv.col_time_on) year"; - } else if ($period == "month") { - $sql = "select date_format(col_time_on, '%Y-%m') year"; - } + function get_accumulated_was($band, $mode, $period, $location_list) { + if ($period == "year") { + $sql = "select year(thcv.col_time_on) year"; + } else if ($period == "month") { + $sql = "select date_format(col_time_on, '%Y-%m') year"; + } - $sql .= ", coalesce(y.tot, 0) tot - from " . $this->config->item('table_name') . " thcv - left outer join ( - select count(col_state) as tot, year - from (select distinct "; + $sql .= ", coalesce(y.tot, 0) tot + from " . $this->config->item('table_name') . " thcv + left outer join ( + select count(col_state) as tot, year + from (select distinct "; - if ($period == "year") { - $sql .= "year(col_time_on)"; - } else if ($period == "month") { - $sql .= "date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= "year(col_time_on)"; + } else if ($period == "month") { + $sql .= "date_format(col_time_on, '%Y-%m')"; + } - $sql .= " year, col_state - from " . $this->config->item('table_name') . - " where station_id in (" . $location_list . ")"; + $sql .= " year, col_state + from " . $this->config->item('table_name') . + " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " and COL_DXCC in ('291', '6', '110')"; - $sql .= " and COL_STATE in ('AK','AL','AR','AZ','CA','CO','CT','DE','FL','GA','HI','IA','ID','IL','IN','KS','KY','LA','MA','MD','ME','MI','MN','MO','MS','MT','NC','ND','NE','NH','NJ','NM','NV','NY','OH','OK','OR','PA','RI','SC','SD','TN','TX','UT','VA','VT','WA','WI','WV','WY')"; + $sql .= " and COL_DXCC in ('291', '6', '110')"; + $sql .= " and COL_STATE in ('AK','AL','AR','AZ','CA','CO','CT','DE','FL','GA','HI','IA','ID','IL','IN','KS','KY','LA','MA','MD','ME','MI','MN','MO','MS','MT','NC','ND','NE','NH','NJ','NM','NV','NY','OH','OK','OR','PA','RI','SC','SD','TN','TX','UT','VA','VT','WA','WI','WV','WY')"; - $sql .= " order by year - ) x - where not exists (select 1 from " . $this->config->item('table_name') . " where"; + $sql .= " order by year + ) x + where not exists (select 1 from " . $this->config->item('table_name') . " where"; - if ($period == "year") { - $sql .= " year(col_time_on) < year";; - } else if ($period == "month") { - $sql .= " date_format(col_time_on, '%Y-%m') < year";; - } + if ($period == "year") { + $sql .= " year(col_time_on) < year";; + } else if ($period == "month") { + $sql .= " date_format(col_time_on, '%Y-%m') < year";; + } - $sql .= " and col_state = x.col_state"; + $sql .= " and col_state = x.col_state"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " and COL_DXCC in ('291', '6', '110')"; - $sql .= " and COL_STATE in ('AK','AL','AR','AZ','CA','CO','CT','DE','FL','GA','HI','IA','ID','IL','IN','KS','KY','LA','MA','MD','ME','MI','MN','MO','MS','MT','NC','ND','NE','NH','NJ','NM','NV','NY','OH','OK','OR','PA','RI','SC','SD','TN','TX','UT','VA','VT','WA','WI','WV','WY')"; + $sql .= " and COL_DXCC in ('291', '6', '110')"; + $sql .= " and COL_STATE in ('AK','AL','AR','AZ','CA','CO','CT','DE','FL','GA','HI','IA','ID','IL','IN','KS','KY','LA','MA','MD','ME','MI','MN','MO','MS','MT','NC','ND','NE','NH','NJ','NM','NV','NY','OH','OK','OR','PA','RI','SC','SD','TN','TX','UT','VA','VT','WA','WI','WV','WY')"; - $sql .= " and station_id in (" . $location_list . ")) - group by year - order by year"; + $sql .= " and station_id in (" . $location_list . ")) + group by year + order by year"; - if ($period == "year") { - $sql .= " ) y on year(thcv.col_time_on) = y.year"; - } else if ($period == "month") { - $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; - } + if ($period == "year") { + $sql .= " ) y on year(thcv.col_time_on) = y.year"; + } else if ($period == "month") { + $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; + } - $sql .= " where station_id in (" . $location_list . ")"; + $sql .= " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - if ($period == "year") { - $sql .