dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CDR import for HTTP POST 

Add syslog server messages with more details when sending access denied.
This commit is contained in:
FusionPBX 2023-09-25 12:55:20 -06:00 committed by GitHub
parent aad0721b94
commit 09dd09305c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
app/xml_cdr/resources/classes/xml_cdr.php
View File

@ -1044,7 +1044,7 @@ if (!class_exists('xml_cdr')) {
//authentication for xml cdr http post //authentication for xml cdr http post
if (!defined('STDIN')) { if (!defined('STDIN')) {
if ($this->setting->get('cdr', 'http_enabled') == "true" && $this->username) { if ($this->setting->get('cdr', 'http_enabled') == "true") {
//get the contents of xml_cdr.conf.xml //get the contents of xml_cdr.conf.xml
$conf_xml_string = file_get_contents($this->setting->get('switch', 'conf').'/autoload_configs/xml_cdr.conf.xml'); $conf_xml_string = file_get_contents($this->setting->get('switch', 'conf').'/autoload_configs/xml_cdr.conf.xml');
@ -1059,7 +1059,8 @@ if (!class_exists('xml_cdr')) {
catch(Exception $e) { catch(Exception $e) {
echo $e->getMessage(); echo $e->getMessage();
} }
if (isset($conf_xml->settings->param)) foreach ($conf_xml->settings->param as $row) { if (isset($conf_xml->settings->param)) {
foreach ($conf_xml->settings->param as $row) {
if ($row->attributes()->name == "cred") { if ($row->attributes()->name == "cred") {
$auth_array = explode(":", $row->attributes()->value); $auth_array = explode(":", $row->attributes()->value);
//echo "username: ".$auth_array[0]."<br />\n"; //echo "username: ".$auth_array[0]."<br />\n";
@ -1071,11 +1072,16 @@ if (!class_exists('xml_cdr')) {
} }
} }
} }
}
//if http enabled is set to false then deny access //if http enabled is set to false then deny access
if (!defined('STDIN')) { if (!defined('STDIN')) {
if ($this->setting->get('cdr', 'http_enabled') == "false") { if ($this->setting->get('cdr', 'http_enabled') == "false") {
echo "access denied<br />\n"; openlog('FusionPBX', LOG_NDELAY, LOG_AUTH);
syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR'].'] XML CDR import default setting http_enabled is not enabled. Line: '.__line__);
closelog();
echo "access denied\n";
return; return;
} }
} }
@ -1084,12 +1090,16 @@ if (!class_exists('xml_cdr')) {
if (!defined('STDIN')) { if (!defined('STDIN')) {
if ($this->setting->get('cdr', 'http_enabled') == "true") { if ($this->setting->get('cdr', 'http_enabled') == "true") {
if ($auth_array[0] == $_SERVER["PHP_AUTH_USER"] && $auth_array[1] == $_SERVER["PHP_AUTH_PW"]) { if ($auth_array[0] == $_SERVER["PHP_AUTH_USER"] && $auth_array[1] == $_SERVER["PHP_AUTH_PW"]) {
//echo "access granted<br />\n"; //echo "access granted\n";
$this->username = $auth_array[0]; $this->username = $auth_array[0];
$this->password = $auth_array[1]; $this->password = $auth_array[1];
} }
else { else {
echo "access denied<br />\n"; openlog('FusionPBX', LOG_NDELAY, LOG_AUTH);
syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR'].'] XML CDR import username or password failed. Line: '.__line__);
closelog();
echo "access denied\n";
return; return;
} }
} }
@ -1097,7 +1107,7 @@ if (!class_exists('xml_cdr')) {
//loop through all attribues //loop through all attribues
//foreach($xml->settings->param[1]->attributes() as $a => $b) { //foreach($xml->settings->param[1]->attributes() as $a => $b) {
// echo $a,'="',$b,"\"<br />\n"; // echo $a,'="',$b,"\"\n";
//} //}
//get the http post variable //get the http post variable