diff --git a/app/event_guard/event_guard_log_edit.php b/app/event_guard/event_guard_log_edit.php index 29d4c2aee..f68ed1b78 100644 --- a/app/event_guard/event_guard_log_edit.php +++ b/app/event_guard/event_guard_log_edit.php @@ -1,6 +1,6 @@ + Copyright (C) 2022-2026 Mark J Crane Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, @@ -34,6 +34,32 @@ $language = new text; $text = $language->get(); +// Set variables from http GET parameters + $page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0; + $order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'log_date')); + $order = ($_GET['order'] ?? '') === 'asc' ? 'asc' : 'desc'; + $search = $_GET['search'] ?? ''; + $filter = $_GET['filter'] ?? ''; + +// Build the query string + $param = []; + if (!empty($page)) { + $param['page'] = $page; + } + if (!empty($_GET['order_by'])) { + $param['order_by'] = $order_by; + } + if (!empty($_GET['order'])) { + $param['order'] = $order; + } + if (!empty($search)) { + $param['search'] = $search; + } + if (!empty($filter)) { + $param['filter'] = $filter; + } + $query_string = http_build_query($param); + //action add or update if (is_uuid($_REQUEST["id"])) { $action = "update"; @@ -62,7 +88,7 @@ $token = new token; if (!$token->validate($_SERVER['PHP_SELF'])) { message::add($text['message-invalid_token'],'negative'); - header('Location: event_guard_logs.php'); + header('Location: event_guard_logs.php'.($query_string ? '?'.$query_string : '')); exit; } @@ -91,7 +117,7 @@ //redirect the user if (in_array($_POST['action'], array('copy', 'delete', 'toggle'))) { - header('Location: event_guard_log_edit.php?id='.$id); + header('Location: event_guard_log_edit.php?id='.$id.($query_string ? '&'.$query_string : '')); exit; } } @@ -145,7 +171,7 @@ $_SESSION["message"] = $text['message-update']; } //header('Location: event_guard_logs.php'); - header('Location: event_guard_log_edit.php?id='.urlencode($event_guard_log_uuid)); + header('Location: event_guard_log_edit.php?id='.urlencode($event_guard_log_uuid).($query_string ? '&'.$query_string : '')); return; } } @@ -192,7 +218,7 @@ echo "
\n"; echo "
".$text['title-event_guard_log']."
\n"; echo "
\n"; - echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'event_guard_logs.php']); + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'event_guard_logs.php'.($query_string ? '?'.$query_string : '')]); if ($action == 'update') { if (permission_exists('_add')) { echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$settings->get('theme', 'button_icon_copy'),'id'=>'btn_copy','name'=>'btn_copy','style'=>'display: none;','onclick'=>"modal_open('modal-copy','btn_copy');"]); @@ -287,7 +313,6 @@ echo "\n"; echo "\n"; - echo "\n"; echo "\n"; echo " ".$text['label-log_status']."\n"; @@ -310,4 +335,4 @@ //include the footer require_once "resources/footer.php"; -?> \ No newline at end of file +?> diff --git a/app/event_guard/event_guard_logs.php b/app/event_guard/event_guard_logs.php index 043b56597..ecba15aac 100644 --- a/app/event_guard/event_guard_logs.php +++ b/app/event_guard/event_guard_logs.php @@ -1,7 +1,7 @@ + Copyright (C) 2022-2026 Mark J Crane Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -38,10 +38,35 @@ $language = new text; $text = $language->get(); +// Set variables from http GET parameters + $page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0; + $order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'log_date')); + $order = ($_GET['order'] ?? '') === 'asc' ? 