diff --git a/app/classes/component.php b/app/classes/component.php index 82a5f54..e8f650e 100644 --- a/app/classes/component.php +++ b/app/classes/component.php @@ -36,46 +36,71 @@ class Component { * @return array The list of Jitsi component events or an empty array if no results. */ public function jitsiComponents($jitsi_component, $component_id, $event_type, $from_time, $until_time, $offset=0, $items_per_page='') { + global $logObject; + try { + // Add time part to dates if not present + if (strlen($from_time) <= 10) { + $from_time .= ' 00:00:00'; + } + if (strlen($until_time) <= 10) { + $until_time .= ' 23:59:59'; + } - // time period drill-down - // FIXME make it similar to the bash version - if (empty($from_time)) { - $from_time = '0000-01-01'; + // list of jitsi component events + $sql = "SELECT jitsi_component, loglevel, time, component_id, event_type, event_param + FROM jitsi_components + WHERE time >= :from_time + AND time <= :until_time"; + + // Only add component and event filters if they're not the default values + if ($jitsi_component !== 'jitsi_component') { + $sql .= " AND LOWER(jitsi_component) = LOWER(:jitsi_component)"; + } + if ($component_id !== 'component_id') { + $sql .= " AND component_id = :component_id"; + } + if ($event_type !== 'event_type') { + $sql .= " AND event_type LIKE :event_type"; + } + + $sql .= " ORDER BY time"; + + if ($items_per_page) { + $sql .= ' LIMIT :offset, :items_per_page'; + } + + $stmt = $this->db->prepare($sql); + + // Bind parameters only if they're not default values + if ($jitsi_component !== 'jitsi_component') { + $stmt->bindValue(':jitsi_component', trim($jitsi_component, "'")); + } + if ($component_id !== 'component_id') { + $stmt->bindValue(':component_id', trim($component_id, "'")); + } + if ($event_type !== 'event_type') { + $stmt->bindValue(':event_type', '%' . trim($event_type, "'") . '%'); + } + + $stmt->bindParam(':from_time', $from_time); + $stmt->bindParam(':until_time', $until_time); + + if ($items_per_page) { + $stmt->bindParam(':offset', $offset, PDO::PARAM_INT); + $stmt->bindParam(':items_per_page', $items_per_page, PDO::PARAM_INT); + } + + $stmt->execute(); + $result = $stmt->fetchAll(PDO::FETCH_ASSOC); + + if (!empty($result)) { + $logObject->insertLog(0, "Retrieved " . count($result) . " Jitsi component events"); + } + return $result; + } catch (PDOException $e) { + $logObject->insertLog(0, "Failed to retrieve Jitsi component events: " . $e->getMessage()); + return []; } - if (empty($until_time)) { - $until_time = '9999-12-31'; - } - $from_time = htmlspecialchars(strip_tags($from_time)); - $until_time = htmlspecialchars(strip_tags($until_time)); - - // list of jitsi component events - $sql = "SELECT jitsi_component, loglevel, time, component_id, event_type, event_param - FROM jitsi_components - WHERE LOWER(jitsi_component) = LOWER(%s) - AND component_id = %s"; - if ($event_type != '' && $event_type != 'event_type') { - $sql .= " AND event_type LIKE '%%%s%%'"; - } - $sql .= " AND (time >= '%s 00:00:00' AND time <= '%s 23:59:59') ORDER BY time"; - - if ($items_per_page) { - $items_per_page = (int)$items_per_page; - $sql .= ' LIMIT ' . $offset . ',' . $items_per_page; - } - - // FIXME this needs to be done with bound params instead of sprintf - if ($event_type != '' && $event_type != 'event_type') { - $sql = sprintf($sql, $jitsi_component, $component_id, $event_type, $from_time, $until_time); - $sql = str_replace("LIKE '%'", "LIKE '%", $sql); - $sql = str_replace("'%'\nAND", "%' AND", $sql); - } else { - $sql = sprintf($sql, $jitsi_component, $component_id, $from_time, $until_time); - } - - $query = $this->db->prepare($sql); - $query->execute(); - - return $query->fetchAll(PDO::FETCH_ASSOC); } /** @@ -90,37 +115,54 @@ class Component { * @return int The total count of matching components */ public function getComponentEventsCount($jitsi_component, $component_id, $event_type, $from_time, $until_time) { - // time period drill-down - if (empty($from_time)) { - $from_time = '0000-01-01'; - } - if (empty($until_time)) { - $until_time = '9999-12-31'; - } - $from_time = htmlspecialchars(strip_tags($from_time)); - $until_time = htmlspecialchars(strip_tags($until_time)); - - // Build the query - $sql = "SELECT COUNT(*) as total - FROM jitsi_events - WHERE time >= :from_time - AND time <= :until_time - AND LOWER(jitsi_component) = LOWER(:jitsi_component) - AND component_id) = :component_id - AND LOWER(event_type) = LOWER(:event_type)"; - + global $logObject; try { + // Add time part to dates if not present + if (strlen($from_time) <= 10) { + $from_time .= ' 00:00:00'; + } + if (strlen($until_time) <= 10) { + $until_time .= ' 23:59:59'; + } + + // Build the query + $sql = "SELECT COUNT(*) as total + FROM jitsi_components + WHERE time >= :from_time + AND time <= :until_time"; + + // Only add component and event filters if they're not the default values + if ($jitsi_component !== 'jitsi_component') { + $sql .= " AND LOWER(jitsi_component) = LOWER(:jitsi_component)"; + } + if ($component_id !== 'component_id') { + $sql .= " AND component_id = :component_id"; + } + if ($event_type !== 'event_type') { + $sql .= " AND event_type LIKE :event_type"; + } + $stmt = $this->db->prepare($sql); + + // Bind parameters only if they're not default values + if ($jitsi_component !== 'jitsi_component') { + $stmt->bindValue(':jitsi_component', trim($jitsi_component, "'")); + } + if ($component_id !== 'component_id') { + $stmt->bindValue(':component_id', trim($component_id, "'")); + } + if ($event_type !== 'event_type') { + $stmt->bindValue(':event_type', '%' . trim($event_type, "'") . '%'); + } + $stmt->bindParam(':from_time', $from_time); $stmt->bindParam(':until_time', $until_time); - $stmt->bindParam(':jitsi_component', $jitsi_component); - $stmt->bindParam(':component_id', $component_id); - $stmt->bindParam(':event_type', $event_type); + $stmt->execute(); $result = $stmt->fetch(PDO::FETCH_ASSOC); return (int)$result['total']; } catch (PDOException $e) { - error_log("Error in getComponentCount: " . $e->getMessage()); + $logObject->insertLog(0, "Failed to retrieve component events count: " . $e->getMessage()); return 0; } }