From 6df2389287622a1075a4d0fb306351c506f623cd Mon Sep 17 00:00:00 2001
From: alext <alextselegidis@gmail.com>
Date: Tue, 24 Apr 2018 15:26:07 +0200
Subject: [PATCH] Corrections in the migration classes (update secure,
 defensive checks, #438).

---
 .../002_add_google_analytics_setting.php      | 11 ++-
 ...003_add_customer_notifications_setting.php | 11 ++-
 .../004_add_date_format_setting.php           | 11 ++-
 .../005_add_require_captcha_setting.php       | 11 ++-
 .../006_add_calendar_view_setting.php         | 17 ++--
 .../007_add_service_availabilities_type.php   | 10 +-
 .../008_add_service_attendants_number.php     | 10 +-
 .../migrations/009_change_column_types.php    | 94 ++++++++++++++++++-
 .../010_add_time_format_setting.php           | 18 +++-
 9 files changed, 165 insertions(+), 28 deletions(-)

diff --git a/src/application/migrations/002_add_google_analytics_setting.php b/src/application/migrations/002_add_google_analytics_setting.php
index 19bec48b..85a03095 100644
--- a/src/application/migrations/002_add_google_analytics_setting.php
+++ b/src/application/migrations/002_add_google_analytics_setting.php
@@ -15,12 +15,21 @@ class Migration_Add_google_analytics_setting extends CI_Migration {
     public function up()
     {
         $this->load->model('settings_model');
-        $this->settings_model->set_setting('google_analytics_code', '');
+
+        try
+        {
+            $this->settings_model->get_setting('google_analytics_code');
+        }
+        catch (Exception $exception)
+        {
+            $this->settings_model->set_setting('google_analytics_code', '');
+        }
     }
 
     public function down()
     {
         $this->load->model('settings_model');
+
         $this->settings_model->remove_setting('google_analytics_code');
     }
 }
diff --git a/src/application/migrations/003_add_customer_notifications_setting.php b/src/application/migrations/003_add_customer_notifications_setting.php
index 17716083..b56b072f 100644
--- a/src/application/migrations/003_add_customer_notifications_setting.php
+++ b/src/application/migrations/003_add_customer_notifications_setting.php
@@ -15,12 +15,21 @@ class Migration_Add_customer_notifications_setting extends CI_Migration {
     public function up()
     {
         $this->load->model('settings_model');
-        $this->settings_model->set_setting('customer_notifications', '1');
+
+        try
+        {
+            $this->settings_model->get_setting('customer_notifications');
+        }
+        catch (Exception $exception)
+        {
+            $this->settings_model->set_setting('customer_notifications', '1');
+        }
     }
 
     public function down()
     {
         $this->load->model('settings_model');
+
         $this->settings_model->remove_setting('customer_notifications');
     }
 }
diff --git a/src/application/migrations/004_add_date_format_setting.php b/src/application/migrations/004_add_date_format_setting.php
index 13d54881..ef94b83e 100644
--- a/src/application/migrations/004_add_date_format_setting.php
+++ b/src/application/migrations/004_add_date_format_setting.php
@@ -15,12 +15,21 @@ class Migration_Add_date_format_setting extends CI_Migration {
     public function up()
     {
         $this->load->model('settings_model');
-        $this->settings_model->set_setting('date_format', DATE_FORMAT_DMY);
+
+        try
+        {
+            $this->settings_model->get_setting('date_format');
+        }
+        catch (Exception $exception)
+        {
+            $this->settings_model->set_setting('date_format', DATE_FORMAT_DMY);
+        }
     }
 
     public function down()
     {
         $this->load->model('settings_model');
+
         $this->settings_model->remove_setting('date_format');
     }
 }
diff --git a/src/application/migrations/005_add_require_captcha_setting.php b/src/application/migrations/005_add_require_captcha_setting.php
index d88c5036..2ce65e68 100644
--- a/src/application/migrations/005_add_require_captcha_setting.php
+++ b/src/application/migrations/005_add_require_captcha_setting.php
@@ -15,12 +15,21 @@ class Migration_Add_require_captcha_setting extends CI_Migration {
     public function up()
     {
         $this->load->model('settings_model');
-        $this->settings_model->set_setting('require_captcha', '1');
+
+        try
+        {
+            $this->settings_model->get_setting('require_captcha');
+        }
+        catch (Exception $exception)
+        {
+            $this->settings_model->set_setting('require_captcha', '1');
+        }
     }
 
