From 71c838cd31b8be2f73b8ec1f649f0149b9ac8b5c Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Tue, 8 Mar 2011 14:43:45 +0000
Subject: [PATCH] 2011-03-08 Miguel de Dios  <miguel.dedios@artica.es>

	* include/functions_api.php, include/functions_db.php,
	extensions/update_manager.php, extensions/plugin_registration.php,
	operation/incidents/incident.php, operation/incidents/incident_detail.php,
	godmode/agentes/planned_downtime.php, godmode/servers/recon_script.php,
	godmode/snmpconsole/snmp_filters.php, godmode/setup/news.php,
	godmode/modules/manage_network_templates_form.php: change the source code
	for to use process_sql_insert instead of the SQL.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4067 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     | 10 +++
 .../extensions/plugin_registration.php        | 83 ++++++++++---------
 pandora_console/extensions/update_manager.php |  3 +-
 .../godmode/agentes/planned_downtime.php      |  7 +-
 .../modules/manage_network_templates_form.php | 10 ++-
 .../godmode/servers/recon_script.php          | 12 +--
 pandora_console/godmode/setup/news.php        |  8 +-
 .../godmode/snmpconsole/snmp_filters.php      |  7 +-
 pandora_console/include/functions_api.php     |  8 +-
 pandora_console/include/functions_db.php      |  5 +-
 .../operation/incidents/incident.php          | 16 +++-
 .../operation/incidents/incident_detail.php   |  7 +-
 12 files changed, 113 insertions(+), 63 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index a1755c3d78..2f9af9bc2a 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,13 @@
+2011-03-08 Miguel de Dios  <miguel.dedios@artica.es>
+
+	* include/functions_api.php, include/functions_db.php,
+	extensions/update_manager.php, extensions/plugin_registration.php,
+	operation/incidents/incident.php, operation/incidents/incident_detail.php,
+	godmode/agentes/planned_downtime.php, godmode/servers/recon_script.php,
+	godmode/snmpconsole/snmp_filters.php, godmode/setup/news.php,
+	godmode/modules/manage_network_templates_form.php: change the source code
+	for to use process_sql_insert instead of the SQL.
+
 2011-03-08 Miguel de Dios  <miguel.dedios@artica.es>
 
 	* include/functions_events.php, include/functions_messages.php,
diff --git a/pandora_console/extensions/plugin_registration.php b/pandora_console/extensions/plugin_registration.php
index bb83966569..7aa4a28ea9 100644
--- a/pandora_console/extensions/plugin_registration.php
+++ b/pandora_console/extensions/plugin_registration.php
@@ -99,46 +99,55 @@ function pluginreg_extension_main () {
 		return;;
 	}
 
-	$sql1 = "INSERT INTO tplugin (name, description, max_timeout, execute, net_dst_opt, net_port_opt, user_opt, pass_opt, plugin_type) VALUES (
-	'" . safe_input ($ini_array["plugin_definition"]["name"]) . "' ,
-	'" . safe_input ($ini_array["plugin_definition"]["description"]) . "' ,
-	'" . $ini_array["plugin_definition"]["timeout"] . "' ,
-	'" . safe_input ($exec_path) . "' ,
-	'" . $ini_array["plugin_definition"]["ip_opt"] . "' ,
-	'" . $ini_array["plugin_definition"]["port_opt"] . "' ,
-	'" . $ini_array["plugin_definition"]["user_opt"] . "' ,
-	'" . $ini_array["plugin_definition"]["pass_opt"] . "' ,
-	'" . $ini_array["plugin_definition"]["plugin_type"] . 
-	"')";
-
-	$create_id = process_sql($sql1, "insert_id");
+	$values = array(
+		'name' => safe_input ($ini_array["plugin_definition"]["name"]),
+		'description' => safe_input ($ini_array["plugin_definition"]["description"]),
+		'max_timeout' => $ini_array["plugin_definition"]["timeout"],
+		'execute' => safe_input ($exec_path),
+		'net_dst_opt' => $ini_array["plugin_definition"]["ip_opt"],
+		'net_port_opt' => $ini_array["plugin_definition"]["port_opt"],
+		'user_opt' => $ini_array["plugin_definition"]["user_opt"],
+		'pass_opt' => $ini_array["plugin_definition"]["pass_opt"],
+		'plugin_type' => $ini_array["plugin_definition"]["plugin_type"]);
+	
+	$create_id = process_sql_insert('tplugin', $values);
+	
+	$values = array(
+		'name' => safe_input ($ini_array["plugin_definition"]["name"]),
+		'description' => safe_input ($ini_array["plugin_definition"]["description"]),
+		'max_timeout' => $ini_array["plugin_definition"]["timeout"],
+		'execute' => safe_input ($exec_path),
+		'net_dst_opt' => $ini_array["plugin_definition"]["ip_opt"],
+		'net_port_opt' => $ini_array["plugin_definition"]["port_opt"],
+		'user_opt' => $ini_array["plugin_definition"]["user_opt"],
+		'pass_opt' => $ini_array["plugin_definition"]["pass_opt"],
+		'plugin_type' => $ini_array["plugin_definition"]["plugin_type"]);
+	$create_id = process_sql_insert('tplugin', $values);
 
