/**
* {@inheritDoc}
*/
public function quoteTrustedValue($value)
{
if ($this->resource instanceof DriverInterface) {
$this->resource = $this->resource->getConnection()->getResource();
}
if (is_resource($this->resource)) {
return '\'' . pg_escape_string($this->resource, $value) . '\'';
}
if ($this->resource instanceof \PDO) {
return $this->resource->quote($value);
}
return 'E' . parent::quoteTrustedValue($value);
}
/**
* Quote Trusted Value
*
* The ability to quote values without notices
*
* @param $value
* @return mixed
*/
public function quoteTrustedValue($value)
{
if ($this->resource instanceof DriverInterface) {
$this->resource = $this->resource->getConnection()->getResource();
}
if ($this->resource instanceof \PDO) {
return $this->resource->quote($value);
}
return '\'' . addcslashes($value, "\n\r\\'\"") . '\'';
}
/**
* {@inheritDoc}
*/
public function quoteTrustedValue($value)
{
if ($this->resource instanceof DriverInterface) {
$this->resource = $this->resource->getConnection()->getResource();
}
if ($this->resource instanceof \PDO) {
return $this->resource->quote($value);
}
return '\'' . str_replace('\'', '\'\'', $value) . '\'';
}
/**
* @param \Zend\Db\Adapter\Driver\Pdo\Pdo||\PDO $driver
* @throws \Zend\Db\Adapter\Exception\InvalidArgumentException
* @return $this
*/
public function setDriver($driver)
{
if ($driver instanceof \PDO && $driver->getAttribute(\PDO::ATTR_DRIVER_NAME) == 'sqlite') {
$this->resource = $driver;
return $this;
}
if ($driver instanceof Pdo\Pdo && $driver->getDatabasePlatformName() == 'Sqlite') {
$this->resource = $driver->getConnection()->getResource();
return $this;
}
throw new Exception\InvalidArgumentException('$driver must be a Sqlite PDO Zend\\Db\\Adapter\\Driver, Sqlite PDO instance');
}
/**
* @param \Zend\Db\Adapter\Driver\Pgsql\Pgsql|\Zend\Db\Adapter\Driver\Pdo\Pdo|resource|\PDO $driver
* @throws \Zend\Db\Adapter\Exception\InvalidArgumentException
* @return $this
*/
public function setDriver($driver)
{
if ($driver instanceof Pgsql\Pgsql || $driver instanceof Pdo\Pdo && $driver->getDatabasePlatformName() == 'Postgresql') {
$this->resource = $driver->getConnection()->getResource();
return $this;
}
if (is_resource($driver) && in_array(get_resource_type($driver), array('pgsql link', 'pgsql link persistent')) || $driver instanceof \PDO && $driver->getAttribute(\PDO::ATTR_DRIVER_NAME) == 'pgsql') {
$this->resource = $driver;
return $this;
}
throw new Exception\InvalidArgumentException('$driver must be a Pgsql or Postgresql PDO Zend\\Db\\Adapter\\Driver, pgsql link resource or Postgresql PDO instance');
}
/**
* Quote Trusted Value
*
* The ability to quote values without notices
*
* @param $value
* @return mixed
*/
public function quoteTrustedValue($value)
{
if ($this->resource instanceof DriverInterface) {
$this->resource = $this->resource->getConnection()->getResource();
}
if ($this->resource instanceof \mysqli) {
return '\'' . $this->resource->real_escape_string($value) . '\'';
}
if ($this->resource instanceof \PDO) {
return $this->resource->quote($value);
}
return '\'' . addcslashes($value, "\x00\n\r\\'\"\x1a") . '\'';
}
public static function templateDelete()
{
$sql = 'DELETE FROM ' . $GLOBALS['table_prefix'] . 'template WHERE id=:id;';
try {
$db = PDO::getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam('id', $_REQUEST['id']);
$stmt->execute();
$db = null;
Response::outputDeleted('Template', $_REQUEST['id']);
} catch (PDOException $e) {
Response::outputError($e);
}
}
/**
* @param \Zend\Db\Adapter\Driver\Sqlsrv\Sqlsrv|\Zend\Db\Adapter\Driver\Pdo\Pdo||resource|\PDO $driver
* @throws \Zend\Db\Adapter\Exception\InvalidArgumentException
* @return $this
*/
public function setDriver($driver)
{
// handle Zend_Db drivers
if ($driver instanceof Pdo\Pdo && $driver->getDatabasePlatformName() == 'Sqlsrv') {
/** @var $driver \Zend\Db\Adapter\Driver\DriverInterface */
$this->resource = $driver->getConnection()->getResource();
return $this;
}
// handle
if ($driver instanceof \PDO && $driver->getAttribute(\PDO::ATTR_DRIVER_NAME) == 'sqlsrv') {
$this->resource = $driver;
return $this;
}
throw new Exception\InvalidArgumentException('$driver must be a Sqlsrv PDO Zend\\Db\\Adapter\\Driver or Sqlsrv PDO instance');
}
public static function enforceRequestLimit($limit)
{
$response = new Response();
try {
$db = PDO::getConnection();
$stmt = $db->prepare('select count(cmd) as num from ' . $GLOBALS['table_prefix'] . 'restapi_request_log where date > date_sub(now(),interval 1 minute)');
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_OBJ);
if ($result->num > $limit) {
$response->outputErrorMessage('Too many requests. Requests are limited to ' . $limit . ' per minute');
die(0);
}
} catch (\Exception $e) {
$response->setError($e->getCode(), $e->getMessage());
}
}
public static function templateDelete()
{
$sql = 'DELETE FROM ' . $GLOBALS['table_prefix'] . 'template WHERE id=:id';
try {
if (!is_numeric($_REQUEST['id'])) {
Response::outputErrorMessage('invalid call');
}
$db = PDO::getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam('id', $_REQUEST['id'], PDO::PARAM_STR);
$stmt->execute();
$db = null;
Response::outputDeleted('Template', $_REQUEST['id']);
} catch (\Exception $e) {
Response::outputError($e);
}
}
/**
* Unassigns a list from a campaign.
