diff --git a/app/access_controls/access_control_edit.php b/app/access_controls/access_control_edit.php index 923f9aa95..b9dab7028 100644 --- a/app/access_controls/access_control_edit.php +++ b/app/access_controls/access_control_edit.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2018-2024 + Portions created by the Initial Developer are Copyright (C) 2018-2026 the Initial Developer. All Rights Reserved. */ @@ -35,6 +35,28 @@ $language = new text; $text = $language->get(); +// Set variables from http GET parameters + $page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0; + $order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'access_control_name')); + $order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc'; + $search = $_GET['search'] ?? ''; + +// Build the query string + $param = []; + if (!empty($page)) { + $param['page'] = $page; + } + if (!empty($_GET['order_by'])) { + $param['order_by'] = $order_by; + } + if (!empty($_GET['order'])) { + $param['order'] = $order; + } + if (!empty($search)) { + $param['search'] = $search; + } + $query_string = http_build_query($param); + //action add or update if (!empty($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) { $action = "update"; @@ -75,7 +97,7 @@ $token = new token; if (!$token->validate($_SERVER['PHP_SELF'])) { message::add($text['message-invalid_token'],'negative'); - header('Location: access_controls.php'); + header('Location: access_controls.php'.($query_string ? '?'.$query_string : '')); exit; } @@ -121,7 +143,7 @@ event_socket::api("reloadacl"); //redirect the user - header('Location: access_control_edit.php?id='.$id); + header('Location: access_control_edit.php?id='.$id.($query_string ? '&'.$query_string : '')); exit; } } @@ -173,7 +195,7 @@ $node_cidr = $row["node_cidr"]; } else { - //domains hostname to lookup + //domains hostname to lookup $domains[] = [ 'type'=>$row['node_type'], 'value'=>$row['node_cidr'], @@ -242,7 +264,7 @@ $_SESSION["message"] = $text['message-update']; } //header('Location: access_controls.php'); - header('Location: access_control_edit.php?id='.urlencode($access_control_uuid)); + header('Location: access_control_edit.php?id='.urlencode($access_control_uuid).($query_string ? '&'.$query_string : '')); return; } } @@ -311,7 +333,7 @@ echo "
\n"; echo "
".$text['title-access_control']."
\n"; echo "
\n"; - echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'access_controls.php']); + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'access_controls.php'.($query_string ? '?'.$query_string : '')]); if ($action == 'update') { if (permission_exists('access_control_node_add')) { echo button::create(['type'=>'button','label'=>$text['button-import'],'icon'=>$settings->get('theme', 'button_icon_import'),'style'=>'margin-right: 3px;','link'=>'access_control_import.php?id='.escape($access_control_uuid)]); diff --git a/app/access_controls/access_controls.php b/app/access_controls/access_controls.php index 3a3d14b60..db1f901de 100644 --- a/app/access_controls/access_controls.php +++ b/app/access_controls/access_controls.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2018-2025 + Portions created by the Initial Developer are Copyright (C) 2018-2026 the Initial Developer. All Rights Reserved. Contributor(s): @@ -47,10 +47,31 @@ //set from session variables $list_row_edit_button = $settings->get('theme', 'list_row_edit_button', 'false'); +// Set variables from http GET parameters + $page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0; + $order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'access_control_name')); + $order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc'; + $search = $_GET['search'] ?? ''; + +// Build the query string + $param = []; + if (!empty($page)) { + $param['page'] = $page; + } + if (!empty($_GET['order_by'])) { + $param['order_by'] = $order_by; + } + if (!empty($_GET['order'])) { + $param['order'] = $order; + } + if (!empty($search)) { + $param['search'] = $search; + } + $query_string = http_build_query($param); + //get the http post data if (!empty($_POST['access_controls'])) { $action = $_POST['action'] ?? ''; - $search = $_POST['search'] ?? ''; $access_controls = $_POST['access_controls']; } @@ -72,19 +93,10 @@ } //redirect the user - header('Location: access_controls.php'.(!empty($search) ? '?search='.urlencode($search) : '')); + header('Location: access_controls.php'.($query_string ? '?'.$query_string : '')); exit; } -//get order and order by - $order_by = $_GET["order_by"] ?? ''; - $order = $_GET["order"] ?? ''; - -//add the search - if (isset($_GET["search"])) { - $search = strtolower($_GET["search"]); - $parameters['search'] = '%'.$search.'%'; - } //get the count $sql = "select count(access_control_uuid) "; @@ -95,6 +107,7 @@ $sql .= " or lower(access_control_default) like :search "; $sql .= " or lower(access_control_description) like :search "; $sql .= ") "; + $parameters['search'] = '%'.lower_case($search).'%'; } $num_rows = $database->select($sql, $parameters ?? null, 'column'); @@ -111,6 +124,7 @@ $sql .= " or lower(access_control_default) like :search "; $sql .= " or lower(access_control_description) like :search "; $sql .= ") "; + $parameters['search'] = '%'.lower_case($search).'%'; } $sql .= order_by($order_by, $order, 'access_control_name', 'asc'); $access_controls = $database->select($sql, $parameters ?? null, 'all'); @@ -128,9 +142,9 @@ echo "
\n"; echo "
".$text['title-access_controls']."