 	for ($ax=1; $ax <= $ini_array["plugin_definition"]["total_modules_provided"]; $ax++){
 		$label = "module".$ax;
-
-		$sql2 = "INSERT INTO tnetwork_component (name, description, id_group, type, max, min, module_interval, id_module_group, id_modulo, plugin_user, plugin_pass, plugin_parameter, max_timeout, history_data, min_warning, min_critical, min_ff_event, tcp_port, id_plugin) VALUES (
-
-		'".safe_input ($ini_array[$label]["name"])."', 
-		'".safe_input ($ini_array[$label]["description"]) ."', 
-		'".$ini_array[$label]["id_group"]."', 
-		'".$ini_array[$label]["type"]."', 
-		'".$ini_array[$label]["max"]."', 
-		'".$ini_array[$label]["min"]."', 
-		'".$ini_array[$label]["module_interval"]."', 
-		'".$ini_array[$label]["id_module_group"]."', 
-		'".$ini_array[$label]["id_modulo"]."', 
-		'".safe_input ($ini_array[$label]["plugin_user"])."', 
-		'".safe_input ($ini_array[$label]["plugin_pass"])."', 
-		'".safe_input ($ini_array[$label]["plugin_parameter"])."', 
-		'".$ini_array[$label]["max_timeout"]."', 
-		'".$ini_array[$label]["history_data"]."', 
-		'".$ini_array[$label]["min_warning"]."', 
-		'".$ini_array[$label]["min_critical"]."', 
-		'".$ini_array[$label]["min_ff_event"]."', 
-		'".$ini_array[$label]["tcp_port"]."', 
-		'".$create_id."')";
-	
-		process_sql($sql2);
+		
+		$values = array(
+			'name' => safe_input ($ini_array[$label]["name"]),
+			'description' => safe_input ($ini_array[$label]["description"]),
+			'id_group' => $ini_array[$label]["id_group"],
+			'type' => $ini_array[$label]["type"],
+			'max' => $ini_array[$label]["max"],
+			'min' => $ini_array[$label]["min"],
+			'module_interval' => $ini_array[$label]["module_interval"],
+			'id_module_group' => $ini_array[$label]["id_module_group"],
+			'id_modulo' => $ini_array[$label]["id_modulo"], 
+			'plugin_user' => safe_input ($ini_array[$label]["plugin_user"]),
+			'plugin_pass' => safe_input ($ini_array[$label]["plugin_pass"]),
+			'plugin_parameter' => safe_input ($ini_array[$label]["plugin_parameter"]),
+			'max_timeout' => $ini_array[$label]["max_timeout"],
+			'history_data' => $ini_array[$label]["history_data"],
+			'min_warning' => $ini_array[$label]["min_warning"],
+			'min_critical' => $ini_array[$label]["min_critical"],
+			'min_ff_event' => $ini_array[$label]["min_ff_event"],
+			'tcp_port' => $ini_array[$label]["tcp_port"],
+			'id_plugin' => $create_id);
+		process_sql_insert('tnetwork_component', $values);
 		
 		echo "<h3 class=suc>".__("Module plugin registered"). " : ". $ini_array[$label]["name"] ."</h2>";
 	}
diff --git a/pandora_console/extensions/update_manager.php b/pandora_console/extensions/update_manager.php
index 49ad444e15..29119a37c8 100644
--- a/pandora_console/extensions/update_manager.php
+++ b/pandora_console/extensions/update_manager.php
@@ -87,7 +87,8 @@ function pandora_update_manager_login () {
 	// If first time, make the first autoupdate and disable it in DB
 	if (!isset($config["autoupdate"])){
 		$config["autoupdate"] = 1;
-		process_sql ("INSERT INTO tconfig (token,value) VALUES ('autoupdate', 0)");
+		
+		process_sql_insert('tconfig', array('token' => 'autoupdate', 'value' => 0));
 	}
 
