diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php index 2cf1600e41..c65961656b 100644 --- a/app/extensions/extension_edit.php +++ b/app/extensions/extension_edit.php @@ -34,10 +34,13 @@ else { exit; } -if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){ - require_once "app/billing/resources/functions/currency.php"; - require_once "app/billing/resources/functions/rating.php"; -} +//detect billing app + $billing_app_exists = file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php"); + + if ($billing_app_exists) { + require_once "app/billing/resources/functions/currency.php"; + require_once "app/billing/resources/functions/rating.php"; + } //add multi-lingual support require_once "app_languages.php"; @@ -61,28 +64,23 @@ if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config. $number_alias = check_str($_POST["number_alias"]); $password = check_str($_POST["password"]); - // Lets do some server verifications, someone may do a HTML hack - if (if_group("superadmin")){ + // server verification on account code + if (if_group("superadmin")) { $accountcode = $_POST["accountcode"]; } - elseif (if_group("admin") && file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){ + else if (if_group("admin") && $billing_app_exists) { $sql_accountcode = "SELECT COUNT(*) as count FROM v_billings WHERE domain_uuid = '".$_SESSION['domain_uuid']."' AND type_value='".$_POST["accountcode"]."'"; $prep_statement_accountcode = $db->prepare(check_sql($sql_accountcode)); $prep_statement_accountcode->execute(); $row_accountcode = $prep_statement_accountcode->fetch(PDO::FETCH_ASSOC); - if ($row_accountcode['count'] > 0) { $accountcode = $_POST["accountcode"]; } else { $accountcode = $_SESSION['domain_name']; } - unset($sql_accountcode, $prep_statement_accountcode, $row_accountcode); } - else{ - $accountcode = $_SESSION['domain_name']; - } $effective_caller_id_name = check_str($_POST["effective_caller_id_name"]); $effective_caller_id_number = check_str($_POST["effective_caller_id_number"]); @@ -369,7 +367,9 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $sql .= "extension, "; $sql .= "number_alias, "; $sql .= "password, "; - $sql .= "accountcode, "; + if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) { + $sql .= "accountcode, "; + } $sql .= "effective_caller_id_name, "; $sql .= "effective_caller_id_number, "; $sql .= "outbound_caller_id_name, "; @@ -417,7 +417,9 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $sql .= "'$extension', "; $sql .= "'$number_alias', "; $sql .= "'$password', "; - $sql .= "'$accountcode', "; + if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) { + $sql .= "'$accountcode', "; + } $sql .= "'$effective_caller_id_name', "; $sql .= "'$effective_caller_id_number', "; $sql .= "'$outbound_caller_id_name', "; @@ -501,7 +503,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $extension++; } - if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){ + if ($billing_app_exists) { // Let's bill $j has the number of extensions to bill $db2 = new database; $db2->sql = "SELECT currency, billing_uuid, balance FROM v_billings WHERE type_value='$destination_accountcode'"; @@ -547,7 +549,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $sql .= "extension = '$extension', "; $sql .= "number_alias = '$number_alias', "; $sql .= "password = '$password', "; - if (if_group("superadmin") || if_group("admin")) { + if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) { $sql .= "accountcode = '$accountcode', "; } $sql .= "effective_caller_id_name = '$effective_caller_id_name', "; @@ -863,7 +865,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; // Billing - if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){ + if ($billing_app_exists) { if ($action == "add" && permission_exists('extension_add')) { // only when adding echo "\n"; echo "\n"; @@ -1020,42 +1022,35 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { echo "\n"; } - if (if_group("superadmin")){ + if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) { echo "\n"; echo "\n"; echo " ".$text['label-accountcode'].":\n"; echo "\n"; echo "\n"; - if ($action == "add"){ $accountcode=$_SESSION['domain_name']; } - echo " \n"; - echo "
\n"; - echo $text['description-accountcode']."\n"; - echo "\n"; - echo "\n"; - }elseif (if_group("admin") && file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){ - $sql_accountcode = "SELECT type_value FROM v_billings WHERE domain_uuid = '".$_SESSION['domain_uuid']."'"; - - echo "\n"; - echo "\n"; - echo " ".$text['label-accountcode'].":\n"; - echo "\n"; - echo "\n"; - echo " \n"; + $prep_statement_accountcode = $db->prepare(check_sql($sql_accountcode)); + $prep_statement_accountcode->execute(); + $result_accountcode = $prep_statement_accountcode->fetchAll(PDO::FETCH_NAMED); + foreach ($result_accountcode as &$row_accountcode) { + $selected = ''; + if (($action == "add") && ($row_accountcode['type_value'] == $_SESSION['domain_name'])){ + $selected='selected="selected"'; + } + elseif ($row_accountcode['type_value'] == $accountcode){ + $selected='selected="selected"'; + } + echo "\n"; } - elseif ($row_accountcode['type_value'] == $accountcode){ - $selected='selected="selected"'; - } - echo " \n"; + unset($sql_accountcode, $prep_statement_accountcode, $result_accountcode); + echo ""; + } + else { + if ($action == "add") { $accountcode = $_SESSION['domain_name']; } + echo "\n"; } - unset($sql_accountcode, $prep_statement_accountcode, $result_accountcode); - echo ""; echo "
\n"; echo $text['description-accountcode']."\n"; echo "\n";