'asc' : 'desc'; + $search = $_GET['search'] ?? ''; + $filter = $_GET['filter'] ?? ''; + +// Build the query string + $param = []; + if (!empty($page)) { + $param['page'] = $page; + } + if (!empty($_GET['order_by'])) { + $param['order_by'] = $order_by; + } + if (!empty($_GET['order'])) { + $param['order'] = $order; + } + if (!empty($search)) { + $param['search'] = $search; + } + if (!empty($filter)) { + $param['filter'] = $filter; + } + $query_string = http_build_query($param); + //get the http post data if (!empty($_POST['event_guard_logs']) && is_array($_POST['event_guard_logs'])) { $action = $_POST['action']; - $search = $_POST['search'] ?? ''; $event_guard_logs = $_POST['event_guard_logs']; } @@ -70,24 +95,15 @@ } //redirect the user - header('Location: event_guard_logs.php'.($search != '' ? '?search='.urlencode($search) : '')); + header('Location: event_guard_logs.php'.($query_string ? '?'.$query_string : '')); exit; } -//get order and order by - $order_by = $_GET["order_by"] ?? null; - $order = $_GET["order"] ?? null; - -//add the search - if (!empty($_GET["search"])) { - $search = $_GET["search"]; - } - //get the count $sql = "select count(event_guard_log_uuid) "; $sql .= "from v_event_guard_logs "; $sql .= "where true "; - if (isset($search)) { + if (!empty($search)) { $sql .= "and ("; $sql .= " lower(hostname) like :search "; $sql .= " or filter like :search "; @@ -96,21 +112,19 @@ $sql .= " or lower(user_agent) like :search "; $sql .= " or lower(log_status) like :search "; $sql .= ") "; - $parameters['search'] = '%'.strtolower($search).'%'; + $parameters['search'] = '%'.lower_case($search).'%'; } - if (isset($_GET["filter"]) && $_GET["filter"] != '') { + if (!empty($filter)) { $sql .= "and filter = :filter "; - $parameters['filter'] = $_GET["filter"]; + $parameters['filter'] = $filter; } $num_rows = $database->select($sql, $parameters ?? null, 'column'); unset($sql, $parameters); //prepare to page the results $rows_per_page = $settings->get('domain', 'paging', 50); - $param = !empty($search) ? "&search=".$search : null; - $page = !empty($_GET['page']) && is_numeric($_GET['page']) ? $_GET['page'] : 0; - list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); - list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); + list($paging_controls, $rows_per_page) = paging($num_rows, $query_string, $rows_per_page); + list($paging_controls_mini, $rows_per_page) = paging($num_rows, $query_string, $rows_per_page, true); $offset = $rows_per_page * $page; //set the time zone @@ -147,11 +161,11 @@ $sql .= " or lower(user_agent) like :search "; $sql .= " or lower(log_status) like :search "; $sql .= ") "; - $parameters['search'] = '%'.strtolower($search).'%'; + $parameters['search'] = '%'.lower_case($search).'%'; } - if (!empty($_GET["filter"])) { + if (!empty($filter)) { $sql .= "and filter = :filter "; - $parameters['filter'] = $_GET["filter"]; + $parameters['filter'] = $filter; } $sql .= order_by($order_by, $order, 'log_date', 'desc'); $sql .= limit_offset($rows_per_page, $offset); @@ -172,7 +186,7 @@ echo "
".$text['title-event_guard_logs']."
".number_format($num_rows)."
\n"; echo "
\n"; if (permission_exists('event_guard_log_add')) { - echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$settings->get('theme', 'button_icon_add'),'id'=>'btn_add','name'=>'btn_add','link'=>'event_guard_log_edit.php']); + echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$settings->get('theme', 'button_icon_add'),'id'=>'btn_add','name'=>'btn_add','link'=>'event_guard_log_edit.php'.($query_string ? '?'.$query_string : '')]); } if (permission_exists('event_guard_log_add') && $event_guard_logs) { echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$settings->get('theme', 'button_icon_copy'),'id'=>'btn_copy','name'=>'btn_copy','style'=>'display:none;','onclick'=>"modal_open('modal-copy','btn_copy');"]); @@ -183,14 +197,19 @@ if (permission_exists('event_guard_log_delete') && $event_guard_logs) { echo button::create(['type'=>'button','label'=>$text['button-unblock'],'icon'=>$settings->get('theme', 'button_icon_delete'),'id'=>'btn_delete','name'=>'btn_delete','style'=>'display:none;','onclick'=>"modal_open('modal-delete','btn_delete');"]); } - echo "