 	if ($config["autoupdate"] == 0)
diff --git a/pandora_console/godmode/agentes/planned_downtime.php b/pandora_console/godmode/agentes/planned_downtime.php
index 57013842f3..8fb6ef0990 100644
--- a/pandora_console/godmode/agentes/planned_downtime.php
+++ b/pandora_console/godmode/agentes/planned_downtime.php
@@ -57,8 +57,11 @@ if ($insert_downtime_agent == 1){
 	$agents = $_POST["id_agent"];
 	for ($a=0;$a <count($agents); $a++){ 
 		$id_agente_dt = $agents[$a];
-		$sql = "INSERT INTO tplanned_downtime_agents (id_downtime, id_agent) VALUES ($id_downtime, $id_agente_dt)";		
-		$result = process_sql ($sql);
+		
+		$values = array(
+			'id_downtime' => $id_downtime,
+			'id_agent' => $id_agente_dt);
+		$result = process_sql_insert('tplanned_downtime_agents', $values);
 	}
 }
 
diff --git a/pandora_console/godmode/modules/manage_network_templates_form.php b/pandora_console/godmode/modules/manage_network_templates_form.php
index 2bd27523ae..5b7642851f 100644
--- a/pandora_console/godmode/modules/manage_network_templates_form.php
+++ b/pandora_console/godmode/modules/manage_network_templates_form.php
@@ -53,8 +53,9 @@ elseif (isset ($_GET["add_module"])) {
 	// Add module to profile
 	$errors = 0;
 	foreach ($id_nc as $component) {
-		$sql = sprintf ("INSERT INTO tnetwork_profile_component (id_np,id_nc) VALUES (%d, %d)", $id_np, $component);
-		$result = process_sql ($sql);
+		$values = array('id_np' => $id_np, 'id_nc' => $component);
+		$result = process_sql_insert('tnetwork_profile_component', $values);
+		
 		if ($result === false) {
 			$errors++;
 		}
@@ -83,8 +84,9 @@ if (isset ($_GET["create"]) || isset ($_GET["update"])) {
 	}
 	else {
 		//Profile doesn't exist
-		$sql = sprintf ("INSERT INTO tnetwork_profile (name, description) VALUES ('%s', '%s')", $name, $description);
-		$result = process_sql ($sql, "insert_id");
+		$values = array('name' => $name, 'description' => $description);
+		$result = process_sql_insert('tnetwork_profile', $values);
+		
 		print_result_message ($result,
 			__('Successfully added network profile'),
 			__('Error adding network profile'));
diff --git a/pandora_console/godmode/servers/recon_script.php b/pandora_console/godmode/servers/recon_script.php
index 3a2689b054..f3cf842366 100644
--- a/pandora_console/godmode/servers/recon_script.php
+++ b/pandora_console/godmode/servers/recon_script.php
@@ -127,14 +127,16 @@ else {
 		$reconscript_description = get_parameter ("form_description", "");
 		$reconscript_script = get_parameter ("form_script", "");
 		
-	
-		$sql_insert = "INSERT trecon_script (name, description, script) VALUES ('$reconscript_name', '$reconscript_description', '$reconscript_script')";
-		
-		$result = process_sql ($sql_insert);
+		$values = array(
+			'name' => $reconscript_name,
+			'description' => $reconscript_description,
+			'script' => $reconscript_script);
+		$result = process_sql_insert('trecon_script', $values);
 		if (! $result){
 			echo "<h3 class='error'>".__('Problem creating')."</h3>";
 			echo $sql_insert;
-		} else {
+		}
+		else {
 			echo "<h3 class='suc'>".__('Created successfully')."</h3>";
 		}
 	}
diff --git a/pandora_console/godmode/setup/news.php b/pandora_console/godmode/setup/news.php
index de128328f3..66bf0af9e0 100644
--- a/pandora_console/godmode/setup/news.php
+++ b/pandora_console/godmode/setup/news.php
@@ -33,8 +33,12 @@ if (isset ($_POST["create"])) { // If create
 	$subject = get_parameter ("subject");
 	$text = get_parameter ("text");
 	
-	$sql = sprintf ("INSERT INTO tnews (subject, text, author, timestamp) VALUES ('%s', '%s', '%s', NOW()) ", $subject, $text, $config["id_user"]);
-	$id_link = process_sql ($sql, "insert_id");
+	$values = array(
+		'subject' => $subject,
+		'text' => $text,
+		'author' => $config["id_user"],
+		'timestamp' => NOW());
+	$id_link = process_sql_insert('tnews', $values);
 	
