[MOSS] CIV-01-014 Validate status_id and campaign_type_id for camapginSummary functio...

[civicrm-core.git] / CRM / Activity / BAO / Activity.php
diff --git a/CRM/Activity/BAO/Activity.php b/CRM/Activity/BAO/Activity.php

index 8e96e39a6ce15c02f4af7e04549329224f6b29f9..fb2b1c0d80b1264da0cec771d685c9846520472a 100644 (file)
--- a/CRM/Activity/BAO/Activity.php
+++ b/CRM/Activity/BAO/Activity.php
@@ -149,25 +149,27 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
      }
  
      $transaction = new CRM_Core_Transaction();
-    if (is_array(CRM_Utils_Array::value('source_record_id', $params))) {
+    $sqlWhereParams = $where = [];
+    if (isset($params['source_record_id']) && is_array($params['source_record_id'])) {
        $sourceRecordIds = implode(',', $params['source_record_id']);
      }
      else {
-      $sourceRecordIds = CRM_Utils_Array::value('source_record_id', $params);
+      $sourceRecordIds = $params['source_record_id'] ?? NULL;
      }
  
+    if ($sourceRecordIds) {
+      $where[] = 'source_record_id IN ( %1 )';
+      $sqlWhereParams[1] = [$sourceRecordIds, 'CommaSeparatedIntegers'];
+    }
      $result = NULL;
      if (!$moveToTrash) {
        if (!isset($params['id'])) {
-        if (is_array($params['activity_type_id'])) {
-          $activityTypes = implode(',', $params['activity_type_id']);
-        }
-        else {
-          $activityTypes = $params['activity_type_id'];
+        if (!empty($params['activity_type_id'])) {
+          $where[] = 'activity_type_id IN ( %2 )';
+          $sqlWhereParams[2] = [implode(',', (array) $params['activity_type_id']), 'CommaSeparatedIntegers'];
          }
-
-        $query = "DELETE FROM civicrm_activity WHERE source_record_id IN ({$sourceRecordIds}) AND activity_type_id IN ( {$activityTypes} )";
-        $dao = CRM_Core_DAO::executeQuery($query);
+        $query = "DELETE FROM civicrm_activity WHERE " . implode(' AND ', $where);
+        $dao = CRM_Core_DAO::executeQuery($query, $sqlWhereParams);
        }
        else {
          $activity = new CRM_Activity_DAO_Activity();
@@ -178,8 +180,8 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
          $activity->case_id = CRM_Case_BAO_Case::getCaseIdByActivityId($activity->id);
  
          // CRM-13994 delete activity entity_tag
-        $query = "DELETE FROM civicrm_entity_tag WHERE entity_table = 'civicrm_activity' AND entity_id = {$activity->id}";
-        $dao = CRM_Core_DAO::executeQuery($query);
+        $query = "DELETE FROM civicrm_entity_tag WHERE entity_table = 'civicrm_activity' AND entity_id = %1";
+        $dao = CRM_Core_DAO::executeQuery($query, [1 => [$activity->id, 'Positive']]);
        }
      }
      else {
@@ -490,7 +492,7 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
      }
      else {
        // at worst, take source for recently viewed display
-      $recentContactId = CRM_Utils_Array::value('source_contact_id', $params);
+      $recentContactId = $params['source_contact_id'] ?? NULL;
      }
  
      if (isset($params['assignee_contact_id'])) {
@@ -582,7 +584,7 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
  
      // if the subject contains a ‘[case #…]’ string, file that activity on the related case (CRM-5916)
      $matches = [];
-    $subjectToMatch = CRM_Utils_Array::value('subject', $params);
+    $subjectToMatch = $params['subject'] ?? NULL;
      if (preg_match('/\[case #([0-9a-h]{7})\]/', $subjectToMatch, $matches)) {
        $key = CRM_Core_DAO::escapeString(CIVICRM_SITE_KEY);
        $hash = $matches[1];
@@ -804,7 +806,7 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
          }
          // case related fields
          elseif ($apiKey == 'case_id' && !$isBulkActivity) {
-          $activities[$id][$expectedName] = CRM_Utils_Array::value($apiKey, $activity);
+          $activities[$id][$expectedName] = $activity[$apiKey] ?? NULL;
  