= " group by year(thcv.col_time_on), y.tot - order by year(thcv.col_time_on)"; - } else if ($period == "month") { - $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot - order by date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= " group by year(thcv.col_time_on), y.tot + order by year(thcv.col_time_on)"; + } else if ($period == "month") { + $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot + order by date_format(col_time_on, '%Y-%m')"; + } - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); - return $this->count_and_add_accumulated_total($query->result()); + return $this->count_and_add_accumulated_total($query->result()); } - function get_accumulated_iota($band, $mode, $period, $location_list) - { - if ($period == "year") { - $sql = "select year(thcv.col_time_on) year"; - } else if ($period == "month") { - $sql = "select date_format(col_time_on, '%Y-%m') year"; - } + function get_accumulated_iota($band, $mode, $period, $location_list) { + $binding = []; + if ($period == "year") { + $sql = "select year(thcv.col_time_on) year"; + } else if ($period == "month") { + $sql = "select date_format(col_time_on, '%Y-%m') year"; + } - $sql .= ", coalesce(y.tot, 0) tot - from " . $this->config->item('table_name') . " thcv - left outer join ( - select count(col_iota) as tot, year - from (select distinct "; + $sql .= ", coalesce(y.tot, 0) tot + from " . $this->config->item('table_name') . " thcv + left outer join ( + select count(col_iota) as tot, year + from (select distinct "; - if ($period == "year") { - $sql .= "year(col_time_on)"; - } else if ($period == "month") { - $sql .= "date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= "year(col_time_on)"; + } else if ($period == "month") { + $sql .= "date_format(col_time_on, '%Y-%m')"; + } - $sql .= " year, col_iota - from " . $this->config->item('table_name') . - " where station_id in (" . $location_list . ")"; + $sql .= " year, col_iota + from " . $this->config->item('table_name') . + " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " order by year - ) x - where not exists (select 1 from " . $this->config->item('table_name') . " where"; + $sql .= " order by year + ) x + where not exists (select 1 from " . $this->config->item('table_name') . " where"; - if ($period == "year") { - $sql .= " year(col_time_on) < year";; - } else if ($period == "month") { - $sql .= " date_format(col_time_on, '%Y-%m') < year";; - } + if ($period == "year") { + $sql .= " year(col_time_on) < year";; + } else if ($period == "month") { + $sql .= " date_format(col_time_on, '%Y-%m') < year";; + } - $sql .= " and col_iota = x.col_iota"; + $sql .= " and col_iota = x.col_iota"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " and station_id in (" . $location_list . ")) - group by year - order by year"; + $sql .= " and station_id in (" . $location_list . ")) + group by year + order by year"; - if ($period == "year") { - $sql .= " ) y on year(thcv.col_time_on) = y.year"; - } else if ($period == "month") { - $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; - } + if ($period == "year") { + $sql .= " ) y on year(thcv.col_time_on) = y.year"; + } else if ($period == "month") { + $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; + } - $sql .= " where station_id in (" . $location_list . ")"; + $sql .= " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - if ($period == "year") { - $sql .= " group by year(thcv.col_time_on), y.tot - order by year(thcv.col_time_on)"; - } else if ($period == "month") { - $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot - order by date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= " group by year(thcv.col_time_on), y.tot + order by year(thcv.col_time_on)"; + } else if ($period == "month") { + $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot + order by date_format(col_time_on, '%Y-%m')"; + } - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); - return $this->count_and_add_accumulated_total($query->result()); + return $this->count_and_add_accumulated_total($query->result()); } - function get_accumulated_waz($band, $mode, $period, $location_list) - { - if ($period == "year") { - $sql = "select year(thcv.col_time_on) year"; - } else if ($period == "month") { - $sql = "select date_format(col_time_on, '%Y-%m') year"; - } + function get_accumulated_waz($band, $mode, $period, $location_list) { + $binding=[]; + if ($period == "year") { + $sql = "select year(thcv.col_time_on) year"; + } else if ($period == "month") { + $sql = "select date_format(col_time_on, '%Y-%m') year"; + } - $sql .