Issue 782 Fix: Account Code previously set by SuperAdmin was being overwritten if Admin saved extension without billing system present.

2014-12-10 03:13:46 +00:00 · 2014-12-10 03:13:46 +00:00 · 781218cb6a
parent 6c26941d4f
commit 781218cb6a
1 changed files with 41 additions and 46 deletions
--- a/app/extensions/extension_edit.php
+++ b/app/extensions/extension_edit.php
@ -34,10 +34,13 @@ else {
 	exit;
 }
-if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){
+//detect billing app
-	require_once "app/billing/resources/functions/currency.php";
+	$billing_app_exists = file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php");
-	require_once "app/billing/resources/functions/rating.php";
+
-}
+	if ($billing_app_exists) {
 		require_once "app/billing/resources/functions/currency.php";
 		require_once "app/billing/resources/functions/rating.php";
 	}
 //add multi-lingual support
 	require_once "app_languages.php";
@ -61,28 +64,23 @@ if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.
 			$number_alias = check_str($_POST["number_alias"]);
 			$password = check_str($_POST["password"]);
-			// Lets do some server verifications, someone may do a HTML hack
+			// server verification on account code
-			if (if_group("superadmin")){
+			if (if_group("superadmin")) {
 				$accountcode = $_POST["accountcode"];
 			}
-			elseif (if_group("admin") && file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){
+			else if (if_group("admin") && $billing_app_exists) {
 				$sql_accountcode = "SELECT COUNT(*) as count FROM v_billings WHERE domain_uuid = '".$_SESSION['domain_uuid']."' AND type_value='".$_POST["accountcode"]."'";
 				$prep_statement_accountcode = $db->prepare(check_sql($sql_accountcode));
 				$prep_statement_accountcode->execute();
 				$row_accountcode = $prep_statement_accountcode->fetch(PDO::FETCH_ASSOC);
 				if ($row_accountcode['count'] > 0) {
 					$accountcode = $_POST["accountcode"];
 				}
 				else {
 					$accountcode = $_SESSION['domain_name'];
 				}
 				unset($sql_accountcode, $prep_statement_accountcode, $row_accountcode);
 			}
 			else{
 				$accountcode = $_SESSION['domain_name'];
 			}
 			$effective_caller_id_name = check_str($_POST["effective_caller_id_name"]);
 			$effective_caller_id_number = check_str($_POST["effective_caller_id_number"]);
@ -369,7 +367,9 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 							$sql .= "extension, ";
 							$sql .= "number_alias, ";
 							$sql .= "password, ";
-							$sql .= "accountcode, ";
+							if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) {
 								$sql .= "accountcode, ";
 							}
 							$sql .= "effective_caller_id_name, ";
 							$sql .= "effective_caller_id_number, ";
 							$sql .= "outbound_caller_id_name, ";
@ -417,7 +417,9 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 							$sql .= "'$extension', ";
 							$sql .= "'$number_alias', ";
 							$sql .= "'$password', ";
-							$sql .= "'$accountcode', ";
+							if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) {
 								$sql .= "'$accountcode', ";
 							}
 							$sql .= "'$effective_caller_id_name', ";
 							$sql .= "'$effective_caller_id_number', ";
 							$sql .= "'$outbound_caller_id_name', ";
@ -501,7 +503,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 						$extension++;
 				}
-				if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){
+				if ($billing_app_exists) {
 					// Let's bill $j has the number of extensions to bill
 					$db2 = new database;
 					$db2->sql = "SELECT currency, billing_uuid, balance FROM v_billings WHERE type_value='$destination_accountcode'";
@ -547,7 +549,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 					$sql .= "extension = '$extension', ";
 					$sql .= "number_alias = '$number_alias', ";
 					$sql .= "password = '$password', ";
