From 72ea1e3353cd41c6e05c7bb8705aafcc5b53186e Mon Sep 17 00:00:00 2001
From: Peter Goodhall <peter@magicbug.co.uk>
Date: Tue, 9 Sep 2025 14:19:15 +0100
Subject: [PATCH] Remove limit validation and update SQL join in logbook

Removed the limit parameter validation and sanitization from Api.php, delegating limit handling elsewhere. Changed the SQL query in Logbook_model.php to use LEFT JOIN for station_profile, ensuring all logbook records are included even if no matching station_profile exists.
---
 application/controllers/Api.php      |  9 ---------
 application/models/Logbook_model.php | 12 ++++++------
 2 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/application/controllers/Api.php b/application/controllers/Api.php
index afdbeca7..529bb8d2 100644
--- a/application/controllers/Api.php
+++ b/application/controllers/Api.php
@@ -857,15 +857,6 @@ class API extends CI_Controller {
 			return;
 		}
 
-		// Validate and sanitize limit parameter
-		$limit = intval($limit);
-		if ($limit <= 0) {
-			$limit = 10; // default
-		}
-		if ($limit > 50) {
-			$limit = 50; // maximum
-		}
-
 		$this->load->model('logbooks_model');
 		$this->load->model('logbook_model');
 
diff --git a/application/models/Logbook_model.php b/application/models/Logbook_model.php
index c00b2327..24a0d9e6 100755
--- a/application/models/Logbook_model.php
+++ b/application/models/Logbook_model.php
@@ -1945,13 +1945,13 @@ class Logbook_model extends CI_Model
       $location_list = "'" . implode("','", $logbooks_locations_array) . "'";
 
       $sql = "SELECT * FROM ( select * from " . $this->config->item('table_name') . "
-        WHERE station_id IN(" . $location_list . ")
-        order by col_time_on desc, col_primary_key desc
-        limit " . $num .
+            WHERE station_id IN(" . $location_list . ")
+            order by col_time_on desc, col_primary_key desc
+            limit " . $num .
         ") hrd
-        JOIN station_profile ON station_profile.station_id = hrd.station_id
-        LEFT JOIN dxcc_entities ON hrd.col_dxcc = dxcc_entities.adif
-        order by col_time_on desc, col_primary_key desc";
+            LEFT JOIN station_profile ON station_profile.station_id = hrd.station_id  // Changed to LEFT JOIN
+            LEFT JOIN dxcc_entities ON hrd.col_dxcc = dxcc_entities.adif
+            order by col_time_on desc, col_primary_key desc";
 
       $query = $this->db->query($sql);