= ", coalesce(y.tot, 0) tot - from " . $this->config->item('table_name') . " thcv - left outer join ( - select count(col_cqz) as tot, year - from (select distinct "; + $sql .= ", coalesce(y.tot, 0) tot + from " . $this->config->item('table_name') . " thcv + left outer join ( + select count(col_cqz) as tot, year + from (select distinct "; - if ($period == "year") { - $sql .= "year(col_time_on)"; - } else if ($period == "month") { - $sql .= "date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= "year(col_time_on)"; + } else if ($period == "month") { + $sql .= "date_format(col_time_on, '%Y-%m')"; + } - $sql .= " year, col_cqz - from " . $this->config->item('table_name') . - " where station_id in (" . $location_list . ")"; + $sql .= " year, col_cqz + from " . $this->config->item('table_name') . + " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " order by year - ) x - where not exists (select 1 from " . $this->config->item('table_name') . " where"; + $sql .= " order by year + ) x + where not exists (select 1 from " . $this->config->item('table_name') . " where"; - if ($period == "year") { - $sql .= " year(col_time_on) < year";; - } else if ($period == "month") { - $sql .= " date_format(col_time_on, '%Y-%m') < year";; - } + if ($period == "year") { + $sql .= " year(col_time_on) < year";; + } else if ($period == "month") { + $sql .= " date_format(col_time_on, '%Y-%m') < year";; + } - $sql .= " and col_cqz = x.col_cqz"; + $sql .= " and col_cqz = x.col_cqz"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " and station_id in (" . $location_list . ")) - group by year - order by year"; + $sql .= " and station_id in (" . $location_list . ")) + group by year + order by year"; - if ($period == "year") { - $sql .= " ) y on year(thcv.col_time_on) = y.year"; - } else if ($period == "month") { - $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; - } + if ($period == "year") { + $sql .= " ) y on year(thcv.col_time_on) = y.year"; + } else if ($period == "month") { + $sql .= " ) y on date_format(col_time_on, '%Y-%m') = y.year"; + } - $sql .= " where station_id in (" . $location_list . ")"; + $sql .= " where station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - if ($period == "year") { - $sql .= " group by year(thcv.col_time_on), y.tot - order by year(thcv.col_time_on)"; - } else if ($period == "month") { - $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot - order by date_format(col_time_on, '%Y-%m')"; - } + if ($period == "year") { + $sql .= " group by year(thcv.col_time_on), y.tot + order by year(thcv.col_time_on)"; + } else if ($period == "month") { + $sql .= " group by date_format(col_time_on, '%Y-%m'), y.tot + order by date_format(col_time_on, '%Y-%m')"; + } - $query = $this->db->query($sql); + $query = $this->db->query($sql,$binding); - return $this->count_and_add_accumulated_total($query->result()); + return $this->count_and_add_accumulated_total($query->result()); } function get_accumulated_vucc($band, $mode, $period, $location_list) { @@ -577,8 +624,7 @@ class Accumulate_model extends CI_Model $sql = ""; if ($dbversion[0] >= "8") { - $sql = $this->fastquery($band, $mode, $period, $location_list); - $query = $this->db->query($sql); + $query = $this->fastquery($band, $mode, $period, $location_list); return $query->result(); } else { $sql = $this->slowquery($band, $mode, $period, $location_list); @@ -587,83 +633,94 @@ class Accumulate_model extends CI_Model } } - function fastquery($band, $mode, $period, $location_list) { - $sql = "WITH firstseen AS ( - SELECT substr(col_gridsquare,1,4) as grid, "; + function fastquery($band, $mode, $period, $location_list) { + $binding=[]; + $sql = "WITH firstseen AS ( + SELECT substr(col_gridsquare,1,4) as grid, "; - if ($period == "year") { - $sql .= "MIN(year(col_time_on)) year"; - } else if ($period == "month") { - $sql .= "MIN(date_format(col_time_on, '%Y-%m')) year"; - } + if ($period == "year") { + $sql .