*
* <p><strong>Parameters:</strong><br/>
* [*list_id] {integer} the ID of the list.<br/>
* [*campaign_id] {integer} the ID of the campaign.
* </p>
* <p><strong>Returns:</strong><br/>
* System message of action.
* </p>
*/
public static function listCampaignDelete($list_id = 0, $campaign_id = 0)
{
if ($list_id == 0) {
$list_id = $_REQUEST['list_id'];
}
if ($campaign_id == 0) {
$campaign_id = $_REQUEST['campaign_id'];
}
$sql = 'DELETE FROM ' . $GLOBALS['tables']['listmessage'] . ' WHERE listid=:list_id AND messageid=:campaign_id;';
try {
$db = PDO::getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam('campaign_id', $campaign_id, PDO::PARAM_INT);
$stmt->bindParam('list_id', $list_id, PDO::PARAM_INT);
$stmt->execute();
$db = null;
Response::outputMessage('Campaign ' . $campaign_id . ' wsa removed from list ' . $list_id);
} catch (\Exception $e) {
Response::outputError($e);
}
die(0);
}
/**
* Delete a Subscriber.
*
* <p><strong>Parameters:</strong><br/>
* [*id] {integer} the ID of the Subscriber.<br/>
* </p>
* <p><strong>Returns:</strong><br/>
* The deleted Subscriber ID.
* </p>
*/
public static function subscriberDelete()
{
$sql = 'DELETE FROM ' . $GLOBALS['tables']['user'] . ' WHERE id=:id;';
try {
if (!is_numeric($_REQUEST['id'])) {
Response::outputErrorMessage('invalid call');
}
$db = PDO::getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam('id', $_REQUEST['id'], PDO::PARAM_INT);
$stmt->execute();
$db = null;
Response::outputDeleted('Subscriber', sprintf('%d', $_REQUEST['id']));
} catch (\Exception $e) {
Response::outputError($e);
}
}
/**
* Update existing message/campaign.
*
* <p><strong>Parameters:</strong><br/>
* [*id] {integer} <br/>
* [*subject] {string} <br/>
* [*fromfield] {string} <br/>
* [*replyto] {string} <br/>
* [*message] {string} <br/>
* [*textmessage] {string} <br/>
* [*footer] {string} <br/>
* [*status] {string} <br/>
* [*sendformat] {string} <br/>
* [*template] {string} <br/>
* [*embargo] {string} <br/>
* [*rsstemplate] {string} <br/>
* [owner] {string} <br/>
* [htmlformatted] {string} <br/>
* <p><strong>Returns:</strong><br/>
* The message added.
* </p>
*/
public static function messageUpdate($id = 0)
{
if ($id == 0) {
$id = $_REQUEST['id'];
}
$sql = 'UPDATE ' . $GLOBALS['table_prefix'] . 'message SET subject=:subject, fromfield=:fromfield, replyto=:replyto, message=:message, textmessage=:textmessage, footer=:footer, status=:status, sendformat=:sendformat, template=:template, sendstart=:sendstart, rsstemplate=:rsstemplate, owner=:owner, htmlformatted=:htmlformatted WHERE id=:id;';
try {
$db = PDO::getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam('id', $id);
$stmt->bindParam('subject', $_REQUEST['subject']);
$stmt->bindParam('fromfield', $_REQUEST['fromfield']);
$stmt->bindParam('replyto', $_REQUEST['replyto']);
$stmt->bindParam('message', $_REQUEST['message']);
$stmt->bindParam('textmessage', $_REQUEST['textmessage']);
$stmt->bindParam('footer', $_REQUEST['footer']);
$stmt->bindParam('status', $_REQUEST['status']);
$stmt->bindParam('sendformat', $_REQUEST['sendformat']);
$stmt->bindParam('template', $_REQUEST['template']);
$stmt->bindParam('embargo', $_REQUEST['embargo']);
$stmt->bindParam('rsstemplate', $_REQUEST['rsstemplate']);
$stmt->bindParam('owner', $_REQUEST['owner']);
$stmt->bindParam('htmlformatted', $_REQUEST['htmlformatted']);
$stmt->execute();
$db = null;
self::messageGet($id);
} catch (PDOException $e) {
Response::outputError($e);
}
}