     public function down()
     {
         $this->load->model('settings_model');
+
         $this->settings_model->remove_setting('require_captcha');
     }
 }
diff --git a/src/application/migrations/006_add_calendar_view_setting.php b/src/application/migrations/006_add_calendar_view_setting.php
index 61b2ebc2..c3984b90 100644
--- a/src/application/migrations/006_add_calendar_view_setting.php
+++ b/src/application/migrations/006_add_calendar_view_setting.php
@@ -14,11 +14,8 @@
 class Migration_Add_calendar_view_setting extends CI_Migration {
     public function up()
     {
-        $this->load->dbforge();
-
-        $fields = $this->db->list_fields('ea_user_settings'); 
-
-        if (!in_array('calendar_view', $fields, true)) {
+        if ( ! $this->db->field_exists('calendar_view', 'ea_user_settings'))
+        {
             $fields = [
                 'calendar_view' => [
                     'type' => 'VARCHAR',
@@ -26,16 +23,18 @@ class Migration_Add_calendar_view_setting extends CI_Migration {
                     'default' => 'default'
                 ]
             ];
-    
+
             $this->dbforge->add_column('ea_user_settings', $fields);
-    
+
             $this->db->update('ea_user_settings', ['calendar_view' => 'default']);
         }
     }
 
     public function down()
     {
-        $this->load->dbforge();
-        $this->dbforge->drop_column('ea_user_settings', 'calendar_view');
+        if ($this->db->field_exists('calendar_view', 'ea_user_settings'))
+        {
+            $this->dbforge->drop_column('ea_user_settings', 'calendar_view_calendar');
+        }
     }
 }
diff --git a/src/application/migrations/007_add_service_availabilities_type.php b/src/application/migrations/007_add_service_availabilities_type.php
index 6669b85f..0875cd52 100644
--- a/src/application/migrations/007_add_service_availabilities_type.php
+++ b/src/application/migrations/007_add_service_availabilities_type.php
@@ -14,7 +14,8 @@
 class Migration_Add_service_availabilities_type extends CI_Migration {
     public function up()
     {
-        if (!$this->db->field_exists('availabilities_type', 'ea_services')) {
+        if ( ! $this->db->field_exists('availabilities_type', 'ea_services'))
+        {
             $fields = [
                 'availabilities_type' => [
                     'type' => 'VARCHAR',
@@ -23,16 +24,17 @@ class Migration_Add_service_availabilities_type extends CI_Migration {
                     'after' => 'description'
                 ]
             ];
-    
+
             $this->dbforge->add_column('ea_services', $fields);
-    
+
             $this->db->update('ea_services', ['availabilities_type' => 'flexible']);
         }
     }
 
     public function down()
     {
-        if ($this->db->field_exists('availabilities_type', 'ea_services')) {
+        if ($this->db->field_exists('availabilities_type', 'ea_services'))
+        {
             $this->dbforge->drop_column('ea_services', 'availabilities_type');
         }
     }
diff --git a/src/application/migrations/008_add_service_attendants_number.php b/src/application/migrations/008_add_service_attendants_number.php
index a2b1be26..cab7a4a1 100644
--- a/src/application/migrations/008_add_service_attendants_number.php
+++ b/src/application/migrations/008_add_service_attendants_number.php
@@ -14,7 +14,8 @@
 class Migration_Add_service_attendants_number extends CI_Migration {
     public function up()
     {
-        if (!$this->db->field_exists('attendants_number', 'ea_services')) {
+        if ( ! $this->db->field_exists('attendants_number', 'ea_services'))
+        {
             $fields = [
                 'attendants_number' => [
                     'type' => 'INT',
@@ -23,16 +24,17 @@ class Migration_Add_service_attendants_number extends CI_Migration {
                     'after' => 'availabilities_type'
                 ]
             ];
-    
+
             $this->dbforge->add_column('ea_services', $fields);
-    
+
             $this->db->update('ea_services', ['attendants_number' => '1']);
         }
     }
 