= "MIN(year(col_time_on)) year"; + } else if ($period == "month") { + $sql .= "MIN(date_format(col_time_on, '%Y-%m')) year"; + } - $sql .= " from " . $this->config->item('table_name') . " thcv - where coalesce(col_gridsquare, '') <> '' - and station_id in (" . $location_list . ")"; + $sql .= " from " . $this->config->item('table_name') . " thcv + where coalesce(col_gridsquare, '') <> '' + and station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " GROUP BY 1 - union all - select substr(grid, 1,4) as grid, year - from ( - select TRIM(SUBSTRING_INDEX(SUBSTRING_INDEX(COL_VUCC_GRIDS, ',', x.x), ',',-1)) as grid, "; - if ($period == "year") { - $sql .= "MIN(year(col_time_on)) year"; - } else if ($period == "month") { - $sql .= "MIN(date_format(col_time_on, '%Y-%m')) year"; - } + $sql .= " GROUP BY 1 + union all + select substr(grid, 1,4) as grid, year + from ( + select TRIM(SUBSTRING_INDEX(SUBSTRING_INDEX(COL_VUCC_GRIDS, ',', x.x), ',',-1)) as grid, "; + if ($period == "year") { + $sql .= "MIN(year(col_time_on)) year"; + } else if ($period == "month") { + $sql .= "MIN(date_format(col_time_on, '%Y-%m')) year"; + } - $sql .= " from " . $this->config->item('table_name') . " thcv - cross join ( - select 1 as x - union all - select 2 - union all - select 3 - union all - select 4) x - where - x.x <= length(COL_VUCC_GRIDS)-length(replace(COL_VUCC_GRIDS, ',', ''))+ 1 - and coalesce(COL_VUCC_GRIDS, '') <> '' - and station_id in (" . $location_list . ")"; + $sql .= " from " . $this->config->item('table_name') . " thcv + cross join ( + select 1 as x + union all + select 2 + union all + select 3 + union all + select 4) x + where + x.x <= length(COL_VUCC_GRIDS)-length(replace(COL_VUCC_GRIDS, ',', ''))+ 1 + and coalesce(COL_VUCC_GRIDS, '') <> '' + and station_id in (" . $location_list . ")"; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - if ($mode != 'All') { - $sql .= " and (col_mode ='" . $mode . "' or col_submode ='" . $mode . "')"; - } + if ($mode != 'All') { + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $mode; + $binding[] = $mode; + } - $sql .= " GROUP BY 1) as z + $sql .= " GROUP BY 1) as z ) , z as ( SELECT grid, row_number() OVER (partition by grid ORDER BY grid asc, year asc) as rn, year FROM firstseen ) select DISTINCT COUNT(grid) OVER (ORDER BY year) as total, year from z where rn = 1 - "; +"; - return $sql; - } + $query = $this->db->query($sql, $binding); + return $query; + } function slowquery($band, $mode, $period, $location_list) { + $binding=[]; $sql = ""; if ($period == "year") { $sql = "select year(thcv.col_time_on) year"; @@ -770,7 +827,8 @@ class Accumulate_model extends CI_Model order by date_format(col_time_on, '%Y-%m')"; } - return $sql; + $query = $this->db->query($sql, $binding); + return $query; } } From 96eba0409aade17ba4ae3e099331c5ba2fab1686 Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 12 Aug 2024 12:29:20 +0000 Subject: [PATCH 3/6] Changed calling of query-function --- application/models/Accumulate_model.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/application/models/Accumulate_model.php b/application/models/Accumulate_model.php index 035f9711b..4aba26488 100644 --- a/application/models/Accumulate_model.php +++ b/application/models/Accumulate_model.php @@ -627,8 +627,7 @@ class Accumulate_model extends CI_Model $query = $this->fastquery($band, $mode, $period, $location_list); return $query->result(); } else { - $sql = $this->slowquery($band, $mode, $period, $location_list); - $query = $this->db->query($sql); + $query = $this->slowquery($band, $mode, $period, $location_list); return $this->count_and_add_accumulated_total($query->result()); } } From b8b11bf91ef533a2abb210d168bf1ae9e6d04194 Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 12 Aug 2024 12:50:27 +0000 Subject: [PATCH 4/6] Refactored vucc-query --- application/models/Logbook_model.php | 35 ++++++++++++++++------------ 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/application/models/Logbook_model.php b/application/models/Logbook_model.php index d64701ae1..64890c327 100644 --- a/application/models/Logbook_model.php +++ b/application/models/Logbook_model.php @@ -621,28 +621,33 @@ class Logbook_model extends CI_Model { return $this->db->query($sql); } - public function vucc_qso_details($gridsquare, $band) { + public function vucc_qso_details($gridsquare, $band) { $this->load->model('logbooks_model'); $logbooks_locations_array = $this->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook')); $location_list = "'".implode("','",$logbooks_locations_array)."'"; - $sql = "select * from " . $this->config->item('table_name') . - " where station_id in (" . $location_list . ")" . - " and (col_gridsquare like '" . $gridsquare. "%' - or col_vucc_grids like '%" . $gridsquare. "%')"; + $binding=[]; + $sql = "select * from " . $this->config->item('table_name') . + " where station_id in (" . $location_list . ")" . + " and (col_gridsquare like concat(?,'%') + or col_vucc_grids like concat('%',?,'%')"; + $binding[] = $gridsquare; + $binding[] = $gridsquare; - if ($band != 'All') { - if ($band == 'SAT') { - $sql .= " and col_prop_mode ='" . $band . "'"; - } else { - $sql .= " and col_prop_mode !='SAT'"; - $sql .= " and col_band ='" . $band . "'"; - } - } + if ($band != 'All') { + if ($band == 'SAT') { + $sql .= " and col_prop_mode = ?"; + $binding[] = $band; + } else { + $sql .= " and col_prop_mode !='SAT'"; + $sql .= " and col_band = ?"; + $binding[] = $band; + } + } - return $this->db->query($sql); - } + return $this->db->query($sql, $binding); + } public function activator_details($call, $band, $leogeo){ $this->load->model('logbooks_model'); From 6454f449c1371c8e8f5c9e2913cfce9904f5b7df Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 12 Aug 2024 12:54:15 +0000 Subject: [PATCH 5/6] Removed unused (and unsafe) activated_grids_qso_details function --- application/models/Logbook_model.php | 32 +--------------------------- 1 file changed, 1 insertion(+), 31 deletions(-) diff --git a/application/models/Logbook_model.php b/application/models/Logbook_model.php index 64890c327..6093228a0 100644 --- a/application/models/Logbook_model.php +++ b/application/models/Logbook_model.php @@ -590,37 +590,7 @@ class Logbook_model extends CI_Model { return $this->db->get($this->config->item('table_name')); } - public function activated_grids_qso_details($searchphrase, $band, $mode){ - $this->load->model('logbooks_model'); - $logbooks_locations_array = $this->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook')); - - $sql = 'SELECT COL_FREQ, COL_SOTA_REF, COL_OPERATOR, COL_IOTA, COL_VUCC_GRIDS, COL_STATE, COL_GRIDSQUARE, COL_PRIMARY_KEY, COL_CALL, COL_TIME_ON, COL_BAND, COL_SAT_NAME, COL_MODE, COL_SUBMODE, COL_RST_SENT, '; - $sql .= 'COL_RST_RCVD, COL_STX, COL_SRX, COL_STX_STRING, COL_SRX_STRING, COL_COUNTRY, COL_QSL_SENT, COL_QSL_SENT_VIA, '; - $sql .= 'COL_QSLSDATE, COL_QSL_RCVD, COL_QSL_RCVD_VIA, COL_QSLRDATE, COL_EQSL_QSL_SENT, COL_EQSL_QSLSDATE, COL_EQSL_QSLRDATE, '; - $sql .= 'COL_EQSL_QSL_RCVD, COL_LOTW_QSL_SENT, COL_LOTW_QSLSDATE, COL_LOTW_QSL_RCVD, COL_LOTW_QSLRDATE, COL_CONTEST_ID, station_gridsquare, dxcc_entities.name as name, dxcc_entities.end as end, callsign, lastupload '; - $sql .= 'FROM '.$this->config->item('table_name').' JOIN `station_profile` ON station_profile.station_id = '.$this->config->item('table_name').'.station_id '; - $sql .= 'LEFT OUTER JOIN `dxcc_entities` ON dxcc_entities.adif = '.$this->config->item('table_name').'.COL_DXCC '; - $sql .= 'LEFT OUTER JOIN `lotw_users` ON lotw_users.callsign = '.$this->config->item('table_name').'.COL_CALL '; - $sql .= 'WHERE '.$this->config->item('table_name').'.station_id IN (SELECT station_id from station_profile '; - $sql .= 'WHERE station_gridsquare LIKE "%'.$searchphrase.'%") '; - - if ($band != 'All') { - if($band != "SAT") { - $sql .= 'AND COL_PROP_MODE != "SAT" AND '; - $sql .= 'COL_BAND = "'.$band.'" '; - } else { - $sql .= 'AND COL_PROP_MODE = "SAT"'; - } - } - - if ($mode != 'All') { - $sql .= ' AND COL_MODE = "'.$mode.'" OR COL_SUBMODE="'.$mode.'"'; - } - $sql .