 	print_result_message ($id_link,
 		__('Successfully created'),
diff --git a/pandora_console/godmode/snmpconsole/snmp_filters.php b/pandora_console/godmode/snmpconsole/snmp_filters.php
index fd812284fe..b0ea8e2428 100644
--- a/pandora_console/godmode/snmpconsole/snmp_filters.php
+++ b/pandora_console/godmode/snmpconsole/snmp_filters.php
@@ -55,8 +55,11 @@ if ($update_filter > -2) {
 		}
 	}
 	else {
-		$sql = sprintf ("INSERT INTO tsnmp_filter (description, filter) VALUES ('%s', '%s')", $description, $filter);		
-		if (process_sql ($sql) === false) {
+		$values = array(
+			'description' => $description,
+			'filter' => $filter);
+		$result = process_sql_insert('tsnmp_filter', $values);
+		if ($result === false) {
 			print_error_message (__('There was a problem creating the filter'));
 		}
 		else {
diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php
index eadd6b8aac..7b72fde222 100644
--- a/pandora_console/include/functions_api.php
+++ b/pandora_console/include/functions_api.php
@@ -1561,8 +1561,12 @@ function set_new_incident($thrash1, $thrash2, $other, $thrash3) {
  * @param $thrash2 Don't use.
  */
 function set_new_note_incident($id, $id2, $other, $thrash2) {
-	$sql = sprintf ("INSERT INTO tnota (id_usuario, id_incident, nota) VALUES ('%s', %d, '%s')", $id, $id, $other['data']);
-	$idNote = process_sql ($sql, "insert_id");
+	$values = array(
+		'id_usuario' => $id,
+		'id_incident' => $id2,
+		'nota' => $other['data']);
+	
+	$idNote = process_sql_insert('tnota', $values);
 	
 	if ($idNote === false)
 		returnError('error_new_incident', 'Error create new incident.');
diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php
index f45e1cbe0a..04eda3b05c 100644
--- a/pandora_console/include/functions_db.php
+++ b/pandora_console/include/functions_db.php
@@ -2022,9 +2022,8 @@ function agent_add_address ($id_agent, $ip_address) {
 	$id_address = (int) get_db_value ('id_a', 'taddress', 'ip', $ip_address);
 
 	if ($id_address === 0) {
-		// Create IP address in tadress table
-		$sql = sprintf("INSERT INTO taddress (ip) VALUES ('%s')",$ip_address);
-		$id_address = process_sql ($sql, "insert_id");
+		// Create IP address in tadress table		
+		$id_address = process_sql_insert('taddress', array('ip' => $ip_address));
 	}
 
 	// Add address to agent
diff --git a/pandora_console/operation/incidents/incident.php b/pandora_console/operation/incidents/incident.php
index abb5c75ebd..f5bcfdcc4b 100644
--- a/pandora_console/operation/incidents/incident.php
+++ b/pandora_console/operation/incidents/incident.php
@@ -125,9 +125,19 @@ elseif ($action == "update") {
 	$prioridad = get_parameter_post ("prioridad_form");
 	$id_creator = $config['id_user'];
 	$estado = get_parameter_post ("estado_form");
-	$sql = sprintf ("INSERT INTO tincidencia (inicio, actualizacion, titulo, descripcion, id_usuario, origen, estado, prioridad, id_grupo, id_creator) VALUES 
-					(NOW(), NOW(), '%s', '%s', '%s', '%s', %d, %d, '%s', '%s')", $titulo, $descripcion, $config["id_user"], $origen, $estado, $prioridad, $grupo, $config["id_user"]);
-	$id_inc = process_sql ($sql, "insert_id");
+	
+	$values = array(
+		'inicio' => 'NOW()',
+		'actualizacion' => 'NOW()',
+		'titulo' => $titulo,
+		'descripcion' => $descripcion,
+		'id_usuario' => $config["id_user"],
+		'origen' => $origen,
+		'estado' => $estado,
+		'prioridad' => $prioridad,
+		'id_grupo' => $grupo,
+		'id_creator' => $config["id_user"]);
+	$id_inc = process_sql_insert('tincidencia', $values);
 
 	if ($id_inc === false) {
 		echo '<h3 class="error">'.__('Error creating incident').'</h3>';		
diff --git a/pandora_console/operation/incidents/incident_detail.php b/pandora_console/operation/incidents/incident_detail.php
index 5a072a02f7..a43ad36789 100644
--- a/pandora_console/operation/incidents/incident_detail.php
+++ b/pandora_console/operation/incidents/incident_detail.php
@@ -55,8 +55,11 @@ if (isset ($_GET["id"])) {
 	if (isset ($_GET["insertar_nota"])) {
 		$nota = get_parameter_post ("nota");
 
-		$sql = sprintf ("INSERT INTO tnota (id_usuario, id_incident, nota) VALUES ('%s', %d, '%s')",$config["id_user"],$id_inc, $nota);
-		$id_nota = process_sql ($sql, "insert_id");
+		$values = array(
+			'id_usuario' => $config["id_user"],
+			'id_incident' => $id_inc,
+			'nota' => $nota);
+		$id_nota = process_sql_insert('tnota', $values);
 
 		if ($id_nota !== false) {
 			process_incidents_touch ($id_inc);