     public function down()
     {
-        if (!$this->db->field_exists('attendants_number', 'ea_services')) {
+        if ($this->db->field_exists('attendants_number', 'ea_services'))
+        {
             $this->dbforge->drop_column('ea_services', 'attendants_number');
         }
     }
diff --git a/src/application/migrations/009_change_column_types.php b/src/application/migrations/009_change_column_types.php
index d069cdeb..1110d838 100644
--- a/src/application/migrations/009_change_column_types.php
+++ b/src/application/migrations/009_change_column_types.php
@@ -14,6 +14,18 @@
 class Migration_Change_column_types extends CI_Migration {
     public function up()
     {
+        // Drop table constraints.
+        $this->db->query('ALTER TABLE ea_appointments DROP FOREIGN KEY ea_appointments_ibfk_2');
+        $this->db->query('ALTER TABLE ea_appointments DROP FOREIGN KEY ea_appointments_ibfk_3');
+        $this->db->query('ALTER TABLE ea_appointments DROP FOREIGN KEY ea_appointments_ibfk_4');
+        $this->db->query('ALTER TABLE ea_secretaries_providers DROP FOREIGN KEY fk_ea_secretaries_providers_1');
+        $this->db->query('ALTER TABLE ea_secretaries_providers DROP FOREIGN KEY fk_ea_secretaries_providers_2');
+        $this->db->query('ALTER TABLE ea_services_providers DROP FOREIGN KEY ea_services_providers_ibfk_1');
+        $this->db->query('ALTER TABLE ea_services_providers DROP FOREIGN KEY ea_services_providers_ibfk_2');
+        $this->db->query('ALTER TABLE ea_services DROP FOREIGN KEY ea_services_ibfk_1');
+        $this->db->query('ALTER TABLE ea_users DROP FOREIGN KEY ea_users_ibfk_1');
+        $this->db->query('ALTER TABLE ea_user_settings DROP FOREIGN KEY ea_user_settings_ibfk_1');
+
         // Appointments
         $fields = [
             'id' => [
@@ -97,7 +109,7 @@ class Migration_Change_column_types extends CI_Migration {
             ]
         ];
 
-        $this->dbforge->modify_column('ea_roles', $fields);
+        $this->dbforge->modify_column('ea_secretaries_providers', $fields);
 
         // Services
         $fields = [
@@ -165,7 +177,7 @@ class Migration_Change_column_types extends CI_Migration {
                 'auto_increment' => TRUE
             ],
             'id_roles' => [
-                'name' => 'id',
+                'name' => 'id_roles',
                 'type' => 'int',
                 'constraint' => '11'
             ]
@@ -183,10 +195,65 @@ class Migration_Change_column_types extends CI_Migration {
         ];
 
         $this->dbforge->modify_column('ea_user_settings', $fields);
+
+        // Add table constraints again.
+        $this->db->query('ALTER TABLE `ea_appointments`
+            ADD CONSTRAINT `ea_appointments_ea_users_customer` FOREIGN KEY (`id_users_customer`) REFERENCES `ea_users` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_appointments_ea_services` FOREIGN KEY (`id_services`) REFERENCES `ea_services` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_appointments_ea_users_provider` FOREIGN KEY (`id_users_provider`) REFERENCES `ea_users` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_secretaries_providers`
+            ADD CONSTRAINT `ea_secretaries_ea_users_secretary` FOREIGN KEY (`id_users_secretary`) REFERENCES `ea_users` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_secretaries_ea_users_provider` FOREIGN KEY (`id_users_provider`) REFERENCES `ea_users` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_services`
+            ADD CONSTRAINT `ea_services_ea_service_categories` FOREIGN KEY (`id_service_categories`) REFERENCES `ea_service_categories` (`id`)
+            ON DELETE SET NULL
+            ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_services_providers`
+            ADD CONSTRAINT `ea_services_providers_ea_users_provider` FOREIGN KEY (`id_users`) REFERENCES `ea_users` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_services_providers_ea_services` FOREIGN KEY (`id_services`) REFERENCES `ea_services` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_users`
+            ADD CONSTRAINT `ea_users_ea_roles` FOREIGN KEY (`id_roles`) REFERENCES `ea_roles` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_user_settings`
+            ADD CONSTRAINT `ea_user_settings_ea_users` FOREIGN KEY (`id_users`) REFERENCES `ea_users` (`id`)
+            ON DELETE CASCADE
+            ON UPDATE CASCADE');
     }
 