= ' ORDER BY COL_TIME_ON DESC LIMIT 500'; - - return $this->db->query($sql); - } - + public function vucc_qso_details($gridsquare, $band) { $this->load->model('logbooks_model'); $logbooks_locations_array = $this->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook')); From 6f9d5351fc6736a5a8e7f77d438bae2c7f9201ed Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 12 Aug 2024 13:10:00 +0000 Subject: [PATCH 6/6] Refactored qso_details to bind-vars --- application/models/Logbook_model.php | 356 ++++++++++++++------------- 1 file changed, 181 insertions(+), 175 deletions(-) diff --git a/application/models/Logbook_model.php b/application/models/Logbook_model.php index 6093228a0..120c2dfed 100644 --- a/application/models/Logbook_model.php +++ b/application/models/Logbook_model.php @@ -407,188 +407,194 @@ class Logbook_model extends CI_Model { /* * Used to fetch QSOs from the logbook in the awards */ - public function qso_details($searchphrase, $band, $mode, $type, $qsl, $sat = null, $orbit = null, $searchmode = null, $propagation = null){ - $this->load->model('logbooks_model'); - $logbooks_locations_array = $this->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook')); + public function qso_details($searchphrase, $band, $mode, $type, $qsl, $sat = null, $orbit = null, $searchmode = null, $propagation = null){ + $this->load->model('logbooks_model'); + $logbooks_locations_array = $this->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook')); - $this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id'); - $this->db->join('dxcc_entities', 'dxcc_entities.adif = '.$this->config->item('table_name').'.COL_DXCC', 'left outer'); - $this->db->join('lotw_users', 'lotw_users.callsign = '.$this->config->item('table_name').'.col_call', 'left outer'); - if ($band == 'SAT' && ($type == 'VUCC' || $type == 'DXCC' || $type == 'DXCC2')) { - $this->db->join('satellite', 'satellite.name = '.$this->config->item('table_name').'.col_sat_name', 'left outer'); - } - switch ($type) { - case 'CALL': - $this->db->where('COL_CALL', $searchphrase); - break; - case 'DXCC': - $this->db->where('COL_COUNTRY', $searchphrase); - if ($band == 'SAT' && $type == 'DXCC') { - if ($sat != 'All' && $sat != null) { - $this->db->where("COL_SAT_NAME = '$sat'"); - } - if ($orbit != 'All' && $orbit != null) { - $this->db->where("satellite.orbit = '$orbit'"); - } - } - break; - case 'DXCC2': - $this->db->where('COL_DXCC', $searchphrase); - if ($band == 'SAT' && $type == 'DXCC2') { - if ($sat != 'All' && $sat != null) { - $this->db->where("COL_SAT_NAME = '$sat'"); - } - if ($orbit != 'All' && $orbit != null) { - $this->db->where("satellite.orbit = '$orbit'"); - } - } - break; - case 'IOTA': - $this->db->where('COL_IOTA', $searchphrase); - break; - case 'VUCC': - if ($searchmode == 'activated') { - $this->db->where("station_gridsquare like '%" . $searchphrase . "%'"); - if ($band == 'SAT' && $type == 'VUCC') { - if ($sat != 'All' && $sat != null) { - $this->db->where("COL_SAT_NAME = '$sat'"); - } - if ($orbit != 'All' && $orbit != null) { - $this->db->where("satellite.orbit = '$orbit'"); - } - } - } else { - $this->db->where("(COL_GRIDSQUARE like '" . $searchphrase . "%' OR COL_VUCC_GRIDS like '%" . $searchphrase ."%')"); - if ($band == 'SAT' && $type == 'VUCC') { - if ($sat != 'All' && $sat != null) { - $this->db->where("COL_SAT_NAME = '$sat'"); - } - if ($orbit != 'All' && $orbit != null) { - $this->db->where("satellite.orbit = '$orbit'"); - } - } - if (($propagation ?? '') == 'None') { - $this->db->group_start(); - $this->db->where("COL_PROP_MODE = ''"); - $this->db->or_where("COL_PROP_MODE is null"); - $this->db->group_end(); - } elseif ($propagation == 'NoSAT') { - $this->db->where("COL_PROP_MODE != 'SAT'"); - } elseif ($propagation != '' && $propagation != null) { - $this->db->where("COL_PROP_MODE = '$propagation'"); - } - } - break; - case 'CQZone': - $this->db->where('COL_CQZ', $searchphrase); - break; - case 'ITU': - $this->db->where('COL_ITUZ', $searchphrase); - break; - case 'WAS': - $this->db->where('COL_STATE', $searchphrase); - $this->db->where_in('COL_DXCC', ['291', '6', '110']); - break; - case 'RAC': - $this->db->where('COL_STATE', $searchphrase); - $this->db->where_in('COL_DXCC', ['1']); - break; - case 