-					if (if_group("superadmin") || if_group("admin")) {
+					if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) {
 						$sql .= "accountcode = '$accountcode', ";
 					}
 					$sql .= "effective_caller_id_name = '$effective_caller_id_name', ";
@ -863,7 +865,7 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 	echo "</tr>\n";
 	// Billing
-	if (file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){
+	if ($billing_app_exists) {
 		if ($action == "add" && permission_exists('extension_add')) {		// only when adding
 			echo "<tr>\n";
 			echo "<td colspan='2' width='30%' nowrap='nowrap' align='left' valign='top'>\n";
@ -1020,42 +1022,35 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</tr>\n";
 	}
-	if (if_group("superadmin")){
+	if (if_group("superadmin") || (if_group("admin") && $billing_app_exists)) {
 		echo "<tr>\n";
 		echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
 		echo "    ".$text['label-accountcode'].":\n";
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
-		if ($action == "add"){ $accountcode=$_SESSION['domain_name']; }
+		if ($billing_app_exists) {
-		echo "    <input class='formfld' type='text' name='accountcode' maxlength='255' value=\"$accountcode\">\n";
+			$sql_accountcode = "SELECT type_value FROM v_billings WHERE domain_uuid = '".$_SESSION['domain_uuid']."'";
-		echo "<br />\n";
+			echo "<select name='accountcode' id='accountcode' class='formfld'>\n";
-		echo $text['description-accountcode']."\n";
+			$prep_statement_accountcode = $db->prepare(check_sql($sql_accountcode));
-		echo "</td>\n";
+			$prep_statement_accountcode->execute();
-		echo "</tr>\n";
+			$result_accountcode = $prep_statement_accountcode->fetchAll(PDO::FETCH_NAMED);
-	}elseif (if_group("admin") &&  file_exists($_SERVER['DOCUMENT_ROOT'].PROJECT_PATH."/app/billing/app_config.php")){
+			foreach ($result_accountcode as &$row_accountcode) {
-		$sql_accountcode = "SELECT type_value FROM v_billings WHERE domain_uuid = '".$_SESSION['domain_uuid']."'";
+				$selected = '';
-
+				if (($action == "add") && ($row_accountcode['type_value'] == $_SESSION['domain_name'])){
-		echo "<tr>\n";
+					$selected='selected="selected"';
-		echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
+				}
-		echo "    ".$text['label-accountcode'].":\n";
+				elseif ($row_accountcode['type_value'] == $accountcode){
-		echo "</td>\n";
+					$selected='selected="selected"';
-		echo "<td class='vtable' align='left'>\n";
+				}
-		echo "	<select name='accountcode' id='accountcode' class='formfld'>\n";
+				echo "<option value=\"".$row_accountcode['type_value']."\" $selected>".$row_accountcode['type_value']."</option>\n";
 		$prep_statement_accountcode = $db->prepare(check_sql($sql_accountcode));
 		$prep_statement_accountcode->execute();
 		$result_accountcode = $prep_statement_accountcode->fetchAll(PDO::FETCH_NAMED);
 		foreach ($result_accountcode as &$row_accountcode) {
 			$selected = '';
 			if (($action == "add") && ($row_accountcode['type_value'] == $_SESSION['domain_name'])){ 
 				$selected='selected="selected"'; 
 			}
-			elseif ($row_accountcode['type_value'] == $accountcode){
+			unset($sql_accountcode, $prep_statement_accountcode, $result_accountcode);
-				$selected='selected="selected"'; 
+			echo "</select>";
-			}
+		}
-			echo "    <option value=\"".$row_accountcode['type_value']."\" $selected>".$row_accountcode['type_value']."</option>\n";
+		else {
 			if ($action == "add") { $accountcode = $_SESSION['domain_name']; }
 			echo "<input class='formfld' type='text' name='accountcode' maxlength='255' value=\"".$accountcode."\">\n";
 		}
 		unset($sql_accountcode, $prep_statement_accountcode, $result_accountcode);
 		echo "</select>";
 		echo "<br />\n";
 		echo $text['description-accountcode']."\n";
 		echo "</td>\n";