".number_format($num_rows)."
\n"; echo "
\n"; - echo button::create(['label'=>$text['button-reload'],'icon'=>$settings->get('theme', 'button_icon_reload'),'type'=>'button','id'=>'button_reload','link'=>'access_controls_reload.php'.(!empty($search) ? '?search='.urlencode($search) : ''),'style'=>'margin-right: 15px;']); + echo button::create(['label'=>$text['button-reload'],'icon'=>$settings->get('theme', 'button_icon_reload'),'type'=>'button','id'=>'button_reload','link'=>'access_controls_reload.php'.($query_string ? '?'.$query_string : ''),'style'=>'margin-right: 15px;']); if (permission_exists('access_control_add')) { - echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$settings->get('theme', 'button_icon_add'),'id'=>'btn_add','name'=>'btn_add','link'=>'access_control_edit.php']); + echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$settings->get('theme', 'button_icon_add'),'id'=>'btn_add','name'=>'btn_add','link'=>'access_control_edit.php'.($query_string ? '?'.$query_string : '')]); } if (permission_exists('access_control_add') && $access_controls) { echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$settings->get('theme', 'button_icon_copy'),'id'=>'btn_copy','name'=>'btn_copy','style'=>'display:none;','onclick'=>"modal_open('modal-copy','btn_copy');"]); @@ -159,7 +173,6 @@ echo "
\n"; echo "\n"; - echo "\n"; echo "
\n"; echo "\n"; @@ -169,8 +182,8 @@ echo " \n"; echo " \n"; } - echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order); - echo th_order_by('access_control_default', $text['label-access_control_default'], $order_by, $order); + echo th_order_by('access_control_name', $text['label-access_control_name'], $order_by, $order, null, null, $query_string); + echo th_order_by('access_control_default', $text['label-access_control_default'], $order_by, $order, null, null, $query_string); echo " \n"; if (permission_exists('access_control_edit') && $list_row_edit_button == 'true') { echo " \n"; @@ -182,7 +195,7 @@ foreach ($access_controls as $row) { $list_row_url = ''; if (permission_exists('access_control_view')) { - $list_row_url = "access_control_edit.php?id=".urlencode($row['access_control_uuid']); + $list_row_url = "access_control_edit.php?id=".urlencode($row['access_control_uuid']).($query_string ? '&'.$query_string : ''); if (!empty($row['domain_uuid']) && $row['domain_uuid'] != $_SESSION['domain_uuid'] && permission_exists('domain_select')) { $list_row_url .= '&domain_uuid='.urlencode($row['domain_uuid']).'&domain_change=true'; } diff --git a/app/access_controls/access_controls_reload.php b/app/access_controls/access_controls_reload.php index 31d301722..0d247af29 100644 --- a/app/access_controls/access_controls_reload.php +++ b/app/access_controls/access_controls_reload.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2023 + Portions created by the Initial Developer are Copyright (C) 2008-2026 the Initial Developer. All Rights Reserved. Contributor(s): @@ -34,8 +34,27 @@ exit; } -//set the variables - $search = $_REQUEST['search'] ?? ''; +// Set variables from http GET parameters + $page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0; + $order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'access_control_name')); + $order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc'; + $search = $_GET['search'] ?? ''; + +// Build the query string + $param = []; + if (!empty($page)) { + $param['page'] = $page; + } + if (!empty($_GET['order_by'])) { + $param['order_by'] = $order_by; + } + if (!empty($_GET['order'])) { + $param['order'] = $order; + } + if (!empty($search)) { + $param['search'] = $search; + } + $query_string = http_build_query($param); //run the command $result = rtrim(event_socket::api('reloadacl')); @@ -44,8 +63,7 @@ message::add($result, 'alert'); //redirect - $search = preg_replace('#[^a-zA-Z0-9_\-\.]# ', '', $search); - $location = 'access_controls.php'.($search != '' ? "?search=".urlencode($search) : null); + $location = 'access_controls.php'.($query_string ? "?".$query_string : null); header("Location: ".$location);
".$text['label-access_control_description']."