'helvetia': - $this->db->where('COL_STATE', $searchphrase); - $this->db->where_in('COL_DXCC', ['287']); - break; - case 'JCC': - $this->db->where('COL_CNTY', $searchphrase); - $this->db->where('COL_DXCC', '339'); - break; - case 'SOTA': - $this->db->where('COL_SOTA_REF', $searchphrase); - break; - case 'WWFF': - $this->db->where('COL_WWFF_REF', $searchphrase); - break; - case 'POTA': - $this->db->where('COL_POTA_REF', $searchphrase); - break; - case 'DOK': - $this->db->where('COL_DARC_DOK', $searchphrase); - break; - case 'WAB': - $this->db->where('COL_SIG', 'WAB'); - $this->db->where('COL_SIG_INFO', $searchphrase); - break; - case 'WAJA': - $state = str_pad($searchphrase, 2, '0', STR_PAD_LEFT); - $this->db->where('COL_STATE', $state); - $this->db->where('COL_DXCC', '339'); - break; - case 'QSLRDATE': - $this->db->where('date(COL_QSLRDATE)=date(SYSDATE())'); - break; - case 'QSLSDATE': - $this->db->where('date(COL_QSLSDATE)=date(SYSDATE())'); - break; - case 'EQSLRDATE': - $this->db->where('date(COL_EQSL_QSLRDATE)=date(SYSDATE())'); - break; - case 'EQSLSDATE': - $this->db->where('date(COL_EQSL_QSLSDATE)=date(SYSDATE())'); - break; - case 'LOTWRDATE': - $this->db->where('date(COL_LOTW_QSLRDATE)=date(SYSDATE())'); - break; - case 'LOTWSDATE': - $this->db->where('date(COL_LOTW_QSLSDATE)=date(SYSDATE())'); - break; - case 'QRZRDATE': - $this->db->where('date(COL_QRZCOM_QSO_DOWNLOAD_DATE)=date(SYSDATE())'); - break; - case 'QRZSDATE': - $this->db->where('date(COL_QRZCOM_QSO_UPLOAD_DATE)=date(SYSDATE())'); - break; - } + $this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id'); + $this->db->join('dxcc_entities', 'dxcc_entities.adif = '.$this->config->item('table_name').'.COL_DXCC', 'left outer'); + $this->db->join('lotw_users', 'lotw_users.callsign = '.$this->config->item('table_name').'.col_call', 'left outer'); + if ($band == 'SAT' && ($type == 'VUCC' || $type == 'DXCC' || $type == 'DXCC2')) { + $this->db->join('satellite', 'satellite.name = '.$this->config->item('table_name').'.col_sat_name', 'left outer'); + } + switch ($type) { + case 'CALL': + $this->db->where('COL_CALL', $searchphrase); + break; + case 'DXCC': + $this->db->where('COL_COUNTRY', $searchphrase); + if ($band == 'SAT' && $type == 'DXCC') { + if ($sat != 'All' && $sat != null) { + $this->db->where("COL_SAT_NAME" , $sat); + } + if ($orbit != 'All' && $orbit != null) { + $this->db->where("satellite.orbit", $orbit); + } + } + break; + case 'DXCC2': + $this->db->where('COL_DXCC', $searchphrase); + if ($band == 'SAT' && $type == 'DXCC2') { + if ($sat != 'All' && $sat != null) { + $this->db->where("COL_SAT_NAME", $sat); + } + if ($orbit != 'All' && $orbit != null) { + $this->db->where("satellite.orbit", $orbit); + } + } + break; + case 'IOTA': + $this->db->where('COL_IOTA', $searchphrase); + break; + case 'VUCC': + if ($searchmode == 'activated') { + $this->db->like("station_gridsquare", $searchphrase); + if ($band == 'SAT' && $type == 'VUCC') { + if ($sat != 'All' && $sat != null) { + $this->db->where("COL_SAT_NAME", $sat); + } + if ($orbit != 'All' && $orbit != null) { + $this->db->where("satellite.orbit", $orbit); + } + } + } else { + $this->db->group_start(); + $this->db->like("COL_GRIDSQUARE", $searchphrase); + $this->db->or_like("COL_VUCC_GRIDS", $searchphrase); + $this->db->group_end(); + if ($band == 'SAT' && $type == 'VUCC') { + if ($sat != 'All' && $sat != null) { + $this->db->where("COL_SAT_NAME",$sat); + } + if ($orbit != 'All' && $orbit != null) { + $this->db->where("satellite.orbit", $orbit); + } + } + if (($propagation ?? '') == 'None') { + $this->db->group_start(); + $this->db->where("COL_PROP_MODE = ''"); + $this->db->or_where("COL_PROP_MODE is null"); + $this->db->group_end(); + } elseif ($propagation == 'NoSAT') { + $this->db->where("COL_PROP_MODE != 'SAT'"); + } elseif ($propagation != '' && $propagation != null) { + $this->db->where("COL_PROP_MODE", $propagation); + } + } + break; + case 'CQZone': + $this->db->where('COL_CQZ', $searchphrase); + break; + case 'ITU': + $this->db->where('COL_ITUZ', $searchphrase); + break; + case 'WAS': + $this->db->where('COL_STATE', $searchphrase); + $this->db->where_in('COL_DXCC', ['291', '6', '110']); + break; + case 