            // fetch case subject for case ID found
            if (!empty($activity['case_id'])) {
@@ -815,9 +817,9 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
          }
          else {
            // @todo this generic assign could just be handled in array declaration earlier.
-          $activities[$id][$expectedName] = CRM_Utils_Array::value($apiKey, $activity);
+          $activities[$id][$expectedName] = $activity[$apiKey] ?? NULL;
            if ($apiKey == 'campaign_id') {
-            $activities[$id]['campaign'] = CRM_Utils_Array::value($activities[$id][$expectedName], $allCampaigns);
+            $activities[$id]['campaign'] = $allCampaigns[$activities[$id][$expectedName]] ?? NULL;
            }
          }
        }
@@ -1427,7 +1429,7 @@ class CRM_Activity_BAO_Activity extends CRM_Activity_DAO_Activity {
        // To get primary mobile phonenumber, if not get the first mobile phonenumber
        if (!empty($toPhoneNumbers)) {
          $toPhoneNumberDetails = reset($toPhoneNumbers);
-        $toPhoneNumber = CRM_Utils_Array::value('phone', $toPhoneNumberDetails);
+        $toPhoneNumber = $toPhoneNumberDetails['phone'] ?? NULL;
          // Contact allows to send sms
        }
      }
@@ -1855,7 +1857,7 @@ WHERE      activity.id IN ($activityIds)";
     *
     * @param $activityID
     *   Current activity id.
-   *
+   * @deprecated
     * @return int
     *   $params  count of prior activities otherwise false.
     * @throws \CRM_Core_Exception
@@ -2002,8 +2004,8 @@ AND cl.modified_id  = c.id
  
      $followupParams['activity_type_id'] = $params['followup_activity_type_id'];
      // Get Subject of Follow-up Activiity, CRM-4491
-    $followupParams['subject'] = CRM_Utils_Array::value('followup_activity_subject', $params);
-    $followupParams['assignee_contact_id'] = CRM_Utils_Array::value('followup_assignee_contact_id', $params);
+    $followupParams['subject'] = $params['followup_activity_subject'] ?? NULL;
+    $followupParams['assignee_contact_id'] = $params['followup_assignee_contact_id'] ?? NULL;
  
      // Create target contact for followup.
      if (!empty($params['target_contact_id'])) {
@@ -2523,9 +2525,9 @@ INNER JOIN  civicrm_option_group grp ON (grp.id = option_group_id AND grp.name =
      // Format the params.
      $params['offset'] = ($params['page'] - 1) * $params['rp'];
      $params['rowCount'] = $params['rp'];
-    $params['sort'] = CRM_Utils_Array::value('sortBy', $params);
+    $params['sort'] = $params['sortBy'] ?? NULL;
      $params['caseId'] = NULL;
-    $context = CRM_Utils_Array::value('context', $params);
+    $context = $params['context'] ?? NULL;
      $showContactOverlay = !CRM_Utils_String::startsWith($context, "dashlet");
      $activityTypeInfo = civicrm_api3('OptionValue', 'get', [
        'option_group_id' => "activity_type",
@@ -2897,8 +2899,8 @@ INNER JOIN  civicrm_option_group grp ON (grp.id = option_group_id AND grp.name =
     */
    public static function sendToAssignee($activity, $mailToContacts, $params = []) {
      if (!CRM_Utils_Array::crmIsEmptyArray($mailToContacts)) {
-      $clientID = CRM_Utils_Array::value('client_id', $params);
-      $caseID = CRM_Utils_Array::value('case_id', $params);
+      $clientID = $params['client_id'] ?? NULL;
+      $caseID = $params['case_id'] ?? NULL;
  
        $ics = new CRM_Activity_BAO_ICalendar($activity);
        $attachments = CRM_Core_BAO_File::getEntityFile('civicrm_activity', $activity->id);