     public function down()
     {
+        // Drop table constraints.
+        $this->db->query('ALTER TABLE ea_appointments DROP FOREIGN KEY ea_appointments_ea_services');
+        $this->db->query('ALTER TABLE ea_appointments DROP FOREIGN KEY ea_appointments_ea_users_customer');
+        $this->db->query('ALTER TABLE ea_appointments DROP FOREIGN KEY ea_appointments_ea_users_provider');
+        $this->db->query('ALTER TABLE ea_secretaries_providers DROP FOREIGN KEY ea_secretaries_ea_users_secretary');
+        $this->db->query('ALTER TABLE ea_secretaries_providers DROP FOREIGN KEY ea_secretaries_ea_users_provider');
+        $this->db->query('ALTER TABLE ea_services_providers DROP FOREIGN KEY ea_services_providers_ea_users_provider');
+        $this->db->query('ALTER TABLE ea_services_providers DROP FOREIGN KEY ea_services_providers_ea_services');
+        $this->db->query('ALTER TABLE ea_services DROP FOREIGN KEY ea_services_ea_service_categories');
+        $this->db->query('ALTER TABLE ea_users DROP FOREIGN KEY ea_users_ea_roles');
+        $this->db->query('ALTER TABLE ea_user_settings DROP FOREIGN KEY ea_user_settings_ea_users');
+
         // Appointments
         $fields = [
             'id' => [
@@ -356,5 +423,28 @@ class Migration_Change_column_types extends CI_Migration {
         ];
 
         $this->dbforge->modify_column('ea_user_settings', $fields);
+
+        // Add database constraints.
+        $this->db->query('ALTER TABLE `ea_appointments`
+            ADD CONSTRAINT `ea_appointments_ibfk_2` FOREIGN KEY (`id_users_customer`) REFERENCES `ea_users` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_appointments_ibfk_3` FOREIGN KEY (`id_services`) REFERENCES `ea_services` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_appointments_ibfk_4` FOREIGN KEY (`id_users_provider`) REFERENCES `ea_users` (`id`) ON DELETE CASCADE ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_secretaries_providers`
+            ADD CONSTRAINT `fk_ea_secretaries_providers_1` FOREIGN KEY (`id_users_secretary`) REFERENCES `ea_users` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+            ADD CONSTRAINT `fk_ea_secretaries_providers_2` FOREIGN KEY (`id_users_provider`) REFERENCES `ea_users` (`id`) ON DELETE CASCADE ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_services`
+            ADD CONSTRAINT `ea_services_ibfk_1` FOREIGN KEY (`id_service_categories`) REFERENCES `ea_service_categories` (`id`) ON DELETE SET NULL ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_services_providers`
+            ADD CONSTRAINT `ea_services_providers_ibfk_1` FOREIGN KEY (`id_users`) REFERENCES `ea_users` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+            ADD CONSTRAINT `ea_services_providers_ibfk_2` FOREIGN KEY (`id_services`) REFERENCES `ea_services` (`id`) ON DELETE CASCADE ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_users`
+            ADD CONSTRAINT `ea_users_ibfk_1` FOREIGN KEY (`id_roles`) REFERENCES `ea_roles` (`id`) ON DELETE CASCADE ON UPDATE CASCADE');
+
+        $this->db->query('ALTER TABLE `ea_user_settings`
+            ADD CONSTRAINT `ea_user_settings_ibfk_1` FOREIGN KEY (`id_users`) REFERENCES `ea_users` (`id`) ON DELETE CASCADE ON UPDATE CASCADE');
     }
 }
diff --git a/src/application/migrations/010_add_time_format_setting.php b/src/application/migrations/010_add_time_format_setting.php
index 87716625..8f9aca4f 100644
--- a/src/application/migrations/010_add_time_format_setting.php
+++ b/src/application/migrations/010_add_time_format_setting.php
@@ -14,14 +14,22 @@
 class Migration_Add_time_format_setting extends CI_Migration {
     public function up()
     {
-        $this->db->insert('ea_settings', [
-            'name' => 'time_format',
-            'value' => 'regular'
-        ]);
+        $this->load->model('settings_model');
+
+        try
+        {
+            $this->settings_model->get_setting('time_format');
+        }
+        catch (Exception $exception)
+        {
+            $this->settings_model->set_setting('time_format', 'regular');
+        }
     }
 
     public function down()
     {
-        $this->db->delete('ea_settings', ['name' => 'time_format']);
+        $this->load->model('settings_model');
+
+        $this->settings_model->remove_setting('time_format');
     }
 }