'RAC': + $this->db->where('COL_STATE', $searchphrase); + $this->db->where_in('COL_DXCC', ['1']); + break; + case 'helvetia': + $this->db->where('COL_STATE', $searchphrase); + $this->db->where_in('COL_DXCC', ['287']); + break; + case 'JCC': + $this->db->where('COL_CNTY', $searchphrase); + $this->db->where('COL_DXCC', '339'); + break; + case 'SOTA': + $this->db->where('COL_SOTA_REF', $searchphrase); + break; + case 'WWFF': + $this->db->where('COL_WWFF_REF', $searchphrase); + break; + case 'POTA': + $this->db->where('COL_POTA_REF', $searchphrase); + break; + case 'DOK': + $this->db->where('COL_DARC_DOK', $searchphrase); + break; + case 'WAB': + $this->db->where('COL_SIG', 'WAB'); + $this->db->where('COL_SIG_INFO', $searchphrase); + break; + case 'WAJA': + $state = str_pad($searchphrase, 2, '0', STR_PAD_LEFT); + $this->db->where('COL_STATE', $state); + $this->db->where('COL_DXCC', '339'); + break; + case 'QSLRDATE': + $this->db->where('date(COL_QSLRDATE)=date(SYSDATE())'); + break; + case 'QSLSDATE': + $this->db->where('date(COL_QSLSDATE)=date(SYSDATE())'); + break; + case 'EQSLRDATE': + $this->db->where('date(COL_EQSL_QSLRDATE)=date(SYSDATE())'); + break; + case 'EQSLSDATE': + $this->db->where('date(COL_EQSL_QSLSDATE)=date(SYSDATE())'); + break; + case 'LOTWRDATE': + $this->db->where('date(COL_LOTW_QSLRDATE)=date(SYSDATE())'); + break; + case 'LOTWSDATE': + $this->db->where('date(COL_LOTW_QSLSDATE)=date(SYSDATE())'); + break; + case 'QRZRDATE': + $this->db->where('date(COL_QRZCOM_QSO_DOWNLOAD_DATE)=date(SYSDATE())'); + break; + case 'QRZSDATE': + $this->db->where('date(COL_QRZCOM_QSO_UPLOAD_DATE)=date(SYSDATE())'); + break; + } - $this->db->where_in($this->config->item('table_name').'.station_id', $logbooks_locations_array); + $this->db->where_in($this->config->item('table_name').'.station_id', $logbooks_locations_array); - if (strtolower($band) != 'all') { - if($band != "SAT") { - $this->db->where('COL_PROP_MODE !=', 'SAT'); - $this->db->where('COL_BAND', $band); - } else { - $this->db->where('COL_PROP_MODE', "SAT"); - } - } + if (strtolower($band) != 'all') { + if($band != "SAT") { + $this->db->where('COL_PROP_MODE !=', 'SAT'); + $this->db->where('COL_BAND', $band); + } else { + $this->db->where('COL_PROP_MODE', "SAT"); + } + } - if (!empty($qsl)) { - $qslfilter = array(); - if (strpos($qsl, "Q") !== false) { - $qslfilter[] = 'COL_QSL_RCVD = "Y"'; - } - if (strpos($qsl, "L") !== false) { - $qslfilter[] = 'COL_LOTW_QSL_RCVD = "Y"'; - } - if (strpos($qsl, "E") !== false) { - $qslfilter[] = 'COL_EQSL_QSL_RCVD = "Y"'; - } - if (strpos($qsl, "Z") !== false) { - $qslfilter[] = 'COL_QRZCOM_QSO_DOWNLOAD_STATUS = "Y"'; - } - if (strpos($qsl, "C") !== false) { - $qslfilter[] = 'COL_CLUBLOG_QSO_DOWNLOAD_STATUS = "Y"'; - } - $sql = "(".implode(' OR ', $qslfilter).")"; - $this->db->where($sql); - } + if (!empty($qsl)) { + $qslfilter = array(); + if (strpos($qsl, "Q") !== false) { + $qslfilter[] = 'COL_QSL_RCVD = "Y"'; + } + if (strpos($qsl, "L") !== false) { + $qslfilter[] = 'COL_LOTW_QSL_RCVD = "Y"'; + } + if (strpos($qsl, "E") !== false) { + $qslfilter[] = 'COL_EQSL_QSL_RCVD = "Y"'; + } + if (strpos($qsl, "Z") !== false) { + $qslfilter[] = 'COL_QRZCOM_QSO_DOWNLOAD_STATUS = "Y"'; + } + if (strpos($qsl, "C") !== false) { + $qslfilter[] = 'COL_CLUBLOG_QSO_DOWNLOAD_STATUS = "Y"'; + } + $sql = "(".implode(' OR ', $qslfilter).")"; // harmless, because value is checked b4 + $this->db->where($sql); + } - if (strtolower($mode) != 'all' && $mode != '') { - $this->db->where("(COL_MODE='" . $mode . "' OR COL_SUBMODE='" . $mode ."')"); - } - $this->db->order_by("COL_TIME_ON", "desc"); + if (strtolower($mode) != 'all' && $mode != '') { + $this->db->group_start(); + $this->db->where("COL_MODE", $mode); + $this->db->or_where("COL_SUBMODE", $mode); + $this->db->group_end(); + } + $this->db->order_by("COL_TIME_ON", "desc"); - $this->db->limit(500); + $this->db->limit(500); - return $this->db->get($this->config->item('table_name')); - } + return $this->db->get($this->config->item('table_name')); + } public function vucc_qso_details($gridsquare, $band) {